CN111194030A

CN111194030A - Terminal position information confidentiality method, operating system and mobile terminal

Info

Publication number: CN111194030A
Application number: CN202010199742.7A
Authority: CN
Inventors: 杨筑平; 周跃平
Original assignee: Shenzhen Jinlan Hanyuan Technology Co ltd
Current assignee: Shenzhen Jinlan Hanyuan Technology Co ltd
Priority date: 2019-04-18
Filing date: 2020-03-06
Publication date: 2020-05-22
Also published as: CN110505622A

Abstract

A terminal position information secrecy method, an operating system and a mobile terminal relate to the technical field of computers, mobile terminals, network software and information security. Sensitive area location data is filtered to limit the application program to access the terminal location information, comprising the steps of: presetting a security policy by a user, wherein the security policy comprises a sensitive area, a filtering mode and sensitive time; acquiring positioning data from positioning equipment, wherein the positioning data, a sensitive area and sensitive time are used as input variables; taking a filtering mode as a control constraint, comprehensively checking input variables, filtering if the positioning data fall into a sensitive area within a sensitive time, and otherwise, taking the positioning data unchanged as the position data; and outputting the filtering result position data. The embodiment is changed by an android system, and a pre-installed flashing machine can obtain a confidential mobile terminal. The invention filters the sensitive area positioning data in a strategic way, can flexibly and effectively keep secret of the position information without changing the circuit configuration of the terminal hardware, thereby protecting the personal privacy and the mechanism secret and having important significance and practical value for information safety.

Description

Terminal position information confidentiality method, operating system and mobile terminal

Technical Field

The invention relates to the technical field of computers, mobile terminals, network software and information security.

Background

With the rapid development and popularization of electronic information technology, terminal devices such as mobile phones (mobile phones), wearable devices, information tablets, notebook computers and the like have become widely used by the public. Global positioning system GPS (including beidou, galileo, glanass, etc. satellite navigation systems) technology modules or devices have been generally integrated or externally connected to terminal equipment, providing the required navigation positioning services for users, and simultaneously, exposing the position information of the users. The terminal can obtain the positioning information by a wireless communication network (such as GSM and CSMA) of a telecom operator, broadband wireless access and the like besides the GPS. These means are implemented in the terminal as a location service or a positioning service and can be used by the application. Merchants and malicious programs (computer viruses and spyware) are also using software technology and web services, or collecting location information of end users at will, either in the light or in the dark. The method has the advantages that the position information of a user is collected in a large amount for a long time, and then the user can be accurately pictured through big data analysis by combining geographic information and time rules, so that a great deal of privacy of the user can be mastered, and the method comprises the following steps: home address, work unit, occupational identity, travel law, health status, hobbies, living standard, individual habits, dating close friends, religious activities, suspicion of involvement, etc. These already cover a major aspect of personal privacy, and leakage may present unforeseen and disconcerting risks, such as: commercial promotions, information harassments, reputation depreciation, track surveillance, extortion lasso, kidnapping threats, site-specific injuries, etc. This potential risk of positional information leakage is not currently addressed but will certainly be addressed. But the problem of position information leakage is solved, the law system action is delayed and low-efficiency, the moral and self-discipline of the merchant is unreliable, and malicious programs are not introduced in a hole, and the prevention is achieved only by means of a technical means.

However, the existing techniques for managing location information are primarily biased towards solving the positioning accuracy and reliability, such as correcting the positioning accuracy of satellite signals by using a differential technique; some technologies focus on the availability of positioning, such as "a method of converting location information in a mobile positioning service system" (patent application No. CN200510036020), which proposes to provide a location conversion server to solve the problem of confidential conversion matching between location information and map data; some technologies focus on positioning applications, such as "method for setting security level of mobile terminal based on location information and mobile terminal" (patent application No. CN200910081050), and propose to search the corresponding relationship between location information and policy file to set security level of mobile terminal; there is a new technology that deeply considers the secrecy and protection of location information. "location information notification system and method, terminal location specifying device, and privacy check device" (patent application No. CN200480037545), it is proposed that a terminal location specifying device of a mobile network determines privacy setting information of a user, determines whether to perform a positioning process with a terminal, and provides location information to the terminal. An interference positioning method, an interference positioning device, a storage medium and a mobile terminal (patent application No. CN201810491399) are provided, and a preset component is added in the terminal to perform same frequency interference on a positioning module in the terminal by frequency multiplication of a preset working frequency, so that confidentiality of terminal position information is achieved. However, this method of changing hardware will increase the cost, radiation and power consumption of the product, and the use is not convenient and flexible enough. The mobile phones popular in the market today also have control over access to location information in the setup management, and can be implemented for specific applications, but they can only be simply selected to be allowed or prohibited. Many popular application services APP, such as navigation, taxi, social, search, news, entertainment, business, government, office, and even some browsers, require mandatory access to the location information of the terminal. Thus, users are often forced to choose between receiving service and protecting privacy, and then forget to disable and continue to expose their location information.

Some application software such as a position modifier, a virtual positioning king, a position camouflaging master and the like also appear in the market, the GPS positioning of the mobile phone can be randomly modified to a certain virtual position by utilizing the openness of an Android system, and the mobile phone is gimmick by taking a camouflaging position, a card-checking sign-in, a different place and a same city friend and the like, which exceeds the scope of personal rightful secrecy protection and has cheating property. Even such fictitious positioning cannot be performed properly and effectively to keep the position information secret. Moreover, the vulnerability of modifying the positioning from the application layer can be blocked by the upgrade of the terminal operating system. Therefore, new effective techniques are also needed to achieve privacy of the terminal location information. The applicant has previously proposed a "terminal location information security method, an operating system and a mobile terminal" (patent application No. 201910367206.0) on the same subject, and has provided an appropriate technical solution, which also needs to be improved and perfected.

Disclosure of Invention

The invention aims to provide a terminal position information security method, an operating system and a mobile terminal, which can flexibly and effectively perform security on the position information of the terminal without changing the hardware circuit configuration of terminal equipment.

The invention provides a terminal position information security method, which is used for filtering sensitive area positioning data in order to limit an application program to access the terminal position information, and comprises the following steps:

presetting a strategy: presetting a privacy policy by a user, wherein the privacy policy comprises a sensitive area, a filtering mode and sensitive time, the sensitive area is represented by combining shape-setting position parameters, the filtering mode provides selection for an option set comprising at least one item of forbidden output, invalid output and mapping pointing, if the mapping pointing is selected, a virtual position to be pointed is also designated, and if the sensitive time is not available, the sensitive time is sensitive at any time;

an input acquisition step: acquiring positioning data from a positioning device, together with the sensitive area and the sensitive time (nullable), as input variables;

and (3) a checking and filtering step: taking the filtering mode as a control constraint, comprehensively checking the input variables, if the positioning data falls into the sensitive area within the sensitive time range, performing filtering according to the filtering mode, otherwise, not in the sensitive time range or outside the sensitive area and keeping the positioning data unchanged as position data;

a position output step: and outputting the filtering result position data.

The sensitive area is a geometrical figure concept in a geographic sense, and is a plane geometrical figure such as a point (fixed point), a line (road), a circle, a triangle, a rectangle, a polygon and the like by neglecting height coordinates. Characterized by a combination of shape location parameters, e.g., a circle is represented by its circle radius (or diameter) and coordinates of the center of the circle, and a polygon is represented by a sequence of coordinates of all its vertices. The three options included in the filtering method are terms understood by the meaning of the language, so that other language words and symbols can be equivalently used for changing the naming without forming essential difference. The mapping direction is to change the real actually measured positioning position to point to a certain virtual position; the virtual location is a location far from the actual location, or a location outdated and outdated, or even a fictitious location. This is also a protective security means. The filtering method is to achieve one of three secret keeping effects: location-prohibited access, i.e., inaccessible to applications; the position cannot be determined, i.e. the application program can access but obtain invalid data, similar to the effect of 'weak GPS signal'; the position fiction shield means that the fiction data which is accessible to the application program is obtained, and the real data is shielded and protected. These are for localized positions within the sensitive area, but remain the same for localized positions outside the sensitive area. The sensitive time includes a date interval and a time interval, and the checking filtering is executed in the time range, namely the time range of the sensitive area to be kept secret. If the sensitive time is vacant, no time limit is indicated, which means that the security is kept at any time. It is further possible to allow for the specification of exceptional applications, i.e. trusted applications, that may not be compromised without security restrictions. The virtual location can also be extended to a virtual area, so that the virtual location pointed by a specific mapping has randomness in the virtual area, even has some virtual behavior regularity (such as moving route and speed), but this means that a deception misleading effect is pursued.

The security method can also utilize the electronic map, and is characterized in that the preset strategy step also displays the operation background of the electronic map timely to assist a user in setting the security strategy. The method is simple and practical to operate by defining a sensitive area to be kept secret and a virtual position to be mapped and pointed (if needed) on the electronic map.

The security method can also be stored in a centralized way to simplify the setting, and is characterized in that the preset policy step also defines a security scheme to store the security policy in a centralized way, and the security scheme and/or the security policy can also be stored and multiplexed to restrict the access position information. After naming a privacy scheme, multiple privacy policies can be added, modified, and deleted. The privacy scheme may be referenced to place specific restrictions on overall or application-specific access to location information. The security scheme should generally not allow access by general applications (unless the configuration manager) to avoid tampering or bypassing.

The above described security method, which also allows to deliberately introduce an externally established security scheme, is characterized in that said security scheme also allows to inject externally under the condition of passing the authentication trust. I.e. the security scheme may be set by the peripheral or web service application trusted by the terminal.

The above security method further specifies a storage form of the security policy, wherein the security policy is defined as a tuple and includes at least three or more of the following five items as elements of the tuple:

a region type representing a geometric type of the sensitive region;

a region parameter representing a position location and a coverage of a geometric shape constituting the sensitive region;

a filtering mode, meaning one of the options of forbidden output, invalid output and mapping direction;

the virtual position represents the virtual position to which the mapping points of the positioning in the sensitive area, and can also be selected as the most recently recorded positioning position outside the sensitive area, and the virtual position is null when the filtering mode is not the mapping points;

sensitive time, representing sensitive date interval and time period, and absence representing any time.

The security method is characterized in that the filtering mode in the security policy is actually realized by replacing related fields in the standard GPS data format of the positioning data, and the method comprises the following processing situations:

for the output inhibition, directly ignoring the positioning data, thus obtaining empty position data;

for invalid output, replacing a positioning state field in the positioning data format with a positioning invalid mark, and additionally resetting longitude and latitude fields, thereby obtaining invalid position data;

for mapping orientation, the values of the longitude and latitude fields and the marks of the longitude hemisphere and latitude hemisphere fields in the virtual position location coordinate data format are respectively and correspondingly replaced by the values of the longitude and latitude fields and the marks of the longitude hemisphere and latitude hemisphere fields in the virtual position location coordinate data format, so that virtual position data is obtained.

The positioning status field indicates the validity of the positioning data in a standard GPS data format, and different GPS data formats may have different names, such as a positioning quality indication field. The location invalidity indicator may also have different symbols and meanings due to different GPS data formats.

The invention also provides a terminal position information security operating system based on the security method, which comprises a core layer, a functional layer, a management layer and an application layer, wherein the operating system filters the position data of a sensitive area for limiting the application process to access the terminal position information, and comprises the following functions:

in a management layer, providing a setting operation interface, presetting a privacy policy by a user, wherein the privacy policy comprises a sensitive area, a filtering mode and sensitive time, the sensitive area is represented by combining shape-setting position parameters, the filtering mode is selected by an option set comprising at least one item of forbidden output, invalid output and mapping direction, if the mapping direction is selected, a virtual position to be directed needs to be specified, and if the sensitive time is absent, the sensitive time is represented as sensitive at any time;

in the functional layer, a filtering module is realized, positioning data of positioning equipment is acquired from a core layer, the positioning data, the sensitive area and the sensitive time (available) are used as input variables, the filtering mode is used as a control constraint, the input variables are comprehensively checked, filtering is performed according to the filtering mode if the positioning data falls into the sensitive area in the sensitive time range, and otherwise, the positioning data is not in the sensitive time range or is positioned outside the sensitive area and is kept unchanged as position data;

and calling an interface for the position data function provided by the function layer to the application layer, and outputting the filtering result position data.

In the above secure operating system, the core layer, the functional layer, the management layer and the application layer are only logical division concepts, and do not mean that the architectural type is limited to be only a hierarchical operating system, nor does the hierarchy be divided and named as such. In practice the architecture of the operating system also includes a non-hierarchical type, which can also be interpreted in terms of functional hierarchy. It is therefore to be understood that the secure operating system of the present invention is not limited to a hierarchical operating system, but includes operating systems of non-hierarchical architectures.

The secret operating system can also utilize an electronic map, and is characterized in that the provided setting operation interface also displays the operation background of the electronic map at proper time to assist a user in setting the secret strategy.

The secure operating system is further configured to perform filtering based on a standard GPS data format, and is characterized in that the filtering manner in the security policy is actually performed by replacing relevant fields in the standard GPS data format of the positioning data, and includes the following processing situations:

The invention further provides a mobile terminal for terminal position information security based on the security method and the operating system, which comprises a memory and a processor, wherein the memory stores the security operating system, and the processor runs the security operating system and the application program stored in the memory and is used for executing the security method.

The method has the advantages that the method for keeping the terminal position information secret is provided, the applicable secret operating system and the secret terminal are further provided, the position information of the terminal can be kept secret flexibly and effectively by adopting a strategic filtering mode of the sensitive area positioning data without changing the hardware circuit configuration of the terminal, and the terminal privacy performance is obviously improved, so that the user safety experience is improved, and the personal privacy and the secrets of related mechanisms are practically protected. The method has important significance and practical value for maintaining information safety order in the mobile internet era.

Drawings

FIG. 1 is a schematic diagram of the method and operating system of the present invention. Viewed from the bottom up, there is a physical device (1), an operating system (2) and a user system (3). The physical device (1) is at a device layer (10) and comprises a positioning device (100). The operating system (2) comprises a core layer (20), a functional layer (21) and a management layer (22); the core layer (20) drives and controls the positioning equipment (100) in the equipment layer (10) through an equipment driver to acquire positioning data (200); the management layer (22) provides a setting operation interface, and a user sets a security policy which comprises a sensitive area (220), a filtering mode (221) and sensitive time (222); the functional layer (21) particularly comprises a filtering module (210) which can be called and executed by the application layer (30); the filtering module (210) takes the positioning data (200), the sensitive area (220), and the sensitive time (222) (which may be empty) as input variables, and the filtering mode (221) as a control constraint, and outputs the position data (211) to be obtained by the invocation of the application. The application layer (30) and the management layer (22) are positioned at the same layer and are crossed, are positioned above the core layer (20), and are operated and used by the user (31). Conceptually, the application layer (30) and the user (31) constitute a user system (3), both distinct and related to the operating system (2).

FIG. 2 is a schematic representation of the process of the present invention. The method roughly comprises four steps: presetting a strategy step (1), wherein a user presets a security strategy which comprises a sensitive area, a filtering mode, a virtual position and sensitive time; an acquisition input step (2) of acquiring positioning data from the positioning equipment, wherein the positioning data, the sensitive area and the sensitive time (available space) are used as input variables; a checking and filtering step (3) which takes a filtering mode as a control constraint and comprehensively checks input variables, if the positioning data fall into a sensitive area within a sensitive time range, the filtering is executed according to the filtering mode, otherwise, the positioning data are kept unchanged to be used as the position data; and an output position step (4) for outputting the filtering result position data.

FIG. 3 is a flow chart of the functional processing of the filtering module in the embodiment of the present invention.

Fig. 4 is an operation interface for location privacy setting in the embodiment of the present invention.

Detailed Description

As the embodiment of the invention, the Android operating system widely used on the mobile phone is utilized to modify and implement the invention. The Android operating system is an operating system launched by Google, and is open in open source and convenient to modify and upgrade. It should be noted that the following examples are not to be construed as a full and enabling scope of the invention, nor are they to be construed as limiting the claims.

The Android operating system adopts a Software Stack (Software Stack) structure and can be divided into three layers: the bottom layer is based on a Linux kernel, the middle layer comprises a function library and a virtual machine, and the upper layer is an application layer, namely various application software. Referring to fig. 1, a core layer (20), a functional layer (21), a management layer (22) and an application layer (30) of the operating system of the present invention are shown. The Android operating system has three main types of built-in location information services, which provide access to mobile data (Cell Tower, or cellular Tower), wireless network (Wi-fi) and Global Positioning System (GPS) positioning technologies, and are provided by corresponding location service APIs to application programs. The present invention is implemented with modifications in two respects as follows.

The following two tables are first defined:

TABLE 1 shape location parameter definition of sensitive area

Setting parameter	Options for	Location parameter	Description of the invention
				A	All are	Is free of	Any area
N	Place name	Name of territory	The name of the known place and region is represented, and the boundary is positioned.
				P	Dot	Fixed point coordinate	A single fixed point coordinate.
Ln	Thread	Set of fixed point coordinates of a line	n is greater than or equal to 2, n fixed point coordinates.
				Yn	Polygon	Fixed point coordinate sequence of polygon vertex	n is greater than or equal to 3, n fixed point coordinates.
Rn	Round (T-shaped)	Fixed point coordinate of circle center	n is the radius of the circle, a center fixed point coordinate.

TABLE 2 symbolic definition of filtering mode

Mode symbol	Options for	Description of the invention
			0	Inhibit output	Not outputting position data
1	Invalid output	Outputting invalid position data
			2	Mapping direction	Outputting dummy bitsSetting data

First, on the management layer, i.e. the application layer, the existing mobile phone setup program is extended and modified, and the user operation interface is provided by programming as shown in fig. 4. Wherein, in the security scheme grouping box, using a scheme name pull-down box, one of a group of security schemes is selected as the current security scheme (the current name is 'scheme 1'), buttons [ increment ] and [ decrement ] are respectively added with a new scheme and deleted the current scheme, and [ confirm ] is stored or selected the current security scheme. Listing the name identifications of all the security policies of the current security scheme by using a policy list box, selecting one of the current security policies (the current name is 'policy 11'), and adding a new security policy and deleting the current security policy by buttons [ increase ] and [ decrease ] respectively; and returning to finish closing. The display of the policy list box is activated by the option of the scheme name drop-down box, which has the effect that selecting a security scheme lists the security policy list it contains. And selecting one privacy policy, linking with the following privacy policy grouping frame, and displaying the corresponding content of the current privacy policy.

In the privacy policy grouping box, a sensitive area drop-down box is used to list the options shown in the definition of the shaped location parameters of the sensitive area in table 1, including: all, place names, points, lines, polygons, circles. Currently, a circle is selected, so that there is a center and a radius (currently, 800 meters is input). For other options, the static text "circle center is changed accordingly: "and" radius: "the text, for example, for place names, correspondingly hides the" center: "and" radius: "changed to" place name: ". The next button [ view ], the sensitive area is displayed on the lower map, and the operation can be directly carried out on the map, the positioning is moved, the adjustment and the modification are carried out, and the [ selected ] is saved. A filtering drop-down box listing the options shown in the symbolic definition of filtering in table 2, comprising: disabled output, invalid output, mapped pointing. Currently the selected mapping points to, so there is a virtual location, but for other options, the static text "virtual location" is to be hidden: "and check box [ default ]. The next button [ view ], displays the virtual position on the map below, can directly operate on the map, move positioning, adjust and modify, can click [ default ] to select the most recently recorded positioning position outside the sensitive area, and [ selected ] is saved. And two pairs of text boxes of the sensitive time are used for inputting the date interval and the time period of the sensitive time of the current privacy policy. If the date interval is empty, the day is represented, if the time interval is empty, the day is all day is represented, and if the time interval is all empty, the time interval is any time.

And the map view window displays a map operation interface, acquires, calibrates, adjusts and moves the area and positions by calling a map positioning function of the operation system. And initially displaying the current positioning position of the terminal, selecting a sensitive area in the current security scheme and the security strategy for a user, and immediately updating and displaying the sensitive area on the map.

Storing the security schemes and the security policies in a plain text format, wherein each security scheme stores one or more security policies, and the security policies are numbered; "separate, like:

< privacy policy 1 >; < privacy policy 2 >; …, respectively; < privacy policy m >

Wherein, each security policy is a compound quintuple, and the form is as follows:

policy names (< shape parameter >, < location parameter >, < filtering transformation >, < virtual location >, < sensitive time >)

Wherein < shape-setting parameters > are as defined in table 1 for 6; < positional parameters > are related to < shape parameters >, and except for the first 2, are sequences of one or more fixed-point coordinates, separated by commas "," spaces between the fixed-point coordinates; < filtering mode > there are 3 kinds as defined in table 2; the < virtual position > is a fixed point coordinate, and if the position is empty, the most recently recorded positioning position outside the sensitive area is taken; the sensitive time is the combination of a date interval and a time interval, the date format adopts a simple short type (YYYYMMDD), the time format adopts a compact type (hhmm), and the minute is accurate and the second is saved; the start date and the expiration date of the date interval are separated by the symbol "-", the start time and the expiration time of the time interval are also separated by the symbol "-", and the date interval and the time interval are separated by the symbol "-", which is in the form of:

< start date > < end date > < start time > < end time >

For example, in fig. 4, the sensitive time is:

20190416～20201231，1730～1030

a fixed point coordinate, referred to as GPS minimum data format (GPRMC), is defined as:

< latitude >, < latitude discrimination >, < longitude discrimination >

Wherein the format of < latitude > is: and dividing the degrees into parts (ddmm. mmmm). The < latitude distinction > flag is: northern hemisphere (N) or southern hemisphere(s). The format of < longitude > is: degree is divided into minutes and minutes (dddmm. mmmm). The < longitude division > flag is: eastern (E) hemisphere or western (W) hemisphere. For example, in fig. 4, assuming that the location of the center of the circle is 38 degrees 42.5678 minutes north latitude and 109 degrees 43.6123 minutes east longitude, the location coordinates of the center of the circle are:

3842.5678，N，10943.6123，E

further, assuming that the location of the virtual position is 38 degrees 42.5632 minutes north latitude and 109 degrees 43.6145 minutes east longitude, the location coordinates of the virtual position are:

3842.5632，N，10943.6145，E

thus, the current privacy policy in fig. 4 is:

strategy 11(R800, 3842.5678, N, 10943.6123, E, 2, 3842.5632, N, 10943.6145, E, 20190416-20201231, 1730-1030)

Secondly, the existing position calling function (internal realization of a position service providing program API) of the middle layer is expanded to cover a filtering module, the original API function interface is kept unchanged, and the original bottom layer realization for acquiring the position data is also unchanged. The functional processing flow of the filtering module is shown in fig. 3: and if the current positioning data is obtained, opening a security scheme to see whether a security strategy is preset or not. If not, the positioning data (the most recently recorded positioning position outside the sensitive area is refreshed, and the virtual position pointed by the default mapping can be used) is saved, and the positioning data is returned as the position data. If the security policy exists, the security policy is analyzed, and whether the current time is within the sensitive time or not is firstly checked. If not, the next privacy policy is searched for and continues. If the data is within the sensitive time, the coordinates of the positioning data are checked to see if they fall within the sensitive area. If not, the next privacy policy is searched for and continues. If the signal is in the sensitive area, corresponding processing is executed in a filtering mode. For forbidden output, assigning position data as null; for invalid output, assigning the position data as invalid data; and giving the position data as virtual positioning data to the mapping direction. And finally, outputting the position data and returning.

The GPS data format, which is reflected in the output statement of the positioning device, has various specifications, such as: GPGGA (GPS fix data output statement), RMC (recommended positioning information), GPRMC (minimum GPS data format recommended for use), and the like. This example uses GPRMC in the following format:

$GPRMC，<1>，<2>，<3>，<4>，<5>，<6>，<7>，<8>，<9>，<10>，<11>，<12>

where <1> is the standard positioning time (UTC time) format: time minute second (hhmms. <2> is the location state, a ═ data available, V ═ data unavailable; <3> is latitude, format: dividing degree into parts, and dividing into parts (ddmm. mmmm); <4> is a latitudinal segment, northern hemisphere (N) or southern hemisphere (S); <5> is longitude, format: degree, minute and minute (dddmm.mmmm); <6> is a longitudinal division, east (E) hemisphere or west (W) hemisphere; <7> is the relative displacement velocity, 0.0 to 1851.8 knots; <8> is the relative displacement direction, 000.0 to 359.9 degrees actual; <9> is date, format: sun, month, year (ddmmyy); <10> is the magnetic pole variable, 000.0 to 180.0; <11> is degree; <12> is Checksum (check bit). The last carriage return linefeed is ignored.

For example, if the positioning data is obtained at the center of the circle:

$GPRMC，182834.567，A，3842.5678，N，10943.6123，E，0.0，000.0，160419，？，？，？

wherein, the relative displacement speed and the relative displacement direction are related to a moving carrier of the positioning equipment, and the relative displacement speed and the relative displacement direction are assumed to be stationary and immovable; magnetic pole variables, etc. are measured values, and the checksum is also associated with previous data, so are all given the question mark "? "replace but ignore.

The specific processing of the filtering method is to set the return data pointer to NULL for the prohibition of output. For invalid outputs, only the positioning status field needs to be replaced by V to indicate that the data is not available, but to prevent the actual positioning data from still being used, the latitude and longitude fields are reset to ensure that the data is over-considered, and the output is cleared. For example, the circle center positioning data is obtained by filtering (invalid outputting):

$GPRMC，182834.567，V，0000.0000，N，00000.0000，E，0.0，000.0，160419，？，？，？

the filtering result data is output as position data.

After the improved Android operating system is compiled and generated, the Android operating system is pre-installed in a mobile phone or upgraded in a later period, and the mobile phone has a position information security function without changing the configuration of a hardware circuit, namely the terminal position information security mobile terminal is implemented.

Claims

1. A method for securing location information of a terminal, which filters location data of a sensitive area to restrict an application program from accessing the location information of the terminal, the method comprising the steps of:

a position output step: and outputting the filtering result position data.

2. The method as claimed in claim 1, wherein the step of presetting the policy further displays an electronic map operation background at a proper time to assist a user in setting the privacy policy.

3. A method according to claim 1 or 2, wherein said pre-set policy step further defines a privacy scheme to centrally store said privacy policy, said privacy scheme and/or privacy policy also being capable of being saved for multiplexing with restrictions on access location information.

4. A method as claimed in claim 3, wherein the security scheme also allows for external injection under trust conditions by authentication.

5. A method according to claim 1 or 3, characterized in that the security policy is defined as a tuple comprising as elements of the tuple at least three or more of the following five items:

a region type representing a geometric type of the sensitive region;

6. The method according to claim 1 or 5, wherein the filtering in the privacy policy is performed by replacing the relevant fields in the canonical GPS data format of the positioning data, and comprises the following processing situations:

7. A terminal position information security operating system comprises a core layer, a functional layer, a management layer and an application layer, wherein sensitive area positioning data is filtered for limiting an application process to access terminal position information, and the operating system comprises the following functions:

8. The operating system of claim 7, wherein the provisioning operation interface further displays an electronic map operation background in time to assist a user in setting the privacy policy.

9. The operating system of claim 7 or 8, wherein the filtering in the privacy policy is performed by replacing the relevant fields in the canonical GPS data format of the positioning data, and comprises the following processing scenarios:

10. A mobile terminal for securing terminal location information, comprising a memory storing an operating system according to any one of claims 7 to 9 and a processor running the operating system and application programs stored in the memory for performing the method according to any one of claims 1 to 6.