CN107466031A - A kind of method and terminal for protecting data - Google Patents

A kind of method and terminal for protecting data Download PDF

Info

Publication number
CN107466031A
CN107466031A CN201710673814.5A CN201710673814A CN107466031A CN 107466031 A CN107466031 A CN 107466031A CN 201710673814 A CN201710673814 A CN 201710673814A CN 107466031 A CN107466031 A CN 107466031A
Authority
CN
China
Prior art keywords
terminal
authentication information
target device
identity
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201710673814.5A
Other languages
Chinese (zh)
Inventor
刘岩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Jinli Communication Equipment Co Ltd
Original Assignee
Shenzhen Jinli Communication Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Jinli Communication Equipment Co Ltd filed Critical Shenzhen Jinli Communication Equipment Co Ltd
Priority to CN201710673814.5A priority Critical patent/CN107466031A/en
Publication of CN107466031A publication Critical patent/CN107466031A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72463User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal

Abstract

The embodiment of the invention discloses a kind of method and terminal for protecting data, wherein method includes:If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, the identity is stored in the trusted storage region of local terminal, and the identity determines lost terminal for the target device;Obtain the authentication information of user's input;The authentication information to be prestored according to the trusted storage region verifies the authentication information;If the authentication information verification failure, deletes local target data to be protected.The embodiment of the present invention ensures that target device can send lock instruction to lost terminal, so as to ensure the data safety in lost terminal, ensures that the data in lost terminal are not compromised by the way that the identity of terminal is stored in into trusted storage region.

Description

A kind of method and terminal for protecting data
Technical field
The present invention relates to electronic technology field, more particularly to a kind of method and terminal for protecting data.
Background technology
With the development and popularization of mobile terminal, user can produce or store a large amount of during mobile terminal is used Personal data.When user loses mobile terminal accidentally, its internal personal information and data will be compromised, so as to user with To perplex, personal property safety is such as endangered.
Prior art provides a kind of data guard method, mobile terminal loss after, user by other-end to this The mobile terminal of loss, which is sent, to be instructed, the data inside mobile terminal that is hiding or deleting the loss.
However, when the mobile terminal of the loss is removed by brush machine or Mobile phone card, this data guard method, other ends End can not be communicated with the mobile terminal of the loss, can not manipulate the mobile terminal of the loss, cause its internal data quilt Leakage.
The content of the invention
The embodiment of the present invention provides a kind of method and terminal for protecting data, can ensure data in lost terminal not by Leakage.
In a first aspect, the embodiments of the invention provide a kind of method for protecting data, this method includes:
If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction is described The identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, the identity storage In the trusted storage region of local terminal, the identity determines lost terminal for the target device;
Obtain the authentication information of user's input;
The authentication information to be prestored according to the trusted storage region verifies the authentication information;
If the authentication information verification failure, deletes local target data to be protected.
On the other hand, the embodiments of the invention provide a kind of terminal, the terminal to include:
Lock cell, if the lock instruction sent for detecting target device, into locking mode;Wherein, it is described Lock instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, institute The trusted storage region that identity is stored in local terminal is stated, the identity determines lost terminal for the target device;
Acquiring unit, for obtaining the authentication information of user's input;
Verification unit, the authentication information for being prestored according to the trusted storage region verify the authentication letter Breath;
Unit is deleted, fails if being verified for the authentication information, deletes local target data to be protected.
The third aspect, the embodiments of the invention provide another terminal, including processor, input equipment, output equipment and Memory, the processor, input equipment, output equipment and memory are connected with each other, wherein, the memory is used to store branch The computer program that terminal performs the above method is held, the computer program includes programmed instruction, and the processor is configured to use In calling described program instruction, the method for performing above-mentioned first aspect.
Fourth aspect, the embodiments of the invention provide a kind of computer-readable recording medium, the computer-readable storage medium Computer program is stored with, the computer program includes programmed instruction, and described program instruction makes institute when being executed by a processor The method for stating the above-mentioned first aspect of computing device.
If the lock instruction that the embodiment of the present invention is sent by detecting target device, into locking mode;Wherein, institute It is that identity of the target device according to entrained by the loss notice that user triggers is sent to state lock instruction, the identity mark Know the trusted storage region for being stored in local terminal;Obtain the authentication information of user's input;It is pre- according to the trusted storage region The authentication information deposited verifies the authentication information;If the authentication information verification failure, deletes local Target data to be protected.Because the identity of lost terminal is stored in trusted storage region, trusted storage region memory storage Data will not be deleted when by brush machine or Default Value will not be restored to, ensure target device can enter with lost terminal Row communication, and lock instruction is sent to lost terminal in time, control lost terminal enters locking mode, and lost terminal is confirming body Part checking information verification failure, then delete local target data, so as to ensure the data safety in lost terminal, ensures to lose Data in terminal are not compromised.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, it is required in being described below to embodiment to use Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are some embodiments of the present invention, general for this area For logical technical staff, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of schematic flow diagram of the method for protection data provided in an embodiment of the present invention;
A kind of schematic flow diagram of the method for protection data that Fig. 2 another embodiment of the present invention provides;
Fig. 3 is a kind of schematic block diagram of terminal provided in an embodiment of the present invention;
Fig. 4 is a kind of terminal schematic block diagram that another embodiment of the present invention provides;
Fig. 5 is a kind of terminal schematic block diagram that yet another embodiment of the invention provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is part of the embodiment of the present invention, rather than whole embodiments.Based on this hair Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
It should be appreciated that ought be in this specification and in the appended claims in use, term " comprising " and "comprising" instruction Described feature, entirety, step, operation, the presence of element and/or component, but it is not precluded from one or more of the other feature, whole Body, step, operation, element, component and/or its presence or addition for gathering.
It is also understood that the term used in this description of the invention is merely for the sake of the mesh for describing specific embodiment And be not intended to limit the present invention.As used in description of the invention and appended claims, unless on Other situations are hereafter clearly indicated, otherwise " one " of singulative, "one" and "the" are intended to include plural form.
It will be further appreciated that the term "and/or" used in description of the invention and appended claims is Refer to any combinations of one or more of the associated item listed and be possible to combine, and including these combinations.
As used in this specification and in the appended claims, term " if " can be according to context quilt Be construed to " when ... " or " once " or " in response to determining " or " in response to detecting ".Similarly, phrase " if it is determined that " or " if detecting [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to true It is fixed " or " once detecting [described condition or event] " or " in response to detecting [described condition or event] ".
In the specific implementation, the terminal described in the embodiment of the present invention is including but not limited to such as with touch sensitive surface The mobile phone, laptop computer or tablet PC of (for example, touch-screen display and/or touch pad) etc it is other just Portable device.It is to be further understood that in certain embodiments, the equipment is not portable communication device, but with tactile Touch the desktop computer of sensing surface (for example, touch-screen display and/or touch pad).
In discussion below, the terminal including display and touch sensitive surface is described.It is, however, to be understood that It is that terminal can include one or more of the other physical user-interface device of such as physical keyboard, mouse and/or control-rod.
Terminal supports various application programs, such as one or more of following:Drawing application program, demonstration application journey Sequence, word-processing application, website create application program, disk imprinting application program, spreadsheet applications, game application Program, telephony application, videoconference application, email application, instant messaging applications, exercise Support application program, photo management application program, digital camera application program, digital camera application program, web-browsing application Program, digital music player application and/or video frequency player application program.
The various application programs that can be performed in terminal can use at least one public of such as touch sensitive surface Physical user-interface device.It can adjust and/or change among applications and/or in corresponding application programs and touch sensitive table The corresponding information shown in the one or more functions and terminal in face.So, the public physical structure of terminal is (for example, touch Sensing surface) the various application programs with user interface directly perceived and transparent for a user can be supported.
Fig. 1 is referred to, Fig. 1 is a kind of schematic flow diagram of the method for protection data provided in an embodiment of the present invention.This reality The executive agent for applying the method that data are protected in example is terminal, and terminal includes but is not limited to smart mobile phone, tablet personal computer, PAD etc. Mobile terminal.Terminal built-in has safety chip, and safety chip can provide credible performing environment (The Trusted Execution Environment, TEE), TEE is an independent operating environment parallel with rich operating system (Rich OS), is carried for rich system For safeguard protection.The method of protection data as shown in Figure 1 may include following steps:
S101:If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction It is that the loss that the target device triggers according to user notifies the identity of entrained lost terminal to send, the identity mark Know the trusted storage region for being stored in local terminal, the identity determines lost terminal for the target device.
When user has found that first terminal is lost, it the identity information of second terminal input user can be used to log in target and set It is standby, and sent to target device for representing that the loss that first terminal has been lost notifies, the loss notifies to set for triggering target It is standby to send lock instruction to first terminal.The trusted storage region of first terminal has prestored the unique mark of first terminal. The unique mark of first terminal can be International Mobile Equipment Identity code (the International Mobile of first terminal Equipment Identity, IMEI) or terminal built-in safety chip unique mark (for example, safety chip Sequence number).The data of the trusted storage region memory storage of first terminal will not be deleted when first terminal is by brush machine or will not It is restored to Default Value.First terminal to user carry out proof of identity by when, can allow for accessing or change credible deposit The data of storage area domain memory storage.
Target device can be the server for protecting the data safety of lost terminal, such as cloud server;Also may be used To be the terminal for protecting data safety, it is not limited herein.The identity information for the user that user is inputted by second terminal Login account and modification logging including but not limited to corresponding to the user.Login account corresponding to user and modification logging are used for pair User carries out proof of identity.The login account and login password of multiple users, and multiple use have been prestored in target device The unique mark of each self-corresponding terminal for needing to protect of login account at family.Login account, login password and login account The corresponding unique identity for needing terminal to be protected associates preservation.Terminal to be protected is needed to refer to this corresponding to login account The terminal that user corresponding to login account uses or possessed, need the number of terminal to be protected can corresponding to same login account Think one, or at least two, it is not limited herein.
In the present embodiment, the login account of the user has been prestored in target device and has been associated with the login account First terminal unique mark.When the identity of first terminal is the remarks title of first terminal, in target device also The remarks title of first terminal and the unique mark of first terminal are preserved in association.
Lose the identity that notice carries first terminal, the identity of first terminal can be the remarks of first terminal The unique mark of title or first terminal.The account of user and the remarks title of first terminal are used for target device Obtain the unique mark of first terminal.
Target device is when detecting for representing that the loss that first terminal has been lost notifies, according to the identity information of user And lose the unique mark of the identity lookup first terminal for the first terminal that notice carries, and according to first terminal only One identifies the lock instruction sent to first terminal.Target device (can lose first terminal when receiving loss notice Terminal) it is arranged to lost state.
It is understood that when the terminal corresponding with the identity information of user stored in target device only has one, mesh Marking device directly can search the unique mark of lost terminal by the identity information of user, and according to the unique mark of lost terminal Lock instruction is sent to the lost terminal.
First terminal is when detecting the lock instruction that target device is sent, into locking mode.Locking mode is used to protect The data safety protected in terminal.When first terminal enters locking mode, user needs to input authentication information progress identity school Test, first terminal is when confirming that proof of identity passes through, it is allowed to which user manipulates first terminal, the control instruction of response user's input.
Alternatively, when first terminal detects the lock instruction that target device is sent, first terminal connection core is also triggered Net, to keep the communication connection with target device, so that first terminal can be controlled by target device by obtaining user.
S102:Obtain the authentication information of user's input.
First terminal obtains the authentication information that user inputs in interactive interface corresponding to locking mode;Can also obtain Take the authentication information that family inputs in locking screen interface.When first terminal is not provided with screen-lock password, first terminal, which obtains, to be used The authentication information that family inputs in interactive interface corresponding to locking mode.Screen-lock password is used for removing screen locking.
S103:The authentication information to be prestored according to the trusted storage region verifies the authentication information.
The authentication information to prestore can be logged on the login account and modification logging of target device;Can also be user The finger print information of input, it can also be the password for being used to represent user identity of user's input.
First terminal is compared the authentication information that the authentication information got prestores with trusted storage region Compared with, with verify authentication information that the authentication information that gets and trusted storage region prestore it is whether identical or Match somebody with somebody.
Alternatively, the authentication information that first terminal can prestore in credible performing environment according to trusted storage region Verify the authentication information got.Trusted storage region belongs to credible performing environment.
When the authentication information got is identical with the authentication information that trusted storage region prestores or matches, Authentication information verifies successfully;When the authentication information that the authentication information that gets prestores with trusted storage region not During same or mismatch, authentication information verification failure.
When authentication information is login account and modification logging, or authentication information is for representing user identity Password when, if the authentication information got is identical with the authentication information that trusted storage region prestores, then body Part checking information verifies successfully;If the authentication information that the authentication information got prestores with trusted storage region is not Together, then authentication information verification failure.
When authentication information is finger print information, if the finger that the finger print information got prestores with trusted storage region Matching degree between line information is more than or equal to default matching degree threshold value, then the authentication information got is deposited with credible The authentication information matching that storage area domain prestores, authentication information verify successfully;If the finger print information got with it is credible Matching degree between the finger print information that storage region prestores is less than default matching degree threshold value, then the authentication letter got Breath mismatches with the authentication information that trusted storage region prestores, authentication information verification failure.
S104:If the authentication information verification failure, deletes local target data to be protected.
When first terminal verifies failure to the authentication information got, deletion first terminal memory storage needs to protect Target data.Target data can be the personal information or significant data of user.
Alternatively, when first terminal verifies failure to the authentication information got, target data can be synchronized to Target device, delete the target data in first terminal.
Target data can be stored in the trusted storage region in credible performing environment;Credible execution ring can also be stored in Storage region outside border, is not limited herein.
Such scheme, if terminal detects the lock instruction that target device is sent, into locking mode;Wherein, it is described Lock instruction is that identity of the target device according to entrained by the loss notice that user triggers is sent, the identity It is stored in the trusted storage region of local terminal;Obtain the authentication information of user's input;Prestored according to the trusted storage region Authentication information verify the authentication information;If the authentication information verification failure, deletes local treat The target data of protection.Because the identity of lost terminal is stored in trusted storage region, trusted storage region memory storage Data will not be deleted when by brush machine or will not be restored to Default Value, ensure that target device can be carried out with lost terminal Communication, and lock instruction is sent to lost terminal in time, control lost terminal enters locking mode, and lost terminal is confirming identity Checking information verification failure, then delete local target data, so as to ensure the data safety in lost terminal, ensures to lose eventually Data in end are not compromised.
Fig. 2 is referred to, Fig. 2 is a kind of schematic flow diagram of the method for protection data that another embodiment of the present invention provides. The executive agent that the method for data is protected in the present embodiment is terminal, terminal include but is not limited to smart mobile phone, tablet personal computer, The mobile terminals such as PAD.Terminal built-in has safety chip, and safety chip can provide credible performing environment (The Trusted Execution Environment, TEE), TEE is an independent operating environment parallel with rich operating system (Rich OS), Safeguard protection is provided for rich system.The method of protection data as shown in Figure 2 may include following steps:
S201:If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction It is that the loss that the target device triggers according to user notifies the identity of entrained lost terminal to send, the identity mark Know the trusted storage region for being stored in local terminal, the identity determines lost terminal for the target device.
S201 is identical with the S101 in a upper embodiment in the present embodiment, referring specifically to upper embodiment S101 correlation Description, is not repeated herein.
S202:Detect current network state.
Whether first terminal detection is current by wireless network or using data traffic core network access, whole with detection first End is presently at suspension state or networking state.Wherein, network state includes suspension state or networking state.
Wherein, when first terminal is detected currently by wireless network or using data traffic core network access, first terminal Current network state is networking state;First terminal detection is currently without access wireless network and is not turned on data traffic When, first terminal confirms that current network state is suspension state;Or first terminal detection is when SIM card is removed and is not connect When entering wireless network, first terminal confirms that current network state is suspension state.
First terminal performs S203 when confirming to be currently at suspension state;Alternatively, first terminal is confirming current place When networking state, S204 is performed.S203 and S204 is step arranged side by side, and selects an execution.
S203:If being currently at suspension state, the authentication information of user's input is obtained.
First terminal obtains user and tested in the identity that interactive interface corresponding to locking mode inputs when in suspension state Demonstrate,prove information.
Alternatively, when first terminal is provided with screen-lock password, S203 can be specially:If being currently at suspension state, And when detecting that the screen-lock password that user inputs is correct, obtain the authentication information of user's input.
For example, screen-lock password is used for removing screen locking.First terminal obtains user and tested in the identity that locking screen interface inputs Information is demonstrate,proved, when the authentication information to locking screen interface is verified, obtains user in interactive interface corresponding to locking mode The authentication information of input.Now, first terminal be provided with dual identity checking, first again authentication be used for removing screen Locking, second again authentication be used for control first terminal to exit lock-out state.Wherein, when first gravidity part is proved to be successful, First terminal is not responding to the instruction of user's operation control terminal;When first gravidity part is proved to be successful, and second gravidity part is proved to be successful, First terminal can be controlled to exit locking mode.
First terminal performs S205 after S203 is performed.
Alternatively, S204 can also be included by protecting the method for data:If being currently at networking state, by the number of targets According to backing up to the target device.
First terminal backs up to target device when in networking state, by the target data to be protected of local.At it In his embodiment, the target data to be protected of local can also be backed up to default terminal by first terminal.
Alternatively, first terminal after target data is backed up into target device, can also be deleted in networking state Local target data.
S205:The authentication information to be prestored according to the trusted storage region verifies the authentication information.
The authentication information to prestore can be logged on the login account and modification logging of target device;Can also be user The finger print information of input, it can also be the password for being used to represent user identity of user's input.
First terminal is compared the authentication information that the authentication information got prestores with trusted storage region Compared with, with verify authentication information that the authentication information that gets and trusted storage region prestore it is whether identical or Match somebody with somebody.
Alternatively, the authentication information that first terminal can prestore in credible performing environment according to trusted storage region Verify the authentication information got.Trusted storage region belongs to credible performing environment.
When the authentication information got is identical with the authentication information that trusted storage region prestores or matches, Authentication information verifies successfully;When the authentication information that the authentication information that gets prestores with trusted storage region not During same or mismatch, authentication information verification failure.
When authentication information is login account and modification logging, or authentication information is for representing user identity Password when, if the authentication information got is identical with the authentication information that trusted storage region prestores, then body Part checking information verifies successfully;If the authentication information that the authentication information got prestores with trusted storage region is not Together, then authentication information verification failure.
When authentication information is finger print information, if the finger that the finger print information got prestores with trusted storage region Matching degree between line information is more than or equal to default matching degree threshold value, then the authentication information got is deposited with credible The authentication information matching that storage area domain prestores, authentication information verify successfully;If the finger print information got with it is credible Matching degree between the finger print information that storage region prestores is less than default matching degree threshold value, then the authentication letter got Breath mismatches with the authentication information that trusted storage region prestores, authentication information verification failure.
If authentication information verification failure, performs S206;If authentication information verifies successfully, S207 is performed.
S206:If the authentication information verification failure, deletes local target data to be protected.
During the authentication information verification failure that first terminal is got, the need for deleting first terminal memory storage are to be protected Target data.The authentication information is the authentication information that user inputs in interactive interface corresponding to locking mode.Target Data can be the personal information or all data of significant data or first terminal memory storage of user.
Alternatively, when first terminal verifies failure to the authentication information got, target data can be synchronized to Target device, delete the target data in first terminal.
Target data can be stored in the trusted storage region in credible performing environment;Credible execution ring can also be stored in Storage region outside border, is not limited herein.
Further, S206 can be specially:If the authentication information verification failure, and the number for verifying failure is big In or equal to preset times threshold value, then the target data is deleted.
When first terminal verifies failure to the authentication information got, count to authentication information verification failure Number.When the number of verification failure is more than or equal to preset times threshold value, the need mesh to be protected of deletion first terminal memory storage Mark data.Preset times threshold value can be 3 times, but be not limited to this, can be specifically configured according to actual conditions, do not done herein Limitation.
Alternatively, S207 can also be included by protecting the method for data:If the authentication information verifies successfully, exit The locking mode, and the notification message to unlock is sent to the target device;Wherein, the notice to unlock disappears Cease for notifying the target device that the state of the local terminal is arranged into normal condition from lost state.
When confirming that authentication information verifies successfully, mark current operator possesses first terminal for first terminal Person, first terminal have been given for change, and first terminal exits locking mode, are switched to normal mode, and sent to target device and release lock Fixed notification message, to notify target device that the state of first terminal is arranged into normal condition from lost state.The identity is tested Card information is the authentication information that user inputs in interactive interface corresponding to locking mode.
Alternatively, in the present embodiment, lost terminal can also receive the control of target device transmission in networking state Instruction, and respond the control instruction received.Control instruction can be that user logs in target device by other-end, control mesh Marking device is sent to loss device.Control instruction can delete instruction, backup instruction etc..Delete instruction and be used to control loss eventually Delete local target data to be protected in end;Backup instruction is used to control lost terminal to back up local target data to be protected To target device or other default alternate devices.
Such scheme, if terminal detects the lock instruction that target device is sent, into locking mode;Wherein, it is described Lock instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, institute The trusted storage region that identity is stored in local terminal is stated, the identity determines lost terminal for the target device; Obtain the authentication information of user's input;The authentication information to be prestored according to the trusted storage region verifies the identity Checking information;If the authentication information verification failure, deletes local target data.Due to the identity mark of lost terminal Knowledge is stored in trusted storage region, and the data of trusted storage region memory storage will not be deleted or will not be resumed when by brush machine To Default Value, ensure that target device can be communicated with lost terminal, and send lock instruction, control to lost terminal in time Lost terminal processed enters locking mode, and lost terminal is confirming authentication information verification failure, then deleting local number of targets According to so as to ensure the data safety in lost terminal, ensureing that the data in lost terminal are not compromised.
Terminal is when the number for confirming authentication information verification failure is more than or equal to preset times threshold value, delete target Data, to prevent maloperation delete target data.
Terminal exits locking mode, and send what is unlocked to target device when authentication information verifies successfully Notification message, to prevent user from stilling need frequently to carry out authentication when using the terminal for giving loss for change, brought not to user Just.
Referring to Fig. 3, Fig. 3 is a kind of schematic block diagram of terminal provided in an embodiment of the present invention.The terminal 3 of the present embodiment is wrapped The each unit included is used to perform each step in embodiment corresponding to Fig. 1, referring specifically to embodiment corresponding to Fig. 1 and Fig. 1 In associated description, do not repeat herein.The terminal of the present embodiment includes:Lock cell 310, acquiring unit 320, verification unit 330 and delete unit 340.
If lock cell 310 is used for the lock instruction for detecting that target device is sent, into locking mode;Wherein, institute The identity that lock instruction is lost terminal of the target device according to entrained by the loss notice that user triggers is stated to send, The identity is stored in the trusted storage region of local terminal, and the identity is used for the target device and determines to lose eventually End.
Acquiring unit 320 is used for the authentication information for obtaining user's input.
The authentication information that verification unit 330 is used to be prestored according to the trusted storage region verifies the authentication Information.
If deleting unit 340 is used for authentication information verification failure, local number of targets to be protected is deleted According to.
Such scheme, if terminal detects the lock instruction that target device is sent, into locking mode;Wherein, it is described Lock instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, institute The trusted storage region that identity is stored in local terminal is stated, the identity determines lost terminal for the target device; Obtain the authentication information of user's input;The authentication information to be prestored according to the trusted storage region verifies the identity Checking information;If the authentication information verification failure, deletes local target data.Due to the identity mark of lost terminal Knowledge is stored in trusted storage region, and the data of trusted storage region memory storage will not be deleted or will not be resumed when by brush machine To Default Value, ensure that target device can be communicated with lost terminal, and send lock instruction, control to lost terminal in time Lost terminal processed enters locking mode, and lost terminal is confirming authentication information verification failure, then deleting local number of targets According to so as to ensure the data safety in lost terminal, ensureing that the data in lost terminal are not compromised.
Referring to Fig. 4, Fig. 4 is a kind of schematic block diagram for terminal that another embodiment of the present invention provides.The end of the present embodiment The each unit that end 4 includes is used to perform each step in embodiment corresponding to Fig. 2, referring specifically to real corresponding to Fig. 2 and Fig. 2 The associated description in example is applied, is not repeated herein.The terminal of the present embodiment includes:Lock cell 410, detection unit 420, obtain list Member 430, verification unit 440 and deletion unit 450.Terminal can also include backup units 460, unlock unit 470.
If lock cell 410 is used for the lock instruction for detecting that target device is sent, into locking mode;Wherein, institute The identity that lock instruction is lost terminal of the target device according to entrained by the loss notice that user triggers is stated to send, The identity is stored in the trusted storage region of local terminal, and the identity is used for the target device and determines to lose eventually End.
Detection unit 420 is used to detect current network state.
If acquiring unit 430 detects the suspension state that is currently at for detection unit 420, the body of user's input is obtained Part checking information.
Alternatively, if backup units 460 are used to be currently at networking state, the target data is backed up into the mesh Marking device.
The authentication information that verification unit 440 is used to be prestored according to the trusted storage region verifies the authentication Information.
If deleting unit 450 is used for authentication information verification failure, local number of targets to be protected is deleted According to.
Further, if deleting unit 450 is specifically used for authentication information verification failure, and time of failure is verified Number is more than or equal to preset times threshold value, then deletes the target data.
Alternatively, if the unit 470 that unlocks verifies successfully for the authentication information, the locking mould is exited Formula, and the notification message to unlock is sent to the target device;Wherein, the notification message to unlock is used to notify The state of the local terminal is arranged to normal condition by the target device from lost state.
Such scheme, if terminal detects the lock instruction that target device is sent, into locking mode;Wherein, it is described Lock instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, institute The trusted storage region that identity is stored in local terminal is stated, the identity determines lost terminal for the target device; Obtain the authentication information of user's input;The authentication information to be prestored according to the trusted storage region verifies the identity Checking information;If the authentication information verification failure, deletes local target data.Due to the identity mark of lost terminal Knowledge is stored in trusted storage region, and the data of trusted storage region memory storage will not be deleted or will not be resumed when by brush machine To Default Value, ensure that target device can be communicated with lost terminal, and send lock instruction, control to lost terminal in time Lost terminal processed enters locking mode, and lost terminal is confirming authentication information verification failure, then deleting local number of targets According to so as to ensure the data safety in lost terminal, ensureing that the data in lost terminal are not compromised.
Terminal is when the number for confirming authentication information verification failure is more than or equal to preset times threshold value, delete target Data, to prevent maloperation delete target data.
Terminal exits locking mode, and send what is unlocked to target device when authentication information verifies successfully Notification message, to prevent user from stilling need frequently to carry out authentication when using the terminal for giving loss for change, brought not to user Just.
Referring to Fig. 5, Fig. 5 is a kind of terminal schematic block diagram that yet another embodiment of the invention provides.This implementation as depicted Terminal 5 in example can include:One or more processors 501;One or more input equipments 502, one or more output Equipment 503 and memory 504.Above-mentioned processor 501, input equipment 502, output equipment 503 and memory 504 pass through bus 505 connections.Memory 502 is used to store computer program, and the computer program includes programmed instruction, and processor 501 is used for Perform the programmed instruction that memory 502 stores.Wherein, processor 501 is arranged to call described program instruction to perform:
If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction is described The identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, the identity storage In the trusted storage region of local terminal, the identity determines lost terminal for the target device;
Obtain the authentication information of user's input;
The authentication information to be prestored according to the trusted storage region verifies the authentication information;
If the authentication information verification failure, deletes local target data to be protected.
Alternatively, processor 501 is additionally configured to call described program instruction to perform:Detect current network state; If being currently at suspension state, the authentication information of the acquisition user input is performed.
Alternatively, processor 501 is additionally configured to call described program instruction to perform:If being currently at networking state, The target data is then backed up into the target device.
Alternatively, processor 501 is additionally configured to call described program instruction to perform:If the authentication information school Success is tested, then exits the locking mode, and the notification message to unlock is sent to the target device;Wherein, the solution Except the notification message of locking is used to notify the target device that the state of the local terminal is arranged into normal condition from lost state.
Alternatively, processor 501 is specific is arranged to call described program instruction to perform:If the authentication information Verification failure, and the number for verifying failure is more than or equal to preset times threshold value, then deletes the target data.
It should be appreciated that in embodiments of the present invention, alleged processor 501 can be CPU (Central Processing Unit, CPU), the processor can also be other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other FPGAs Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at It can also be any conventional processor etc. to manage device.
Input equipment 502 can include Trackpad, fingerprint adopt sensor (finger print information that is used to gathering user and fingerprint Directional information), microphone etc., output equipment 503 can include display (LCD etc.), loudspeaker etc..
The memory 504 can include read-only storage and random access memory, and to processor 501 provide instruction and Data.The a part of of memory 504 can also include nonvolatile RAM.For example, memory 504 can also be deposited Store up the information of device type.
In the specific implementation, processor 501, input equipment 502, the output equipment 503 described in the embodiment of the present invention can Perform the realization side described in the first embodiment and second embodiment of the method for protection data provided in an embodiment of the present invention Formula, the implementation of the terminal described by the embodiment of the present invention is also can perform, will not be repeated here.
Further, a kind of computer-readable recording medium, the computer are provided in another embodiment of the invention Readable storage medium storing program for executing is stored with computer program, and the computer program includes programmed instruction, and described program is instructed by processor Realized during execution:
If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction is described The identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, the identity storage In the trusted storage region of local terminal, the identity determines lost terminal for the target device;
Obtain the authentication information of user's input;
The authentication information to be prestored according to the trusted storage region verifies the authentication information;
If the authentication information verification failure, deletes local target data to be protected.
Alternatively, can also be realized when the computer program is executed by processor:Detect current network state;If work as It is preceding to be in suspension state, then perform the authentication information of the acquisition user input.
Alternatively, can also be realized when the computer program is executed by processor:, will if being currently at networking state The target data backs up to the target device.
Alternatively, can also be realized when the computer program is executed by processor:If the authentication information verification Success, then the locking mode is exited, and the notification message to unlock is sent to the target device;Wherein, the releasing The notification message of locking is used to notify the target device that the state of the local terminal is arranged into normal condition from lost state.
Alternatively, can specifically be realized when the computer program is executed by processor:If the authentication information school Failure is tested, and the number for verifying failure is more than or equal to preset times threshold value, then deletes the target data.
The computer-readable recording medium can be the internal storage unit of the terminal 5 described in foregoing any embodiment, Such as the hard disk or internal memory of terminal 5.The computer-readable recording medium can also be the External memory equipment of the terminal, example Such as the plug-in type hard disk being equipped with the terminal, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further, the computer-readable recording medium can also be wrapped both Including the internal storage unit of the terminal also includes External memory equipment.The computer-readable recording medium is described for storing Other programs and data needed for computer program and the terminal.The computer-readable recording medium can be also used for temporarily When store the data that has exported or will export.
Those of ordinary skill in the art are it is to be appreciated that the list of each example described with reference to the embodiments described herein Member and algorithm steps, it can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware With the interchangeability of software, the composition and step of each example are generally described according to function in the above description.This A little functions are performed with hardware or software mode actually, application-specific and design constraint depending on technical scheme.Specially Industry technical staff can realize described function using distinct methods to each specific application, but this realization should not Think beyond the scope of this invention.
It is apparent to those skilled in the art that for convenience of description and succinctly, the end of foregoing description End and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed terminal and method, it can be passed through Its mode is realized.For example, device embodiment described above is only schematical, for example, the division of the unit, only Only a kind of division of logic function, there can be other dividing mode when actually realizing, such as multiple units or component can be tied Another system is closed or is desirably integrated into, or some features can be ignored, or do not perform.In addition, shown or discussed phase Coupling or direct-coupling or communication connection between mutually can be INDIRECT COUPLING or the communication by some interfaces, device or unit Connection or electricity, the connection of mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize scheme of the embodiment of the present invention according to the actual needs Purpose.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also It is that unit is individually physically present or two or more units are integrated in a unit.It is above-mentioned integrated Unit can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing or use When, it can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially The part to be contributed in other words to prior art, or all or part of the technical scheme can be in the form of software product Embody, the computer software product is stored in a storage medium, including some instructions are causing a computer Equipment (can be personal computer, server, or network equipment etc.) performs the complete of each embodiment methods described of the present invention Portion or part steps.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey The medium of sequence code.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any Those familiar with the art the invention discloses technical scope in, various equivalent modifications can be readily occurred in or replaced Change, these modifications or substitutions should be all included within the scope of the present invention.Therefore, protection scope of the present invention should be with right It is required that protection domain be defined.

Claims (10)

  1. A kind of 1. method for protecting data, it is characterised in that including:
    If the lock instruction that target device is sent is detected, into locking mode;Wherein, the lock instruction is the target The identity of lost terminal of the equipment according to entrained by the loss notice that user triggers is sent, and the identity is stored in this The trusted storage region at end, the identity determine lost terminal for the target device;
    Obtain the authentication information of user's input;
    The authentication information to be prestored according to the trusted storage region verifies the authentication information;
    If the authentication information verification failure, deletes local target data to be protected.
  2. 2. according to the method for claim 1, it is characterised in that methods described also includes:
    Detect current network state;
    If being currently at suspension state, the authentication information of the acquisition user input is performed.
  3. 3. according to the method for claim 2, it is characterised in that methods described also includes:
    If being currently at networking state, the target data is backed up into the target device.
  4. 4. according to the method described in any one of claims 1 to 3, it is characterised in that methods described also includes:
    If the authentication information verifies successfully, the locking mode is exited, and sent to the target device and release lock Fixed notification message;Wherein, the notification message to unlock is used to notify the target device by the state of the local terminal Normal condition is arranged to from lost state.
  5. 5. according to the method for claim 1, it is characterised in that if authentication information verification failure, is deleted Except the target data to be protected of local, including:
    If the authentication information verification failure, and the number for verifying failure is more than or equal to preset times threshold value, then deletes The target data.
  6. A kind of 6. terminal, it is characterised in that including:
    Lock cell, if the lock instruction sent for detecting target device, into locking mode;Wherein, the locking Instruction is that the identity of lost terminal of the target device according to entrained by the loss notice that user triggers is sent, the body Part mark is stored in the trusted storage region of local terminal, and the identity determines lost terminal for the target device;
    Acquiring unit, for obtaining the authentication information of user's input;
    Verification unit, the authentication information for being prestored according to the trusted storage region verify the authentication information;
    Unit is deleted, fails if being verified for the authentication information, deletes local target data to be protected.
  7. 7. terminal according to claim 6, it is characterised in that the terminal also includes:
    Detection unit, for detecting current network state;
    If the acquiring unit detects the suspension state that is currently at specifically for the detection unit, user's input is obtained Authentication information.
  8. 8. the terminal according to claim 6 or 7, it is characterised in that the terminal also includes:
    Backup units, if for being currently at networking state, the target data is backed up into the target device;
    Unlock unit, if being verified successfully for the authentication information, exits the locking mode, and to the mesh Marking device sends the notification message to unlock;Wherein, the notification message to unlock is used to notify the target device The state of the local terminal is arranged to normal condition from lost state.
  9. 9. a kind of terminal, it is characterised in that the processor, defeated including processor, input equipment, output equipment and memory Enter equipment, output equipment and memory to be connected with each other, wherein, the memory is used to store computer program, the computer Program includes programmed instruction, and the processor is arranged to call described program instruction, performed such as any one of claim 1-5 Methods described.
  10. A kind of 10. computer-readable recording medium, it is characterised in that the computer-readable storage medium is stored with computer program, The computer program includes programmed instruction, and described program instruction makes the computing device such as right when being executed by a processor It is required that any one of 1-5 methods described.
CN201710673814.5A 2017-08-08 2017-08-08 A kind of method and terminal for protecting data Withdrawn CN107466031A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710673814.5A CN107466031A (en) 2017-08-08 2017-08-08 A kind of method and terminal for protecting data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710673814.5A CN107466031A (en) 2017-08-08 2017-08-08 A kind of method and terminal for protecting data

Publications (1)

Publication Number Publication Date
CN107466031A true CN107466031A (en) 2017-12-12

Family

ID=60548645

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710673814.5A Withdrawn CN107466031A (en) 2017-08-08 2017-08-08 A kind of method and terminal for protecting data

Country Status (1)

Country Link
CN (1) CN107466031A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019170111A1 (en) * 2018-03-07 2019-09-12 华为技术有限公司 Management method for offline management instruction and terminal
CN110515762A (en) * 2019-07-17 2019-11-29 湖南新云网科技有限公司 Data reconstruction method, device, terminal device and storage medium
CN110659138A (en) * 2019-08-26 2020-01-07 平安科技(深圳)有限公司 Data synchronization method, device, terminal and storage medium based on timing task
CN111542047A (en) * 2020-03-30 2020-08-14 宇龙计算机通信科技(深圳)有限公司 Data uploading method and device, storage medium and related equipment
CN113163392A (en) * 2021-03-17 2021-07-23 维沃移动通信有限公司 Method and device for deleting user identity data file
CN114722363A (en) * 2022-04-25 2022-07-08 深圳创维-Rgb电子有限公司 Remote locking method, system, device, equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103237064A (en) * 2013-04-11 2013-08-07 百度在线网络技术(北京)有限公司 Terminals, and method, system and cloud server for remote locking of terminals
CN106790264A (en) * 2017-02-07 2017-05-31 努比亚技术有限公司 Authentication system and method, the server for authentication and checking equipment
CN106803031A (en) * 2017-01-25 2017-06-06 维沃移动通信有限公司 A kind of information protecting method and mobile terminal
CN106921799A (en) * 2017-02-24 2017-07-04 深圳市金立通信设备有限公司 A kind of mobile terminal safety means of defence and mobile terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103237064A (en) * 2013-04-11 2013-08-07 百度在线网络技术(北京)有限公司 Terminals, and method, system and cloud server for remote locking of terminals
CN106803031A (en) * 2017-01-25 2017-06-06 维沃移动通信有限公司 A kind of information protecting method and mobile terminal
CN106790264A (en) * 2017-02-07 2017-05-31 努比亚技术有限公司 Authentication system and method, the server for authentication and checking equipment
CN106921799A (en) * 2017-02-24 2017-07-04 深圳市金立通信设备有限公司 A kind of mobile terminal safety means of defence and mobile terminal

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019170111A1 (en) * 2018-03-07 2019-09-12 华为技术有限公司 Management method for offline management instruction and terminal
CN110247877A (en) * 2018-03-07 2019-09-17 华为技术有限公司 A kind of management method and terminal of outline management instruction
CN110247877B (en) * 2018-03-07 2020-10-09 华为技术有限公司 Management method and terminal for offline management instruction
CN110515762A (en) * 2019-07-17 2019-11-29 湖南新云网科技有限公司 Data reconstruction method, device, terminal device and storage medium
CN110659138A (en) * 2019-08-26 2020-01-07 平安科技(深圳)有限公司 Data synchronization method, device, terminal and storage medium based on timing task
CN110659138B (en) * 2019-08-26 2024-03-15 平安科技(深圳)有限公司 Data synchronization method, device, terminal and storage medium based on timing task
CN111542047A (en) * 2020-03-30 2020-08-14 宇龙计算机通信科技(深圳)有限公司 Data uploading method and device, storage medium and related equipment
CN113163392A (en) * 2021-03-17 2021-07-23 维沃移动通信有限公司 Method and device for deleting user identity data file
CN114722363A (en) * 2022-04-25 2022-07-08 深圳创维-Rgb电子有限公司 Remote locking method, system, device, equipment and computer readable storage medium

Similar Documents

Publication Publication Date Title
CN107466031A (en) A kind of method and terminal for protecting data
CN107704765A (en) A kind of interface access method, server and computer-readable recording medium
CN103891242B (en) System and method for profile based filtering of outgoing information in a mobile environment
CN107734176A (en) Loss guard method, terminal and the computer-readable recording medium of mobile terminal
CN106921799A (en) A kind of mobile terminal safety means of defence and mobile terminal
CN107038369A (en) The method and terminal of a kind of resources accessing control
CN107609508A (en) A kind of face identification method, terminal and computer-readable recording medium
CN107358114A (en) A kind of method and terminal for preventing user data loss
CN107491732A (en) A kind of identity authentication method and terminal
CN106357672A (en) Login method and terminal
CN107612901A (en) One kind applies encryption method and terminal
CN106778337B (en) Document protection method, device and terminal
CN107169343A (en) A kind of method and terminal of control application program
KR101250661B1 (en) Security apparatus and method for mobile platform
CN106096418B (en) SELinux-based startup security level selection method and device and terminal equipment
CN107483704A (en) A kind of private space method to set up and terminal device
CN106022077A (en) Screen unlocking method and terminal
CN106254626A (en) A kind of incoming display method and terminal
CN107370872A (en) Method, terminal and the control device of a kind of terminal lock machine and control terminal lock machine
CN106021027B (en) Terminal data processing method and system
CN104853030B (en) The method and mobile terminal of a kind of information processing
CN106851613A (en) Service request method, the verification method of business handling number and its terminal
CN105868625B (en) Method and device for intercepting restart deletion of file
CN106685945A (en) Service request processing method, verifying method of service handling number, and terminal thereof
CN108520186A (en) Record screen method, mobile terminal and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20171212

WW01 Invention patent application withdrawn after publication