CN110889109A - Permission determination method and device and computer readable storage medium - Google Patents
Permission determination method and device and computer readable storage medium Download PDFInfo
- Publication number
- CN110889109A CN110889109A CN201811051624.0A CN201811051624A CN110889109A CN 110889109 A CN110889109 A CN 110889109A CN 201811051624 A CN201811051624 A CN 201811051624A CN 110889109 A CN110889109 A CN 110889109A
- Authority
- CN
- China
- Prior art keywords
- probability
- authority
- target
- target authority
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000004927 fusion Effects 0.000 claims abstract description 58
- 230000015654 memory Effects 0.000 claims description 15
- 238000004590 computer program Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 claims description 10
- 238000013475 authorization Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 8
- 238000001514 detection method Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/451—Execution arrangements for user interfaces
- G06F9/453—Help systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Abstract
The embodiment of the invention discloses a method for judging authority, which comprises the following steps: determining preference probability and individual probability corresponding to the target authority according to the target authority requested by the current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority; determining a fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority; determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program. The embodiment of the invention also discloses an authority judgment device and a computer storage medium.
Description
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to a method and a device for judging authority and a computer readable storage medium.
Background
With the development of computer technology, applications installed on intelligent terminals are in endless. Many application programs request users to grant permissions when in use, however, some permissions are not related to functions which the application programs need to realize, but rather are used for acquiring privacy information of the users; therefore, the rights management of the application program is very important.
Generally, when an application requests a right, the application displays the right information required to be requested to a user in detail, and the decision of determining whether to grant the right information is left to the user; the prompt information of the permission prompt only comprises the requested permission name, and no referential suggestion is provided for the user; thus, the user can easily agree to the requested rights; this results in the right management for the application acting as a dummy; under certain conditions, a certain dangerous authority is easily released by a user, so that the safety of the system cannot be ensured; in addition, in the related art, only the fixed attribute information of the request permission is used as a judgment criterion, and the use habits and preferences of the user are not counted, so that the effect of personalized customization cannot be achieved.
Disclosure of Invention
In order to solve the existing technical problem, embodiments of the present invention provide a method and an apparatus for determining an authority, and a computer-readable storage medium.
In order to achieve the above purpose, the technical solution of the embodiment of the present invention is realized as follows:
in a first aspect, a method for determining a right is provided, where the method includes:
determining preference probability and individual probability corresponding to the target authority according to the target authority requested by the current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority;
determining a fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority;
determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
In a second aspect, there is provided an apparatus for determining authority, the apparatus including:
the determining unit is used for determining preference probability and individual probability corresponding to the target authority according to the target authority requested by the current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority;
the processing unit is used for determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority; determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
In a third aspect, there is provided an apparatus for determining a privilege, the apparatus comprising, a processor and a memory configured to store a computer program operable on the processor,
wherein the processor is configured to perform the steps of the method of determining permissions of the first aspect when running the computer program.
In a fourth aspect, a computer storage medium is provided, in which computer-executable instructions are stored, and the computer-executable instructions are configured to execute the permission determination method provided in the first aspect.
The embodiment of the invention provides a method and a device for judging authority and a computer readable storage medium, which comprises the steps of firstly determining preference probability and individual probability corresponding to target authority according to the target authority requested by a current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority; then, determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; finally, determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; in this way, the preference probability is added in the target permission requested by the application program, so that the use habit and preference of the user can be reflected, and meanwhile, the judgment is carried out in combination with the use degree of the target permission to obtain a judgment result; therefore, in the process of judging the requested target authority, whether the target authority is safe or not can be judged by combining the use habits of the user, and a basis is provided for the authorization of the user; the safety of the system is guaranteed, and the user experience is improved.
Drawings
In the drawings, which are not necessarily drawn to scale, like reference numerals may describe similar components in different views. Like reference numerals having different letter suffixes may represent different examples of similar components. The drawings illustrate generally, by way of example, but not by way of limitation, various embodiments discussed herein.
Fig. 1 is a schematic flowchart of a method for determining a permission according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of another method for determining permissions according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a method for determining another permission according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an authority determination device according to an embodiment of the present invention;
fig. 5 is a schematic diagram illustrating a hardware structure of an authority determination device according to an embodiment of the present invention.
Detailed Description
In practical application, the application program in the android system is limited to completing some operations in the terminal, that is, the application program cannot directly modify a local file in the terminal and directly read the private information of the user. If an application requires certain rights, such as access to current location information, in order to implement a certain function, the required rights need to be declared at the time of program development. Generally, in the process of opening an application, the application informs a user of the required permissions, that is, when the application is started, the permissions applied by the application are displayed in detail, so that the user can determine whether to grant the corresponding permissions to the application. However, in the related art, the permission prompt information of the system is very simple, and no reference suggestion is given to the user; many users do not pay much attention to the application authority and directly allow the application authority to be granted, so that the package installer of the android system is similar to a dummy authority management of the application, that is, the authority management policy provided by the android system is a coarse-grained authority management policy, and in some cases, a certain dangerous authority is easily released by the users and the security of the system cannot be guaranteed. In addition, it is not possible to intelligently determine the right according to the use habit and preference of the user.
Based on the above problem, an embodiment of the present invention provides a method for determining an authority, which is shown in fig. 1 and includes the following steps:
Wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the usage degree of the target authority.
Here, step 101 may be implemented by the terminal device, according to the target authority requested by the current application, determining the preference probability and the individual probability corresponding to the target authority. In practical application, the terminal device may include: terminal equipment such as smart phones, tablet computers, notebook computers, palmtop computers and wearable equipment. Here, various types of application programs can be installed in the terminal device; each application is capable of requesting various rights of the terminal device.
In other embodiments of the present invention, when an application currently opened in a terminal device is to complete an operation, it is necessary to request a user to use a right to complete a function corresponding to the operation; for example, in order to complete navigation operations, a map Application (APP) needs to apply an authority to use a positioning function to a user.
In general, the terminal device presents the requested information of the target authority to the user in a dialog box form, and the user selects whether to grant the authority or reject the authority. In this embodiment, before the application program sends a prompt message prompting whether to authorize the requested target permission to the user, it may be determined whether the request is safe according to some information of the target permission, so that the user makes a decision of granting or denying according to the determination result. Specifically, when the terminal device receives an application program request target authority, acquiring a preference probability and an individual probability corresponding to the target authority; then, the terminal device makes subsequent determination based on the above two kinds of information. The preference probability of the target authority refers to the preference degree of the user for the target authority, and can be obtained by counting the number of times that the target authority is granted and/or rejected locally at the terminal device. In addition, the individual probability refers to the usage degree of the target authority, and can be determined by counting the number of times that the target authority is used in a certain number of application programs in the application market.
It should be noted that the terminal device may store preference probabilities and individual probabilities corresponding to all the rights; after obtaining the identification information of the target authority requested by the application program, the terminal device finds the preference probability and the individual probability corresponding to the target authority through the identification information.
And 102, determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability.
Wherein the fusion probability is used for representing a reference value of the target authority;
here, step 102 may be implemented by the terminal device, based on at least the preference probability corresponding to the target authority and the individual probability, to determine the fusion probability.
As can be known from the above analysis, the individual probability refers to the usage probability of the target permission in a certain amount of application programs, and represents the degree of usage of the target permission in big data statistics; the preference probability refers to the preference degree of the user to the target authority, and reflects the use degree of the user to the target authority; therefore, the individual probability and the preference probability represent the use condition of the same target authority; in order to more accurately reflect the reasonability of authority judgment and simultaneously consider the personal preference of the user, at least the individual probability and the preference probability are integrated, namely at least the big data statistical factor and the personal willingness factor of the user are superposed to obtain the fusion probability of the target authority, namely the judgment reference value.
Specifically, weight values may be assigned to the individual probabilities and the preference probabilities, respectively; the weight values are used for determining the importance degree of the individual probability and the preference probability influencing the fusion probability; and fusing the individual probability and the preference probability through the assigned weight value. For example, the individual probability is important, and the weight value of the individual probability may be set to 0.8, and then the weight value of the preference probability is 0.2. It should be noted that, the weight values assigned to the individual probabilities and the preference probabilities may be fixed data preset by the terminal device, or may be determined according to the usage habits of the user, which is not limited herein.
And 103, determining a judgment result aiming at the target authority based on the fusion probability and the standard probability.
The standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
Here, step 103 may be implemented by the terminal device, based on the fusion probability and the standard probability, determining the determination result for the target authority.
In other embodiments of the present invention, the standard probability is used to represent a standard value of the determination permission, which can be understood as that the standard probability is a basis for performing permission determination; in this embodiment, the standard probability may be a standard usage probability for all permissions; in particular, the standard probability may be considered to be the probability of average usage of a certain number of rights requested by the application on the application market.
In the embodiment of the invention, the judgment result of the target authority can be determined by comparing the fusion probability with the standard probability. Specifically, step 103 may include the steps of:
step 1031, if the fusion probability is smaller than the standard probability, determining that the target authority is a dangerous authority;
step 1032, if the fusion probability is not smaller than the standard probability, determining that the target authority is a safety authority.
Here, when the fusion probability corresponding to the target authority is smaller than the standard probability, it can be understood that the probability of using the target authority is higher, and the probability of using the authority by the user is also higher; thus, the target authority can be considered safe; otherwise, the target authority has a certain risk. Thus, the embodiment can quantify the security of the authority, so that the terminal device can quickly make a judgment result.
In other embodiments of the present invention, the terminal device may provide a relevant basis for the authorization of the user according to the determination result; for example, when the target authority is determined to be the security authority, information of "suggesting to grant the authority" may be added to a prompt message popped up by the terminal device; otherwise, adding information of 'suggesting to reject the authority' in a prompt message popped up by the terminal equipment, so that the user makes a decision according to the suggestion information.
The embodiment of the invention provides a method for judging authority, which comprises the steps of firstly, determining preference probability and individual probability corresponding to target authority according to the target authority requested by a current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority; then, determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; finally, determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; in this way, the preference probability is added in the target permission requested by the application program, so that the use habit and preference of the user can be reflected, and meanwhile, the judgment is carried out in combination with the use degree of the target permission to obtain a judgment result; therefore, in the process of judging the requested target authority, whether the target authority is safe or not can be judged by combining the use habits of the user, and a basis is provided for the authorization of the user; the safety of the system is guaranteed, and the user experience is improved.
Based on the above embodiments, an embodiment of the present invention provides a method for determining a right, which is shown in fig. 2 and includes the following steps:
In other embodiments of the present invention, in order to obtain the preference probability corresponding to the target permission, the number of times that all permissions used by all applications in the local terminal device are granted and the number of times that all permissions are rejected may be obtained in advance, and according to the number of times that each permission is granted and rejected in the local device, the preference degree of the user for the corresponding permission may be determined. Further, the terminal device stores the obtained preference probability of each authority into a memory device of the terminal device, so that when the application requests the target authority, the preference probability corresponding to the target authority can be quickly read from the memory device.
It should be noted that, step 201 and step 202 may also be executed when the application requests the target authority, and the present invention is not limited herein.
In other embodiments of the present invention, the preference probability of the target authority may be obtained by the following formula:
Pm=(fa-fr)/M (2-1);
wherein, PmPreference probability for target permission, faNumber of times for which the target authority is granted, frAnd M is the number of times that the target authority is rejected, and M is the number of all application programs locally installed in the terminal equipment. Here, PmIs a constant in the range of-1 to 1.
In other embodiments of the present invention, the number of times that the authority is granted and rejected changes when the terminal device installs an application; furthermore, the preference probability of the authority is changed; but when the same right is requested in a shorter time interval, the influence on the preference probability is less important; therefore, the terminal device may obtain the number of times that the target authority is granted in all the application programs installed in the terminal device according to a preset time interval or when detecting that the state of the target authority changes. Here, the detection of the state transmission change of the target authority may include detection of whether the target authority is granted or denied.
Wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the usage degree of the target authority.
In other embodiments of the present invention, when acquiring a target right that an application needs to request, a terminal device searches a preference probability and an individual probability corresponding to the target right from its own memory device. Wherein, the individual probability refers to the use degree of the target authority; specifically, the individual probability is obtained by counting the number of times that the target authority is used in a certain number of application programs in the application market; in general, the individual probability is obtained from the server and stored in the memory device of the terminal device itself.
Here, the server may count the top N top applications in the application market to obtain the authority information of these applications. Firstly, a server can read authority information to be requested in an Android manifest (xml) file in an application program installation package through a decompiling installation package (APK) file, or directly read the use authority information in the application program APK through an Android Asset Packaging Tool (Android packing Tool, aapt); furthermore, based on the use information of the authority, the individual probability of the target authority is obtained by counting the use probability of the target authority in the applications. Specifically, the individual probability corresponding to the target authority is obtained by using the following formula:
Pi=fi/N (2-2);
wherein, PiThe individual probability of the target authority is constant with the value range of 0 to 1; f. ofiThe number of times that the target authority appears in the authority information of the N application programs is set; and N is the number of the application programs counted.
And step 204, the terminal equipment determines a fusion probability at least based on the preference probability corresponding to the target authority and the individual probability.
Wherein the fusion probability is used for representing the reference value of the target authority.
In other embodiments of the present invention, weight values may be assigned to the individual probabilities and the preference probabilities, respectively; the weight values are used for determining the importance degree of the individual probability and the preference probability influencing the fusion probability; and fusing the individual probability and the preference probability through the assigned weight value.
Preferably, the weight values of the individual probability and the preference probability are set to 0.5, and then the fusion probability can be obtained by the following formula:
Pc=0.5*Pi+0.5*Pm(2-3);
wherein, PcIs the fusion probability of the target authority, and the constant P with the value range of 0 to 1iIndividual probability, P, referring to the authority of the objectmRefers to the preference probability of the target permission.
Wherein the standard probability is used to characterize the average usage probability of all rights.
Specifically, if the fusion probability is smaller than the standard probability, determining that the target permission is a dangerous permission; and if the fusion probability is not less than the standard probability, determining the target authority as a safety authority.
Wherein, the standard probability refers to the standard use probability of all the authorities; the standard probability may be considered to mean the probability of average usage of a certain number of rights requested by an application on the application market. Before the terminal equipment judges the target authority, the terminal equipment needs to acquire the standard probability from the memory device of the terminal equipment. Here, the standard probability is the same as the individual probability of the target authority, and is obtained from the server and stored in the memory device of the terminal device by the terminal device; the terminal device can simultaneously acquire the standard probability and the individual use probability of the authority from the server.
Specifically, the server may count the top N top-ranked hot applications in the application market to obtain the authority information in the applications. Firstly, a server can read information of all rights to be requested in an android manifest (xml) file in an application program installation package through decompiling an APK file, or directly read use information of all rights in the application program APK through aapt; further, based on the usage information of the authority, a standard probability of the authority is obtained using the following formula:
wherein, PcIs a standard probability with a constant value ranging from 0 to 1; f. ofjThe number of times of the j-th authority appearing in the authority information of the N application programs; n is the total number of items present in the N applications.
In other embodiments of the present invention, the terminal device obtains the standard probability and the individual probabilities of all the rights from the server;
preferably, the terminal device may obtain the standard probability and the individual probabilities of all the rights from the server according to a preset time period or when detecting that the application requests the target right.
Specifically, in step 205, determining the determination result for the target authority based on the fusion probability and the standard probability of the target authority includes:
if the fusion probability is smaller than the standard probability, determining the target authority as a dangerous authority; and if the fusion probability is not less than the standard probability, determining the target authority as a safety authority.
And step 206, the terminal equipment generates suggestion information based on the judgment result.
Wherein the suggestion information and the judgment result have a corresponding relationship.
In other embodiments of the present invention, the determination result includes that the target permission is a security permission and a danger permission; when the judgment result is that the target authority is the safety authority, the terminal equipment generates suggestion information of 'suggesting to grant the authority'; and when the judgment result is that the target authority is the dangerous authority, the terminal equipment generates suggestion information of 'suggesting to reject the authority'.
And step 207, the terminal device displays the suggestion information on a display interface of the terminal device, so that the user performs an operation of granting or denying the target permission based on the suggestion information.
It should be noted that, if the right that the newly installed application needs to apply is not within the statistical range of the hot application, the right is considered to have a security risk, and the user is recommended to reject the authorization. The above formula is no longer calculated.
It should be noted that, for the descriptions of the same steps and the same contents in this embodiment as those in other embodiments, reference may be made to the descriptions in other embodiments, which are not described herein again.
The embodiment of the invention provides a method for judging authority, which comprises the steps of firstly, determining preference probability and individual probability corresponding to target authority according to the target authority requested by a current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority; then, determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; finally, determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; in this way, the preference probability is added in the target permission requested by the application program, so that the use habit and preference of the user can be reflected, and meanwhile, the judgment is carried out in combination with the use degree of the target permission to obtain a judgment result; therefore, in the process of judging the requested target authority, whether the target authority is safe or not can be judged by combining the use habits of the user, and a basis is provided for the authorization of the user; the safety of the system is guaranteed, and the user experience is improved.
Based on the foregoing embodiments, an embodiment of the present invention provides a method for determining a right, which is shown in fig. 3 and includes the following steps:
and 301, acquiring the authority use information of the application program.
Specifically, all permissions to be applied in android Manifest.xml in a certain number of applications in the android application market are counted by decompiling APK files, or permission use information in the APK files is directly read by using an aapt tool.
Step 302, calculating standard probability and individual probability of each authority.
And step 303, acquiring the preference probability of the target authority.
When the application program requests the target authority, the times of granting and refusing the target authority in the local terminal device are counted, and the preference probability is calculated.
And step 304, calculating the fusion probability and comparing the fusion probability with the standard mean value.
Here, the terminal device calculates a fusion probability according to the calculated preference probability and the usage probability of the target authority.
Step 305, authorization determination.
If the fusion probability is greater than or equal to the standard probability, the target authority is considered to have no security risk, and user authorization is suggested; and if the fusion probability is smaller than the standard probability, the target authority is considered to have a security risk, and the user authorization is not recommended. In addition, if the authority to be granted is not within the application statistical authority, the authority is considered to have security risk, and user authorization is not recommended.
Step 306, if the authorization of the target authority is finished, step 307 is executed, otherwise, step 303 is skipped.
Step 307: the authorization is complete.
The embodiment of the invention provides a method for judging authority, which comprises the steps of firstly, determining preference probability and individual probability corresponding to target authority according to the target authority requested by a current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority; then, determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; finally, determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; in this way, the preference probability is added in the target permission requested by the application program, so that the use habit and preference of the user can be reflected, and meanwhile, the judgment is carried out in combination with the use degree of the target permission to obtain a judgment result; therefore, in the process of judging the requested target authority, whether the target authority is safe or not can be judged by combining the use habits of the user, and a basis is provided for the authorization of the user; the safety of the system is guaranteed, and the user experience is improved.
In order to implement the method of the embodiment of the present invention, an embodiment of the present invention further provides an authority determination apparatus, which can be applied to the terminal device in the above embodiment; as shown in fig. 4, the authority determination device includes: a determination unit 41 and a processing unit 42; wherein:
a determining unit 41, configured to determine, according to a target permission requested by a current application, a preference probability and an individual probability corresponding to the target permission; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority;
a processing unit 42, configured to determine a fusion probability based on at least the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority; determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
In other embodiments of the present invention, the processing unit 42 is specifically configured to determine that the target permission is a dangerous permission when it is determined that the fusion probability is smaller than the standard probability; and when the fusion probability is judged to be not less than the standard probability, determining the target authority as a safety authority.
In other embodiments of the present invention, the authority determination device further includes an acquisition unit 43;
an obtaining unit 43, configured to obtain the number of times that the target authority is granted in all applications installed in the terminal device, and the number of times that the target authority is denied;
the determining unit 41 is further configured to determine a preference probability of the target right based on the number of times the target right is granted and the number of times the target right is denied.
In other embodiments of the present invention, the obtaining unit 43 is specifically configured to obtain, according to a preset time interval or when detecting that the state of the target authority changes, the number of times that the target authority is granted in all the application programs installed in the terminal device.
In other embodiments of the present invention, the obtaining unit 43 is further configured to obtain the standard probability and the individual probabilities of all the rights from the server; wherein the standard probability is used to characterize the average usage probability of all rights.
Preferably, the obtaining unit 43 is configured to obtain the standard probability and the individual probabilities of all the rights from the server according to a preset time period or when detecting that the application requests the target right.
In other embodiments of the present invention, the processing unit 42 is further configured to generate suggestion information based on the determination result; wherein, the suggestion information is displayed on the display of the terminal equipment, and the suggestion information and the judgment result have a corresponding relation; and displaying the interface to enable the user to carry out the operation of granting or denying the target permission based on the suggestion information.
Based on the hardware implementation of each unit in the information display apparatus, in order to implement the method for determining the authority provided in the embodiment of the present invention, an authority determining apparatus is further provided in the embodiment of the present invention, as shown in fig. 5, the apparatus 50 includes: a processor 51 and a memory 52 configured to store a computer program capable of running on the processor; wherein the processor 51 is configured to perform the method steps in the previous embodiments when running the computer program.
In practice, of course, the various components of the device 50 are coupled together by a bus system 53, as shown in FIG. 5. It will be appreciated that the bus system 53 is used to enable communications among the components. The bus system 53 includes a power bus, a control bus, and a status signal bus in addition to the data bus. For clarity of illustration, however, the various buses are labeled as bus system 53 in fig. 5.
In an exemplary embodiment, the present invention further provides a computer readable storage medium, such as a memory 52 including a computer program, which can be executed by the processor 51 of the permission determination apparatus 50 to complete the steps of the foregoing method. The computer-readable storage medium may be a magnetic random access Memory (FRAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an erasable Programmable Read-Only Memory (EPROM), an electrically erasable Programmable Read-Only Memory (EEPROM), a Flash Memory (Flash Memory), a magnetic surface Memory, an optical disk, or a Compact Disc Read-Only Memory (CD-ROM), among other memories.
The technical schemes described in the embodiments of the present invention can be combined arbitrarily without conflict.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (10)
1. A method for determining a right, the method comprising:
determining preference probability and individual probability corresponding to the target authority according to the target authority requested by the current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority;
determining a fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority;
determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
2. The method of claim 1, wherein determining a decision based on the fusion probability and the standard probability comprises:
if the fusion probability is smaller than the standard probability, determining the target authority as a dangerous authority;
and if the fusion probability is not less than the standard probability, determining the target authority as a safety authority.
3. The method of claim 1, wherein before determining the preference probability and the individual probability corresponding to the target permission according to the target permission requested by the current application program, the method further comprises:
acquiring the times of the target permission granted in all application programs installed in the terminal equipment and the times of the target permission refused to be granted;
and determining the preference probability of the target authority based on the number of times the target authority is granted and the number of times the target authority is refused to be granted.
4. The method according to claim 3, wherein the obtaining of the number of times that the target authority is granted in all applications installed in the terminal device and the number of times that the target authority is denied comprises:
and acquiring the times of the target authority being granted in all application programs installed in the terminal equipment according to a preset time interval or when the state of the target authority is detected to change.
5. The method of claim 1, further comprising:
acquiring standard probability and individual probability of all rights from a server; wherein the standard probability is used to characterize the average usage probability of all rights.
6. The method of claim 5, wherein obtaining the standard probabilities and the individual probabilities for all rights from the server comprises:
and acquiring the standard probability and the individual probabilities of all the rights from the server according to a preset time period or when detecting that the application program requests the target rights.
7. The method of claim 1, further comprising:
generating advice information based on the determination result; wherein the suggestion information and the judgment result have a corresponding relation;
and displaying the suggestion information on a display interface of the terminal equipment, so that the user can grant or refuse the grant operation of the target permission based on the suggestion information.
8. An apparatus for determining authority, the apparatus comprising:
the determining unit is used for determining preference probability and individual probability corresponding to the target authority according to the target authority requested by the current application program; wherein the preference probability is used for indicating the preference degree of the user for the target authority; the individual probability is used for indicating the use degree of the target authority;
the processing unit is used for determining fusion probability at least based on the preference probability corresponding to the target authority and the individual probability; wherein the fusion probability is used for representing a reference value of the target authority; determining a judgment result aiming at the target authority based on the fusion probability and the standard probability; the standard probability is used for representing a standard value of the judgment authority; the determination result is used to indicate whether to allow the request of the current application program or to reject the request of the current application program.
9. An apparatus for determining a privilege, the apparatus comprising, a processor and a memory configured to store a computer program operable on the processor,
wherein the processor is configured to perform the steps of the method of determining rights of any of claims 1 to 7 when running the computer program.
10. A computer storage medium having stored therein computer-executable instructions configured to perform the method of determining permissions provided by any of claims 1 to 7 above.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811051624.0A CN110889109A (en) | 2018-09-10 | 2018-09-10 | Permission determination method and device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811051624.0A CN110889109A (en) | 2018-09-10 | 2018-09-10 | Permission determination method and device and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110889109A true CN110889109A (en) | 2020-03-17 |
Family
ID=69745182
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811051624.0A Pending CN110889109A (en) | 2018-09-10 | 2018-09-10 | Permission determination method and device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110889109A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113672974A (en) * | 2021-07-29 | 2021-11-19 | 北京奇艺世纪科技有限公司 | Authority management method, device, equipment and storage medium |
| CN113792328A (en) * | 2021-08-12 | 2021-12-14 | 荣耀终端有限公司 | Authority management method, user interface and electronic equipment |
| WO2022160991A1 (en) * | 2021-01-29 | 2022-08-04 | 华为技术有限公司 | Permission control method and electronic device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080215509A1 (en) * | 2005-09-30 | 2008-09-04 | Motorola, Inc. | Content Access Rights Management |
| CN105512545A (en) * | 2015-12-03 | 2016-04-20 | 小米科技有限责任公司 | Access authority management method and device |
| CN105991584A (en) * | 2015-02-12 | 2016-10-05 | 广东欧珀移动通信有限公司 | Information authority obtaining method and terminal |
| CN106991319A (en) * | 2017-03-17 | 2017-07-28 | 维沃移动通信有限公司 | The right management method and mobile terminal of a kind of application program |
| CN107844699A (en) * | 2016-09-20 | 2018-03-27 | 中兴通讯股份有限公司 | The access right control method and device of a kind of application program |
-
2018
- 2018-09-10 CN CN201811051624.0A patent/CN110889109A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080215509A1 (en) * | 2005-09-30 | 2008-09-04 | Motorola, Inc. | Content Access Rights Management |
| CN105991584A (en) * | 2015-02-12 | 2016-10-05 | 广东欧珀移动通信有限公司 | Information authority obtaining method and terminal |
| CN105512545A (en) * | 2015-12-03 | 2016-04-20 | 小米科技有限责任公司 | Access authority management method and device |
| CN107844699A (en) * | 2016-09-20 | 2018-03-27 | 中兴通讯股份有限公司 | The access right control method and device of a kind of application program |
| CN106991319A (en) * | 2017-03-17 | 2017-07-28 | 维沃移动通信有限公司 | The right management method and mobile terminal of a kind of application program |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022160991A1 (en) * | 2021-01-29 | 2022-08-04 | 华为技术有限公司 | Permission control method and electronic device |
| CN113672974A (en) * | 2021-07-29 | 2021-11-19 | 北京奇艺世纪科技有限公司 | Authority management method, device, equipment and storage medium |
| CN113792328A (en) * | 2021-08-12 | 2021-12-14 | 荣耀终端有限公司 | Authority management method, user interface and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110298188B (en) | Control method and system for dynamic access authority | |
| US20200402062A1 (en) | Data processing method, apparatus and computer-readable non-transitory storage medium | |
| CN110889109A (en) | Permission determination method and device and computer readable storage medium | |
| EP3765974A1 (en) | Auto disablement of web browser extensions on defined categories of webpages | |
| CN106330958A (en) | Secure accessing method and device | |
| EP2273411A2 (en) | Systems and methods for determining authorization to operate licensed software based on a client device fingerprint | |
| US20140250105A1 (en) | Reliable content recommendations | |
| CN107770146B (en) | User data authority control method and device | |
| US10769167B1 (en) | Federated computational analysis over distributed data | |
| CN110287691A (en) | Application program login method, device, equipment and storage medium | |
| US20150047019A1 (en) | Information processing method and electronic device | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| CN106951795A (en) | A kind of application data access partition method and device | |
| US20180062860A1 (en) | Remote hardware device conversion | |
| EP3945696B1 (en) | Blockchain data processing method, apparatus, and device | |
| CN111177703A (en) | Method and device for determining data integrity of operating system | |
| CN111814181B (en) | System authority authorization method and device, electronic equipment and storage medium | |
| US9600582B2 (en) | Blocking objectionable content in service provider storage systems | |
| US9614850B2 (en) | Disabling prohibited content and identifying repeat offenders in service provider storage systems | |
| CN113672974A (en) | Authority management method, device, equipment and storage medium | |
| US20170309552A1 (en) | System and method for verifying users for a network service using existing users | |
| Li et al. | PhotoSafer: content-based and context-aware private photo protection for smartphones | |
| CN107943523B (en) | User permission judgment method and device for electronic bank | |
| CN116032652A (en) | Gateway authentication method and system based on intelligent interactive touch panel | |
| CN112364307B (en) | Software authorization method and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200317 |