WO2008151530A1 - Procédé et appareil pour traiter la classe de données dans un système de messagerie instantanée - Google Patents

Procédé et appareil pour traiter la classe de données dans un système de messagerie instantanée Download PDF

Info

Publication number
WO2008151530A1
WO2008151530A1 PCT/CN2008/070915 CN2008070915W WO2008151530A1 WO 2008151530 A1 WO2008151530 A1 WO 2008151530A1 CN 2008070915 W CN2008070915 W CN 2008070915W WO 2008151530 A1 WO2008151530 A1 WO 2008151530A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
service
confidential
instant messaging
messaging system
Prior art date
Application number
PCT/CN2008/070915
Other languages
English (en)
French (fr)
Inventor
Ran Wei
Jie Yang
Original Assignee
Tencent Technology (Shenzhen) Company Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology (Shenzhen) Company Limited filed Critical Tencent Technology (Shenzhen) Company Limited
Publication of WO2008151530A1 publication Critical patent/WO2008151530A1/zh
Priority to US12/637,253 priority Critical patent/US8484748B2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to the field of instant messaging, and more particularly to a method and apparatus for data classification processing in an instant messaging system. Background of the invention
  • the instant messaging system is one of the commonly used communication tools on the network, and its functions are more and more perfect.
  • the first authentication is required. After passing the first authentication, the user can use the instant messaging service in the instant messaging system. With the instant messaging system, you can switch to other services at any time, such as email, personal web pages, network hard drives, and more.
  • the link panel of the related service is set on the display panel of the instant communication, and the page of the related service can be switched by clicking.
  • users need to be authenticated a second time at startup.
  • An embodiment of the present invention provides a method for data classification processing of an instant messaging system, the method comprising: dividing data of each service of the instant messaging system into confidential data and non-confidential data; after the first authentication is passed, retrieving the Non-confidential data in each service is processed; in the second authentication pass After that, the confidential data in the various services are retrieved for processing.
  • An embodiment of the present invention provides an apparatus for data classification processing of an instant messaging system, the apparatus comprising: a data dividing unit, wherein data for dividing each service of the instant messaging system is confidential data and non-confidential data; and the non-secure data capturing unit , for retrieving non-confidential data in the service when the service is activated after the first authentication is passed; a secondary authentication unit, configured to implement the second authentication of the instant messaging system, and in the second authentication After the success, the confirmation information of the second authentication success is sent; the secret data retrieval unit is configured to retrieve the confidential data of the service after receiving the confirmation information of the second authentication success sent by the secondary authentication unit .
  • the data of each service provided by the instant messaging system is divided into confidential data and non-confidential data; after the first authentication is passed, the method is called The non-confidential data in the service is processed; after the second authentication is passed, the confidential data in the service is retrieved for processing.
  • the user after the user activates a certain service in the instant messaging system, the user can perform operations related to the non-confidential data in the service, which is convenient for the user to use; when the user wants to operate the confidential data, the user needs to perform the first Secondary certification to ensure the security of data in this service that is required for confidentiality.
  • FIG. 1 is a flow chart of a method for classifying a service in a known instant messaging system
  • FIG. 2 is a flow chart showing a method for classifying data in an instant messaging system according to a first embodiment of the present invention
  • FIG. 3 is a flowchart of a method for data classification processing of an instant messaging system according to a second embodiment of the present invention
  • FIG. 4 is a flowchart of data classification processing for an instant messaging system according to a third embodiment of the present invention
  • 6 is a schematic diagram of an instant messaging system that implements data classification processing in a fifth embodiment of the present invention
  • Figure 7 is a schematic diagram of an instant messaging system implementing data classification processing in a sixth embodiment of the present invention.
  • FIG. 8 is a schematic diagram of an instant messaging system that implements data classification processing in a seventh embodiment of the present invention.
  • Fig. 9 is a schematic diagram of an instant communication system in which data classification processing is realized in the eighth embodiment of the present invention. Mode for carrying out the invention
  • FIG. 1 it is a flowchart of a method for classifying a service in an instant messaging system in the prior art.
  • the method for classifying the service by the instant messaging system specifically includes the following steps.
  • Step S101 After the instant messaging system is normally started by the first authentication, the instant messaging system normally provides an instant communication service, and displays the identifier of the non-instant communication service in the display panel of the instant communication system, and the user can click and respond according to the service requirement.
  • Service identifier The non-instant messaging services include: email, personal webpage, network hard disk service, and the like.
  • the service identifier After the service identifier is activated, it is linked to the page of the service.
  • the user's email page is linked.
  • Step S102 Input an independent password for secondary authentication.
  • the instant messaging system pops up a dialog box that asks the user to enter an independent password that is different from the instant messaging password to perform secondary authentication on the user's identity.
  • Step S103 After the authentication is passed, all the data of the corresponding service is retrieved for processing, and the corresponding service is provided for the user.
  • the instant messaging system verifies the independent password input by the user. If it is the same as the preset independent password, the data is processed by the corresponding service by the authentication, and the corresponding service is provided for the user; if different, the error information is returned.
  • the instant messaging system processes the data in the instant messaging system after passing the secondary authentication according to the type of service provided by the instant messaging system. Therefore, in the prior art, secondary authentication of any data in a non-instant messaging service, although helping to enhance the security of related services in the instant messaging system, requires the user to memorize the independent password corresponding to each service. It is not conducive to users to use non-instant messaging services in instant messaging systems.
  • the embodiment of the present invention does not process data according to the type of service, but processes data of all services provided by the instant messaging system according to whether confidentiality is required. For all the services that do not need to be kept secret, the data is provided to the user after the first authentication is passed; only when the user needs to access the confidential data in various services, the secondary authentication is performed, thereby facilitating the user.
  • the use of various services in the instant messaging system also ensures the security of the instant messaging system.
  • FIG. 2 a flow chart of a method for classifying data in an instant messaging system according to a first embodiment of the present invention is shown.
  • the method for classifying data in this embodiment specifically includes the following steps.
  • Step S201 The data dividing the services provided by the instant messaging system is confidential data and non-confidential data.
  • the divided data will be accompanied by a confidentiality identifier to indicate whether the data can be displayed after the first authentication for the user to process.
  • the services provided by the instant messaging system include: an instant messaging service provided by the instant messaging system itself, and a plurality of non-instant messaging services connected and provided by the instant messaging system.
  • the non-instant messaging service includes: an email, a network hard disk, a personal web page, and the like.
  • the step of dividing the data of each service provided by the instant messaging system is specifically: dividing the data of the instant messaging service and the non-instant messaging service provided by the instant messaging system into secret data and non-confidential data.
  • the email service involves new mail data, received mail data, draft data, and other related numbers.
  • network hard disk services include TV drama data, movie data, song data, etc.
  • personal web pages include log data, photo data, and so on.
  • the data of each service provided by the instant messaging system is divided into confidential data and non-confidential data, and is marked with a confidential identifier.
  • Step S202 After the first authentication is passed by the instant messaging system, the non-confidential data in each service provided by the instant messaging system is invoked for processing.
  • the display panel of the instant messaging system is provided with an identifier of each service, and the user can invoke the service by clicking the identifier of a service.
  • the instant messaging system determines the data of the service according to whether the data in the service is confidential. If it is determined to be non-confidential data, the data is retrieved for processing; if it is determined to be confidential data, the data is not retrieved for processing. .
  • Step S203 When the user needs to access the confidential data, the instant messaging system performs secondary authentication, and after passing the secondary authentication, retrieves the confidential data in the service for processing.
  • the independent password corresponding to the service is obtained, and compared with the preset independent password, if consistent, the secondary authentication is passed, and the confidential data in the service is retrieved; if not, the return is returned.
  • a password error message When the related operations need to be performed on the confidential data, the independent password corresponding to the service is obtained, and compared with the preset independent password, if consistent, the secondary authentication is passed, and the confidential data in the service is retrieved; if not, the return is returned.
  • a password error message is generated.
  • the non-confidential data of each service in the instant messaging system is displayed for the user to process after the first authentication is passed. Only when the user needs to operate the confidential data in each service, the secondary authentication is required, and the confidential data is displayed and processed by the user after the secondary authentication. This not only satisfies the security requirements of the instant messaging system, but also facilitates the convenient and quick use of various services in the instant messaging system by the user.
  • the second embodiment of the present invention is an example of an e-mail system linked by an instant messaging system, and illustrates a process of processing data when an instant messaging system provides an e-mail service.
  • the newly received, unvisited mail data in the email service generally requires the user to process in time, and the amount of data is small, and there is no confidentiality.
  • the data stored in the inbox of the e-mail system, the draft box, and the data that has been accessed are historical data saved by the user, and the information is recorded, and generally has confidentiality. Therefore, for the e-mail system, confidential data and non-confidential data can be classified according to whether or not the data is accessed.
  • FIG. 3 it is a flowchart of a method for data classification processing of an instant messaging system according to a second embodiment of the present invention.
  • the method for data classification processing of the instant messaging system in this embodiment specifically includes the following steps.
  • Step S301 Determine whether the data in the email system linked by the instant messaging system has been accessed.
  • the data in the email system linked by the instant messaging system includes: Inbox data, outbox data, draft data, and other related data.
  • the inbox receives a new message, such as whether the received mail data has been accessed, and whether the data corresponds to the access flag.
  • the instant messaging system determines whether the mail data has been accessed based on whether or not the access flag is accessed.
  • Step S302 If the mail data is not accessed, the mail data is divided into non-secure data, and the confidentiality identifier of the mail data is reset; otherwise, the mail data is divided into confidential data, and the mail data is confidentially identified. Position.
  • the newly received mail data is not accessed, the access flag is not set corresponding to the mail data, and the mail data is divided into non-secure data, and the confidentiality identifier of the mail data is reset;
  • the received mail data has been After being accessed, the mail data corresponds to whether the access flag is set, and the mail data is divided into confidential data, and the confidentiality identifier of the mail data is set.
  • Step S303 When the email service is activated, the non-secure data in the email is retrieved for display for the user to process.
  • the email system Clicking on the email identifier on the display panel of the instant messaging system, the email system is activated, and the instant messaging system judges the data according to whether the data in the email system is confidential, and if the data is not confidential, the data is retrieved. Processing; if it is confidential data, the data is not retrieved for processing.
  • the instant messaging system can select a full display mode and a non-complete display mode to display its linked email system.
  • the full display mode is selected, the identifier corresponding to the confidential data and the non-confidential data in the email system, and various application function identifiers are obtained, and the complete interface information of the email system is displayed, but the user cannot The identification involving confidential data is performed.
  • the email system interface displays various identifiers such as the inbox ID, the outbox ID, the draft box ID, and the write mail operation ID.
  • the non-complete display mode When the non-complete display mode is selected, only the identifier corresponding to the non-confidential data in the email, and various application function identifiers are retrieved, and the incomplete interface information of the email system is displayed. For example, in the full display mode, only the unread mail ID, write mail operation ID, and so on are displayed on the email interface.
  • Step S304 After the secondary authentication is passed, the confidential data in the email system is retrieved for processing.
  • the confidential data in the email system is retrieved for processing.
  • obtain an independent password corresponding to the email system and compare it with a preset independent password, such as consistent, through secondary authentication, and retrieve the email system.
  • the confidential data is processed; if it is inconsistent, the password error message is returned.
  • the identification involving the confidential data can be operated. If the user selects the non-complete mode, after the secondary authentication, the identifier corresponding to the confidential data is retrieved, and the complete mode of the email system is displayed.
  • the data is divided into secret data and non-secure data according to whether or not the access identifier is used, and whether the secret identifier is set for the correspondence of the email system data.
  • the unread, non-confidential new mail data can be effectively divided into non-secure data, and the user can directly switch to the e-mail system through the instant messaging system, and the new mail
  • the operation is convenient for the user to use; the saved and saved confidential mail data is divided into confidential data, and the user can perform the secondary identity authentication before the confidential data can be operated to ensure the related information of the email system.
  • the confidentiality of the data is convenient for the user to use; the saved and saved confidential mail data is divided into confidential data, and the user can perform the secondary identity authentication before the confidential data can be operated to ensure the related information of the email system. The confidentiality of the data.
  • the third embodiment of the present invention takes the network hard disk service linked by the instant messaging system as an example to illustrate the processing process of the data when the instant communication system provides the network hard disk service.
  • the instant messaging system's network hard disk service can be used to store various data. For example, the data of the drama data, the data of the music song, the data of the movie, and the like are stored. Due to the large number of users of new TV dramas, songs, movies, etc., the frequency of their visits is quite high. Therefore, the above data with a high access frequency of 4 ⁇ can be set as confidential. Data, secondary authentication of users who download the above data, and corresponding management. Outdated TV dramas, songs, movies and other data require fewer users, and the download frequency is also lower. This part of the data can be set as non-confidential data, which is unconditionally open to users.
  • FIG. 4 it is a flowchart of data classification processing of an instant messaging system in a third embodiment of the present invention.
  • the method for data classification processing of the instant messaging system in this embodiment specifically includes the following steps.
  • Step S401 Count the frequency of accessing various data in the network hard disk service of the instant messaging system.
  • the frequency of accessing various data of the network hard disk of the statistical instant messaging system includes, for example, the frequency of access of each television drama, the frequency of access of each song, the frequency of access of each movie, and the like.
  • Step S402 If the accessed frequency exceeds a preset value, the data is divided into confidential data, and the confidentiality identifier of the data is set; otherwise, the data is divided into non-confidential data, and the confidentiality identifier of the data is reset. .
  • the preset value can be 500,000 times/day.
  • Step S403 When the service of the network hard disk is activated, determine whether the data of the network hard disk service is confidential data according to the confidentiality identifier, if it is confidential data, go to step S404; otherwise, go to step S405.
  • step S404 determines whether the movie data is confidential data, and if so, proceeds to step S404; otherwise, proceeds to step S405.
  • Step S404 After the secondary authentication is passed, the confidential data of the network hard disk service is retrieved for processing. Obtain the independent password corresponding to the network hard disk, and compare it with the preset independent password. If it is consistent, use the secondary authentication to retrieve the video data required by the user for processing; if it is inconsistent, return the prompt information of the wrong password.
  • Step S405 The required data is directly retrieved in the network hard disk for processing. After determining that the video data required by the user is non-secure data, the instant messaging system directly retrieves the video data required by the user in the network hard disk service.
  • the instant communication system effectively divides the data in the network hard disk into secret data and non-confidential data by counting the accessed frequency of the data of the network hard disk service.
  • the data of the network hard disk service with low access frequency is set to non-confidential data, which is completely open to all users, and is convenient for users to download at any time.
  • the new network hard disk service data with high frequency of access is set as confidential data, and the downloading user needs to perform secondary authentication, which is convenient for effective management of users who download confidential data.
  • the instant communication system classifies it as non-confidential data.
  • the fourth embodiment of the present invention takes the personal webpage service linked by the instant messaging system as an example to illustrate the processing procedure of the data when the instant messaging system provides the personal webpage service.
  • a user uses a personal web page linked by an instant messaging system for recording personal information, such as personal logs, personal photos, and the like.
  • personal information such as personal logs, personal photos, and the like.
  • the newly added information of the user is not confidential and can be opened to other users, but the stored history is generally confidential, and the other users to be authenticated need to be authenticated. Therefore, in the personal webpage, the secret data and the non-confidential data can be divided according to the generation time of the data, and the confidentiality identifier is set corresponding to the personal webpage service data.
  • FIG. 5 a flow chart of a method for data classification processing of an instant messaging system in a fourth embodiment of the present invention is shown.
  • the method for data classification processing of the instant messaging system in this embodiment specifically includes the following steps.
  • Step S501 Extracting a generation time of data in the personal webpage service linked by the instant messaging system.
  • the generation time of the data in the personal web service refers to the time when the personal web service data is saved to the personal web page. For example, the newly written log is saved on May 12th, and other logs already in the database are saved before May 1.
  • Step S502 After the setting time of the data is set, the data is divided into non-secure data, and the confidentiality identifier of the data is reset; otherwise, the data is divided into confidential data, and the data is kept secret.
  • the flag is set. Setting a reference time, comparing the generation time of the data in the personal webpage service with the set reference time, if the generation time is before the set time, setting the data as confidential data; the generation time is after the set time, The data is set to non-confidential data.
  • the set reference time is the 8th day of the current time
  • the current time is May 15th
  • the setting time is May 7th
  • the newly written log time is May 12th.
  • the log The data is non-secure data
  • the saved log generation time of the database is before May 1st.
  • the saved log data is confidential data.
  • Step S503 When the personal webpage service is activated, the non-confidential data in the personal webpage is retrieved for display and used by the user.
  • the personal webpage service Clicking the personal webpage identifier on the display panel of the instant messaging system, the personal webpage service is activated, and the instant messaging system determines whether the data of the personal webpage service is non-secure data according to the confidentiality identifier, and if so, the data is retrieved for processing; If not, the data is not retrieved for processing.
  • the personal web service may select a full display mode and a non-complete display mode.
  • the full display mode is selected, the confidential data and the non-confidential data in the personal web service are obtained for display, and the personal web page displays the complete interface information. For example, the newly saved log identifier and the previously saved log identifier are displayed on the personal web interface, but other users cannot perform related operations on the identifiers related to the secret data.
  • the non-confidential data in the personal webpage is obtained for display, and the incomplete interface information of the personal webpage is displayed. For example, only the newly saved log identifier is displayed on the interface of the personal web page.
  • Step S504 After the second authentication is passed, the confidential data of the personal webpage is retrieved for display and processing.
  • the independent password corresponding to the personal webpage is obtained, and compared with the preset independent password, if consistent, the secondary authentication is used to retrieve the confidential data in the personal webpage service; if not, the entity returns A password error message.
  • the data related to the confidential data can be processed. If the user selects the non-complete mode, after obtaining the confidential data through the secondary authentication Process and display the full mode of the personal web page.
  • the data of the personal web page service is classified into confidential data or non-confidential data according to the generation time of the data.
  • the first saved log or the newly uploaded photo is judged as non-critical data, and other users do not need to perform secondary authentication when accessing the data, which is convenient for the user to browse the personal webpage. Only when the user saves the photos and photos saved before the personal webpage, the secondary authentication is required to ensure the confidentiality of the personal web service data.
  • the embodiment of the present invention provides a system for secondary authentication in an instant communication system.
  • the system not only meets the security requirements of the instant messaging system, but also enables the user to conveniently and quickly use the services in the instant messaging system.
  • FIG. 6 is a schematic diagram of an instant communication system implementing data classification processing in a fifth embodiment of the present invention.
  • the instant messaging system implementing the data classification processing includes: a data dividing unit 61, a non-secure data extracting unit 62, a secondary authentication unit 63, and a secret data extracting unit 64.
  • the data dividing unit 61 is configured to divide the data in each service of the instant messaging system into confidential data and non-confidential data, and set whether the confidentiality identifier is separately set for the secret data and the non-confidential data.
  • the non-secure data retrieval unit 62 is configured to retrieve non-confidential data of the services when the services of the instant messaging system are activated.
  • the non-secure data retrieval unit 62 determines whether the data in each service is a confidential identifier to determine whether the data is non-secure data, and if so, retrieves the data; if not, the data is not retrieved.
  • the secondary authentication unit 63 is configured to perform secondary authentication on the user identity, and after the secondary authentication succeeds, send the confirmation information of the successful secondary authentication to the secure data retrieval unit 64.
  • the secondary authentication unit 63 is configured to obtain an independent password corresponding to the service of the confidential data, and compare with a preset independent password, such as the password is consistent, and the second authentication is successfully confirmed. The information is sent to the secret data retrieval unit 64; if not, the prompt information of the password error is returned.
  • the secret data retrieving unit 64 is configured to retrieve the secret data of the respective services when the secret data in each service of the instant messaging system needs to be used.
  • the secret data retrieval unit 64 determines whether the data in each service is a confidential identifier to determine whether the data is confidential data, and if so, retrieves the data. Confidential data.
  • the sixth embodiment of the present invention adds a determining unit to determine whether the mail data in the email system has been accessed. If the accessed data is used, the data is treated as confidential. The data is set to the confidentiality identifier of the data; if it is not the accessed data, the data is regarded as non-confidential data, and the confidentiality identifier of the data is reset.
  • FIG. 7 is a schematic diagram of an instant messaging system implementing data classification processing in a sixth embodiment of the present invention.
  • the instant messaging system implementing the data classification processing includes: a data dividing unit 71, a non-secure data capturing unit 72, a secondary authentication unit 73, a secret data extracting unit 74, and a determining unit 75.
  • the judging unit 75 is configured to judge whether the data in the instant messaging system service is accessed, and send the judgment result to the data dividing unit 71.
  • the data dividing unit 71 uses the accessed data as the secret data according to the judgment result, and sets the confidentiality flag of the data; and according to the judgment result, the data that has not been accessed is regarded as non-secure data, and whether the data is confidential or not Reset.
  • the instant messaging system's network hard disk service can be used to store a variety of data.
  • the number of times of accessing various data stored in the network hard disk service by the number of times of access statistics can be increased.
  • the data dividing unit compares the counted times with a reference number, and divides the data whose access times exceed the reference times into confidential data, and divides the data whose access times are lower than the reference times into non-secure data, and is confidential data and The non-confidential data is respectively set to a confidential identifier.
  • FIG. 8 is a schematic diagram of an instant communication system that implements data classification processing in a seventh embodiment of the present invention.
  • the instant messaging system implementing the data classification processing includes: a data dividing unit 81, a non-secure data extracting unit 82, a secondary authentication unit 83, a secret data extracting unit 84, and an accessed count counting unit 85.
  • the visited count counting unit 85 is for counting the number of times each data in the service of the instant messaging system is accessed, and transmits the statistical result to the data dividing unit 81.
  • the data dividing unit 81 is configured to compare the statistical result with a reference number of times, divide the data whose access times exceed the reference number into confidential data, and divide the data whose access times are lower than the reference number into non-confidential data, and be confidential data.
  • the reference number is 500,000 times/day.
  • the personal web service of the instant messaging system can be used to record personal information such as personal logs, personal photos, and the like.
  • a data generation time extracting unit for acquiring the generation time of various data in the personal web page service is added. And comparing, by the data dividing unit, the generated time of the obtained data with a set reference time, the data before the reference time for the data generating time is divided into the confidential data, and the data after the reference time for the data generating time is divided into Non-confidential data, and a confidentiality identifier is set for each of the secret data and the non-confidential data.
  • Fig. 9 is a schematic diagram of an instant communication system in which data classification processing is realized in the eighth embodiment of the present invention.
  • the instant messaging system implementing the data classification processing includes: a data dividing unit 91, a non-secure data extracting unit 92, a secondary authentication unit 93, a secret data extracting unit 94, and a data generating time extracting unit 95.
  • the data generation time extracting unit 95 is configured to acquire the generation time of various data in the personal web page service, and transmit the acquired data generation time to the data dividing unit 91.
  • the data dividing unit 91 is configured to compare the acquired data generation time with a reference time, the data before the reference time for the data generation time is divided into the secret data, and the data after the reference time for the data generation time is divided into the non-confidential data. And set a confidential identifier for the confidential data and the non-confidential data respectively.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Description

即时通信系统中数据分类处理的方法及其装置 技术领域
本发明涉及即时通信领域, 具体地说, 涉及即时通信系统中数据分类处 理的方法及其装置。 发明背景
即时通信系统作为网络上常用的沟通工具之一, 其功能越来越完善。 一 般在登录到即时通信系统时, 需要进行第一次认证。 在通过了第一次认证之 后, 用户可以使用即时通信系统中的即时通信服务。 通过即时通讯系统还可 以随时切换到其他的服务, 例如电子邮件、 个人网页、 网络硬盘等。 为操作 便利, 即时通信的显示面板上设置有相关服务的链接标识, 点击即可切换到 相关服务的页面。 但是, 上述服务中对安全性有较高要求的服务, 需要在启 动时对用户进行第二次认证。
因此, 在使用即时通信系统中的非即时通信服务时, 需要对所述非即时 通信服务进行二次认证。 在现有技术的即时通信系统中, 是根据服务的种类 不同设置二次认证的, 在需要访问非即时通信服务中的任何数据时都需要进 行二次认证。 对非即时通信服务中的任何数据都进行二次认证, 虽然有助于 加强即时通信系统中相关服务的安全性, 但这需要用户记住各种服务所对应 的独立密码, 不利于用户方便地使用即时通信系统中的非即时通信服务。 发明内容
本发明实施例提供了一种即时通信系统数据分类处理的方法, 该方法包 括: 划分即时通信系统各项服务的数据为保密数据和非保密数据; 在第一次 认证通过后, 调取所述各项服务中的非保密数据进行处理; 在第二次认证通 过后, 调取所述各项服务中的保密数据进行处理。
本发明实施例提供了一种即时通信系统数据分类处理的装置, 该装置包 括: 数据划分单元, 用于划分即时通信系统各项服务的数据为保密数据和非 保密数据; 非保密数据调取单元, 用于在第一次认证通过后所述服务被激活 时, 调取该服务中的非保密数据; 二次认证单元, 用于实现即时通信系统的 第二次认证, 并在第二次认证成功后, 发送第二次认证成功的确认信息; 保 密数据调取单元, 用于在接收到所述二次认证单元发送的第二次认证成功的 确认信息后, 调取所述服务的保密数据。
依据本发明实施例提供的即时通信系统数据分类处理的方法和装置, 即 时通信系统提供的各项服务的数据被划分为保密数据和非保密数据; 在通过 了第一次认证后, 调取该服务中的非保密数据进行处理; 在通过了第二次认 证后, 调取该服务中的保密数据进行处理。 依据本发明的实施例, 用户在即 时通信系统激活某项服务后, 即可执行该服务中与非保密数据相关的操作, 方便用户使用; 在用户想对保密数据进行操作时, 则需进行第二次认证, 确 保该服务中具有保密需要的数据的安全。 相对于现有技术中对即时通信系统 的各项非即时通信服务全部操作都需要进行第二次认证, 本发明实施例中的 方法和装置既满足即时通信系统对安全性的要求, 又方便了用户使用即时通 信系统提供的各项服务。 附图简要说明
图 1为已知的即时通信系统中对服务进行分类处理的方法流程图; 图 2为本发明第一实施例即时通信系统中对数据进行分类处理的方法流 程图;
图 3为本发明第二实施例中即时通信系统数据分类处理的方法流程图; 图 4为本发明第三实施例中即时通信系统数据分类处理流程图; 图 5为本发明第四实施例中即时通信系统数据分类处理的方法流程图; 图 6为本发明第五实施例中实现了数据分类处理的即时通信系统的示意 图;
图 7为本发明第六实施例中实现了数据分类处理的即时通信系统的示意 图;
图 8为本发明第七实施例中实现了数据分类处理的即时通信系统的示意 图;
图 9为本发明第八实施例中实现了数据分类处理的即时通信系统的示意 图。 实施本发明的方式
为使本发明的目的、 特征和优点能够更加明显易懂, 下面结合附图和具 体实施方式对本发明作进一步详细的说明。
参见图 1 , 其为现有技术中即时通信系统中对服务进行分类处理的方法 流程图。所述即时通信系统对服务进行分类处理的方法具体包括如下的步骤。
步骤 S101 : 在即时通信系统经过第一次认证正常启动以后, 即时通信系 统正常提供了即时通信服务, 并在即时通信系统的显示面板中显示非即时通 信服务的标识, 用户可以根据服务需要点击对应的服务标识。 所述的非即时 通信服务包括: 电子邮件、 个人网页、 网络硬盘服务等。
所述服务标识被激活后, 链接到该服务的页面。
例如, 用户点击即时通信系统的电子邮件标识, 则链接该用户的电子邮 件页面。
步骤 S102: 输入独立密码进行二次认证。
即时通信系统弹出对话框, 要求用户输入有别于即时通信密码的独立密 码, 对用户身份进行二次认证。
例如, 用户在弹出的对话框中输入电子邮件系统对应的密码, 进行二次 认证。 步骤 S103: 认证通过后, 调取对应服务的全部数据进行处理, 为用户提 供对应的服务。
即时通信系统对用户输入的独立密码进行验证, 如与预先设置的独立密 码相同, 则通过认证, 调取对应服务的数据进行处理, 并为用户提供对应的 服务; 如不同, 返回错误信息。
由上述步骤可知, 现有技术中对即时通信系统按照其提供的服务的种类 不同, 将即时通信系统中的数据在通过了二次认证后进行处理。 因此现有技 术中, 对非即时通信服务中的任何数据都进行二次认证, 虽然有助于加强即 时通信系统中相关服务的安全性, 但这需要用户记忆各种服务相对应的独立 密码, 不利于用户使用即时通信系统中的非即时通信服务。
本发明实施例不按照服务的种类来处理数据, 而是将即时通信系统提供 的所有服务的数据根据是否需要进行保密进行处理。 对于不需要保密的所有 业务的数据在第一次认证通过后, 就全部提供给用户使用; 只是在用户需要 对各种服务中的保密数据进行访问时, 才进行二次认证, 从而方便了用户使 用即时通信系统中的各种服务, 也保证了即时通信系统的安全。
参见图 2, 为本发明第一实施例即时通信系统中对数据进行分类处理的 方法流程图。 该实施例中对数据进行分类处理的方法具体包括如下步骤。
步骤 S201 :划分即时通信系统提供的各项服务的数据为保密数据和非保 密数据。 划分后的数据会带上一个是否保密标识, 用以标明数据是否能够在 第一次认证后就被显示出来, 用于用户进行处理。
所述即时通信系统提供的各项服务包括: 即时通信系统自身提供的即时 通信服务, 以及即时通信系统连接并提供的多项非即时通信服务。 所述非即 时通信服务包括: 电子邮件, 网络硬盘、 个人网页等。 其中划分即时通信系 统提供的各项服务的数据的步骤具体为: 将即时通信系统提供的即时通信服 务和非即时通信服务的数据划分为保密数据和非保密数据。 其中, 所述电子 邮件服务中涉及新邮件数据、 已接收邮件数据、 草稿箱数据, 等其他相关数 据; 网络硬盘服务包括电视剧的资料数据、 电影的资料数据、 歌曲的资料数 据等; 个人网页包括日志数据、 照片数据等。 这样, 按照服务的性质、 服务 数据的重要程度将即时通信系统提供的各项服务的数据划分为保密数据和非 保密数据, 并用一个是否保密标识进行标记。
步骤 S202: 在即时通信系统进行第一次认证通过后,调用即时通信系统 提供的各项服务中的非保密数据进行处理。
所述即时通信系统的显示面板上设置有其各项服务的标识, 用户通过点 击某项服务的标识, 可以调用该项服务。 即时通信系统根据该项服务中各数 据的是否保密标识判断该项服务的数据, 如果判断出是非保密数据, 调取该 数据进行处理; 如果判断出是保密数据, 则不调取该数据进行处理。
步骤 S203、 在用户需要访问保密数据时, 即时通信系统进行二次认证, 并在通过二次认证后, 调取该服务中的保密数据进行处理。
需要对保密数据进行相关操作时, 获取该服务对应的独立密码, 并与预 先设置的独立密码相比较, 如一致, 通过二次认证, 并调取该服务中的保密 数据; 如不一致, 则返回密码错误的提示信息。
这样, 即时通信系统中的各项服务的非保密数据在第一次认证通过后, 就会给显示出来供用户处理。 只有用户在需要对各项服务中的保密数据进行 操作时, 才需要进行二次认证, 并在通过二次认证后显示保密数据并供用户 处理。 这样就既满足即时通信系统对安全性的要求, 又利于用户方便、 快捷 地使用即时通信系统中的各项服务。
本发明第二实施例以即时通信系统链接的电子邮件系统为例, 说明即时 通信系统提供电子邮件服务时数据的处理过程。在电子邮件服务中新接收的、 未被访问的邮件数据一般是需要用户及时处理的, 且数据量较少, 不具有保 密性。 电子邮件系统的收件箱、 草稿箱存储的、 已被访问的数据为用户保存 的历史数据, 记载信息较多, 一般来说具有保密性。 因此, 对于电子邮件系 统来说, 可根据数据是否被访问, 划分保密数据和非保密数据。 参见图 3 , 为本发明第二实施例中即时通信系统数据分类处理的方法流 程图。 本实施例中即时通信系统数据分类处理的方法具体包括如下步骤。
步骤 S301 :判断即时通信系统链接的电子邮件系统中的数据是否被访问 过。
即时通信系统链接的电子邮件系统中的数据包括: 收件箱数据、 发件箱 数据、 草稿箱数据等其他相关数据。 收件箱接收新邮件, 如接收的邮件数据 已被访问, 该数据对应的是否访问标志位置位。 即时通信系统根据所述是否 访问标志位判断该邮件数据是否被访问过。
步骤 S302: 如果邮件数据未被访问, 划分该邮件数据为非保密数据, 并 将所述邮件数据的是否保密标识复位; 否则划分该邮件数据为保密数据, 并 将所述邮件数据的是否保密标识置位。
例如, 新接收的邮件数据未被访问, 该邮件数据对应的是否访问标志位 未置位, 并且该邮件数据被划分为非保密数据, 将该邮件数据的是否保密标 识复位; 接收的邮件数据已被访问过, 则该邮件数据对应的是否访问标志位 置位, 并且划分该邮件数据为保密数据, 将所述邮件数据的是否保密标识置 位。
步骤 S303: 电子邮件服务被激活时,调取电子邮件中的非保密数据进行 显示供用户处理。
在即时通信系统的显示面板上点击电子邮件标识, 电子邮件系统被激 活, 即时通信系统根据电子邮件系统中的各数据的是否保密标识对其中的数 据判断, 如果不是保密数据, 则调取该数据进行处理; 如果是保密数据, 则 不调取该数据进行处理。
即时通信系统可选择完整显示模式和非完整显示模式来显示其链接的 电子邮件系统。 在选择完整显示模式时, 获取该电子邮件系统中保密数据和 非保密数据所对应的标识、 及各种应用功能标识, 显示电子邮件系统完整的 界面信息,但用户在通过二次认证之前不能对涉及保密数据的标识进行操作。 例如, 在完整显示模式时, 电子邮件系统界面上显示收件箱标识、 发件箱标 识、 草稿箱标识、 写邮件操作标识等各种标识。
在选择非完整显示模式时, 仅仅调取电子邮件中非保密数据所对应的标 识、 及各种应用功能标识, 显示电子邮件系统非完整的界面信息。 例如, 在 完整显示模式时, 电子邮件界面上只显示未读邮件标识、 写邮件操作标识等 标识。
步骤 S304:二次认证通过后,调取电子邮件系统中的保密数据用于处理。 需要对电子邮件系统中的保密数据进行相关操作时, 获取该电子邮件系 统对应的独立密码, 并与预先设置的独立密码相比较, 如一致, 通过二次认 证, 调取该电子邮件系统中的保密数据进行处理; 如不一致, 则返回密码错 误的提示信息。
如用户选择完整模式, 通过二次认证后, 可对涉及保密数据的标识进行 操作。 如用户选择的是非完整模式, 通过二次认证后, 则调取保密数据所对 应的标识, 显示出电子邮件系统的完整模式。
在本发明第二实施例中, 根据是否被访问标识将数据划分保密数据和非 保密数据, 并为电子邮件系统数据对应设置了是否保密标识。 在即时通信系 统链接的电子邮件系统中, 可有效的将未读取的、 不具有保密性的新邮件数 据划分为非保密数据, 用户可直接通过即时通信系统切换到电子邮件系统, 对新邮件进行操作, 方便用户使用; 将已读取的、 具有保密性的已保存的邮 件数据划分为保密数据, 对用户进行二次身份认证后才可对该保密数据进行 操作, 保证电子邮件系统相关的数据的保密性。
本发明第三实施例以即时通信系统链接的网络硬盘服务为例, 说明即时 通信系统提供网络硬盘服务时数据的处理过程。 即时通信系统的网络硬盘服 务可以用于存储各种数据。例如存储电视剧资料数据、音乐歌曲的资料数据、 电影的资料数据等。 因新推出的电视剧、歌曲、 电影等资料需求的用户很多, 其被访问频率也相当高。 因此可将上述访问频率 4艮高的资料数据设置为保密 数据, 对下载上述资料数据的用户进行二次认证, 并进行相应的管理。 而过 时的电视剧、 歌曲、 影视等资料需求用户较少, 下载频率也较低, 可将这部 分资料数据设置为非保密数据, 对用户无条件开放。
参见图 4, 为本发明第三实施例中即时通信系统数据分类处理流程图。 本实施例中即时通信系统数据分类处理的方法具体包括如下步骤。
步骤 S401: 统计即时通信系统网络硬盘服务中各种数据被访问频率。 所述统计即时通信系统的网络硬盘的各种数据被访问频率包括, 例如, 每部电视剧的被访问频率、 每首歌曲的被访问频率、 每部电影的被访问频率 等。
步骤 S402: 被访问频率超过预设数值的, 划分该数据为保密数据, 并将 所述数据的是否保密标识置位; 否则划分该数据为非保密数据, 并将所述数 据的是否保密标识复位。
将所述网络硬盘中各种数据的被访问频率与预设数值相比较, 超过预设 数值的, 划分该数据为保密数据, 并将该数据的是否保密标识置位; 低于预 设数值的, 划分该数据为非保密数据, 并将该数据的是否保密标识复位。 其 中预设数值可为 50万次 /天。
步骤 S403: 网络硬盘的服务被激活时,根据所述是否保密标识判断网络 硬盘服务的数据是否为保密数据, 如果是保密数据转到步骤 S404; 否则转到 步骤 S405。
例如, 当用户希望下载某部新推出的电影, 点击该电影的标识, 系统判 断该影视数据是否为保密数据,如是,则转到步骤 S404;否则转到步骤 S405。
步骤 S404: 二次认证通过后, 调取网络硬盘服务的保密数据进行处理。 获取该网络硬盘对应的独立密码, 并与预先设置的独立密码相比较, 如 一致, 通过二次认证, 调取用户所需的影视数据进行处理; 如不一致, 返回 密码错误的提示信息。
步骤 S405: 直接在网络硬盘中调取所需数据进行处理。 确定用户所需的影视数据为非保密数据后, 即时通信系统直接在网络硬 盘服务中调取用户所需的影视数据。
在本发明第三实施例中, 通过统计网络硬盘服务的数据的被访问频率, 即时通信系统有效的将网络硬盘中的数据划分保密数据和非保密数据。 对于 被访问频率低的网络硬盘服务数据设为非保密数据, 完全对所有用户开放, 方便用户随时下载。 对新的、 被访问频率高的网络硬盘服务数据设为保密数 据, 对下载用户就需要进行二次认证, 方便对下载保密数据的用户进行有效 的管理。 当所述网络硬盘服务的数据过时, 被访问频率降低, 其利用价值也 降低, 不需再对该资料数据进行保密, 即时通信系统将其划为非保密数据。
本发明第四实施例以即时通信系统链接的个人网页服务为例, 说明即时 通信系统提供个人网页服务时数据的处理过程。 当用户使用的是即时通信系 统链接的个人网页用于记载个人信息, 如个人日志、 个人相片等。 一般来说, 用户新添加的信息不具有保密性, 可对其它用户开放, 但存储的历史记录, 一般具有保密性, 需对访问的其它用户进行身份认证。 因此, 在个人网页中, 可根据数据的生成时间划分保密数据和非保密数据, 并对应为个人网页服务 数据设置是否保密标识。
参见图 5 , 为本发明第四实施例中即时通信系统数据分类处理的方法流 程图。 本实施例中即时通信系统数据分类处理的方法具体包括如下步骤。
步骤 S501 : 提取即时通信系统链接的个人网页服务中的数据的生成时 间。
所述个人网页服务中的数据的生成时间是指将个人网页服务数据保存 到个人网页中的时间。 例如,新撰写的日志保存时间为 5月 12号, 数据库已 有的其它日志的保存时间在 5月 1号之前。
步骤 S502: 所述数据的生成时间在设置时间之后, 则划分该数据为非保 密数据, 并将所述数据的是否保密标识复位; 否则划分该数据为保密数据, 并将所述数据的是否保密标识置位。 设置一个参考时间, 将所述个人网页服务中的数据的生成时间与设置的 参考时间相比较,如果生成时间在设置时间之前,将该数据设置为保密数据; 生成时间在设置时间之后, 将该数据设置为非保密数据。
例如, 设置的参考时间为当前时间往前的第 8天, 当前时间为 5月 15 号,设置时间为 5月 7号,新撰写的日志时间为 5月 12号,在设置时间之后, 该日志数据为非保密数据;数据库已保存的日志生成时间都在 5月 1号之前, 在设置时间之前, 已保存的日志数据为保密数据。
步骤 S503: 在个人网页服务被激活时,调取个人网页中的非保密数据进 行显示, 并供用户使用。
在即时通信系统的显示面板上点击个人网页标识, 个人网页服务被激 活, 即时通信系统根据所述是否保密标识判断个人网页服务的数据是否为非 保密数据, 如是, 调取该数据进行处理; 如不是, 则不调取该数据进行处理。
所述个人网页服务可选择完整显示模式和非完整显示模式。 在选择完整 显示模式时, 获取个人网页服务中的保密数据和非保密数据进行显示, 这时 个人网页显示完整的界面信息。 例如, 在个人网页界面上显示新保存的日志 标识、 以前保存的日志标识, 但其它用户不能对涉及保密数据的标识进行相 关操作。
在选择非完整显示模式时, 获取个人网页中非保密数据进行显示, 这时 显示的是个人网页的不完整的界面信息。 例如, 在个人网页的界面上只显示 新保存的日志标识。
步骤 S504:二次认证通过后,调取个人网页的保密数据进行显示和处理。 需要对保密数据进行相关操作时, 获取个人网页对应的独立密码, 并与 预先设置的独立密码相比较, 如一致, 通过二次认证, 调取个人网页服务中 的保密数据; 如不一致, 则返回密码错误的提示信息。
如果用户选择了完整显示模式, 通过二次认证后, 可对涉及保密数据的 进行处理。 如果用户选择的是非完整模式, 通过二次认证后, 获取保密数据 进行处理, 并显示个人网页的完整模式。
在本发明第四实施例中, 根据数据的生成时间划分个人网页服务的数据 为保密数据或非保密数据。 其中在个人网页中将先保存的日志或新上传的照 片判断为非重要数据, 其它用户访问这些数据时, 不需进行二次认证, 这就 方便用户浏览该个人网页。 只有在用户查看个人网页以前保存的曰志、 照片 时, 才需进行二次认证, 确保个人网页服务数据的保密性。
基于上述即时通信系统中二次认证的方法, 本发明实施例提供了一种即 时通信系统中二次认证的系统。 该系统既可满足即时通信系统对安全性的要 求, 又能使用户方便、 快捷地使用即时通信系统中的各项服务。
图 6为本发明第五实施例中实现了数据分类处理的即时通信系统的示意 图。 该实现了数据分类处理的即时通信系统包括: 数据划分单元 61、 非保密 数据调取单元 62、 二次认证单元 63、 及保密数据调取单元 64。
其中数据划分单元 61 用于划分即时通信系统的各项服务中的数据为保 密数据和非保密数据, 并为保密数据和非保密数据分别设置是否保密标识。
非保密数据调取单元 62用于在即时通信系统的各项服务被激活时, 调 取所述各项服务的非保密数据。非保密数据调取单元 62判断各项服务中数据 的是否保密标识来判断所述数据是否为非保密数据, 如是, 调取该数据; 如 不是, 则不调取该数据。
二次认证单元 63用于对用户身份进行二次认证, 在二次认证成功后, 发送二次认证成功的确认信息到保密数据调取单元 64。在需要对保密数据进 行相关操作时,二次认证单元 63用于获取所述保密数据的服务对应的独立密 码, 并与预先设置的独立密码相比较, 如密码一致, 发送二次认证成功的确 认信息到保密数据调取单元 64; 如不一致, 则返回密码错误的提示信息。
保密数据调取单元 64用于在即时通信系统的各项服务中的保密数据需 要被使用时,调取所述各项服务的保密数据。保密数据调取单元 64判断各项 服务中数据的是否保密标识来判断所述数据是否为保密数据, 如是, 调取该 保密数据。
如果用户使用的是即时通信系统链接的电子邮件服务, 本发明第六实施 例添加一个判断单元来判断电子邮件系统中的邮件数据是否被访问过, 如果 是访问过的数据则将该数据作为保密数据,并给该数据的是否保密标识置位; 如果不是访问过的数据则将该数据作为非保密数据, 并给该数据的是否保密 标识复位。
图 7为本发明第六实施例中实现了数据分类处理的即时通信系统的示意 图。 该实现了数据分类处理的即时通信系统包括: 数据划分单元 71、 非保密 数据调取单元 72、二次认证单元 73、保密数据调取单元 74、及判断单元 75。
其中判断单元 75用于判断即时通信系统服务中的数据是否被访问, 并 将判断结果发送到数据划分单元 71。
数据划分单元 71根据判断结果将访问过的数据作为保密数据, 并给该 数据的是否保密标识置位; 并且根据判断结果将没有访问过的数据作为非保 密数据, 并给该数据的是否保密标识复位。
本发明实施例六中的其它单元的功能同于本发明实施例五中对应单元 的功能, 这里不再赘述。
即时通信系统的网络硬盘服务可用于存储各种数据。 在本发明第七实施 例中可通过增加一被访问次数统计单元对网络硬盘服务中存储的各种数据进 行访问次数的统计。 并通过数据划分单元将所统计的次数与一个参考次数进 行比较, 对于访问次数超过参考次数的数据划分为保密数据, 对访问次数低 于参考次数的数据划分为非保密数据, 并且为保密数据和非保密数据分别设 置一个是否保密标识。
图 8为本发明第七实施例中实现了数据分类处理的即时通信系统的示意 图。 该实现了数据分类处理的即时通信系统包括: 数据划分单元 81、 非保密 数据调取单元 82、 二次认证单元 83、 保密数据调取单元 84、 及被访问次数 统计单元 85。 其中被访问次数统计单元 85用于统计即时通信系统的服务中的各数据 被访问的次数, 并将统计结果发送到数据划分单元 81。
数据划分单元 81 用于将所统计的结果与一个参考次数进行比较, 对于 访问次数超过参考次数的数据划分为保密数据, 对访问次数低于参考次数的 数据划分为非保密数据, 并且为保密数据和非保密数据分别设置一个是否保 密标识。 本实施例中参考次数为 50万次 /天。
本发明实施例七中的其它单元的功能同于本发明实施例五中对应单元 的功能, 这里不再赘述。
即时通信系统的个人网页服务可用于记载个人信息, 如个人日志、 个人 相片等。 在本发明第八实施例中增加了一个数据生成时间提取单元, 其用于 对个人网页服务中的各种数据的生成时间进行获取。 并通过数据划分单元将 所述获得的数据的生成时间与一个设置的参考时间进行比较, 对于数据生成 时间在参考时间之前的数据划分为保密数据, 对于数据生成时间在参考时间 之后的数据划分为非保密数据, 并且为保密数据和非保密数据分别设置一个 是否保密标识。
图 9为本发明第八实施例中实现了数据分类处理的即时通信系统的示意 图。 该实现了数据分类处理的即时通信系统包括: 数据划分单元 91、 非保密 数据调取单元 92、 二次认证单元 93、 保密数据调取单元 94、 及数据生成时 间提取单元 95。
其中数据生成时间提取单元 95用于对个人网页服务中的各种数据的生 成时间进行获取, 并将获取的数据生成时间发送到数据划分单元 91。
数据划分单元 91 用于将所获取的数据生成时间与一个参考时间进行比 较, 对于数据生成时间在参考时间之前的数据划分为保密数据, 对于数据生 成时间在参考时间之后的数据划分为非保密数据, 并且为保密数据和非保密 数据分别设置一个是否保密标识。
本发明实施例八中的其它单元的功能同于本发明实施例五中对应单元 的功能, 这里不再赘述。
以上所述, 仅为本发明较佳的具体实施方式, 但本发明的保护范围并不 局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可 轻易想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明 的保护范围应该以权利要求的保护范围为准。

Claims

权利要求书
1、 一种即时通信系统数据分类处理的方法, 其特征在于, 包括: 划分即时通信系统各项服务的数据为保密数据和非保密数据; 在第一次认证通过后, 调取所述各项服务中的非保密数据进行处理; 在第二次认证通过后, 调取所述各项服务中的保密数据进行处理。
2、 如权利要求 1所述的方法, 其特征在于, 所述划分即时通信系统各项 服务的数据为保密数据和非保密数据的步骤包括:
统计即时通信系统的服务中的各数据的被访问次数;
被访问次数超过预设数值的数据, 划分为保密数据; 否则划分该数据为 非保密数据。
3、 如权利要求 1所述的方法, 其特征在于, 所述划分即时通信系统各项 服务的数据为保密数据和非保密数据的步骤包括:
提取即时通信系统的服务中的各数据的生成时间;
生成时间在设置时间之后的数据, 划分为非保密数据; 否则划分该数据 为保密数据。
4、 如权利要求 1所述的方法, 其特征在于, 所述划分即时通信系统各项 服务的数据为保密数据和非保密数据的步骤包括:
判断即时通信系统的服务中的数据是否被访问过;
如数据未被访问过, 划分该数据为非保密数据; 否则划分该数据为保密 数据。
5、 如权利要求 2至 4中任一权利要求所述的方法, 其特征在于, 进一步 包括:
将非保密数据的是否保密数据标识复位, 将保密数据的是否保密数据标 识置位。
6、 如权利要求 5所述的方法, 其特征在于, 所述调取所述各项服务中的 非保密数据进行处理步骤包括:
根据该服务中各数据的是否保密数据标识, 判断该服务中各数据是否为 非保密数据;
如果是非保密数据, 则调取该数据进行处理。
7、 如权利要求 5所述的方法, 其特征在于, 所述调取所述各项服务中的 保密数据进行处理步骤包括:
根据该服务中各数据的是否保密数据标识, 判断该服务中各数据是否为 保密数据;
如果是保密数据, 则调取该数据进行处理。
8、 一种即时通信系统数据分类处理的装置, 其特征在于, 包括: 数据划分单元, 用于划分即时通信系统各项服务的数据为保密数据和非 保密数据;
非保密数据调取单元, 用于在第一次认证通过后所述服务被激活时, 调 取该服务中的非保密数据;
二次认证单元, 用于实现即时通信系统的第二次认证, 并在第二次认证 成功后, 发送第二次认证成功的确认信息;
保密数据调取单元, 用于在接收到二次认证单元发送的第二次认证成功 的确认信息后, 调取所述服务的保密数据。
9、 如权利要求 8所述的装置, 其特征在于, 进一步包括:
被访问次数统计单元, 用于统计即时通信系统的服务中的各数据被访问 次数, 并统计结果发送到所述数据划分单元;
则所述数据划分单元配置为将被访问次数超过预设数值的数据划分为保 密数据, 将被访问次数低于预设数值的数据划分为非保密数据。
10、 如权利要求 8所述的装置, 其特征在于, 进一步包括:
判断单元, 用于判断即时通信系统的服务中的数据是否被访问, 并将判 断结果发送到所述数据划分单元; 则所述数据划分单元配置为将被访问的数据划分为保密数据, 将未被访 问的数据划分为非保密数据。
11、 如权利要求 8所述的装置, 其特征在于, 进一步包括:
数据生成时间提取单元, 用于提取即时通信系统的服务中的各数据的生 成时间, 并将获取的数据生成时间发送到数据划分单元;
则所述数据划分单元配置为将生成时间在设置时间之后的数据划分为非 保密数据; 将生成时间在设置时间之前的数据划分为保密数据。
12、 如权利要求 9至 11中任一权利要求所述的装置, 其特征在于, 所述 数据划分单元进一步配置为将非保密数据的是否保密数据标识复位, 将保密 数据的是否保密数据标识置位;
则所述非保密数据调取单元配置为根据所述是否保密数据标识, 判断出 所述服务的非保密数据;
所述保密数据调取单元配置为根据所述是否保密数据标识, 判断出所述 服务的保密数据。
PCT/CN2008/070915 2007-06-14 2008-05-08 Procédé et appareil pour traiter la classe de données dans un système de messagerie instantanée WO2008151530A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/637,253 US8484748B2 (en) 2007-06-14 2009-12-14 Method and device for classifying and processing data in instant messaging system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200710111301.1 2007-06-14
CN2007101113011A CN101072206B (zh) 2007-06-14 2007-06-14 即时通信系统中二次认证的方法及系统

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/637,253 Continuation US8484748B2 (en) 2007-06-14 2009-12-14 Method and device for classifying and processing data in instant messaging system

Publications (1)

Publication Number Publication Date
WO2008151530A1 true WO2008151530A1 (fr) 2008-12-18

Family

ID=38899199

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/070915 WO2008151530A1 (fr) 2007-06-14 2008-05-08 Procédé et appareil pour traiter la classe de données dans un système de messagerie instantanée

Country Status (3)

Country Link
US (1) US8484748B2 (zh)
CN (1) CN101072206B (zh)
WO (1) WO2008151530A1 (zh)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072206B (zh) * 2007-06-14 2011-04-13 腾讯科技(深圳)有限公司 即时通信系统中二次认证的方法及系统
US20150007346A1 (en) * 2013-06-26 2015-01-01 International Business Machines Corporation Protecting confidential content in a user interface
CN104333811A (zh) * 2013-07-22 2015-02-04 联想(北京)有限公司 一种显示方法及电子设备
CN103457833B (zh) * 2013-08-18 2018-07-10 苏州量跃信息科技有限公司 通过即时通信工具开启邮件数据的方法及系统
CN104796253B (zh) * 2014-01-20 2019-06-28 腾讯科技(深圳)有限公司 独立密码验证方法及装置、存储介质
CN105281907B (zh) * 2014-07-11 2020-08-07 腾讯科技(深圳)有限公司 加密数据的处理方法及装置
CN107920017A (zh) * 2017-11-27 2018-04-17 唐佐 一种聊天记录与内容保密方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003034193A2 (en) * 2001-10-18 2003-04-24 Macrovision Corporation Method, apparatus and system for securely providing material to a licensee of the material
US20030097583A1 (en) * 2001-11-16 2003-05-22 International Business Machines Corporation Data management system and method
CN1767432A (zh) * 2004-10-30 2006-05-03 腾讯科技(深圳)有限公司 基于即时通讯平台的功能服务保护系统及方法
CN101072206A (zh) * 2007-06-14 2007-11-14 腾讯科技(深圳)有限公司 即时通信系统中二次认证的方法及系统

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050075880A1 (en) * 2002-01-22 2005-04-07 International Business Machines Corporation Method, system, and product for automatically modifying a tone of a message
US20040019695A1 (en) * 2002-07-25 2004-01-29 International Business Machines Corporation Messaging system and method using alternative message delivery paths
US8892673B1 (en) * 2003-08-08 2014-11-18 Radix Holdings, Llc Hybrid challenge-response
JP4284362B2 (ja) * 2003-09-16 2009-06-24 リサーチ イン モーション リミテッド インスタントメッセージングサーバを使用せずにピア・ツー・ピアの迅速なメッセージングソリューションを作成するための方法
GB0416448D0 (en) * 2004-07-23 2004-08-25 Ibm Method and system for message notification in instant messaging
US7600258B2 (en) * 2005-07-01 2009-10-06 Symantec Corporation Methods and systems for detecting and preventing the spread of malware on instant messaging (IM) networks by using fictitious buddies
US7552467B2 (en) * 2006-04-24 2009-06-23 Jeffrey Dean Lindsay Security systems for protecting an asset
US7933205B1 (en) * 2006-05-01 2011-04-26 At&T Mobility Ii Llc Generalized interconnection apparatus for delivering services based on real time performance requirements
KR101366805B1 (ko) * 2006-05-30 2014-02-21 삼성전자주식회사 사용자 관심 사항에 기초한 이동 통신 장치의애플리케이션의 런칭 패드 장치 및 구동 방법
US7895330B2 (en) * 2006-10-20 2011-02-22 International Business Machines Corporation Queuing of instant messaging requests
US9762576B2 (en) * 2006-11-16 2017-09-12 Phonefactor, Inc. Enhanced multi factor authentication
US20080163365A1 (en) * 2006-12-29 2008-07-03 Jarrod Austin Controlling access to content and/or services
CN101051293A (zh) * 2007-05-11 2007-10-10 广东天海威数码技术有限公司 对个人电脑存储空间的访问控制方法
US7502831B1 (en) * 2008-03-10 2009-03-10 International Business Machines Corporation System and method of sending and receiving categorized messages in instant messaging environment
US7970847B1 (en) * 2010-01-08 2011-06-28 Research In Motion Limited Method and apparatus for processing data on a computing device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003034193A2 (en) * 2001-10-18 2003-04-24 Macrovision Corporation Method, apparatus and system for securely providing material to a licensee of the material
US20030097583A1 (en) * 2001-11-16 2003-05-22 International Business Machines Corporation Data management system and method
CN1767432A (zh) * 2004-10-30 2006-05-03 腾讯科技(深圳)有限公司 基于即时通讯平台的功能服务保护系统及方法
CN101072206A (zh) * 2007-06-14 2007-11-14 腾讯科技(深圳)有限公司 即时通信系统中二次认证的方法及系统

Also Published As

Publication number Publication date
CN101072206A (zh) 2007-11-14
CN101072206B (zh) 2011-04-13
US20100095385A1 (en) 2010-04-15
US8484748B2 (en) 2013-07-09

Similar Documents

Publication Publication Date Title
US9710642B2 (en) Methods, systems, and computer program products for recovering a password using user-selected third party authorization
CN101436175B (zh) 控制合作文档中的评注的系统与方法
US8316233B2 (en) Systems and methods for accessing secure and certified electronic messages
US8266443B2 (en) Systems and methods for secure and authentic electronic collaboration
KR101298879B1 (ko) 추적능력이 감소된 전자 메시지 시스템 및 방법
US7418737B2 (en) Encrypted data file transmission
CN101529366B (zh) 可信用户界面对象的标识和可视化
WO2008151530A1 (fr) Procédé et appareil pour traiter la classe de données dans un système de messagerie instantanée
US11256825B2 (en) Systems and methods for securing data in electronic communications
WO2016154515A1 (en) Securing files
US20060143250A1 (en) System and method for manipulating and managing computer archive files
US20060294391A1 (en) Data encryption and decryption method
WO2008151542A1 (fr) Procédé de contrôle d'accès à un courrier électronique et serveur de courrier électronique
JP2024505907A (ja) 通信プラットフォーム内の極秘データの格納
US20130191341A1 (en) Methods and apparatus for restoring a user-selected subset of application data
US20120272060A1 (en) Electronic file delivering system, relevant mobile communication device, and relevant computer program product
Setiawan et al. Design of secure electronic disposition applications by applying blowfish, SHA-512, and RSA digital signature algorithms to government institution
EP4141721A1 (en) System and method for secure collection and display of sensitive data
CN106843526A (zh) 一种基于输入法的帐号管理系统及其使用方法
US20060143237A1 (en) System and method for manipulating and managing computer archive files
US20060143253A1 (en) System and method for manipulating and managing computer archive files
US10235541B2 (en) System and method for confidential data management
CN113961970B (zh) 跨网段网盘登录身份验证方法、装置、网盘及存储介质
CN113486380B (zh) 文本文件的加密方法
JP2002041523A (ja) 電子メール検索型データベースシステム及び電子メールを用いたデータベース検索方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08734270

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 7494/CHENP/2009

Country of ref document: IN

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1)EPC

122 Ep: pct application non-entry in european phase

Ref document number: 08734270

Country of ref document: EP

Kind code of ref document: A1