CN110830262B

CN110830262B - Authorization management method and electronic equipment

Info

Publication number: CN110830262B
Application number: CN201911039627.7A
Authority: CN
Inventors: 周长青
Original assignee: Vivo Mobile Communication Co Ltd
Current assignee: Vivo Mobile Communication Co Ltd
Priority date: 2019-10-29
Filing date: 2019-10-29
Publication date: 2022-11-01
Anticipated expiration: 2039-10-29
Also published as: CN110830262A

Abstract

The embodiment of the invention provides an authorization management method and electronic equipment, relates to the technical field of communication, and aims to solve the problem that the process of inputting fingerprint information, face information and the like of family members, friends and the like into the electronic equipment is complicated. The authorization management method comprises the following steps: receiving a first input in the case of receiving an access request of a target device; responding to the first input, and establishing a transmission channel with the target device; acquiring first biological characteristic information sent by the target equipment based on the transmission channel; under the condition that a first user accesses an electronic device, acquiring biological characteristic information of the first user; authorizing the first user to access the electronic device if the biometric information of the first user matches the first biometric information. The authorization management method in the embodiment of the invention is applied to the electronic equipment.

Description

Authorization management method and electronic equipment

Technical Field

The embodiment of the invention relates to the technical field of communication, in particular to an authorization management method and electronic equipment.

Background

In the current era of developed communication technology, electronic equipment is inseparable from people's lives. In general, people inevitably record some personal privacy in the electronic device during the use of the electronic device. In order to avoid personal privacy disclosure, a user can perform encryption protection on the electronic equipment by setting modes such as fingerprint identification and facial identification.

In general, electronic devices used for each other are often used in a specific group, such as a group with a relatively close relationship, such as family and friends. In order to avoid that the user frequently helps family, friends and the like to unlock the electronic device, the user may allow some people to enter fingerprint information, face information and the like in the electronic device of the user.

However, the process of inputting fingerprint information, face information, and the like of family members, friends, and the like into the electronic device is complicated.

Disclosure of Invention

The embodiment of the invention provides an authorization management method and electronic equipment, and aims to solve the problem that the process of inputting fingerprint information, face information and the like of family, friends and the like into the electronic equipment is complicated.

In order to solve the technical problem, the invention is realized as follows:

the embodiment of the invention provides an authorization management method, which is applied to electronic equipment and comprises the following steps: receiving a first input in the case of receiving an access request of a target device; responding to the first input, and establishing a transmission channel with the target device; acquiring first biological characteristic information sent by the target equipment based on the transmission channel; under the condition that a first user accesses the electronic equipment, acquiring biological characteristic information of the first user; authorizing the first user to access the electronic device if the first user's biometric information matches the first biometric information.

An embodiment of the present invention further provides an electronic device, including: the first input receiving module is used for receiving a first input under the condition that an access request of a target device is received; the first input response module is used for responding to the first input and establishing a transmission channel with the target equipment; the first acquisition module is used for acquiring first biological characteristic information sent by the target equipment based on the transmission channel; the second acquisition module is used for acquiring the biological characteristic information of the first user under the condition that the first user accesses the electronic equipment; an authorization access module to authorize the first user to access the electronic device if the biometric information of the first user matches the first biometric information.

An embodiment of the present invention further provides an electronic device, which includes a processor, a memory, and a computer program stored in the memory and executable on the processor, where the computer program implements the steps of the authorization management method when executed by the processor.

An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the authorization management method are implemented.

Thus, in the embodiment of the present invention, the electronic devices of both parties can send the access request to the other party through functions such as an authorization application, so that any electronic device can serve as a receiving end after receiving the access request, and further, a user of the receiving end authorizes a target device (i.e., a sending end) sending the access request to access the electronic device of the receiving end through the first input. After authorization, a transmission channel is established between the receiving end and the sending end, so that the receiving end can receive first biological characteristic information sent by the sending end through the transmission channel, wherein the first biological characteristic information is defaulted to be biological characteristic information of a user at the sending end. After that, when accessing the electronic device of the receiving end, the sending end user can input the own biological characteristic information, and the receiving end prestores the biological characteristic information of the sending end user, so that the electronic device of the receiving end can be matched based on the biological characteristic information input by the sending end user, and after the matching is successful, the unlocking is completed, and the sending end user can use the electronic device. Therefore, based on the authorization management method in the embodiment, when users mutually use electronic devices, the users are prevented from frequently unlocking the devices for others and inputting own information into the devices of others, so that the complicated operation among the users is simplified, and meanwhile, the biological characteristic information among the users can be effectively protected.

Drawings

FIG. 1 is one of the flow charts of the authorization management method of the embodiment of the invention;

FIGS. 2-11 are schematic diagrams of a device display interface according to an embodiment of the invention;

FIG. 12 is a second flowchart of an authorization management method according to an embodiment of the invention;

FIG. 13 is a schematic view of a device display interface according to an embodiment of the invention;

FIG. 14 is a third flowchart of an authorization management method according to an embodiment of the invention;

FIGS. 15-17 are schematic diagrams of a device display interface according to an embodiment of the invention;

FIG. 18 is a fourth flowchart of an authorization management method according to an embodiment of the invention;

FIG. 19 is a fifth flowchart of an authorization management method according to an embodiment of the invention;

FIG. 20 is one of the block diagrams of an electronic device of an embodiment of the invention;

fig. 21 is a second block diagram of the electronic device according to the embodiment of the invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Referring to fig. 1, a flowchart of an authorization management method according to an embodiment of the present invention is shown, and applied to an electronic device, the method includes:

step S1: in the event that an access request is received for a target device, a first input is received.

As described in the background art, the present embodiment may be applied to some specific usage scenarios, such as scenarios in which electronic devices of each other are frequently used in relatively close groups such as family members and friends, and any user except the user of the device may send an access request to the electronic device in the present embodiment through their respective devices.

Preferably, the present embodiment can be implemented based on an authorization application function built in the electronic device.

Referring to fig. 2 to 6, for example, the target device in the embodiment is set to be an a mobile phone, and the electronic device applied to the target device is set to be a B mobile phone. The user of the mobile phone A is the user A, and the user A corresponds to the user A in the authorization application; the user of the mobile phone B is the user B, and in the authorization application, the user B corresponds to the user B.

As shown in fig. 2, in the a-cell phone authorization application, the a-user sends an access request to other users of the authorization application by inputting an option of "request authorization".

Further, as shown in fig. 3, in the a-handset authorization application, the a-user sends an access request to the B-user through input of an option of "B-user".

Further, as shown in fig. 4, in the a handset authorization application, an interface of "waiting for B user authorization" is entered.

As shown in fig. 5, in the B-cell phone authorization application, the B-user views access requests sent by other users of the authorization application through inputting an option of "to be authorized".

As shown in fig. 6, in the B-cell phone authorization application, in the case of receiving the access request sent by the a-user, the B-user authorizes the access request sent by the a-user through the input of the option "authorize the a-user".

Thus, in this step, the first input is used to authorize the access request sent by the target device. Preferably, a first input is received from a user of the electronic device.

Wherein the first input comprises at least one of a touch gesture action and an air gesture action; and the first input comprises at least one gesture motion, and the form of each gesture motion is not limited, so that the specific implementation manner is adopted.

Illustratively, in the above example, the first input includes at least: the user B inputs the option of 'waiting for authorization' and inputs the option of 'authorizing the user A'.

It should be noted that, the user of the electronic device may also reject the access request sent by the authorization target device through other input manners, which is not described herein again.

In addition, it is worth mentioning that, in this embodiment, the electronic device is used as a carrier, and a detailed description is given for a scenario in which the electronic device receives an access request sent by a target device. In more scenarios, the electronic device in this embodiment may also send an access request to other devices.

Step S2: and responding to the first input, and establishing a transmission channel with the target device.

In this step, in order to avoid information leakage between the electronic device and the target device, a separate transmission channel is established with the target device in a case where the electronic device authorizes the target device to access.

Preferably, the two devices can be identified based on the unique identification code information of the two devices, the user information of the authorized application, the system account information bound with the devices, the telephone number information bound with the devices, and the like, so as to establish a transmission channel between the two devices.

And step S3: the method comprises the steps of obtaining first biological characteristic information sent by target equipment based on a transmission channel.

After a transmission channel is established between the electronic equipment and the target equipment, the target equipment can send the first biological characteristic information recorded in the target equipment to the electronic equipment through the transmission channel. Thus, in this step, the electronic device may receive the first biometric information transmitted by the target device.

Preferably, the first biometric information is biometric information of a user of the target device.

Generally, in order to protect the privacy of individuals in the devices, each user's device has entered its own biometric information as unlocking information. Therefore, in this step, the target device may directly acquire the entered user biometric information as the first biometric information.

Continuing with fig. 7-11. As shown in fig. 7, after the B user authorizes the access request sent by the a user, in the a-cell phone authorization application, the a user determines that the first biometric information to be sent includes "face a" and "fingerprint a" through input of the option of "face a" and "fingerprint a", and the a user further sends "face a" and "fingerprint a" through input of the option of "send".

As shown in fig. 8, in the a-cell phone authorization application, "face a" and "fingerprint a" are sent to the B-user through the transmission channel as the biometric information of the a-user.

As shown in fig. 9, in the a-cell phone authorization application, after the "face a" and the "fingerprint a" are transmitted to the B-user through the transmission channel, the "transmission success" is displayed.

As shown in fig. 10, in the B-cell phone authorization application, after the B-user authorizes the access request sent by the a-user, the B-user waits to receive the biometric information of the a-user.

As shown in fig. 11, in the B-cell phone authorization application, after the biometric information of the a-user is transmitted to the B-user through the transmission channel, "reception completion" is displayed, so that in this step, the biometric information (first biometric information) of the a-user transmitted by the a-cell phone (target device) based on the transmission channel is acquired.

In addition, it is worth mentioning that, in the present embodiment, the electronic device is used as a carrier, and a detailed description is made for a scenario in which the electronic device receives an access request sent by a target device. In more scenarios, the electronic device in this embodiment may also send an access request to another device, and further, after the other party authorizes the access request, the biometric information to be sent may also be selected.

And step S4: in a case where a first user accesses an electronic device, biometric information of the first user is acquired.

The first user may be any user, including a user of the electronic device, a user of the target device, and the like.

Preferably, when the first user accesses the electronic device, the first user typically inputs his/her biometric information to unlock the electronic device, so that the biometric information input by the first user is acquired in this step.

Step S5: in the event that the biometric information of the first user matches the first biometric information, the first user is authorized to access the electronic device.

After the biometric information of the first user is obtained, the biometric information of the first user is compared with all the biometric information stored in the electronic equipment, and the first user can be authorized to access the electronic equipment under the condition that the biometric information of the first user is matched with any one piece of biometric information stored in the electronic equipment, namely the electronic equipment completes unlocking based on the biometric information input by the first user.

In particular, in this embodiment, the first user is preferably a user of the target device, so that the biometric information input by the first user can be compared and matched based on the first biometric information acquired by the electronic device, and if the matching is successful and the identity authentication is completed, the first user is allowed to access the electronic device.

Thus, in the embodiment of the present invention, the electronic devices of both parties can send an access request to the other party through functions such as an authorization application, so that any electronic device can serve as a receiving end after receiving the access request, and further, a user of the receiving end authorizes a target device (i.e., a sending end) sending the access request to access the electronic device of the receiving end through the first input. After authorization, a transmission channel is established between the receiving end and the sending end, so that the receiving end can receive first biological characteristic information sent by the sending end through the transmission channel, wherein the first biological characteristic information is defaulted to be biological characteristic information of a user at the sending end. After that, when accessing the electronic device at the receiving end, the sending end user can input own biological feature information, and the receiving end prestores the biological feature information of the sending end user, so that the electronic device at the receiving end can be matched based on the biological feature information input by the sending end user, and after the matching is successful, the unlocking is completed, and the sending end user can use the electronic device. Therefore, based on the authorization management method in the embodiment, when users mutually use electronic devices, the users are prevented from frequently unlocking the devices for others and inputting own information into the devices of others, so that the complicated operation among the users is simplified, and meanwhile, the biological characteristic information among the users can be effectively protected.

On the basis of the embodiment shown in fig. 1, fig. 12 shows a flowchart of an authorization management method according to another embodiment of the present invention, and step S2 includes:

step S21: in response to the first input, second biometric information is obtained along with the timestamp information.

Step S22: and generating key information according to the second biological characteristic information and the time stamp information.

Step S23: and establishing a transmission channel with the target equipment according to the key information.

In the present embodiment, in order to prevent leakage of information transmitted between the electronic device and the target device, the transmission channel is encrypted and protected.

Generally, in order to protect the privacy of individuals in the devices, each user's device has entered its own biometric information as unlocking information. Preferably, in this step, the second biometric information is preferably biometric information of a user of the electronic device.

In addition, the second biometric information and the time stamp information can be acquired simultaneously, and the time stamp information and the second biometric information are combined to generate key information.

Preferably, to embody the transmission relationship between the electronic device and the target device, timestamp information may be associated with the access request. For example, the timestamp information corresponds to the generation time of the access request; the timestamp information corresponds to an authorization time of the access request; the timestamp information corresponds to the current time; and so on.

Therefore, the key information and the transmission channel have the unique corresponding relation, the electronic equipment can serve as an authorization key after generating the key information and sends the key information to the target equipment through the transmission channel, the target equipment identifies the transmission channel between the target equipment and the electronic equipment after obtaining the authorization key, and the first biological characteristic information can be safely sent to the electronic equipment.

According to the transmission channel established based on the key information, all information transmitted inside the transmission channel can be automatically encrypted according to the key information, so that the information of the two devices can be effectively protected.

Preferably, the key information generated based on one-time access request has timeliness, so that the information protection of the two devices is further enhanced.

For example, referring to fig. 13, in the B-cell phone authorization application, the B-user enters the authorization after inputting the option of "authorize a-user", and in the process, the biometric information of the B-user is acquired. The B user's biological characteristic information comprises the B user's face and the B user's fingerprint.

Further, the mobile phone B generates an authorization key according to the face of the user B and the fingerprint of the user B, and by combining the timestamp, the authorization key is obtained by processing the face of the user B, the fingerprint of the user B and the timestamp through a fifth version of a Digest Algorithm (MD 5), and then generating a first formula, where the first formula is: MD5 (face + fingerprint + timestamp).

Referring to fig. 7, in the a-cell phone authorization application, the authorization key may be obtained, so that the a-user may confirm the B-user and then select to send the corresponding biometric information.

Preferably, the key information in this embodiment is used to secure communications between two devices, and has uniqueness. In a specific implementation, the key information may be generated according to the biometric information of the user in combination with the timestamp, and in addition, more forms of unique key information may also be generated, such as a digital combination, and the like.

In this embodiment, in order to avoid the phenomenon of information leakage occurring between the two parties in the process of transmitting information when the electronic device authorizes the access request of the target device, unique key information may be generated according to the biometric information of the user of the electronic device in combination with the timestamp information associated with the access request of this time, so as to encrypt and protect the transmission channel established between the two parties, so that the transmission channel itself and all information transmitted therein are encrypted and protected, and then the electronic device may decrypt and store in the local end after receiving the first biometric information. Therefore, the method and the device for processing the information of the mobile terminal further ensure the information safety among the users while simplifying the complicated operation among the users.

On the basis of the embodiment shown in fig. 1, fig. 14 is a flowchart illustrating an authorization management method according to another embodiment of the present invention, and after step S3, the method further includes:

step S6: a second input of the first biometric information is received.

Step S7: in response to the second input, a first account number corresponding to the first biometric information is created.

Wherein the second input comprises at least one of a touch gesture action and a clear gesture action; and the second input comprises at least one gesture motion, and the form of each gesture motion is not limited, subject to the specific implementation manner.

Preferably, a second input is received from a user of the electronic device.

After receiving the first biometric information, the user of the electronic device may create a first account corresponding to the first biometric information for the first biometric information.

Preferably, the first account may be a temporary account, and the user of the electronic device may perform different settings for the temporary account to distinguish the account of the user of the electronic device.

Step S8: and authorizing the target access authority and/or the target access duration of the first account in the electronic equipment.

In this step, an actual authorization condition may be set for at least one of a target access right and a target access duration of the first account in the electronic device.

The target access authority includes an accessible application authority and an associated system function authority which each application allows to access, wherein the associated system function authority includes a positioning authority, a camera authority, a storage authority, a telephone authority and the like.

The target access duration comprises a single duration, a deadline duration, an access duration of a specified application and the like, wherein the single duration, the deadline duration and the access duration of the specified application can be used for the first account to access the electronic equipment. For example, the first account may be set to access the electronic device for 30 minutes each time, the first account may only access the electronic device within one month, the first account may access a certain application for 30 minutes each time, and so on.

Referring to fig. 15, for example, in a B-cell phone authorization application, after receiving complete "face a" and "fingerprint a", the B-user may add the account number of the a-user to the temporary account list. The temporary account list in the figure has included accounts of "X users" and accounts of "Y users". When the user A uses the mobile phone B, the system can firstly acquire the fingerprint and the face information of the temporary user from the authorization application and compare the fingerprint and the face information with the current user, and if the fingerprint and the face information are successfully compared, the user is unlocked.

Referring to fig. 16, for example, in the B-cell phone authorization application, after the account of the a-user is created, a list of applications accessible by the a-user and a duration of time each application is accessible may be set for the account of the a-user.

Referring to fig. 17, for example, in a B-cell phone authorization application, for applications accessible by the account of the a-user, relevant system function permissions that the applications allow to access when the a-user accesses the applications may be set.

When the user A uses the mobile phone B, the system firstly obtains the fingerprint and the face information of the temporary user from the authorization application and compares the fingerprint and the face information with the current user, and if the fingerprint and the face information are successfully compared, the user is unlocked, and the related authority of the temporary user is loaded.

Preferably, in this embodiment, a plurality of temporary account numbers may be set, each account number corresponds to unique biometric information, and a user of the electronic device may set different access rights for different account numbers. Therefore, by generating the temporary account number mode, the limited access device functions and applications can be operated, a plurality of temporary account numbers can be set, each account number is similar to a role, and an authorization code and a temporary account number relation are established, wherein the authorization code is similar to personnel, so that the requirement of the user of the electronic device for setting the individuation of different account numbers is met while complicated operations among the users are simplified, and the privacy leakage of the user of the electronic device is effectively avoided.

It should be noted that, in the foregoing embodiment, the key information is mentioned, in different scenarios, the target devices are different, the event times are different, and the generated key information is different, so that the biometric information received by the electronic device necessarily corresponds to unique key information, that is, a unique "authorization code", and therefore this embodiment may also be understood as that the account number, the biometric information, and the authorization code have a unique corresponding relationship.

In this embodiment, a temporary account is created for the first biometric information, a login user is authorized to use the temporary account, and a system access permission is set for the temporary account, so that the control capability of the electronic device on the temporary account permission is realized, and the system security is in the owner controllable range. Wherein, for the temporary account, an accessible application list can be set, an authorization expiration time can be set, and the like.

On the basis of the embodiment shown in fig. 14, fig. 18 is a flowchart illustrating an authorization management method according to another embodiment of the present invention, and in a case that the step S8 authorizes the first account to have a target access right of the electronic device, after the step S8, the method further includes:

step S9: target program usage data corresponding to the target access rights is obtained.

Step S10: and saving the target program use data to a target storage area of the electronic equipment.

In this step, the target access rights include application rights, system function rights, and the like, and thus, the target program usage data includes corresponding application usage data, system function usage data, and the like.

In order to better protect the privacy of the owner, a new storage area can be opened up for the applications, system functions and the like which are allowed to be accessed, and the new storage area is used for storing the data generated by the applications, system functions and the like in the running process, so that the related data of the applications, system functions and the like are prevented from being mixed with other data which are not allowed to be accessed, and all data in the electronic equipment are effectively prevented from being shared with others.

In particular, corresponding storage areas can be opened up for different account numbers respectively. And for each storage area, only the target program use data authorized to be accessed by the corresponding account can be stored, so that data sharing among multiple persons is effectively avoided.

In this embodiment, for the setting condition of the user of the electronic device for the authorization permission of the temporary account, the program usage data related to the authorization permission may be stored in a region in a centralized manner, so as to facilitate data reading for different accounts, thereby avoiding other users from sharing user data of the electronic device, and avoiding other users from sharing data with each other, thereby providing a safe and convenient data sharing mode for the user of the electronic device.

On the basis of the embodiment shown in fig. 1, fig. 19 is a flowchart showing an authorization management method according to another embodiment of the present invention, further including:

step S11: an access request is sent to the target device.

Step S12: in the event that the target device authorizes the access request, a third input is received.

Step S13: in response to the third input, third biometric information corresponding to the third input is obtained.

Step S14: and transmitting the third biological characteristic information to the target device.

Wherein the third input comprises at least one of a touch gesture action and a clear gesture action; and the third input comprises at least one gesture motion, and the form of each gesture motion is not limited, subject to the specific implementation manner.

In this embodiment, the electronic device may act as a party that sends the access request, and the target device is a party that receives the access request. Based on the foregoing embodiment, the target device may authorize the electronic device to access the request, so that the user of the electronic device may determine, through the third input, the third biometric information to send to the target device, and further, under the condition that the third biometric information is prestored in the target device, the user of the electronic device may access the target device without entering the own biometric information in the target device as the unlocking information or requesting the user of the target device to assist in unlocking, thereby simplifying cumbersome operations among users.

The third biometric information is preferably biometric information of a user of the electronic device.

Preferably, the biometric information includes at least one of fingerprint information and facial information.

The biometric information in the embodiment of the invention is used for unlocking the electronic equipment, so that the biometric information can be used as the unlocking information by default. In addition, the unlocking information may further include password information, and the embodiment of the present invention preferably acquires biometric information in the unlocking information.

It should be noted that, in the above embodiments of the present invention, two electronic devices for bidirectional communication are involved, and for convenience of distinction, an "electronic device" is understood as a local terminal, and an "object device" is understood as an opposite terminal. Both the "electronic device" and the "target device" can be used as one end for sending an access request, and can also be used as one end for receiving a sending request.

To sum up, the embodiment of the invention is a remote encryption unlocking authorization mode without contacting with electronic equipment. After the electronic equipment of the second user receives the unlocking information of the first user, the first user is allowed to have limited application and function access authority by a mode of creating a temporary account number in the electronic equipment, so that the first user can directly unlock and use the electronic equipment of the second user, the mode that fingerprints and facial information need to be input when other electronic equipment is unlocked before is simplified, and the fingerprints and the facial information of another electronic equipment are obtained in a similar mutual transmission mode for unlocking the equipment without inputting any fingerprints and facial information. Meanwhile, scenes that a user leaves fingerprints and facial information on a plurality of electronic devices are reduced, and the privacy of the user is effectively protected. Therefore, the embodiment of the invention greatly simplifies the safe unlocking process of the electronic equipment, saves the complicated process of inputting the fingerprint and the facial information when a user uses other electronic equipment, and can use the electronic equipment by only one simple authorization. In the aspect of safety, data safety is effectively guaranteed through multiple account numbers, access limitation and an application storage dividing mode.

Fig. 20 shows a block diagram of an electronic device of another embodiment of the invention, comprising:

a first input receiving module 10, configured to receive a first input when receiving an access request of a target device;

a first input response module 20, configured to respond to a first input and establish a transmission channel with a target device;

a first obtaining module 30, configured to obtain first biometric information sent by a target device based on a transmission channel;

a second obtaining module 40, configured to obtain biometric information of the first user when the first user accesses the electronic device;

an authorized access module 50 for authorizing the first user to access the electronic device if the biometric information of the first user matches the first biometric information.

Preferably, the first input response module 20 includes:

an information acquisition unit configured to acquire second biometric information and time stamp information in response to the first input;

a key generating unit, configured to generate key information according to the second biometric information and the timestamp information;

and the channel establishing unit is used for establishing a transmission channel with the target equipment according to the secret key information.

Preferably, the electronic device further comprises:

the second input receiving module is used for receiving second input of the first biological characteristic information;

the second input response module is used for responding to the second input and creating a first account corresponding to the first biological characteristic information;

and the authorization setting module is used for authorizing the target access authority and/or the target access duration of the first account in the electronic equipment.

Preferably, the electronic device further comprises:

the third acquisition module is used for acquiring target program use data corresponding to the target access authority;

and the storage module is used for storing the target program use data to a target storage area of the electronic equipment.

Preferably, the electronic device further comprises:

the request module is used for sending an access request to the target equipment;

a third input receiving module, configured to receive a third input when the target device authorizes the access request;

the third input response module is used for responding to the third input and acquiring third biological characteristic information corresponding to the third input;

and the sending module is used for sending the third biological characteristic information to the target equipment.

Preferably, the biometric information comprises at least fingerprint information and/or facial information.

The electronic device provided in the embodiment of the present invention can implement each process implemented by the electronic device in the method embodiments of fig. 1 to fig. 19, and details are not described here to avoid repetition.

Fig. 21 is a schematic diagram of a hardware structure of an electronic device 100 for implementing various embodiments of the present invention, where the electronic device 100 includes, but is not limited to: radio frequency unit 101, network module 102, audio output unit 103, input unit 104, sensor 105, display unit 106, user input unit 107, interface unit 108, memory 109, processor 110, and power supply 111. Those skilled in the art will appreciate that the electronic device configuration shown in fig. 21 does not constitute a limitation of electronic devices, which may include more or fewer components than shown, or some components may be combined, or a different arrangement of components. In the embodiment of the present invention, the electronic device includes, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted electronic device, a wearable device, a pedometer, and the like.

Wherein, the processor 110 is configured to control the input unit 104 to receive a first input in case of receiving an access request of a target device; responding to the first input, and establishing a transmission channel with the target device; acquiring first biological characteristic information sent by the target equipment based on the transmission channel; under the condition that a first user accesses the electronic equipment, acquiring biological characteristic information of the first user; authorizing the first user to access the electronic device if the first user's biometric information matches the first biometric information.

It should be understood that, in the embodiment of the present invention, the radio frequency unit 101 may be used for receiving and sending signals during a message transmission or call process, and specifically, after receiving downlink data from a base station, the downlink data is processed by the processor 110; in addition, the uplink data is transmitted to the base station. Typically, radio frequency unit 101 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 101 can also communicate with a network and other devices through a wireless communication system.

The electronic device provides wireless broadband internet access to the user via the network module 102, such as assisting the user in sending and receiving e-mails, browsing web pages, and accessing streaming media.

The audio output unit 103 may convert audio data received by the radio frequency unit 101 or the network module 102 or stored in the memory 109 into an audio signal and output as sound. Also, the audio output unit 103 may also provide audio output related to a specific function performed by the electronic apparatus 100 (e.g., a call signal reception sound, a message reception sound, etc.). The audio output unit 103 includes a speaker, a buzzer, a receiver, and the like.

The input unit 104 is used to receive an audio or video signal. The input Unit 104 may include a Graphics Processing Unit (GPU) 1041 and a microphone 1042, and the Graphics processor 1041 processes image data of still pictures or video obtained by an image capturing device (e.g., a camera) in a video capturing mode or an image capturing mode. The processed image frames may be displayed on the display unit 106. The image frames processed by the graphic processor 1041 may be stored in the memory 109 (or other storage medium) or transmitted via the radio frequency unit 101 or the network module 102. The microphone 1042 may receive sound and may be capable of processing such sound into audio data. The processed audio data may be converted into a format output transmittable to a mobile communication base station via the radio frequency unit 101 in case of a phone call mode.

The electronic device 100 also includes at least one sensor 105, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor that can adjust the brightness of the display panel 1061 according to the brightness of ambient light, and a proximity sensor that can turn off the display panel 1061 and/or the backlight when the electronic device 100 is moved to the ear. As one type of motion sensor, an accelerometer sensor can detect the magnitude of acceleration in each direction (generally three axes), detect the magnitude and direction of gravity when stationary, and can be used to identify the posture of an electronic device (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), and vibration identification related functions (such as pedometer, tapping); the sensors 105 may also include fingerprint sensors, pressure sensors, iris sensors, molecular sensors, gyroscopes, barometers, hygrometers, thermometers, infrared sensors, etc., which are not described in detail herein.

The display unit 106 is used to display information input by a user or information provided to the user. The Display unit 106 may include a Display panel 1061, and the Display panel 1061 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like.

The user input unit 107 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic device. Specifically, the user input unit 107 includes a touch panel 1071 and other input devices 1072. Touch panel 1071, also referred to as a touch screen, may collect touch operations by a user on or near it (e.g., operations by a user on touch panel 1071 or near touch panel 1071 using a finger, a stylus, or any other suitable object or attachment). The touch panel 1071 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 110, and receives and executes commands sent by the processor 110. In addition, the touch panel 1071 may be implemented in various types, such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. In addition to the touch panel 1071, the user input unit 107 may include other input devices 1072. Specifically, other input devices 1072 may include, but are not limited to, a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, a mouse, and a joystick, which are not described in detail herein.

Further, the touch panel 1071 may be overlaid on the display panel 1061, and when the touch panel 1071 detects a touch operation thereon or nearby, the touch panel 1071 transmits the touch operation to the processor 110 to determine the type of the touch event, and then the processor 110 provides a corresponding visual output on the display panel 1061 according to the type of the touch event. Although in fig. 21, the touch panel 1071 and the display panel 1061 are two independent components to implement the input and output functions of the electronic device, in some embodiments, the touch panel 1071 and the display panel 1061 may be integrated to implement the input and output functions of the electronic device, and is not limited herein.

The interface unit 108 is an interface for connecting an external device to the electronic apparatus 100. For example, the external device may include a wired or wireless headset port, an external power supply (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device having an identification module, an audio input/output (I/O) port, a video I/O port, an earphone port, and the like. The interface unit 108 may be used to receive input (e.g., data information, power, etc.) from an external device and transmit the received input to one or more elements within the electronic apparatus 100 or may be used to transmit data between the electronic apparatus 100 and the external device.

The memory 109 may be used to store software programs as well as various data. The memory 109 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, memory 109 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

The processor 110 is a control center of the electronic device, connects various parts of the entire electronic device using various interfaces and lines, performs various functions of the electronic device and processes data by operating or executing software programs and/or modules stored in the memory 109 and calling data stored in the memory 109, thereby performing overall monitoring of the electronic device. Processor 110 may include one or more processing units; preferably, the processor 110 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 110.

The electronic device 100 may further include a power source 111 (such as a battery) for supplying power to each component, and preferably, the power source 111 may be logically connected to the processor 110 through a power management system, so as to implement functions of managing charging, discharging, and power consumption through the power management system.

In addition, the electronic device 100 includes some functional modules that are not shown, and are not described in detail herein.

Preferably, an embodiment of the present invention further provides an electronic device, which includes a processor 110, a memory 109, and a computer program stored in the memory 109 and capable of running on the processor 110, where the computer program, when executed by the processor 110, implements each process of the foregoing authorization management method embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not described here again.

The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements the processes of the embodiment of the authorization management method, and can achieve the same technical effects, and in order to avoid repetition, the computer program is not described herein again. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one of 8230, and" comprising 8230does not exclude the presence of additional like elements in a process, method, article, or apparatus comprising the element.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling an electronic device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims

1. An authorization management method applied to an electronic device, the authorization management method comprising:

receiving a first input in the case of receiving an access request of a target device;

responding to the first input, and establishing a transmission channel with the target device;

acquiring first biological characteristic information sent by the target equipment based on the transmission channel;

under the condition that a first user accesses the electronic equipment, acquiring biological characteristic information of the first user;

authorizing the first user to access the electronic device if the biometric information of the first user matches the first biometric information;

the establishing a transmission channel with the target device in response to the first input comprises:

acquiring second biometric information and timestamp information in response to the first input;

generating key information according to the second biological characteristic information and the timestamp information;

and establishing a transmission channel with the target equipment according to the key information.

2. The method of claim 1, wherein after obtaining the first biometric information sent by the target device based on the transmission channel, the method further comprises:

receiving a second input of the first biometric information;

in response to the second input, creating a first account corresponding to the first biometric information;

and authorizing the target access authority and/or the target access duration of the first account in the electronic equipment.

3. The method of claim 2, wherein in a case that the first account is authorized for the target access right of the electronic device, the authorizing the first account for the target access right of the electronic device is followed by further comprising:

acquiring target program use data corresponding to the target access authority;

and saving the target program use data to a target storage area of the electronic equipment.

4. The method of claim 1, further comprising:

sending an access request to a target device;

receiving a third input in the event that the target device authorizes the access request;

in response to the third input, obtaining third biological characteristic information corresponding to the third input;

transmitting the third biometric information to the target device.

5. The method of claim 1, wherein the biometric information comprises at least fingerprint information and/or facial information.

6. An electronic device, comprising:

the first input receiving module is used for receiving a first input under the condition of receiving an access request of a target device;

the first input response module is used for responding to the first input and establishing a transmission channel with the target equipment;

the first acquisition module is used for acquiring first biological characteristic information sent by the target equipment based on the transmission channel;

the second acquisition module is used for acquiring the biological characteristic information of the first user under the condition that the first user accesses the electronic equipment;

an authorized access module for authorizing the first user to access the electronic device if the biometric information of the first user matches the first biometric information;

the first input response module comprises:

7. The electronic device of claim 6, further comprising:

8. The electronic device of claim 7, further comprising:

9. The electronic device of claim 6, further comprising:

a third input response module, configured to respond to the third input and obtain third biological characteristic information corresponding to the third input;

a sending module, configured to send the third biological characteristic information to the target device.

10. The electronic device of claim 6, wherein the biometric information comprises at least fingerprint information and/or facial information.