CN110532803B - Private data protection method and device - Google Patents

Private data protection method and device Download PDF

Info

Publication number
CN110532803B
CN110532803B CN201910827242.0A CN201910827242A CN110532803B CN 110532803 B CN110532803 B CN 110532803B CN 201910827242 A CN201910827242 A CN 201910827242A CN 110532803 B CN110532803 B CN 110532803B
Authority
CN
China
Prior art keywords
state
permission
monitoring
authorization
application program
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910827242.0A
Other languages
Chinese (zh)
Other versions
CN110532803A (en
Inventor
杨荷花
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics China R&D Center, Samsung Electronics Co Ltd filed Critical Samsung Electronics China R&D Center
Priority to CN201910827242.0A priority Critical patent/CN110532803B/en
Publication of CN110532803A publication Critical patent/CN110532803A/en
Application granted granted Critical
Publication of CN110532803B publication Critical patent/CN110532803B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0481Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
    • G06F3/04817Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance using icons
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Abstract

According to the method and the device for protecting the private data, the authorization state of the system authority is monitored, the current use state of the system authority is monitored in real time after the application program obtains the authorization permission of the system authority, when the application program is monitored to use the system authority which is obtained by the authorization permission, a use notice is sent to a user to inform the user that the application program is using the system authority, the monitoring of the system authority which is obtained by the application program is achieved, the state of the system authority which is used by the application program is informed to the user, the transparency of the system authority which is used by the application program is achieved, and the user can clearly determine the specific use time and scene of the system authority, so that the protection of the private data of the user is facilitated.

Description

Private data protection method and device
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a method and a device for protecting private data.
Background
With the rapid development of smart devices, various applications and services have come to be developed, and more Applications (APPs) are collected on smart devices. But APP brings convenience to the life of people, and simultaneously has the problem of collecting privacy data of users.
At present, in the process of installing an APP by a user, the APP to be installed generally sends request information for obtaining system permission access authorization, and if the system permission access authorization permission of the user is obtained, the APP can access relevant content of the system permission after installation. But this also results in that once a certain system right (e.g. audio, video, text, location, storage, etc.) is granted to the APP, the APP can use the system right anytime and anywhere, and the use state is unknown to the user. Thus possibly resulting in leakage of user private data.
Disclosure of Invention
The embodiment of the disclosure provides a private data protection method and device.
In a first aspect, an embodiment of the present disclosure provides a method for protecting private data, where the method includes: monitoring the authorization state of the system authority, wherein the authorization state is used for indicating the range of the system authority which permits the application program in the system to be used; recording an authorization timestamp for the application program to acquire the authorization permission in response to monitoring the authorization permission for the application program to acquire the system permission; monitoring the current use state of the system authority in real time based on the authorization timestamp; and in response to monitoring that the current use state of the system authority is the in-use state, sending a use notice that the application program is using the system authority to the user.
In some embodiments, in response to monitoring that the current usage state of the system privilege is a usage state, sending a usage notification to the user that the application is using the system privilege comprises: responding to the current use state of the system permission monitored to be the use state, and acquiring the current operation state of the system; in response to determining that the current operating state of the system is a standby state, a usage notification is displayed.
In some embodiments, in response to monitoring that the current usage state of the system privilege is a usage state, sending a usage notification to the user that the application is using the system privilege further comprises: in response to the fact that the current running state of the system is the awakening state, judging whether the application program is in a foreground application state or not; in response to determining that the application is not in the foreground application state, a usage notification is displayed via a notification bar.
In some embodiments, in response to monitoring that the current usage state of the system privilege is a usage state, sending a usage notification to the user that the application is using the system privilege further comprises: in response to determining that the application is in the foreground application state, an icon of the system privilege is presented through the notification bar to display the usage notification.
In some embodiments, in response to monitoring that the current usage state of the system privilege is a usage state, sending a usage notification to the user that the application is using the system privilege further comprises: and acquiring a first time stamp of the application program for starting to use the system authority and a function of the application program for applying to use the system authority.
In some embodiments, the method further comprises: and in response to monitoring that the current use state of the system authority is the stop use state, acquiring a second timestamp of the stop use of the system authority by the application program, and stopping presenting the use notice.
In some embodiments, the method further comprises: and acquiring an authorized termination time stamp of the system authority in response to the received closing operation of the authorized license indicating the authorized license for terminating the application program.
In some embodiments, a first selection control is presented, wherein the first selection control is used for receiving a switch instruction of a user for monitoring system authority; monitoring the authorization status of system permissions includes: and starting a system authority monitoring system in response to the received selection operation instruction of the user on the first selection control, and monitoring the authorization state of the system authority.
In some embodiments, the method further comprises: and stopping monitoring the authorization state of the system authority in response to the received instruction of the user for selecting the first selection control to close the system authority monitoring.
In some embodiments, the method further comprises: and presenting the use state of the system authority in response to receiving the viewing operation of the use state of the system authority.
In some embodiments, presenting the usage status of the system privilege comprises at least one of: presenting the state of the authorization permission of the application program for acquiring the system authority based on the authorization timestamp; presenting the state that the application program starts to use the system authority and presenting the function that the application program applies for using the system authority based on the first time stamp; presenting a state in which the application stops using the system right based on the second timestamp; based on the grant termination timestamp, a status of the application losing the granted permission of the system rights is presented.
In some embodiments, the method further comprises: presenting a system permission list; in response to receiving a selection operation of a user on one of the target system permissions presented by the system permission list, presenting a selection interface of the target system permission, wherein the selection interface presents an application program list corresponding to the target system permission and a second selection control list corresponding to the application program list; starting target system permission monitoring in response to the received selection operation instruction of the user on the second selection control in the second selection control list, and monitoring the authorization state of the target system permission; the second selection control is used for receiving a switch instruction of a user for monitoring the authority of the target system.
In a second aspect, an embodiment of the present disclosure provides an apparatus for protecting private data, including: the monitoring module is configured to monitor the authorization state of the system authority, wherein the authorization state is used for indicating the range of the application program usage in the system permitted by the system authority; recording an authorization timestamp for the application program to acquire the authorization permission in response to monitoring the authorization permission for the application program to acquire the system permission; monitoring the current use state of the system authority in real time based on the authorization timestamp; and the notification module is configured to respond to the monitored current use state of the system authority as the in-use state and send a use notification that the application program is using the system authority to the user.
In some embodiments, the notification module is further configured to: responding to the current use state of the system permission monitored to be the use state, and acquiring the current operation state of the system; in response to determining that the current operating state of the system is a standby state, a usage notification is displayed.
In some embodiments, the notification module is further configured to: in response to determining that the current running state of the system is the awakening state, checking whether the application program is in a foreground application state; in response to determining that the application is not in the foreground application state, a usage notification is displayed via a notification bar.
In some embodiments, the notification module is further configured to: in response to determining that the application is in the foreground application state, an icon of the system privilege is presented through the notification bar to display the usage notification.
In some embodiments, the monitoring module is further configured to: and acquiring a first time stamp of the application program for starting to use the system authority and a function of the application program for applying to use the system authority.
In some embodiments, the monitoring module is further configured to: and in response to monitoring that the current use state of the system authority is the stop use state, acquiring a second timestamp of the stop use of the system authority by the application program, and stopping presenting the use notice.
In some embodiments, the monitoring module is configured to obtain an authorization expiration timestamp of the system privilege in response to the received close operation for the authorization permission indicating expiration of the authorization permission for the application.
In some embodiments, the apparatus further comprises: a display module; the display module is configured to present a first selection control, wherein the first selection control is used for receiving a switch instruction of a user for monitoring the system authority; and the monitoring module is configured to respond to the received selection operation instruction of the user on the first selection control to start the system authority monitoring system and monitor the authorization state of the system authority.
In some embodiments, the monitoring module is further configured to stop monitoring the authorization status of the system permission in response to the received user selection operation of the first selection control indicating that the system permission monitoring is turned off.
In some embodiments, a display module configured to: and presenting the use state of the system authority in response to receiving the viewing operation of the use state of the system authority.
In some embodiments, the display module is further configured to at least one of: presenting a state of an authorization permission for the application to acquire the system permission based on the authorization timestamp; presenting the state that the application program starts to use the system authority and presenting the function that the application program applies for using the system authority based on the first time stamp; presenting a state in which the application stops using the system right based on the second timestamp; based on the authorization expiration timestamp, a state is presented in which the application lost the authorized permission for the system privilege.
In some embodiments, a display module configured to: presenting a system permission list; a display module further configured to: in response to receiving a selection operation of a user on one target system permission presented by the system permission list, presenting a selection interface of the target system permission, wherein the selection interface presents an application program list corresponding to the target system permission; a monitoring module configured to: starting target system permission monitoring in response to the received selection operation instruction of the user on the second selection control in the second selection control list, and monitoring the authorization state of the target system permission; the second selection control is used for receiving a switch instruction of a user for monitoring the authority of the target system.
In a third aspect, the present application provides an electronic device, an electronic device/terminal/server, comprising one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method as described in any of the implementations of the first aspect.
In a fourth aspect, the present application provides a computer-readable medium, on which a computer program is stored, which program, when executed by a processor, implements the method as described in any implementation form of the first aspect.
The method and the device for protecting the private data provided by the embodiment of the disclosure comprise the steps of monitoring the authorization state of a system authority, wherein the authorization state is used for indicating the range of the system authority for licensing the application program in a system, recording an authorization timestamp of the application program for acquiring the authorization permission in response to monitoring that the application program acquires the authorization permission of the system authority, monitoring the current use state of the system authority in real time based on the authorization timestamp, and sending a use notice that the application program is using the system authority to a user in response to monitoring that the current use state of the system authority is a use state. By monitoring the system permission, after the application program obtains the authorization permission of the system permission, when the application program is monitored to use the system permission which is obtained with the authorization permission, a use notice is sent to the user to inform the user that the application program is using the system permission, the monitoring of the system permission which is obtained with the authorization permission of the application program is realized, the state that the application program uses the system permission is informed to the user, the transparentization of the application program using the system permission is realized, and the specific use time and scene of the system permission can be clear to the user, so that the protection of the privacy data of the user is facilitated.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 illustrates an exemplary system architecture diagram in which some embodiments of the present disclosure may be applied;
FIG. 2 illustrates a flow diagram of one embodiment of a method of private data protection of the present disclosure;
FIG. 3 illustrates a schematic diagram of one application scenario of the private data protection method of the present disclosure;
FIG. 4 illustrates a flow diagram of the present disclosure for sending a usage notification to a user that an application is using system permissions;
FIG. 5 illustrates a flow diagram of yet another embodiment of a private data protection method of the present disclosure;
FIG. 6 illustrates a flow diagram of yet another embodiment of a private data protection method of the present disclosure;
FIG. 7 illustrates a flow diagram of yet another embodiment of a private data protection method of the present disclosure;
FIG. 8 illustrates an exemplary view of the embodiment illustrated in FIG. 7;
FIG. 9 illustrates a schematic structural diagram of one embodiment of the private data protection system of the present disclosure;
FIG. 10 illustrates a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which the private data protection method or the private data protection apparatus of an embodiment of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. Network 104 is the medium used to provide communication links between terminal devices 101, 102, 103 and server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. Various client applications, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, e-book readers, laptop portable computers, desktop computers, and the like. When the terminal devices 101, 102, 103 are software, they can be installed in the electronic devices listed above. It may be implemented, for example, as multiple software or software modules to provide distributed services, or as a single software or software module. And is not particularly limited herein.
The server 105 may be a server that provides various services, such as a server that provides support for each function of the terminal apparatuses 101, 102, 103, a cloud server, and the like. The server can store and the like the received data and feed back the processing result to the terminal equipment.
It should be noted that the private data protection method provided by the embodiments of the present disclosure is executed by the terminal devices 101, 102, and 103. Accordingly, the private data protection apparatus is provided in the terminal devices 101, 102, 103. This is not a particular limitation of the present application.
It should be understood that, since the private data protection method provided by the embodiment of the present application is executed by the terminal devices 101, 102, and 103, if the terminal devices 101, 102, and 103 do not have a requirement for interaction with the server 105, the architecture shown in fig. 1 may only include the terminal devices 101, 102, and 103. Further, the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a method of protecting private data in accordance with the present disclosure is shown. The privacy data protection method can comprise the following steps:
step 210, monitoring the authorization status of the system authority.
The system authority refers to the authority required for accessing and collecting the user privacy data, and the system authority may include the use right of a microphone, a camera, a location, a storage, a telephone, an address book, a calendar, and the like. The user privacy data can comprise hardware data, software data and the like, and the application program can access and acquire the hardware data by using system authorities such as a microphone, a camera, a position, a storage and a telephone, and can also access and acquire the software data by using system authorities such as an address list and a calendar.
The authorization status is used to indicate the scope of the application program usage in the system permission system, and may be the type of the application program that is permitted to be used by the same system permission, or may be whether the usage right of the system permission has been acquired by the application program.
In this step, an executing body of the private data protection method (for example, the terminal device shown in fig. 1) may monitor the authorization status of the system authority, thereby obtaining information indicating whether the system authority permits the application use and the range of the permitted application use.
And step 220, responding to the monitored authorization permission of the application program for obtaining the system permission, and obtaining an authorization timestamp of the application program for obtaining the authorization permission.
In this step, the execution subject monitors the authorization status of the system permission, and in response to monitoring that the application program obtains the authorization permission of the system permission, obtains an authorization timestamp for the application program to obtain the authorization permission, where the authorization timestamp indicates a time value for the application program to obtain the authorization permission. When an application program (APP) initiates an authorization application to a user, monitoring that the APP obtains the right of use of the system right, and recording APP information of the system right obtained at this time, for example: APP ID, APP name, APP icon, authorization timestamp, etc.
And step 230, monitoring the current use state of the system authority in real time based on the authorization timestamp.
The states of the system authority may include, but are not limited to, the following states: a holding permission state, a using state, a decommissioning state, and a losing permission state.
In this step, after the execution main body obtains the authorization timestamp, the current use state of the system permission is monitored in real time. If the system starts to be authorized based on the authorization timestamp, the application program acquires authorization permission of the system authority, and the current state of the system authority is the state of holding the authority at the moment; monitoring that the application program uses the system authority, wherein the current state of the system authority is the using state; monitoring that the application program stops using the system authority, wherein the current state of the system authority is a use stop state; and monitoring that the authorized license acquired by the application program is terminated, wherein the current state of the system right is a lost right state.
In response to monitoring that the current usage status of the system privilege is in-use status, a usage notification that the application program is using the system privilege is sent to the user, step 240.
In this step, the execution subject sends a use notification that the application program is using the system right to the user in response to monitoring that the current use state of the system right is the in-use state, so as to notify the user that the application program is using the system right.
The content of the usage notification may include a name or an icon of the system right being used, or may include a name or an icon of the application program that is using the system right, and the like, which is not specifically limited in this application. The usage notification may be displayed in a form of a dialog box, a prompt box, a system permission icon, and the like, which is not specifically limited in this application. For example, the usage notification may be in the form of a prompt box, and the content of the usage notification may be: APP1 is using camera rights.
The method provided by the above embodiment of the present disclosure monitors the authorization status of the system permission, monitors the current use status of the system permission in real time after the application program obtains the authorization permission of the system permission, and sends a use notification to the user to notify the user that the application program is using the system permission when it is monitored that the application program is using the system permission that has obtained the authorization permission, thereby implementing the monitoring of the system permission that the application program obtains the authorization permission, notifying the user of the status that the application program uses the system permission, implementing the transparency of the application program using the system permission, and enabling the user to specify the specific use time and scene of the system permission, thereby being beneficial to protecting the user privacy data.
With continued reference to fig. 3, fig. 3 is a schematic diagram of an application scenario of the private data protection method according to the present embodiment. The method can be applied to the application scenario of fig. 3, when a user installs APP1, APP1 initiates an authorization request for applying for the use right of a system permission microphone, and the user authorizes the authorization request of APP1, so that APP1 can use the microphone during obtaining the authorization permission, and APP1 can use the microphone to collect and access user privacy data. And a system permission monitoring mechanism in the terminal equipment monitors that the APP1 acquires the authorization permission of the microphone, and then starts to monitor the state of the microphone. When the user is using APP1 and the current interface is the interactive interface of APP1, and when APP1 is using the microphone, the system permission monitoring mechanism monitors that the current using state of the microphone is the using state, and sends a use notification that APP1 is using the microphone to the user, as shown in FIG. 3, the user is notified that APP1 is using the microphone currently by displaying a microphone icon 310.
In some optional implementations of the embodiment, the sending of the usage notification that the application is using the system privilege to the user in response to monitoring that the current usage state of the system privilege is the in-use state, which is shown in step 240 in fig. 2, may be further performed according to the flow 400 shown in fig. 4.
Specifically, the flow shown in fig. 4 includes:
and step 410, in response to the fact that the current use state of the system authority is monitored to be the in-use state, acquiring the current operation state of the system.
The current operating state of the system refers to an operating state of the system at the current moment, and may be a standby state or an awake state. The standby state refers to a state in which the electronic device is turned on but does not perform any substantial work (i.e., various operations on files and programs). The awake state refers to a state in which the electronic device runs an application or a file.
In this step, the execution main body acquires the current operating state of the system in response to monitoring that the current using state of the system authority is the in-use state. And after the current running state of the system is obtained, judging whether the obtained current running state of the system is in a standby state or an awakening state. For example, when the electronic device is in a power-on state at the current time and no application program or file is detected to be operated by the system, the current operation state of the system can be determined to be a standby state; or the current running state of the system can be determined to be the awakening state by acquiring that the electronic equipment is in the starting state at the current moment and detecting that the system runs the application program or the file.
In response to determining that the current operating state of the system is a standby state, a usage notification is displayed, step 420.
In this step, the execution main body displays a use notification in response to determining that the current operation state of the system is the standby state. When the current running state of the system is judged to be the standby state, the use notification can be displayed in a dialog box form to notify the user that the application program is using the system authority, for example, when the system of the execution main body is in a black screen state, the dialog box can be woken up in a pop-up dialog box form, or the dialog box can be presented in a screen-saving display mode.
The content displayed by the dialog box can comprise a notice that the application program is using the system authority, and can also comprise a quick selection control for the user to select, wherein the quick selection control is used for receiving an instruction of whether the user selects to continue the authorization permission of the system authority. The user can select whether to view the usage and whether to continue the authorized permission of the system rights through the contents displayed by the dialog box.
Step 430, in response to determining that the current running state of the system is the wake-up state, determining whether the application program is in a foreground application state.
The foreground application state refers to a state in which the application program is being used by a user, and the application interface of the execution main body is an interactive interface of the application program.
In this step, the execution main body determines whether the application program that is using the system permission is in a foreground application state and determines whether the application program is being used by the user in response to determining that the current running state of the system is an awake state.
In response to determining that the application is not in the foreground application state, step 440 is performed, displaying a usage notification via a notification bar.
In this step, the execution body displays a use notification through the notification bar in response to determining that the application is not in the foreground application state. Upon determining that the application that is using the system permissions is not in the foreground application state, possibly in a background running state or in an already closed state, a usage notification is displayed via the notification bar.
The usage notification may include the name or icon of the application program and the name or icon of the system authority, for example, APP1 is using a microphone, which is not specifically limited in this application.
It should be noted that the method for initiating the notification for the background application is a well-known technology widely studied and applied at present, and is not described herein again.
In response to determining that the application is in the foreground application state, step 450 is performed, presenting an icon of system permissions through a notification bar to display a usage notification.
In this step, the execution body presents an icon of the system authority through the notification bar to display the use notification in response to determining that the application is in the foreground application state. Upon determining that the application that is using the system permissions is in the foreground application state, it is possible that the user is using the application at the time, at which time an icon of the system permissions is presented through the notification bar to display a usage notification. The method for presenting the icon of the system authority may be uninterrupted display or intermittent flashing display, which is not specifically limited in this application.
When the interactive interface is in the operation interface of the application program, the application program is in a foreground application state, and when the application program is in a right state, the notification bar presents an icon of the system right. For example, the interactive interface is in an operation interface of APP1, APP1 is using a microphone, and at this time, a notification bar of the interface displays an icon of the microphone for prompting the user that APP1 is using the microphone.
When the application program starts to use the system authority, the notification bar starts to display an icon of the system authority; when the application program stops using the system authority, the notification bar stops displaying the icon of the system authority; the notification bar displays the system rights icon at all times while the application is using the system rights.
In the implementation mode, different forms of notification modes are presented in different situations by judging the current running state of the system and judging the running state of the application program.
In some optional implementations of this embodiment, the sending, to the user, the usage notification that the application program is using the system right in response to monitoring that the current usage state of the system right is the in-use state, shown in step 240 in fig. 2, may further include: and acquiring a first time stamp of the application program for starting to use the system authority and a function of the application program for applying to use the system authority.
The execution main body monitors that the application program starts to use the system authority, acquires the first time stamp and acquires the function that the application program applies to use the system authority. For example, after the application program acquires the authorization permission of the microphone, the recording function of the application program applies for using the microphone, and when the application program starts to use the microphone, the first timestamp for starting to use the microphone and the recording function applying for using the microphone are recorded.
In the implementation mode, the first timestamp of the application program starting to use the system authority and the function of applying for using the system authority are recorded, so that a user can clearly know the time and the function of the application program using the system authority, and the transparency of the application program using the system authority is realized.
With further reference to fig. 5, a flow 500 of yet another embodiment of a method of private data protection is illustrated. The flow 500 of the private data protection method may further include the following steps:
step 510, monitoring the authorization status of the system authority.
In this step, step 510 is the same as step 210 in the embodiment shown in fig. 2, and is not described herein again.
And step 520, responding to the monitored authorization permission of the application program for obtaining the system permission, and recording an authorization timestamp of the application program for obtaining the authorization permission.
In this step, step 520 is the same as step 220 in the embodiment shown in fig. 2, and is not described herein again.
And step 530, monitoring the current use state of the system authority in real time based on the authorization timestamp.
In this step, step 530 is the same as step 230 in the embodiment shown in fig. 2, and is not described herein again.
And 540, responding to the monitored current use state of the system authority as the in-use state, and sending a use notice that the application program is using the system authority to the user.
In this step, step 540 is the same as step 240 in the embodiment shown in fig. 2, and is not repeated here.
And step 550, in response to monitoring that the current use state of the system permission is the stop use state, acquiring a second timestamp for stopping using the system permission by the application program, and stopping presenting the use notification.
In this step, the execution subject monitors the state change of the system authority in real time, acquires a second timestamp for stopping the application program from using the system authority when the application program is monitored to stop using the system authority, and stops presenting the use notification notifying the user that the application program is using the system authority. For example, the notification bar presents a microphone icon to notify the user that the application is using the microphone privilege when the application is using the microphone privilege, stops displaying the microphone icon when it is monitored that the application stops using the microphone privilege, and records a second timestamp that the application stops using the microphone.
In this embodiment, the timestamp for stopping the application program from using the system permission is further obtained, so that the user can further clearly know the time period for the application program to use the system permission, and the transparency of the application program for using the system permission is realized.
In some optional implementations of this embodiment, the method for protecting private data further includes the following steps: and obtaining the authorization termination time stamp of the system authority in response to the received closing operation of the authorization permission indicating that the authorization permission of the application program is terminated.
The method includes that an application program initiates an application request of a use right of a system authority, an execution main body receives a confirmation operation of a user to the application request, the application program acquires an authorization permission of the system authority, acquires the use right of the system authority, monitors the use state of the system authority in real time, receives a closing operation of the authorization permission acquired by the user to the application program when the user needs to terminate the authorization permission acquired by the application program, triggers an instruction for terminating the authorization permission according to the closing operation, and terminates the authorization permission of the application program based on the instruction. Meanwhile, when an authorized permission to terminate the application program is indicated, an authorized termination time stamp is acquired.
In this implementation, the user can set the authorization permission of the system permission to close through the permission management of the application set by the existing system, and at this time, the system permission is in a state of losing permission for the application program. And the authorization termination time stamp is obtained, so that the state change of the system authority obtained by the application program is more transparent.
It should be noted that the method for authorizing permission or terminating authorization of system rights is a well-known technology widely studied and applied at present, and is not described herein again.
With further reference to fig. 6, a flow 600 of yet another embodiment of a method of private data protection is illustrated. The flow 600 of the private data protection method may further include the following steps:
step 610, a first selection control is presented.
The first selection control is used for receiving a switching instruction of a user for monitoring the system authority, and instructing to start or close the system authority monitoring system based on the selection operation of the user on the first selection control.
In this step, the execution subject may present the first selection control to the user through the system setup interactive interface.
Step 620, starting system authority monitoring in response to the received selection operation instruction of the user on the first selection control, and monitoring the authorization state of the system authority.
In this step, the execution main body starts system permission monitoring in response to the received selection operation instruction of the user on the first selection control, and monitors the authorization state of the system permission. And the execution main body receives a starting instruction triggered by the selection operation of the user on the first selection control, starts system authority monitoring according to the starting instruction and starts monitoring the authorization state of the system authority.
Step 630, in response to the received user's selection operation instruction on the first selection control, closing the system permission monitoring, and stopping monitoring the authorization state of the system permission.
In this step, the execution main body responds to the received selection operation instruction of the user on the first selection control to close the system authority monitoring, and stops monitoring the authorization state of the system authority. And the execution main body receives a closing instruction triggered by the selection operation of the user on the first selection control, closes the system authority monitoring according to the closing instruction and stops monitoring the authorization state of the system authority.
In this embodiment, the user may input a selection operation on the first selection control, and may freely select whether to start the system permission monitoring.
In some optional implementations of this embodiment, the method for protecting private data further includes the following steps: and presenting the use state of the system authority in response to receiving the viewing operation of the use state of the system authority.
The use states of the system authority include, but are not limited to, the following: a holding permission state, a start usage permission state, an in-use permission state, a stop usage permission state, and a lost permission state.
In this implementation, the execution subject presents the use state of the system permission in response to receiving the viewing operation for the use state of the system permission. The execution main body monitors the use state of the system authority in real time, records the timestamp corresponding to the change of various use states of the system authority, and can change the corresponding timestamp according to the various recorded use states and present the corresponding state of the system authority to the user when receiving the checking operation of the system authority input by the user.
In some optional implementations of this embodiment, presenting the usage state of the system permission may include at least one of:
1) Based on the authorization timestamp, a state of an authorized permission for the application to acquire system permissions is presented.
The application program initiates an application request for obtaining the use right of the system authority, and when a user selects and confirms authorization based on the application request, the application program obtains the authorization permission of the system authority, and the state of the system authority is a state of holding authority. When the application program obtains the authorization permission of the system permission, recording APP information and an authorization timestamp, and then when a user inputs a viewing operation, the execution main body presents the state that the application program obtains the authorization permission, namely presents the state that the APP holds the permission to the user according to the recorded authorization timestamp. The content presented may include an authorization timestamp, the name of the application, etc., e.g., 7, 30, 10, 2019: 00am, app1 obtains authorization for the microphone.
2) And presenting the state of the application program for starting to use the system authority and presenting the function of the application program for applying to use the system authority based on the first time stamp.
After the application program obtains the authorization permission of the system permission, the application program can use the system permission, when the situation that the application program starts to use the system permission is monitored, the state of the system permission is the state of the starting use permission, at the moment, a first time stamp of the starting use of the system permission is recorded, the function of applying for using the system permission in the application program is recorded, and then when a user inputs and checks operation, the execution main body presents the state of starting using the system permission of the application program and the function of applying for using the system permission to the user according to the recorded first time stamp. The presented content may include a first timestamp, a name of an application program, a function of applying for a right to use a system, and the like, for example, 7, 30, 11 in 2019: 00am, the recording function of app1 began using microphones.
3) Based on the second timestamp, a state is presented in which the application ceases using the system permissions.
After the application program starts to use the system authority, when the application program is monitored to stop using the system authority, the state of the system authority is the state of stopping using the system authority, a second time stamp of stopping using the system authority is recorded at the moment, and then when the user inputs viewing operation, the execution main body presents the state of stopping using the system authority by the application program to the user according to the recorded second time stamp. The content presented may include a second timestamp, the name of the application, etc., e.g., 7/month/30/11 in 2019: 30am, app1 stops using the microphone.
4) Based on the authorization expiration timestamp, a state is presented in which the application lost the authorized permission for the system privilege.
And the application program acquires the authorization permission of the system authority, and the state of the system authority is the state of holding the authority at the moment. When the user inputs the operation of ending the authorized permission, the authorized ending time stamp is recorded, and then when the user inputs the operation of viewing, the execution main body presents the state of the authorized permission of the application program losing the system permission, namely presents the state of the lost permission to the user according to the recorded authorized ending time stamp. The content presented may include an authorized termination timestamp, and the name of the application, etc., e.g., 12/7/30/2019: 00am, app1 loses authorized permission for the microphone.
In this implementation, based on the first timestamp and the second timestamp, a time at which the application program uses the system right may be determined, during which the system right is in the using right state.
In this implementation, the user may select to view the current usage state of the system permission, that is, the system permission may be currently in an in-use permission state or a lost permission state, for example, one of the above implementations.
In this implementation, the user may also select to view the historical usage of the system permission, and when the viewing operation input by the user is an operation of viewing the historical usage of the system permission, obtain the current timestamp, and present the historical usage to the user according to the timestamps corresponding to the recorded various usage state transitions, where the presented content may include the timestamps corresponding to the various usage state transitions, the name of the application program, the function of using the system permission, and the like, for example, in 2019, 30/7/10: 00AM, APP1 obtains the authorization permission of the microphone; 7/2019, 30/11: 00AM, the recording function of APP1 starts to use a microphone; 7/2019, 30/11: 30AM, APP1 stops using the microphone; 7/2019, 30/12: 00am, app1 loses authorized permission for the microphone.
The realization mode leads the user to clearly know the use condition of the system permission in various states by presenting the use state of the system permission to the user, and leads the use of the system permission to be more transparent.
With further reference to fig. 7, a flow 700 of yet another embodiment of a method of private data protection is illustrated. The flow 700 of the private data protection method may further include the following steps:
step 710, presenting a system permission list.
In this step, the execution subject may present the system permission list through a system setting interactive interface. The system permission list comprises a plurality of system permissions, the interactive interface can be displayed as a microphone, a camera, a position, a storage, a telephone, an address book, a calendar, information and the like, and a user can select the system permissions concerned by the user according to the system permissions in the system permission list.
Step 720, in response to receiving a selection operation of the user on one of the target system permissions presented in the system permission list, presenting a selection interface of the target system permission.
The selection interface is presented after the user selects the target system permission from the system permission list. The selection interface may include an application list and a second selection control list corresponding to the application list, where the application and the second selection control are in a one-to-one correspondence.
The second selection control is used for receiving a switch instruction of a user for monitoring the authority of the target system, the user can select the second selection control list corresponding to the application program list, and the user can select one or more of the second selection controls for selection operation. And indicating whether to start target system permission monitoring or not based on the selection operation of the user on the second selection control, and whether to monitor the use condition of the application program corresponding to the second selection control on the target system permission or not.
In this step, the execution subject presents a selection interface of the target system permission in response to receiving a selection operation of the user on one of the target system permissions presented in the system permission list. The execution main body receives the selection operation of the microphone input by the user, triggers a selection interface presentation instruction based on the selection operation, and presents the selection interface of the microphone to the user according to the selection interface presentation instruction.
Step 730, starting the target system permission monitoring in response to the received selection operation instruction of the user on the second selection control in the second selection control list, and monitoring the authorization state of the target system permission.
In this step, the execution subject starts the target system permission monitoring in response to the received selection operation instruction of the user on the second selection control in the second selection control list, and monitors the authorization state of the target system permission. The execution main body receives the selection operation of the user on one or more second selection controls, and triggers a starting instruction of target system permission monitoring based on the selection operation.
Fig. 8 shows a specific example, for example, a presented system permission list includes multiple system permissions, a target system permission selected in the system permission list by a user is a microphone, based on a selection operation of the user, a selection interface corresponding to the microphone is presented, an application program list is presented, the application program list includes APP1, APP2, APP3 and other application programs, where APP1 corresponds to one second selection control 810, APP2 corresponds to one second selection control 820, APP3 corresponds to one second selection control 830, and the user may select to start one or more system permission monitors according to his or her own will. When the user selects to open the operation to the second selection control 810 corresponding to APP1 and the second selection control 820 corresponding to APP2, selects to close the operation to the second selection control 830 corresponding to APP3, then the above-mentioned execution main body opens the monitoring of the permissions of the target systems corresponding to APP1 and APP2, start monitoring the authorization states of the permissions of the target systems corresponding to APP1 and APP2, and start monitoring the use of the permissions of APP1 and APP2 to the target systems, the above-mentioned execution main body closes the monitoring of the permissions of the target systems corresponding to APP3, and stop monitoring the authorization states of the permissions of the target systems corresponding to APP 3.
In this embodiment, the application program list corresponding to the target system permission and the corresponding second selection control list are displayed through selection of the user, the user can select a situation that the application program which the user wants to pay attention to uses the target system permission through interaction, and the method is more flexible.
In summary, the method described in the above embodiments may be applied to a mobile terminal, may also be applied to a scenario in which a wearable device is connected to the mobile terminal, and may also be applied to an internet of things (IOT) intelligent device.
As a specific example, when the watch and the mobile phone are interconnected, and the user goes out and runs and the mobile phone is inconvenient to carry around, the user starts the system permission monitoring of the mobile phone to monitor the use state of the system permission in the mobile phone, and the watch also receives a use notification and a quick selection control sent by the system permission monitoring. For example, when a child makes a call at home using a mobile phone and is using the system right of the phone, the watch of the user receives a use notification of the system right of the phone and a shortcut selection control to notify the user that the child is using the right of the phone to make an outgoing call. Under the condition that the user does not allow, the authorization permission of the telephone can be directly closed through the quick selection control displayed by the watch, and then the dialing of the mobile phone is hung up, so that the aim of remotely controlling the electronic equipment is fulfilled.
As a specific example, an internet of things (IOT) smart device may monitor a real-time use situation of a device for a system permission by starting a system permission monitoring mode, and although the IOT smart device does not have an interactive window for directly interacting with a user, the IOT smart device may be controlled by other control terminals (generally, mobile apps), so when a use state of the system permission of the IOT smart device is monitored to be transferred, the IOT smart device may send a use notification and a quick selection control to the control terminal through a network, thereby implementing real-time monitoring of the IOT smart device by the user. For example, when the IOT smart device is a smart device such as a home camera that has a high requirement on security level, when it is monitored that the device is using the camera, the user receives a usage notification of using the camera and a shortcut selection control, that is, receives a usage notification of accessing data using the camera. The user can identify whether the situation is the situation of the irregular operation or not by using the notification, and if the user identifies the situation of the irregular operation, the user can close the authorization permission of the camera by quickly selecting the control, so that the illegal intrusion can be prevented in real time by the control end, and the high security of the data is realized.
With further reference to fig. 9, as an implementation of the methods shown in the above-mentioned figures, the present application provides an embodiment of a privacy data protection apparatus, which corresponds to the method embodiment shown in fig. 2, and which is particularly applicable to various electronic devices.
As shown in fig. 9, the apparatus 900 of the present embodiment includes: a monitoring module 910 and a notification module 920. Wherein, the monitoring module 910 is configured to monitor an authorization status of the system authority, where the authorization status is used to indicate a range of the system authority permitting the application program in the system to be used; recording an authorization timestamp for the application program to acquire the authorization permission in response to monitoring the authorization permission for the application program to acquire the system permission; monitoring the current use state of the system authority in real time based on the authorization timestamp; a notification module 920 configured to send a usage notification that the application is using the system right to the user in response to monitoring that the current usage state of the system right is the in-use state.
In some optional implementations of this embodiment, the notification module 920 is further configured to: responding to the current use state of the system permission monitored to be the use state, and acquiring the current operation state of the system; in response to determining that the current operational state of the system is a standby state, a usage notification is displayed.
In some optional implementations of this embodiment, the notification module 920 is further configured to: in response to determining that the current running state of the system is the awakening state, checking whether the application program is in a foreground application state; in response to determining that the application is not in the foreground application state, a usage notification is displayed via a notification bar.
In some optional implementations of this embodiment, the notification module 920 is further configured to: in response to determining that the application is in the foreground application state, an icon of the system privilege is presented through the notification bar to display the usage notification.
In some optional implementations of the present embodiment, the monitoring module 910 is further configured to: and acquiring a first time stamp of the application program for starting to use the system authority and a function of the application program for applying to use the system authority.
In some optional implementations of this embodiment, the monitoring module 910 is configured to: and in response to monitoring that the current use state of the system authority is the use stop state, acquiring a second timestamp of the application program stopping using the system authority, and stopping presenting the use notification.
In some optional implementations of the embodiment, the monitoring module 910 is configured to obtain an authorization expiration timestamp of the system permission in response to the received close operation indication for the authorization permission to expire the authorization permission of the application.
In some optional implementations of this embodiment, the monitoring module 910 is configured to start the system permission monitoring system in response to the received selection operation instruction of the user on the first selection control, and monitor an authorization state of the system permission; the first selection control is used for receiving a switching instruction of a user for monitoring the system authority.
In some optional implementations of the present embodiment, the monitoring module 910 is further configured to stop monitoring the authorization status of the system permission in response to the received user selection operation on the first selection control indicating to turn off the system permission monitoring.
In some optional implementations of this embodiment, the apparatus further includes: a display module configured to: and presenting the use state of the system authority in response to receiving the viewing operation of the use state of the system authority.
In some optional implementations of this embodiment, the display module is further configured to: presenting a state of an authorization permission for the application to acquire the system permission based on the authorization timestamp; presenting the state that the application program starts to use the system authority and presenting the function that the application program applies for using the system authority based on the first time stamp; presenting a state in which the application stops using the system right based on the second timestamp; based on the authorization expiration timestamp, a state is presented in which the application lost the authorized permission for the system privilege.
In some optional implementations of this embodiment, the display module is configured to: presenting a system permission list; in response to receiving a selection operation of a user on one target system permission presented by the system permission list, presenting a selection interface of the target system permission, wherein the selection interface presents an application program list corresponding to the target system permission; a monitoring module configured to: starting target system permission monitoring in response to the received selection operation instruction of the user on the second selection control in the second selection control list, and monitoring the authorization state of the target system permission; the second selection control is used for receiving a switch instruction of a user for monitoring the authority of the target system.
Those skilled in the art will appreciate that the above-described apparatus may also include some other well-known structure, such as a processor, memory, etc., which is not shown in fig. 9 in order not to unnecessarily obscure embodiments of the present disclosure.
Referring now to fig. 10, a schematic diagram of an electronic device (e.g., terminal device of fig. 1) 1000 suitable for use in implementing embodiments of the present disclosure is shown. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a PAD (tablet computer), a PMP (portable multimedia player), a car terminal (e.g., car navigation terminal), and the like, and a fixed terminal such as a digital TV, a desktop computer, and the like. The terminal device shown in fig. 10 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 10, the electronic device 1000 may include a processing means (e.g., a central processing unit, a graphics processor, etc.) 1001 that may perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 1002 or a program loaded from a storage means 1008 into a Random Access Memory (RAM) 1003. In the RAM 1003, various programs and data necessary for the operation of the electronic apparatus 1000 are also stored. The processing device 1001, the ROM 1002, and the RAM 1003 are connected to each other by a bus 1004. An input/output (I/O) interface 1005 is also connected to bus 1004.
Generally, the following devices may be connected to the I/O interface 1005: input devices 1006 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 1007 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage devices 1008 including, for example, magnetic tape, hard disk, and the like; and a communication device 1009. The communications apparatus 1009 may allow the electronic device 1000 to communicate wirelessly or by wire with other devices to exchange data. While fig. 10 illustrates an electronic device 1000 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may be alternatively implemented or provided. Each block shown in fig. 10 may represent one device or may represent multiple devices as desired.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication means 1009, or installed from the storage means 1008, or installed from the ROM 1002. The computer program, when executed by the processing device 1001, performs the above-described functions defined in the methods of the embodiments of the present disclosure. It should be noted that the computer readable medium described in the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: monitoring the authorization state of the system authority, wherein the authorization state is used for indicating the range of the application program use in the system permission system; in response to monitoring the authorization permission of the application program for obtaining the system permission, obtaining an authorization timestamp of the application program for obtaining the authorization permission; monitoring the current use state of the system authority in real time based on the authorization timestamp; and in response to monitoring that the current use state of the system authority is the in-use state, sending a use notice that the application program is using the system authority to the user.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) the features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (26)

1. A method of privacy data protection, the method comprising:
monitoring the authorization state of system authority, wherein the authorization state is used for indicating the range of application program usage in the system permitted by the system authority;
recording an authorization timestamp for an application program to acquire an authorization permission of the system permission in response to monitoring the authorization permission for the application program to acquire the system permission;
monitoring the current use state of the system authority in real time based on the authorization timestamp;
and in response to monitoring that the current use state of the system authority is a use state, sending a use notification that the application program is using the system authority to a user.
2. The method of claim 1, wherein said sending a usage notification to a user that the application is using the system privilege in response to monitoring a current usage state of the system privilege as a usage state comprises:
responding to the current use state of the system permission monitored to be the use state, and acquiring the current operation state of the system;
displaying the usage notification in response to determining that the current operating state of the system is a standby state.
3. The method of claim 2, wherein said sending a usage notification to a user that the application is using the system privilege in response to monitoring a current usage state of the system privilege as a in-use state further comprises:
in response to determining that the current running state of the system is the awakening state, judging whether the application program is in a foreground application state;
in response to determining that the application is not in a foreground application state, displaying the usage notification via a notification bar.
4. The method of claim 3, wherein said sending a usage notification to a user that the application is using the system privilege in response to monitoring a current usage state of the system privilege as a usage state, further comprises:
in response to determining that the application is in a foreground application state, presenting an icon of the system privilege through the notification bar to display the usage notification.
5. The method of claim 1, said sending a usage notification to a user that the application is using the system privilege in response to monitoring a current usage state of the system privilege as being in use, further comprising: and acquiring a first timestamp for starting the application program to use the system authority and a function for applying the application program to use the system authority.
6. The method of claim 5, wherein the method further comprises:
and in response to monitoring that the current use state of the system authority is a stop use state, acquiring a second timestamp for stopping the application program from using the system authority, and stopping presenting the use notification.
7. The method of claim 6, wherein the method further comprises:
and acquiring an authorization termination timestamp of the system authority in response to the received closing operation of the authorization permission indicating that the authorization permission of the application program is terminated.
8. The method of claim 7, wherein the method further comprises:
presenting a first selection control, wherein the first selection control is used for receiving a switching instruction of a user for monitoring the system authority;
the authorization status of the monitoring system authority includes:
and starting system authority monitoring in response to the received selection operation instruction of the user on the first selection control, and monitoring the authorization state of the system authority.
9. The method of claim 8, wherein the method further comprises:
and stopping monitoring the authorization state of the system authority in response to the received instruction of the user for selecting the first selection control to close the system authority monitoring.
10. The method of claim 9, wherein the method further comprises:
presenting the use state of the system right in response to receiving a viewing operation of the use state of the system right.
11. The method of claim 10, wherein the presenting the usage status of the system privilege comprises at least one of:
presenting a state of the application program for obtaining the authorization permission of the system authority based on the authorization timestamp;
based on the first time stamp, presenting the state that the application program starts to use the system authority, and presenting the function that the application program applies to use the system authority;
presenting a state in which the application stops using the system right based on the second timestamp;
presenting a state in which the application loses the authorized permission of the system right based on the authorization expiration timestamp.
12. The method according to one of claims 1-11, wherein the method further comprises:
presenting a system permission list;
in response to receiving a selection operation of the user on one target system permission presented by the system permission list, presenting a selection interface of the target system permission, wherein the selection interface presents an application program list corresponding to the target system permission and a second selection control list corresponding to the application program list;
starting the target system permission monitoring in response to the received selection operation instruction of the user on a second selection control in the second selection control list, and monitoring the authorization state of the target system permission;
and the second selection control is used for receiving a switch instruction of the user for monitoring the authority of the target system.
13. A private data protection apparatus comprising:
a monitoring module configured to monitor an authorization status of a system authority, wherein the authorization status is used for indicating a range of application program usage in the system permission system; recording an authorization timestamp for an application program to acquire an authorization permission of the system permission in response to monitoring the authorization permission for the application program to acquire the system permission; monitoring the current use state of the system authority in real time based on the authorization timestamp;
a notification module configured to send a usage notification to a user that the application is using the system privilege in response to monitoring that the current usage state of the system privilege is a usage state.
14. The apparatus of claim 13, wherein the notification module is further configured to:
responding to the current use state of the system permission monitored to be the use state, and acquiring the current operation state of the system;
displaying the usage notification in response to determining that the current operating state of the system is a standby state.
15. The apparatus of claim 14, wherein the notification module is further configured to:
in response to determining that the current running state of the system is an awakening state, checking whether the application program is in a foreground application state;
in response to determining that the application is not in the foreground application state, displaying the usage notification via a notification bar.
16. The apparatus of claim 15, wherein the notification module is further configured to:
in response to determining that the application is in a foreground application state, presenting an icon of the system privilege through the notification bar to display the usage notification.
17. The apparatus of claim 13, wherein the monitoring module is further configured to:
and acquiring a first timestamp for starting the application program to use the system authority and a function for applying the application program to use the system authority.
18. The apparatus of claim 17, wherein the monitoring module is further configured to: and in response to monitoring that the current use state of the system authority is a stop use state, acquiring a second timestamp for stopping the application program from using the system authority, and stopping presenting the use notification.
19. The apparatus of claim 18, wherein the monitoring module is configured to obtain an authorization expiration timestamp of the system privilege in response to the received close operation on the authorization permission indicating expiration of the authorization permission for the application program.
20. The apparatus of claim 19, wherein the apparatus further comprises: a display module;
the display module is configured to present a first selection control, wherein the first selection control is used for receiving a switch instruction of a user for monitoring the system authority;
the monitoring module is configured to respond to the received selection operation instruction of the user on the first selection control to start a system authority monitoring system and monitor the authorization state of the system authority.
21. The apparatus of claim 20, wherein the monitoring module is further configured to stop monitoring the authorization status of the system privilege in response to the received user selection of the first selection control indicating that the system privilege monitoring is turned off.
22. The apparatus of claim 21, wherein the display module is configured to: presenting the use state of the system right in response to receiving a viewing operation of the use state of the system right.
23. The apparatus of claim 22, wherein the display module is further configured to at least one of:
presenting a state of the application program for obtaining the authorization permission of the system authority based on the authorization timestamp;
based on the first time stamp, presenting the state that the application program starts to use the system authority, and presenting the function that the application program applies to use the system authority;
presenting a state in which the application stops using the system right based on the second timestamp;
presenting a state in which the application loses the authorized permission of the system right based on the authorization expiration timestamp.
24. The apparatus of one of claims 20-23,
the display module configured to: presenting a system permission list;
the display module further configured to: in response to receiving a selection operation of the user on one target system permission presented by the system permission list, presenting a selection interface of the target system permission, wherein the selection interface presents an application program list corresponding to the target system permission;
the monitoring module configured to: starting the target system permission monitoring in response to the received selection operation instruction of the user on a second selection control in a second selection control list, and monitoring the authorization state of the target system permission;
the second selection control is used for receiving a switch instruction of the user for monitoring the target system authority.
25. An electronic device/terminal/server comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-12.
26. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-12.
CN201910827242.0A 2019-09-03 2019-09-03 Private data protection method and device Active CN110532803B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910827242.0A CN110532803B (en) 2019-09-03 2019-09-03 Private data protection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910827242.0A CN110532803B (en) 2019-09-03 2019-09-03 Private data protection method and device

Publications (2)

Publication Number Publication Date
CN110532803A CN110532803A (en) 2019-12-03
CN110532803B true CN110532803B (en) 2023-03-24

Family

ID=68666407

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910827242.0A Active CN110532803B (en) 2019-09-03 2019-09-03 Private data protection method and device

Country Status (1)

Country Link
CN (1) CN110532803B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112199255A (en) * 2020-10-15 2021-01-08 Oppo广东移动通信有限公司 Authority use monitoring method, device, equipment and storage medium
CN116720172B (en) * 2023-08-07 2024-01-30 四川神州行网约车服务有限公司 Verification method and device for system permission, computer equipment and readable storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105072255A (en) * 2015-07-10 2015-11-18 北京奇虎科技有限公司 Mobile equipment privacy authority control method, mobile equipment privacy authority control device and corresponding mobile phone equipment
CN110191465A (en) * 2019-06-03 2019-08-30 努比亚技术有限公司 Authority control method, mobile terminal and computer readable storage medium

Also Published As

Publication number Publication date
CN110532803A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
EP3188066B1 (en) A method and an apparatus for managing an application
US20170048305A1 (en) Method, apparatus and computer-readable medium for displaying multimedia information in an application client
EP2998899A1 (en) Method and apparatus for running application program
US20170060566A1 (en) Method and device for installing plug-in of smart device
EP3407189B1 (en) Application distribution method and device
CN110471738B (en) Theme switching method and device of application program, electronic equipment and storage medium
CN110851863B (en) Application program authority control method and device and electronic equipment
CN110532803B (en) Private data protection method and device
US10642662B2 (en) Method for application action synchronization, terminal device, and storage medium
US20140082611A1 (en) Apparatus and method for monitoring application permissions
KR20150122051A (en) Method, device and system for event reminding
CN107493284B (en) Account login method and device
CN107612888B (en) Enterprise user space creation method and device
CN107368736B (en) Information access method, device and computer readable storage medium
CN110134480B (en) User trigger operation processing method and device, electronic equipment and storage medium
CN109656667A (en) Implementation method, device, equipment and the medium of suspended window in a kind of client
CN111177732B (en) System debugging mode control method and system and electronic equipment
CN112163192A (en) root authority acquisition method, root authority acquisition device, root authority acquisition medium and electronic equipment
EP3923135A1 (en) Method and device for processing information, and storage medium
CN115758425A (en) Security access control method and device and readable storage medium
CN106354595B (en) Mobile terminal, hardware component state detection method and device
CN115604132A (en) Remote control method and device for server, electronic equipment and readable storage medium
CN113496039A (en) Authority management method and terminal
CN113806161A (en) Application access method, application access device and storage medium
CN110633566A (en) Intrusion detection method, device, terminal equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant