CN114139195A - Private data protection method and device, intelligent terminal and storage medium - Google Patents

Private data protection method and device, intelligent terminal and storage medium Download PDF

Info

Publication number
CN114139195A
CN114139195A CN202111374999.2A CN202111374999A CN114139195A CN 114139195 A CN114139195 A CN 114139195A CN 202111374999 A CN202111374999 A CN 202111374999A CN 114139195 A CN114139195 A CN 114139195A
Authority
CN
China
Prior art keywords
private data
transaction
user
time
flow information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111374999.2A
Other languages
Chinese (zh)
Inventor
王璐
姚毅麟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou TCL Mobile Communication Co Ltd
Original Assignee
Huizhou TCL Mobile Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou TCL Mobile Communication Co Ltd filed Critical Huizhou TCL Mobile Communication Co Ltd
Priority to CN202111374999.2A priority Critical patent/CN114139195A/en
Publication of CN114139195A publication Critical patent/CN114139195A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for protecting private data, an intelligent terminal and a storage medium, wherein the method for protecting the private data comprises the following steps: acquiring transaction flow information; obtaining privacy data protection time based on the transaction flow information; and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption. Compared with the prior art, in the scheme of the invention, the transaction flow information corresponding to the user is acquired, the time required for protecting the private data can be acquired according to the transaction flow information, and the private data is protected and controlled in the corresponding time.

Description

Private data protection method and device, intelligent terminal and storage medium
Technical Field
The invention relates to the technical field of privacy protection, in particular to a privacy data protection method and device, an intelligent terminal and a storage medium.
Background
With the development of scientific technology, especially the rapid development of internet technology, communication, shopping and the like through the internet greatly facilitate the work and life of people, but also bring about a plurality of problems. For example, when a user purchases a product on the internet, the user needs to provide real information of the user. However, it may happen that other people steal the personal information of the user by using the network, which causes the leakage of the personal information of the user and even causes greater loss.
Specifically, in the prior art, after the user provides the personal information of the user, the corresponding user information is always stored in the corresponding system and is available for the merchant to directly call at any time. The problem in the prior art is that the user information which can be directly called by a merchant is reserved in the system for a long time, so that the user information is possibly leaked, and other personnel can steal the corresponding user information at any time to influence the safety of the user information.
Thus, there is still a need for improvement and development of the prior art.
Disclosure of Invention
The invention mainly aims to provide a method and a device for protecting private data, an intelligent terminal and a storage medium, and aims to solve the problems that in the prior art, long-time retention of user information which can be directly called by a merchant possibly causes user information leakage, other personnel can steal the corresponding user information at any time, and the safety of the user information is influenced.
In order to achieve the above object, a first aspect of the present invention provides a method for protecting private data, where the method includes:
acquiring transaction flow information;
obtaining privacy data protection time based on the transaction flow information;
and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption.
Optionally, the privacy data includes one or more of a name, a phone number, and an address of the target object.
Optionally, the obtaining transaction flow information includes:
acquiring order information of a target object;
and tracking the transaction process based on the order information to obtain the transaction process information.
Optionally, the tracking the transaction flow based on the order information, and the obtaining the transaction flow information includes:
tracking the state of the order based on preset tracking time and the order information, and updating the transaction flow information, wherein the transaction flow information comprises a transaction state and time corresponding to the transaction state;
when the order is signed and received, adding the transaction completion state and the transaction completion time into the transaction flow information.
Optionally, the obtaining of the privacy data protection time based on the transaction flow information includes:
acquiring transaction completion time in the transaction flow information;
and acquiring privacy protection time based on a preset waiting time threshold and the transaction completion time.
Optionally, in the encryption process, an RSA asymmetric encryption algorithm is used to encrypt the private data.
Optionally, after the protecting and controlling the private data based on the private data protecting time, the method further includes:
acquiring a private data display instruction;
and re-acquiring and displaying the privacy data based on the privacy data display instruction.
A second aspect of the present invention provides a private data protection apparatus, wherein the apparatus includes:
the transaction flow information acquisition module is used for acquiring transaction flow information;
the privacy data protection time acquisition module is used for acquiring privacy data protection time based on the transaction flow information;
and the privacy data protection module is used for protecting and controlling the privacy data based on the privacy data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption.
A third aspect of the present invention provides an intelligent terminal, where the intelligent terminal includes a memory, a processor, and a private data protection program stored in the memory and executable on the processor, and the private data protection program implements any one of the steps of the private data protection method when executed by the processor.
A fourth aspect of the present invention provides a computer-readable storage medium having a private data protection program stored thereon, where the private data protection program, when executed by a processor, implements any one of the steps of the private data protection method.
Therefore, in the scheme of the invention, the transaction flow information is acquired; obtaining privacy data protection time based on the transaction flow information; and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption. Compared with the scheme that after a user provides personal information of the user, the corresponding user information is always stored in a corresponding system and can be directly called by a merchant at any time, the scheme of the invention obtains the transaction process information corresponding to the user, can acquire the time needing to protect the private data according to the transaction process information, and can protect and control the private data in the corresponding time.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic flowchart of a method for protecting private data according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating the step S100 in FIG. 1 according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating the step S102 in FIG. 2 according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a detailed process of step S200 in FIG. 1 according to an embodiment of the present invention;
fig. 5 is a schematic specific flowchart illustrating privacy data protection in a user transaction process according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a private data protection apparatus according to an embodiment of the present invention;
fig. 7 is a schematic block diagram of an internal structure of an intelligent terminal according to an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the specification of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when …" or "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted depending on the context to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings of the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways than those specifically described and will be readily apparent to those of ordinary skill in the art without departing from the spirit of the present invention, and therefore the present invention is not limited to the specific embodiments disclosed below.
With the development of scientific technology, especially the rapid development of internet technology, communication, shopping and the like through the internet greatly facilitate the work and life of people, but also bring about a plurality of problems. For example, when a user purchases a product on the internet, the user needs to provide real information of the user. Specifically, a merchant receives a purchase order of a user commodity through the internet, and mails the commodity according to a receiving address provided by the user, so that a complete online shopping transaction process is completed. For example, the internet fresh food and the internet medicine delivery can be purchased on the internet, the address information is left, the desired fruits and vegetables and medicines can be received within 1 hour, and the comprehensive service can be enjoyed under the condition that the user can not go out of home. The service sold on the internet is undoubtedly convenient and fast, but other personnel may steal the personal information of the user by using the network, so that the personal information of the user is leaked, and even more loss is caused.
Specifically, in the prior art, after the user provides the personal information of the user, the corresponding user information is always stored in the corresponding system and is available for the merchant to directly call at any time. On one hand, the situation that the merchant or the network platform frequently utilizes the user information to recommend services and consumer products to the user and disturb the normal work and life of the user may occur. The application of big data promotes the development of various industries in society, can provide a careful personalized service for users, provides a convenient sales platform for merchants, effectively saves social cost, and improves the satisfaction of users and merchants. However, in this process, the private data of the user should be protected under the condition that the user does not want to be disturbed, so as to avoid the user being disturbed.
The problem in the prior art is that the user information which can be directly called by the merchant is reserved in the system for a long time, so that the user information is possibly leaked, other personnel can steal the corresponding user information at any time, the safety of the user information is affected, and even greater loss is caused. For example, a lawbreaker steals the user information and then carries out fraud, etc., which even causes property loss of the user. Therefore, it is desirable to provide a method for protecting private data of a user.
In order to solve the problems in the prior art, in the scheme of the invention, transaction flow information is acquired; obtaining privacy data protection time based on the transaction flow information; and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption. Compared with the scheme that after a user provides personal information of the user, the corresponding user information is always stored in a corresponding system and can be directly called by a merchant at any time, the scheme of the invention obtains the transaction process information corresponding to the user, can acquire the time needing to protect the private data according to the transaction process information, and can protect and control the private data in the corresponding time.
Exemplary method
As shown in fig. 1, an embodiment of the present invention provides a method for protecting private data, and specifically, the method includes the following steps:
step S100, transaction flow information is obtained.
The transaction flow information is information corresponding to a transaction process of an order of a user needing privacy data protection, and specifically, the transaction flow information can reflect a current order state and related information of the user. For example, the transaction flow information may record order placing time, delivery status, logistics status, receipt status, and return time of the order, and time corresponding to each status, such as delivery time, receipt time, arrival time of the goods at the transfer station, and the like. According to the transaction flow information, whether the user currently has an ongoing order or not can be known, the state of the order is known, and the transaction condition of the user is monitored in real time.
Step S200, obtaining privacy data protection time based on the transaction flow information.
The private data protection time is a time required to protect the private data. Specifically, in the process of transaction, that is, when the user has an incomplete order, the private data of the user needs to be displayed to the merchant, so that the merchant can deliver goods to the user or contact the user, and the user can be guaranteed to receive the goods smoothly. After the order is completed, when the merchant does not need to acquire the corresponding user information again, the user information can be recorded as the privacy data protection time at the moment, and the privacy data of the user can be protected. In this embodiment, the time after the transaction is completed may be used as the privacy data protection time, so as to protect the privacy data.
Step S300, performing protection control on the private data based on the private data protection time, where the protection control includes at least one of destruction, hiding, and encryption.
The step of destroying the private data refers to deleting the corresponding private data, so that all the personnel cannot obtain the corresponding private data. Hiding the private data refers to hiding the private data of the user, and at the moment, only the user can see the corresponding private data, so that merchants and other personnel cannot obtain the private data; in an application scenario, a user can also actively share the private data to other people, for example, a receiving address is shared to relatives and friends, so that the user can use the system conveniently. The encryption of the private data refers to that the private data of the user is encrypted and displayed through an encryption algorithm, for example, an asterisk is used for replacing the private data or virtual data is used for replacing the private data, and a merchant or other personnel cannot obtain corresponding real information in the private data, so that the effect of protecting the private data of the user is achieved.
It should be noted that, in the actual use process, the privacy data may be protected and controlled by combining a plurality of the three manners, or by combining other protection methods, for example, the privacy data is encrypted and then hidden, so that the effect of multiple protection is achieved, and the security is further improved.
As can be seen from the above, in the privacy data protection method provided by the embodiment of the present invention, transaction flow information is acquired; obtaining privacy data protection time based on the transaction flow information; and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption. Compared with the scheme that after a user provides personal information of the user, the corresponding user information is always stored in a corresponding system and can be directly called by a merchant at any time, the scheme of the invention obtains the transaction process information corresponding to the user, can acquire the time needing to protect the private data according to the transaction process information, and can protect and control the private data in the corresponding time.
Specifically, in this embodiment, the privacy data includes one or more of a name, a phone number, and an address of the target object. The target object is an object (i.e., a user, which may be an individual or a company, etc.) that needs to be protected by private data, and the private data is information that the target object wants to protect. When a user purchases a commodity on an internet platform or an app, personal information needs to be filled in a shopping commodity network platform, such as a name, a contact way, a telephone number and the like of the user. The privacy data includes information related to privacy corresponding to the target object, and needs to be protected. At present, in the using process, the user information is completely public and transparent for merchants, the merchants can acquire the corresponding user information at any time, and if the account of the merchant is stolen, the user information can be stolen at any time, so that the user information needs to be further protected. In the embodiment, timeliness is set for the private data of the user, and in the private data protection time, the merchant cannot directly obtain the private data of the user, so that a better protection effect is achieved, the leakage probability of personal information of the user at the internet client can be effectively reduced, and the situation that the user data stored in the client server is stolen can be greatly prevented.
In an embodiment, the private data may further include other data that the user wants to protect, such as the user's age, height, content of the order, price corresponding to the order, and the like, and the user may set and adjust the data according to actual needs, which is not limited herein.
Specifically, in this embodiment, as shown in fig. 2, the step S100 includes the following steps:
step S101, obtaining order information of the target object.
And step S102, tracking the transaction process based on the order information, and acquiring the transaction process information.
The order information can include an order number, tracking of the order can be achieved according to the order number, tracking of a transaction process is achieved, and it is determined whether the transaction is in a certain state and is completed or not, so that privacy data protection can be timely performed after the transaction is completed.
At present, most data leakage safety accidents are caused by the fact that data information stored in past transaction records of a user of a client or a server cannot be properly stored, and after the user submits personal privacy data to a network service platform, the initiative right for maintaining the data is unilaterally possessed by the network platform. But this approach does not guarantee well the user's rights to personal information processing. In this embodiment, after the platform transaction is determined to be finished, encryption control may be automatically performed on the user privacy data by using a data remote control technology.
Specifically, in this embodiment, as shown in fig. 3, the step S102 includes the following steps:
step S1021, tracking the status of the order based on the preset tracking time and the order information, and updating the transaction flow information, wherein the transaction flow information includes the transaction status and the time corresponding to the transaction status.
In step S1022, when the order is signed up, the transaction completion status and the transaction completion time are added to the transaction flow information.
The preset tracking time is time preset by a user and used for tracking and updating the order state (namely the order progress condition), and can be adjusted according to actual requirements. For example, the user may set the tracking time as one day, and then obtain the current state of each order every other day according to the order number, determine whether the transaction corresponding to the order is completed or in progress, and update the corresponding transaction flow information (i.e., add the latest data corresponding to the transaction state on the basis of the existing transaction flow information). In this embodiment, after the order is signed and received, the transaction completion status and the transaction completion time are added to the transaction flow information to determine that the transaction is completed, so that privacy data protection can be performed.
It should be noted that, in an application scenario, the user may regard the transaction as completed after signing off, regardless of the situation of subsequent return of the goods, and may no longer track the transaction status of the order after recording the corresponding transaction completion time. In another application scenario, considering that the user may need to perform the return of goods, the user waits for a reserved time for the return of goods (which can be set and adjusted according to the practice) after the order is signed and received, so as to ensure that the user considers that the transaction is completed without the need of the return of goods, and records the corresponding transaction completion time.
Further, if the situation of after-sales service such as goods return is tracked to the order, the transaction is considered to be completed after the after-sales service flow such as goods return is completed, and the corresponding transaction completion time is recorded.
Specifically, in this embodiment, as shown in fig. 4, the step S200 includes the following steps:
step S201, obtaining the transaction completion time in the transaction flow information.
Step S202, obtaining privacy protection time based on a preset waiting time threshold and the transaction completion time.
The waiting time threshold is a value corresponding to the waiting time preset by the user, and the user can preset the waiting time threshold to reserve a certain time for the merchant to contact the user and the like, so that the transaction is ensured to be completed smoothly. The waiting time threshold may be set and adjusted according to actual requirements, and of course, the user may set the waiting time threshold to be 0, which is not limited herein. In this embodiment, the corresponding privacy protection time is obtained by adding the user transaction completion time to the corresponding waiting time threshold, all the time after the privacy protection time is regarded as the privacy protection time, and the privacy data of the user is automatically protected and controlled from the privacy protection time.
Specifically, in this embodiment, an RSA asymmetric encryption algorithm is used to encrypt the private data during the encryption process. The algorithm can accomplish decryption without directly passing the key. This ensures the security of the information and avoids the risk of being cracked due to the direct transfer of the key. The security of the private data is further improved. It should be noted that the user may also select other encryption algorithms, which is not limited in this embodiment.
Further, in this embodiment, after the step S300, the method further includes: acquiring a private data display instruction; and re-acquiring and displaying the privacy data based on the privacy data display instruction.
Specifically, in order to facilitate the use of the user, the user can adjust the state of the private data protection at any time. In particular, the user may adjust settings to display the private data. The private data display instruction is an instruction sent by a user for controlling the display of the private data, and after the private data display instruction is obtained, the private data is obtained again based on the private data display instruction and displayed.
It should be noted that, when the control mode of the privacy data is destruction, the user needs to input the corresponding privacy data again to display the data; when the control mode of the privacy data is hidden, the corresponding privacy data is displayed again; and when the control mode of the private data is encryption, the encrypted data is decrypted again and displayed.
Further, the user may also autonomously select whether to perform the above-mentioned privacy data protection control, for example, a privacy protection option is provided for the user, the user may set a privacy option in a corresponding privacy protection system, perform protection control on the privacy data based on the above-mentioned privacy data protection method when the privacy protection option is set to "automatically hide personal data after completing a transaction", and hide the corresponding privacy data after completing the transaction. If the privacy protection option is set to 'automatically destroy personal data after transaction is completed', corresponding privacy data is destroyed after transaction is completed. If the privacy protection option is set to 'no protection', the privacy data is not protected and controlled after the transaction is completed.
In an application scenario, assuming that a user a purchases a product using an e-commerce platform, the user a completes commodity selection and decides to purchase the product, and at this time, the user a needs to fill in personal addressee information (i.e. privacy data, including personal name, mobile phone number, home address, etc.) into an order, and at this time, the user a may set a privacy protection option in the system as "automatically hide personal data after completing a transaction". After receiving the order, the merchant B finishes the commodity mailing according to the receiving information provided by the user A, and after receiving the product, the user A does not return the commodity. At this point, the transaction may be deemed to be initially completed based on the transaction flow information. The system can know that the user finishes receiving goods according to the transaction flow information, and can trigger the remote instruction within a preset time threshold if no after-sale request is generated within the set waiting time. The system platform receives a remote data hiding or encrypting instruction triggered by the user A, and the system completes instruction analysis and control over the personal information of the account of the user A so as to realize hiding encryption (or destruction) of the user data on the platform.
In another application scenario, besides a normal transaction flow, there may also be some special case handling, for example, when a user a needs to open an after-sale channel due to a quality problem after completing a transaction, in an after-sale process, a merchant B needs to obtain privacy data (i.e., personal information) of the user a again to mail a corresponding item or contact the user a again. If the privacy data of the user A is hidden at the moment, the user A can initiate a data information unlocking instruction at the terminal, restart the data display permission and provide the data display permission to the merchant B for subsequent after-sale service, and destroy or hide the personal data information of the user A according to the similar processing method in the transaction flow after the after-sale service application is initiated again. When the user A finishes the after-sales process and finishes the after-sales period, the encrypted personal information can be temporarily hidden, and when the after-sales service period is finished, the personal information can be controlled by the user whether to continue to hide the encryption or completely destroy the data.
Fig. 5 is a schematic diagram of a specific flow of protecting private data during a user transaction process according to an embodiment of the present invention, and as shown in fig. 5, in this embodiment, a native timer may be used at an app end to develop a timing function, and add personal data, which is set by a user on an order page and is hidden and encrypted or cleared at a timing, to the timer. When the order is completed and the time reaches the aging time set by the user, the app end sends a request for hiding or clearing personal data to the server, and the server calls a corresponding interface to hide or clear the personal data when receiving the request; hiding means that personal data (such as a mobile phone, a mailbox, an address, an account number and the like) of a user is encrypted and displayed, such as an asterisk is used for replacing or a virtual data is used for replacing, removing means that detailed data are not displayed to a merchant, and the merchant can only see a report form after desensitization aggregation on the part of data. If the user globally sets the effective time of the user data controlled by the server in the app end, the order which is not set by the user at the client side in a time effectiveness mode is processed by the server in a unified mode. The server sets a timer to scan orders periodically (for example, scanning may be set once a day or every 12 hours), and hides or deletes personal data of orders that have been completed and have expired in terms of timeliness (hiding or deleting is set by the user himself). The priority processed by the server in a unified way is less than the priority of the timeliness set by the user, and when the user sets the timeliness controlled by the server in a unified way and sets the timeliness of the order data by the user, the user sets the timeliness to be effective preferentially. Preferably, for some users who want to show own personal data, the data can be automatically shown to the merchant, and when the users do not want to show the personal data any more, the personal data can be manually hidden or cleared. In one embodiment, even if the personal data of the user is hidden or cleared, when the situation that after-sales service is needed occurs, the user can still set the hidden or cleared data to be displayed to the merchant at the client, the client sends a request to the server, the server displays the corresponding data to the merchant after receiving the request (the user can input the cleared data again), and at this time, the merchant can normally perform after-sales service.
Preferably, the encryption algorithm used for the personal data of the user in this embodiment is an RSA asymmetric encryption algorithm. The algorithm can accomplish decryption without directly passing the key. This ensures the security of the information and avoids the risk of being cracked due to the direct transfer of the key. Specifically, the user a, the server B, and the merchant C each generate their own public-private key pair. When the A sends personal data to the B, the public key of the B is firstly used for encrypting the data, then the private key of the A is used for signing the encrypted data, the B checks the signature through the public key of the A after receiving the data, the encrypted data is stored after the signature is checked, and if the data needs to be known, the data can be decrypted through the private key of the B; and B, when displaying the personal data of the user to a merchant C, firstly decrypting the data through the private key of B, then encrypting the data through the public key of C, and then signing the encrypted message by using the private key of B. After receiving the message, the merchant C checks the signature through the public key of the merchant B, and decrypts the data through the private key of the merchant C after the signature passes, so that the data can be displayed.
In this embodiment, a specific code in the encryption process is designed based on the RSA asymmetric encryption algorithm, also for the actual requirements. Part of codes of the key pair are acquired as follows:
Figure BDA0003363615210000131
part of the code for obtaining the private key is as follows:
Figure BDA0003363615210000132
part of the code for obtaining the public key is as follows:
Figure BDA0003363615210000133
part of the code for RSA public key encryption is as follows:
Figure BDA0003363615210000141
part of the code decrypted by the RSA private key is as follows:
Figure BDA0003363615210000142
part of the code of the signature is as follows:
Figure BDA0003363615210000143
Figure BDA0003363615210000151
part of the code of the signature is as follows:
Figure BDA0003363615210000152
it should be noted that, in this embodiment, only the method for protecting the private data in a part of application scenarios is described, but the method for protecting the private data may also be applied to other application scenarios, and may also be applied to a communication device terminal, a PC, an intelligent wearable device, or other devices, and the method for protecting the private data in the corresponding other application scenarios may refer to the method for protecting the private data in the application scenarios.
Exemplary device
As shown in fig. 6, corresponding to the above-mentioned private data protection method, an embodiment of the present invention further provides a private data protection apparatus, where the private data protection apparatus includes:
the transaction flow information obtaining module 410 is configured to obtain transaction flow information.
The transaction flow information is information corresponding to a transaction process of an order of a user needing privacy data protection, and specifically, the transaction flow information can reflect a current order state and related information of the user. For example, the transaction flow information may record order placing time, delivery status, logistics status, receipt status, and return time of the order, and time corresponding to each status, such as delivery time, receipt time, arrival time of the goods at the transfer station, and the like. According to the transaction flow information, whether the user currently has an ongoing order or not can be known, the state of the order is known, and the transaction condition of the user is monitored in real time.
The privacy data protection time obtaining module 420 is configured to obtain the privacy data protection time based on the transaction flow information.
The private data protection time is a time required to protect the private data. Specifically, in the process of transaction, that is, when the user has an incomplete order, the private data of the user needs to be displayed to the merchant, so that the merchant can deliver goods to the user or contact the user, and the user can be guaranteed to receive the goods smoothly. After the order is completed, when the merchant does not need to acquire the corresponding user information again, the user information can be recorded as the privacy data protection time at the moment, and the privacy data of the user can be protected. In this embodiment, the time after the transaction is completed may be used as the privacy data protection time, so as to protect the privacy data.
The private data protection module 430 is configured to perform protection control on the private data based on the private data protection time, where the protection control includes at least one of destruction, hiding, and encryption.
The step of destroying the private data refers to deleting the corresponding private data, so that all the personnel cannot obtain the corresponding private data. Hiding the private data refers to hiding the private data of the user, and at the moment, only the user can see the corresponding private data, so that merchants and other personnel cannot obtain the private data; in an application scenario, a user can also actively share the private data to other people, for example, a receiving address is shared to relatives and friends, so that the user can use the system conveniently. The encryption of the private data refers to that the private data of the user is encrypted and displayed through an encryption algorithm, for example, an asterisk is used for replacing the private data or virtual data is used for replacing the private data, and a merchant or other personnel cannot obtain corresponding real information in the private data, so that the effect of protecting the private data of the user is achieved.
It should be noted that, in the actual use process, the privacy data may be protected and controlled by combining a plurality of the three manners, or by combining other protection methods, for example, the privacy data is encrypted and then hidden, so that the effect of multiple protection is achieved, and the security is further improved.
As can be seen from the above, in the private data protection apparatus provided in the embodiment of the present invention, the transaction flow information is obtained by the transaction flow information obtaining module 410; obtaining privacy data protection time based on the transaction flow information through the privacy data protection time obtaining module 420; and protecting and controlling the private data through the private data protection module 430 based on the private data protection time, wherein the protection and control includes at least one of destruction, hiding and encryption. Compared with the scheme that after a user provides personal information of the user, the corresponding user information is always stored in a corresponding system and can be directly called by a merchant at any time, the scheme of the invention obtains the transaction process information corresponding to the user, can acquire the time needing to protect the private data according to the transaction process information, and can protect and control the private data in the corresponding time.
Specifically, in this embodiment, the specific functions of the privacy data protection apparatus and the modules thereof may refer to the corresponding descriptions in the privacy data protection method, and are not described herein again.
Based on the above embodiment, the present invention further provides an intelligent terminal, and a schematic block diagram thereof may be as shown in fig. 7. The intelligent terminal comprises a processor, a memory, a network interface and a display screen which are connected through a system bus. Wherein, the processor of the intelligent terminal is used for providing calculation and control capability. The memory of the intelligent terminal comprises a nonvolatile storage medium and an internal memory. The nonvolatile storage medium stores an operating system and a privacy data protection program. The internal memory provides an environment for the operating system and the private data protection program in the nonvolatile storage medium to run. The network interface of the intelligent terminal is used for being connected and communicated with an external terminal through a network. The private data protection program, when executed by a processor, implements the steps of any of the above-described private data protection methods. The display screen of the intelligent terminal can be a liquid crystal display screen or an electronic ink display screen.
It will be understood by those skilled in the art that the block diagram of fig. 7 is only a block diagram of a part of the structure related to the solution of the present invention, and does not constitute a limitation to the intelligent terminal to which the solution of the present invention is applied, and a specific intelligent terminal may include more or less components than those shown in the figure, or combine some components, or have different arrangements of components.
In one embodiment, an intelligent terminal is provided, where the intelligent terminal includes a memory, a processor, and a private data protection program stored in the memory and executable on the processor, and the private data protection program, when executed by the processor, performs the following operations:
acquiring transaction flow information;
obtaining privacy data protection time based on the transaction flow information;
and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption.
The embodiment of the present invention further provides a computer-readable storage medium, where a privacy data protection program is stored on the computer-readable storage medium, and when the privacy data protection program is executed by a processor, the steps of any privacy data protection method provided in the embodiment of the present invention are implemented.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned functions may be distributed as different functional units and modules according to needs, that is, the internal structure of the apparatus may be divided into different functional units or modules to implement all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art would appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other ways. For example, the above-described embodiments of the apparatus/terminal device are merely illustrative, and for example, the division of the above modules or units is only one logical division, and the actual implementation may be implemented by another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed.
The integrated modules/units described above, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium and can implement the steps of the embodiments of the method when the computer program is executed by a processor. The computer program includes computer program code, and the computer program code may be in a source code form, an object code form, an executable file or some intermediate form. The computer readable medium may include: any entity or device capable of carrying the above-mentioned computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signal, telecommunication signal, software distribution medium, etc. It should be noted that the contents contained in the computer-readable storage medium can be increased or decreased as required by legislation and patent practice in the jurisdiction.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art; the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein.

Claims (10)

1. A method for protecting private data, the method comprising:
acquiring transaction flow information;
obtaining privacy data protection time based on the transaction flow information;
and performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption.
2. The method of claim 1, wherein the private data includes one or more of a name, a phone number, and an address of a target object.
3. The method for protecting private data according to claim 1, wherein the obtaining transaction flow information includes:
acquiring order information of a target object;
and tracking the transaction process based on the order information to obtain the transaction process information.
4. The method for protecting private data according to claim 3, wherein the tracking transaction flow based on the order information, and the obtaining transaction flow information includes:
tracking the state of the order based on preset tracking time and the order information, and updating the transaction flow information, wherein the transaction flow information comprises a transaction state and time corresponding to the transaction state;
and when the order is signed and received, adding a transaction completion state and transaction completion time to the transaction flow information.
5. The method for protecting private data according to claim 1, wherein the obtaining of the private data protection time based on the transaction flow information includes:
acquiring transaction completion time in the transaction flow information;
and acquiring privacy protection time based on a preset waiting time threshold and the transaction completion time.
6. The method according to claim 1, wherein the encryption process uses RSA asymmetric encryption algorithm to encrypt the private data.
7. The method according to claim 1, wherein after said protection control of the private data based on said private data protection time, said method further comprises:
acquiring a private data display instruction;
and re-acquiring and displaying the private data based on the private data display instruction.
8. An apparatus for protecting private data, the apparatus comprising:
the transaction flow information acquisition module is used for acquiring transaction flow information;
the privacy data protection time acquisition module is used for acquiring privacy data protection time based on the transaction flow information;
and the private data protection module is used for performing protection control on the private data based on the private data protection time, wherein the protection control comprises at least one of destruction, hiding and encryption.
9. An intelligent terminal, characterized in that the intelligent terminal comprises a memory, a processor and a private data protection program stored on the memory and executable on the processor, the private data protection program when executed by the processor implementing the steps of the private data protection method according to any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a private data protection program, which when executed by a processor, carries out the steps of the private data protection method according to any one of claims 1 to 7.
CN202111374999.2A 2021-11-19 2021-11-19 Private data protection method and device, intelligent terminal and storage medium Pending CN114139195A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111374999.2A CN114139195A (en) 2021-11-19 2021-11-19 Private data protection method and device, intelligent terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111374999.2A CN114139195A (en) 2021-11-19 2021-11-19 Private data protection method and device, intelligent terminal and storage medium

Publications (1)

Publication Number Publication Date
CN114139195A true CN114139195A (en) 2022-03-04

Family

ID=80390221

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111374999.2A Pending CN114139195A (en) 2021-11-19 2021-11-19 Private data protection method and device, intelligent terminal and storage medium

Country Status (1)

Country Link
CN (1) CN114139195A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115904739A (en) * 2023-02-21 2023-04-04 四川边缘算力科技有限公司 Edge calculation method and edge calculation system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115904739A (en) * 2023-02-21 2023-04-04 四川边缘算力科技有限公司 Edge calculation method and edge calculation system
CN115904739B (en) * 2023-02-21 2023-05-16 四川边缘算力科技有限公司 Edge computing method and edge computing system

Similar Documents

Publication Publication Date Title
JP6856831B2 (en) How and devices to distribute augmented reality-based virtual objects
KR101895243B1 (en) Integration of payment capability into secure elements of computers
CN109074561B (en) System and method for reducing fraud risk for a primary transaction account
AU2011313826B2 (en) System and method of conducting transactions
US20050278544A1 (en) Removable data storage medium and associated marketing interface
CN105765598B (en) Privacy enforcement via localized personalization
EP3588397A1 (en) Apparatus and methods for retrieving lost property
CN114862393B (en) Secure transaction pairing method and system under delivery service platform
KR102144509B1 (en) Proximity communication method and apparatus
Sipior et al. Privacy concerns associated with smartphone use
CN108432179A (en) For the system and method that prevention data is lost while protecting privacy
US20160301664A1 (en) Method and server for securing communication number
US11601551B2 (en) Methods and systems for providing rich interactive communication services on an electronic device
Aseri Security issues for online shoppers
US11120160B2 (en) Distributed personal data storage and encrypted personal data service based on secure computation
CN114139195A (en) Private data protection method and device, intelligent terminal and storage medium
WO2016168206A1 (en) Method and server for securing communication number
US11741502B2 (en) System and methods for symbiotic display of ads on mobile devices
Ivan et al. Security of m-commerce transactions
CN110266686B (en) Data sharing method, device, equipment and computer readable storage medium
CN111400740B (en) Online shopping method with client information confidentiality
US20220414259A1 (en) Systems and Methods for Electronic Data Privacy, Consent, and Control in Electronic Transactions
van Gogh et al. Personalization in Digital Marketing: Implementation Strategies and the Corresponding Ethical Issues
US11972427B2 (en) System for deterring unauthorized access to an account associated with an online ordering platform
Daniel et al. Awareness in e-Banking Security and usage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination