CN109711177A - Data safety control method and terminal device based on biological information identification - Google Patents
Data safety control method and terminal device based on biological information identification Download PDFInfo
- Publication number
- CN109711177A CN109711177A CN201811535087.7A CN201811535087A CN109711177A CN 109711177 A CN109711177 A CN 109711177A CN 201811535087 A CN201811535087 A CN 201811535087A CN 109711177 A CN109711177 A CN 109711177A
- Authority
- CN
- China
- Prior art keywords
- data
- biological information
- memory space
- data processing
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention is suitable for the exchange and technical field of memory of power sensitive information, provides a kind of data safety control method and terminal device based on biological information identification, this method comprises: receiving the first biological information;When first biological information meets the first access authority, the second biological information is received;When second biological information meets the second access authority, data list is shown;Receive data processing instructions, and according to the data processing instructions, the data in the data list are handled, can solve and be manually entered username and password in the prior art to verify special mobile storage medium, cause verification speed low, weak problem is resisted to social engineering attack.
Description
Technical field
The invention belongs to the exchange of power sensitive information and technical field of memory, more particularly to a kind of biological information that is based on to know
Other data safety control method and terminal device.
Background technique
In the more demanding industry of protecting information safety or field, generally requiring must be arranged using Network Isolation
It applies, to realize the security protection of higher level.Power industry is as the important energy source industry to involve the interests of the state and the people, network security
It ensures and requires height, power grid production and its enterprise management information belong to important information.In order to realize the data being isolated between network
Exchange and storage generally use special mobile storage medium in power generation field and carry out data interaction and storage.
Currently, when carrying out data processing using special mobile storage medium, it usually needs be manually entered user name and close
The mode of code verifies special mobile storage medium, and it is low to lead to verify speed, resists to social engineering attack weak.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of data safety control method based on biological information identification and ends
End equipment verifies special mobile storage medium to solve to be manually entered username and password in the prior art, leads to verification speed
It spends low, weak problem is resisted to social engineering attack.
The first aspect of the embodiment of the present invention provides a kind of data safety control method based on biological information identification, packet
It includes:
Receive the first biological information;
When first biological information meets the first access authority, the second biological information is received;
When second biological information meets the second access authority, data list is shown;
Data processing instructions are received, and according to the data processing instructions, at the data in the data list
Reason.
In one embodiment, before the first biological information of the reception, further includes:
Read biological information;
According to the biological information, configures and save access authority;
The biological information includes first biological information, second biological information;The access authority includes institute
State the first access authority, second access authority.
In one embodiment, the reception data processing instructions, and according to the data processing instructions, the data are arranged
Data in table are handled, comprising:
The first data processing signal is received, first data processing signal includes data write signal or data modification
Signal;
When storage space volume meets the capacity requirement of first data processing, by first data processing signal
The first memory space is written in corresponding first data write-in or modified first data;
Second data are obtained to first data encryption, and second data are stored in the second memory space;
Second data are verified, after second data check success, delete first memory space
First data of middle preservation.
It is in one embodiment, described that second data are verified, comprising:
To second data deciphering, third data are obtained;
It verifies the third data and whether first data is identical.
In one embodiment, the reception data processing instructions, and according to the data processing instructions, the data are arranged
Data in table are handled, comprising:
The second data processing signal is received, second data processing signal includes data erasure signal or memory space
Empty signal;
When in data erasure signal file name with the first file name is identical in current file list when, or when depositing
The memory space address in clear space signal is stored up with when the memory space address of prelocalization is identical, pseudo-random data is written
First memory space and the third memory space, the third memory space are the memory space address for working as prelocalization
Corresponding memory space;
It deletes corresponding first file of first file name or empties in the file in the third memory space
Hold.
In one embodiment, it deletes corresponding first file of first file name described or empties the third
After file content in memory space, further includes:
Update filesystem information;
When filesystem information after checksum update is correct, the pseudo-random data in first memory space is deleted.
In one embodiment, the reception data processing instructions, and according to the data processing instructions, the data are arranged
Data in table are handled, comprising:
Third data processing signal is received, the third data processing signal includes data read signal;
According to the file information in the third data processing of information, corresponding file is inquired;
Read the file;Alternatively, obtaining the file, and the file to the file decryption, after reading decryption.
The second aspect of the embodiment of the present invention provides a kind of data safety management device based on biological information identification, packet
It includes:
Receiving module, for receiving the first biological information;
The receiving module is also used to when first biological information meets the first access authority, receives the second biology
Information;
Display module, for showing data list when second biological information meets the second access authority;
Processing module, process instruction for receiving data, and according to the data processing instructions, in the data list
Data handled.
The third aspect of the embodiment of the present invention provides a kind of terminal device, including memory, processor and is stored in
In the memory and the computer program that can run on the processor, which is characterized in that described in the processor executes
The step as described in the above-mentioned data safety control method identified based on biological information is realized when computer program.
The fourth aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, which is characterized in that is realized when the computer program is executed by processor as above-mentioned based on life
Step described in the data safety control method of object information identification.
Existing beneficial effect is the embodiment of the present invention compared with prior art: provided in an embodiment of the present invention based on biology
Information identifies volume data processing method, by receiving the first biological information;When first biological information meets the first access right
In limited time, the second biological information is received;When second biological information meets the second access authority, data list is shown;It receives
Data processing instructions, and according to the data processing instructions, the data in the data list are handled.The present embodiment can
To provide a kind of quick, safe and reliable data processing method, to solve to be manually entered username and password in the prior art
Special mobile storage medium is verified, causes verification speed low, weak problem is resisted to social engineering attack.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing briefly introduce, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill of field, without any creative labor, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is that a kind of process of data safety control method based on biological information identification provided in an embodiment of the present invention is shown
It is intended to;
Fig. 2 is the flow diagram of data initialization method provided in an embodiment of the present invention;
Fig. 3 is the flow diagram of data write-in provided in an embodiment of the present invention or modification data method;
Fig. 4 is the flow diagram of data-erasure method provided in an embodiment of the present invention;
Fig. 5 is the flow diagram of method for reading data provided in an embodiment of the present invention;
Fig. 6 is the schematic diagram of the data safety management device provided in an embodiment of the present invention based on biological information identification;
Fig. 7 is the schematic diagram of terminal device provided in an embodiment of the present invention.
Specific embodiment
In being described below, for illustration and not for limitation, the tool of such as particular system structure, technology etc is proposed
Body details, to understand thoroughly the embodiment of the present invention.However, it will be clear to one skilled in the art that there is no these specific
The present invention also may be implemented in the other embodiments of details.In other situations, it omits to well-known system, device, electricity
The detailed description of road and method, in case unnecessary details interferes description of the invention.
In order to illustrate technical solutions according to the invention, the following is a description of specific embodiments.
The embodiment of the present invention provides a kind of data safety control method based on biological information identification, as shown in Figure 1, the party
Method the following steps are included:
Step 101, the first biological information is received.
First biological information may include: finger print information, face characteristic identification information, human eye iris information, action recognition
The information such as information.
Before this step further include: read biological information;According to the biological information, configures and save access authority.
Step 102, when first biological information meets the first access authority, the second biological information is received.
Second biological information may include: finger print information, face characteristic identification information, human eye iris information, action recognition
The information such as information.It is noted that the first biological information is different from the second biological information.
First access authority can be equipment access authority.
Step 103, when second biological information meets the second access authority, data list is shown.
Second access authority can be memory space access right or file access permission.
Step 104, data processing instructions are received, and according to the data processing instructions, to the number in the data list
According to being handled.
Optionally, this step includes: to receive the first data processing signal, and first data processing signal includes that data are write
Enter signal or data modification signal;
When storage space volume meets the capacity requirement of first data processing, by first data processing signal
The first memory space is written in corresponding first data write-in or modified first data;
Second data are obtained to first data encryption, and second data are stored in the second memory space;
To second data deciphering, third data are obtained;
It verifies the third data and whether first data is identical.
After second data check success, delete first data saved in first memory space or
Modified first data.
Optionally, this step includes: to receive the second data processing signal, and second data processing signal includes that data are deleted
Except signal or memory space empty signal;
When in data erasure signal file name with the first file name is identical in current file list when, or when depositing
The memory space address in clear space signal is stored up with when the memory space address of prelocalization is identical, pseudo-random data is written
First memory space and the third memory space, the third memory space are the memory space address for working as prelocalization
Corresponding memory space;
It deletes corresponding first file of first file name or empties in the file in the third memory space
Hold.
Update filesystem information;
When filesystem information after checksum update is correct, the pseudo-random data in first memory space is deleted.
Optionally, this step includes: to receive third data processing signal, and the third data processing signal includes that data are read
The number of winning the confidence;
According to the file information in the third data processing of information, corresponding file is inquired;
Read the file;Alternatively, obtaining the file, and the file to the file decryption, after reading decryption.
The embodiment of the present invention provides a kind of data safety control method based on biological information identification, raw by receiving first
Object information;When first biological information meets the first access authority, the second biological information is received;When the second biology letter
When breath meets the second access authority, data list is shown;According to the data processing signal received, in the data list
Data are handled.The present embodiment can provide a kind of quick, safe and reliable data processing method, solve password loss
Caused by data can not access, data lack permission control the problems such as causing leaking data.
The embodiment of the present invention provides another data safety control method based on biological information identification, specifically includes data
The method of initial method, data write-in or modification data, the method for method and reading data that data are deleted.Divide below
It is not described in detail.
As shown in Fig. 2, the method for data initialization the following steps are included:
Step 201, biological information is read.
Biological information may include: finger print information, face characteristic identification information, human eye iris information, action recognition information
Etc. information.
Further, after reading biological information, the biological information is stored.
Step 202, it according to the biological information, configures and saves access authority.
Optionally, the equipment access authority of the corresponding personnel of biological information is configured according to biological information or memory space is visited
It asks permission, saves biological information and the configuration of corresponding access authority, it, can be with so as to subsequent when reading the biological information
Open corresponding access authority.
Further, one layer or more of setting can be carried out to access authority in the present embodiment, such as can be set multiple
Biological information can just open access authority, carry out data access.For example, the combination of finger print information and face characteristic identification information,
Perhaps perhaps the combination of finger print information and action recognition information or fingerprint are believed for the combination of finger print information and human eye iris information
Breath, face characteristic identification information and combination of human eye iris information etc..
After the completion of data initialization, there are the personnel of access authority that can the file in storage equipment is written or be repaired
Change the operations such as data, deletion data and reading data.
As shown in figure 3, data write-in or modification data method the following steps are included:
Step 301, the first biological information is received.
Optionally, the first biological information may include finger print information, face characteristic identification information, human eye iris information, move
Make the information such as identification information.
Step 302, when first biological information meets the first access authority, the second biological information is received.
Optionally, the second biological information may include finger print information, face characteristic identification information, human eye iris information, move
Make the information such as identification information, but different from the first biological information.For example, the first biological information can be finger print information, second is raw
Object information can be face feature identification information.
Optionally, the first access authority can be equipment access authority.It can also include: detection described the before this step
Whether one biological information meets the first access authority.When first biological information does not meet the first access authority, nothing is prompted
Biological information is re-entered in access authority or prompt.
Step 303, when second biological information meets the second access authority, data list is shown.
Optionally, the second access authority can be memory space access right.When second biological information does not meet
When two access authority, prompt to re-enter biological information without access authority or prompt.
The present embodiment can just open access authority by the verifying of two layers of biological information of setting, more ensure that data in this way
Storage safety.
Step 304, receive the first data processing signal, first data processing signal include data write signal or
Data modification signal.
Step 305, when storage space volume meets the capacity requirement of first data processing, by first data
It handles the corresponding first data write-in of signal or the first memory space is written in modified first data.
Optionally, when storage space volume is unsatisfactory for the capacity requirement of first data processing, memory space is prompted
It is insufficient.
Optionally, the first memory space can be the space in cache.
Step 306, the second data are obtained to first data encryption, and second data is stored in the second storage
Space.
It can also include: the page for showing and whether encrypting before this step.When the determination information for receiving user's input
Afterwards, the first data are encrypted;Or after receiving the determination information of user's input, and biological information is carried out to user and is tested
After demonstrate,proving successfully, the first data are encrypted.
Optionally, the second memory space can be the memory space in mobile memory medium.
It, can be preset using being added at the data head, data tail of the first data when optionally, to the first data encryption
The cipher mode of number or letter, can also be using the cipher mode for deleting certain data in the first data, the present embodiment
In the concrete mode of data encryption is not defined.
Step 307, to second data deciphering, third data are obtained.
Optionally, it before this step can also include: whether display verifies the page.When the determination for receiving user's input
After information, verification processing is decrypted to the second data;Or when receive user input determination information after, and to user into
After the success of row biometric information verification, verification processing is decrypted to the second data.
Step 308, the third data are verified and whether first data are identical.
Step 309, after second data check success, described first saved in first memory space is deleted
Data.
Optionally, it after the failure of the second data check, needs that data are written or are modified again, i.e. execution step
305。
After the success of the second data check, the data saved in cache are deleted, discharge spatial cache.
Further, it can also include: setting after this step and save data access authority.For example, setting is current
Biological information and the data write-in of access personnel, modification, the permission deleted, read.
As shown in figure 4, data delete method the following steps are included:
Step 401, the first biological information is received.
Step 402, when first biological information meets the first access authority, the second biological information is received.
Step 403, when second biological information meets the second access authority, data list is shown.
Step 401 is identical to step 303 as step 301 in Fig. 3 to step 403, and this is no longer going to repeat them, is specifically detailed in
Step 301 to step 303 description.
Further, the second access authority can be memory space access right or file access permission.
Step 404, receive the second data processing signal, second data processing signal include data erasure signal or
Memory space empty signal.
Step 405, when in data erasure signal file name with the first file name is identical in current file list when,
Or when in memory space empty signal memory space address with when the memory space address of prelocalization is identical, by pseudorandom
The first memory space and the third memory space is written in data, and the third memory space is the storage for working as prelocalization
The corresponding memory space of space address.
Optionally, pseudo-random data can be made of 0 and 1.
Step 406, it deletes corresponding first file of first file name or empties in the third memory space
File content.
Step 407, filesystem information is updated.
Step 408, when the filesystem information after checksum update is correct, delete in first memory space it is pseudo- with
Machine data.
Before this step further include: whether the filesystem information after checksum update is correct.Optionally, after checksum update
Filesystem information in pseudo-random data and the pseudo-random data in the first memory space it is whether consistent, prevent delete text
Part is maliciously restored.When check errors, needs to re-start file matching or memory space positioning, that is, re-execute the steps
405。
Further, it can also include: to update storage zone permission configuration after this step, be visited for example, setting is current
Ask the biological information and data write-in, modification, the permission deleted, read of personnel.
As shown in figure 5, method for reading data the following steps are included:
Step 501, the first biological information is received.
Step 502, when first biological information meets the first access authority, the second biological information is received.
Step 503, when second biological information meets the second access authority, data list is shown.
Step 501 is identical to step 303 as step 301 in Fig. 3 to step 503, and this is no longer going to repeat them, is specifically detailed in
Step 301 to step 303 description.
Further, the second access authority can be memory space access right or file access permission.
Step 504, third data processing signal is received, the third data processing signal includes data read signal.
Step 505, according to the file information in the third data processing of information, corresponding file is inquired.
It further, further include reading memory space or the file information to enter the after inquiring corresponding file
One memory space.First memory space can be the memory space in cache.
Step 506, the file is read;Alternatively, the file is obtained, and to the file decryption, after reading decryption
File.
When needing to file decryption, the interface whether decrypted is shown.It is right after receiving the determination information of user's input
Verification processing is decrypted in file;Or after receiving the determination information of user's input, and biological information is carried out to user and is tested
After demonstrate,proving successfully, verification processing is decrypted to file.
It further, can also include: the file for deleting the storage of the first memory space after this step, release caching is empty
Between, reading data process terminates.
The embodiment of the present invention provides a kind of data safety control method based on biological information identification, by user biological
The identification of information and the setting of access authority provide a kind of quick, safe and reliable data processing method, solve password
Data caused by loss can not access, data lack the problems such as permission control causes leaking data.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
The embodiment of the present invention provides a kind of data safety management device based on biological information identification, as shown in fig. 6, the dress
Setting includes: receiving module 601, display module 602, processing module 603.
Receiving module 601, for receiving the first biological information.
First biological information may include: finger print information, face characteristic identification information, human eye iris information, action recognition
The information such as information.
The receiving module 601 is also used to when first biological information meets the first access authority, and it is raw to receive second
Object information.
Optionally, the second biological information may include: finger print information, face characteristic identification information, human eye iris information, move
Make the information such as identification information.It is noted that the first biological information is different from the second biological information.
First access authority can be equipment access authority.
Display module 602, for showing data list when second biological information meets the second access authority.
Second access authority can be memory space access right or file access permission.
Processing module 603, process instruction for receiving data, and according to the data processing instructions, the data are arranged
Data in table are handled.
Optionally, processing module 603 is specifically used for: receiving the first data processing signal, first data processing signal
Including data write signal or data modification signal;When storage space volume meets the capacity requirement of first data processing
When, the corresponding first data write-in of first data processing signal or the first storage of modified first data write-in is empty
Between;Second data are obtained to first data encryption, and second data are stored in the second memory space;To described
Two data decipherings obtain third data;It verifies the third data and whether first data is identical.When second data
After verifying successfully, first data saved in first memory space are deleted.
Optionally, processing module 603 is specifically used for: receiving the second data processing signal, second data processing signal
Including data erasure signal or memory space empty signal;When the file name and current file list in data erasure signal
In the first file name it is identical when, or when the memory space address in memory space empty signal and the storage when prelocalization are empty
Between address it is identical when, the first memory space and the third memory space is written into pseudo-random data, the third storage is empty
Between be the corresponding memory space of memory space address for working as prelocalization;Delete corresponding first text of first file name
Part empties file content in the third memory space.Update filesystem information;File system after checksum update
When information of uniting is correct, the pseudo-random data in first memory space is deleted.
Optionally, processing module 603 is specifically used for: receiving third data processing signal, the third data processing signal
Including data read signal;According to the file information in the third data processing of information, corresponding file is inquired;Described in reading
File;Alternatively, obtaining the file, and the file to the file decryption, after reading decryption.
The embodiment of the present invention provides a kind of data safety management device based on biological information identification, is connect by receiving module
Receive the first biological information;When first biological information meets the first access authority, the receiving module receives the second biology
Information;When second biological information meets the second access authority, display module shows data list;Processing module is used for
Data processing instructions are received, and according to the data processing instructions, the data in the data list are handled.This implementation
Example can provide a kind of quick, safe and reliable data processing method, solve data caused by password loss can not access,
Data lack the problems such as permission control causes leaking data.
Fig. 7 is the schematic diagram for the terminal device that one embodiment of the invention provides.As shown in fig. 7, the terminal of the embodiment is set
Standby 7 include: processor 701, memory 702 and are stored in the memory 702 and can run on the processor 701
Computer program 703, such as based on biological information identification data safety management program.The processor 701 executes described
The step in the above-mentioned data safety control method embodiment based on biological information identification is realized when computer program 703, such as
Step 101 shown in FIG. 1 to 104 perhaps step 201 shown in Fig. 2 to step 202 or step 301 shown in Fig. 3 to step
Rapid 309 perhaps step 401 shown in Fig. 4 to step 408 or step 501 shown in fig. 5 to step 506.The processor
The function of each module in above-mentioned each Installation practice, such as module shown in Fig. 6 are realized when the 701 execution computer program 703
601 to 603 function.
Illustratively, the computer program 703 can be divided into one or more modules, one or more of
Module is stored in the memory 702, and is executed by the processor 701, to complete the present invention.It is one or more of
Module can be the series of computation machine program instruction section that can complete specific function, and the instruction segment is for describing the computer
Implementation procedure of the program 703 in the device or terminal device 7 of the data safety management based on biological information identification.Example
Such as, the computer program 703 can be divided into receiving module 601, display module 602, processing module 603, each module tool
Body function is as shown in fig. 6, this is no longer going to repeat them.
The terminal device 7 can be the calculating such as desktop PC, notebook, palm PC and cloud server and set
It is standby.The terminal device may include, but be not limited only to, processor 701, memory 702.It will be understood by those skilled in the art that
Fig. 7 is only the example of terminal device 7, does not constitute the restriction to terminal device 7, may include more more or fewer than illustrating
Component, perhaps combines certain components or different components, for example, the terminal device can also include input-output equipment,
Network access equipment, bus etc..
Alleged processor 701 can be central processing unit (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor
Deng.
The memory 702 can be the internal storage unit of the terminal device 7, for example, terminal device 7 hard disk or
Memory.The memory 702 is also possible to the External memory equipment of the terminal device 7, such as is equipped on the terminal device 7
Plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card,
Flash card (Flash Card) etc..Further, the memory 702 can also have been deposited both the inside including the terminal device 7
Storage unit also includes External memory equipment.The memory 702 is for storing the computer program and the terminal device 7
Other required programs and data.The memory 702, which can be also used for temporarily storing, have been exported or will export
Data.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each function
Can unit, module division progress for example, in practical application, can according to need and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device is divided into different functional unit or module, more than completing
The all or part of function of description.Each functional unit in embodiment, module can integrate in one processing unit, can also
To be that each unit physically exists alone, can also be integrated in one unit with two or more units, it is above-mentioned integrated
Unit both can take the form of hardware realization, can also realize in the form of software functional units.In addition, each function list
Member, the specific name of module are also only for convenience of distinguishing each other, the protection scope being not intended to limit this application.Above system
The specific work process of middle unit, module, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, is not described in detail or remembers in some embodiment
The part of load may refer to the associated description of other embodiments.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, the specific application and design constraint depending on technical solution.Professional technician
Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed
The scope of the present invention.
In embodiment provided by the present invention, it should be understood that disclosed device/terminal device and method, it can be with
It realizes by another way.For example, device described above/terminal device embodiment is only schematical, for example, institute
The division of module or unit is stated, only a kind of logical function partition, there may be another division manner in actual implementation, such as
Multiple units or components can be combined or can be integrated into another system, or some features can be ignored or not executed.Separately
A bit, shown or discussed mutual coupling or direct-coupling or communication connection can be through some interfaces, device
Or the INDIRECT COUPLING or communication connection of unit, it can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or
In use, can store in a computer readable storage medium.Based on this understanding, the present invention realizes above-mentioned implementation
All or part of the process in example method, can also instruct relevant hardware to complete, the meter by computer program
Calculation machine program can be stored in a computer readable storage medium, the computer program when being executed by processor, it can be achieved that on
The step of stating each embodiment of the method.Wherein, the computer program includes computer program code, the computer program
Code can be source code form, object identification code form, executable file or certain intermediate forms etc..Computer-readable Jie
Matter may include: can carry the computer program code any entity or device, recording medium, USB flash disk, mobile hard disk,
Magnetic disk, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that described
The content that computer-readable medium includes can carry out increasing appropriate according to the requirement made laws in jurisdiction with patent practice
Subtract, such as does not include electric carrier signal and electricity according to legislation and patent practice, computer-readable medium in certain jurisdictions
Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although referring to aforementioned reality
Applying example, invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each
Technical solution documented by embodiment is modified or equivalent replacement of some of the technical features;And these are modified
Or replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of data safety control method based on biological information identification characterized by comprising
Receive the first biological information;
When first biological information meets the first access authority, the second biological information is received;
When second biological information meets the second access authority, data list is shown;
Data processing instructions are received, and according to the data processing instructions, the data in the data list are handled.
2. the data safety control method as described in claim 1 based on biological information identification, which is characterized in that connect described
Before receiving the first biological information, further includes:
Read biological information;
According to the biological information, configures and save access authority;
The biological information includes first biological information, second biological information;The access authority includes described
One access authority, second access authority.
3. the data safety control method as claimed in claim 2 based on biological information identification, which is characterized in that the reception
Data processing instructions, and according to the data processing instructions, the data in the data list are handled, comprising:
The first data processing signal is received, first data processing signal includes data write signal or data modification letter
Number;
It is when storage space volume meets the capacity requirement of first data processing, first data processing signal is corresponding
The first data write-in or modified first data be written the first memory space;
Second data are obtained to first data encryption, and second data are stored in the second memory space;
Second data are verified, after second data check success, deletes and is protected in first memory space
First data deposited.
4. the data safety control method as claimed in claim 3 based on biological information identification, which is characterized in that described to institute
The second data are stated to be verified, comprising:
To second data deciphering, third data are obtained;
It verifies the third data and whether first data is identical.
5. the data safety control method as claimed in claim 2 based on biological information identification, which is characterized in that the reception
Data processing instructions, and according to the data processing instructions, the data in the data list are handled, comprising:
The second data processing signal is received, second data processing signal includes that data erasure signal or memory space empty
Signal;
When in data erasure signal file name with the first file name is identical in current file list when, or when storage is empty
Between memory space address in empty signal with when the memory space address of prelocalization is identical, pseudo-random data is written first
Memory space and the third memory space, the third memory space are described when the memory space address of prelocalization is corresponding
Memory space;
It deletes corresponding first file of first file name or empties the file content in the third memory space.
6. the data safety control method as claimed in claim 5 based on biological information identification, which is characterized in that deleted described
Except corresponding first file of first file name or after emptying file content in the third memory space, also wrap
It includes:
Update filesystem information;
When filesystem information after checksum update is correct, the pseudo-random data in first memory space is deleted.
7. the data safety control method as claimed in claim 2 based on biological information identification, which is characterized in that the reception
Data processing instructions, and according to the data processing instructions, the data in the data list are handled, comprising:
Third data processing signal is received, the third data processing signal includes data read signal;
According to the file information in the third data processing of information, corresponding file is inquired;
Read the file;Alternatively, obtaining the file, and the file to the file decryption, after reading decryption.
8. a kind of data safety management device based on biological information identification characterized by comprising
Receiving module, for receiving the first biological information;
The receiving module is also used to when first biological information meets the first access authority, receives the second biological information;
Display module, for showing data list when second biological information meets the second access authority;
Processing module, process instruction for receiving data, and according to the data processing instructions, to the number in the data list
According to being handled.
9. a kind of terminal device, including memory, processor and storage are in the memory and can be on the processor
The computer program of operation, which is characterized in that the processor realizes such as claim 1 to 7 when executing the computer program
The step of any one the method.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, and feature exists
In when the computer program is executed by processor the step of any one of such as claim 1 to 7 of realization the method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811535087.7A CN109711177A (en) | 2018-12-14 | 2018-12-14 | Data safety control method and terminal device based on biological information identification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811535087.7A CN109711177A (en) | 2018-12-14 | 2018-12-14 | Data safety control method and terminal device based on biological information identification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109711177A true CN109711177A (en) | 2019-05-03 |
Family
ID=66256436
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811535087.7A Pending CN109711177A (en) | 2018-12-14 | 2018-12-14 | Data safety control method and terminal device based on biological information identification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109711177A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022166612A1 (en) * | 2021-02-03 | 2022-08-11 | 胡金钱 | Composite enterprise qr code management method and composite enterprise qr code management system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105046127A (en) * | 2015-05-26 | 2015-11-11 | 小米科技有限责任公司 | Encryption and decryption method and apparatus |
| CN105580308A (en) * | 2013-09-06 | 2016-05-11 | 萨基姆防卫安全 | Method of managing consistency of caches |
| WO2017166689A1 (en) * | 2016-03-31 | 2017-10-05 | 宇龙计算机通信科技(深圳)有限公司 | Privacy protection method and device |
| CN107391987A (en) * | 2017-07-01 | 2017-11-24 | 珠海格力电器股份有限公司 | Application protection method and device based on biological feature recognition and electronic equipment |
| CN107480495A (en) * | 2017-07-24 | 2017-12-15 | 广东欧珀移动通信有限公司 | The unlocking method and Related product of mobile terminal |
| CN107968788A (en) * | 2017-12-07 | 2018-04-27 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for working document safety management |
| CN108563396A (en) * | 2017-12-11 | 2018-09-21 | 上海高顿教育培训有限公司 | A kind of safe high in the clouds object storage method |
| CN108920928A (en) * | 2018-09-14 | 2018-11-30 | 算丰科技(北京)有限公司 | Personal identification method, device, electronic equipment and computer readable storage medium |
-
2018
- 2018-12-14 CN CN201811535087.7A patent/CN109711177A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105580308A (en) * | 2013-09-06 | 2016-05-11 | 萨基姆防卫安全 | Method of managing consistency of caches |
| CN105046127A (en) * | 2015-05-26 | 2015-11-11 | 小米科技有限责任公司 | Encryption and decryption method and apparatus |
| WO2017166689A1 (en) * | 2016-03-31 | 2017-10-05 | 宇龙计算机通信科技(深圳)有限公司 | Privacy protection method and device |
| CN107391987A (en) * | 2017-07-01 | 2017-11-24 | 珠海格力电器股份有限公司 | Application protection method and device based on biological feature recognition and electronic equipment |
| CN107480495A (en) * | 2017-07-24 | 2017-12-15 | 广东欧珀移动通信有限公司 | The unlocking method and Related product of mobile terminal |
| CN107968788A (en) * | 2017-12-07 | 2018-04-27 | 湖州华科信息咨询有限公司 | A kind of method and apparatus for working document safety management |
| CN108563396A (en) * | 2017-12-11 | 2018-09-21 | 上海高顿教育培训有限公司 | A kind of safe high in the clouds object storage method |
| CN108920928A (en) * | 2018-09-14 | 2018-11-30 | 算丰科技(北京)有限公司 | Personal identification method, device, electronic equipment and computer readable storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022166612A1 (en) * | 2021-02-03 | 2022-08-11 | 胡金钱 | Composite enterprise qr code management method and composite enterprise qr code management system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11163907B2 (en) | Decentralized token table generation | |
| CN104823207B (en) | The Personal Identification Number for mobile payment application program is protected by combining with random element | |
| CN106104563B (en) | The technology of network security is provided by the account opened on time just | |
| CN109840430A (en) | The secure processing units and its bus arbitration method of PLC | |
| CN107851150A (en) | The technology that secure hardware and software for credible I/O prove | |
| CN104320389B (en) | A kind of fusion identity protection system and method based on cloud computing | |
| CN104380652A (en) | Multi-issuer secure element partition architecture for NFC enabled devices | |
| CN108139984A (en) | Secure subsystem | |
| CN103150514A (en) | Mobile equipment-based credible module and credible service method thereof | |
| CN105612715A (en) | Security processing unit with configurable access control | |
| US9659171B2 (en) | Systems and methods for detecting tampering of an information handling system | |
| CN107612901A (en) | One kind applies encryption method and terminal | |
| CN108376224A (en) | A kind of movable storage device and its encryption method and device | |
| CN109409041A (en) | A kind of server-side safety certifying method and system based on the application of more certificates | |
| CN104268483B (en) | Data protecting system, device and method | |
| CN108965315A (en) | A kind of authentic authentication method of terminal device, device and terminal device | |
| CN109214221A (en) | A kind of identity card reader verification method, host computer and identity card reader | |
| CN103617127A (en) | Memory device with subareas and memorizer area dividing method | |
| CN101420299B (en) | Method for enhancing stability of intelligent cipher key equipment and intelligent cipher key equipment | |
| CN105205416A (en) | Mobile hard disk password module | |
| CN110431803A (en) | Identity-based information management encryption key | |
| CN109711177A (en) | Data safety control method and terminal device based on biological information identification | |
| CN108537038A (en) | Custom rule cipher management method, device, terminal device and storage medium | |
| CN102662871A (en) | Trusted cryptography module based system and method for protection of virtual disk completeness | |
| CN108343315A (en) | Key management method and terminal device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190503 |
|
| RJ01 | Rejection of invention patent application after publication |