WO2015014015A1 - Terminal - Google Patents

Terminal Download PDF

Info

Publication number
WO2015014015A1
WO2015014015A1 PCT/CN2013/084356 CN2013084356W WO2015014015A1 WO 2015014015 A1 WO2015014015 A1 WO 2015014015A1 CN 2013084356 W CN2013084356 W CN 2013084356W WO 2015014015 A1 WO2015014015 A1 WO 2015014015A1
Authority
WO
WIPO (PCT)
Prior art keywords
processor
data
terminal
monitoring module
external device
Prior art date
Application number
PCT/CN2013/084356
Other languages
English (en)
Chinese (zh)
Inventor
祝芳浩
刘东海
袁刚
丁兆刚
冯耀辉
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201310326660.4A external-priority patent/CN103400086B/zh
Priority claimed from CN2013103270277A external-priority patent/CN103391190A/zh
Priority claimed from CN201310326703.9A external-priority patent/CN103390138B/zh
Priority claimed from CN2013103267221A external-priority patent/CN103391189A/zh
Priority claimed from CN201310326690.5A external-priority patent/CN103369148B/zh
Priority claimed from CN201310325602.XA external-priority patent/CN103402014B/zh
Priority claimed from CN201310325472XA external-priority patent/CN103402013A/zh
Priority claimed from CN201310325579.4A external-priority patent/CN103400084B/zh
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2015014015A1 publication Critical patent/WO2015014015A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means

Definitions

  • the present invention relates to the field of data security technologies, and in particular, to a terminal. Background technique
  • the processor can receive data from any external device 102; at the same time, any setting in the terminal
  • the communication module can interact with the CPU to exchange data such as voice service and data service.
  • the invention is based on the above problems, and proposes a new technical solution, which can make different types of data in the terminal be processed by different processors, and the data input to the processor can be accurately input by type identification.
  • the first processor or the second processor data crossover is avoided, and the security of the terminal is effectively improved.
  • the present invention provides a terminal, including: a first processor and a second processor, configured to separately process different types of data in the terminal; a peripheral monitoring module, connected to an external device of the terminal And performing type determination on data from an external device of the terminal, and determining to transmit data to the first processor or the second processor according to the determination result.
  • the identification and classification of data from external devices by setting up a dedicated peripheral monitoring module not only helps speed up processing, but also improves data security through data classification.
  • peripheral monitoring module transmits the classified data to the first processor or the second processor; in another case, A peripheral monitoring module is separately configured for each external device, and each of the peripheral monitoring modules transmits the classified data to the first processor or the second Processor.
  • the peripheral monitoring module is further configured to: directly transmit data to the first channel if there is a path between the first processor or the second processor a processor or the second processor, adding an identifier to data that needs to be transmitted to the second processor to be used by the first process if there is only a path between the first processor and the first processor Forwarding to the second processor, adding an identifier to data that needs to be transmitted to the first processor to be used by the second processor in the case where there is only a path between the second processor Forwarded to the first processor.
  • the peripheral monitoring module may have a connection path with the first processor or the second processor, and then the data interaction may be directly performed; or may be only related to the first processor or the second processor.
  • a path with a connection can be forwarded by the connected processor to the remaining processors.
  • the peripheral monitoring module is connected to the first processor.
  • the port connected to the peripheral monitoring module and the port connected to the second processor may be connected by the first processor.
  • the peripheral monitoring module directly uses the data transmission channel to transmit data to the second processor; in another case, the first processor establishes a DMA transmission channel by configuring the port The DMA transmission channel is directly used by the peripheral monitoring module to transmit data to the second processor in a manner of calling the bus of the first processor.
  • the method further includes: a restricted external device connected to one end of the peripheral monitoring module, and the other end of the peripheral monitoring module is connected to the first processor;
  • the peripheral monitoring module performs type determination on data from the restricted external device, directly transmits data corresponding to the first processor to the first processor, and needs to transmit to the first
  • the data of the second processor adds an identification to be forwarded by the first processor to the second processor.
  • the external device is restricted from accessing the data, and the data with high importance and high degree of privacy is more. Therefore, after the type identification of the data of the restricted external device is performed, only the first processor is still connected. Enables the first processor to further view and monitor all data, which helps to improve the security of the terminal; or restricts the external device to interact with the first processor more frequently, thus by directly putting all the data directly.
  • the transmission to the first processor enables the first processor to acquire the required data more quickly, which helps to improve data processing efficiency.
  • the method further includes: an unrestricted external device connected to one end of the peripheral monitoring module, and the other end of the peripheral monitoring module is connected to the second processor;
  • the peripheral monitoring module performs type determination on data from the non-restricted external device, and directly transmits data corresponding to the second processor to the second processor, and needs to transmit to the
  • the data of the first processor adds an identification to be forwarded by the second processor to the first processor.
  • the data that is accessed by the non-restricted external device has less importance, less privacy data, or more frequent data exchange with the second processor, so that all data is directly transmitted.
  • the second processor enables the second processor to acquire the required data more quickly, which helps to improve data processing efficiency.
  • the method further includes: a shared external device connected to one end of the peripheral monitoring module, and the other end of the peripheral monitoring module is simultaneously connected to the first processor And the second processor; wherein the peripheral monitoring module performs type determination on data from the shared external device, and transmits data to the first processor or the second processing according to the determination result Device.
  • the amount of various types of data touched by the shared external device is similar, and the frequency of interaction with the first processor and the second processor is also similar, so that various types of data can be directly transmitted to the first processor and The second processor facilitates the orderly execution of data processing and data interaction.
  • the first processor is configured to process private data in the terminal
  • the second processor is configured to process non-private data in the terminal.
  • the terminal there may be multiple types of data in the terminal, such as the importance of the data, the degree of privacy, the size of the data, the difference in the data format, etc., even based on the actual needs of the user, processed by each processor.
  • the data types are adjusted and changed.
  • the private data may be processed by the first processor according to the degree of privacy of the data, and the non-private data is processed by the second processor.
  • the peripheral monitoring module is further configured to: determine that data of an external device from the terminal corresponds to a protected application or an unprotected application, where the determining corresponds to the receiving The data of the protection application is private data, and the data corresponding to the unprotected application is non-private data.
  • the present invention also provides a terminal, including: a first processor and a second processor, configured to separately process different types of data in the terminal; a communication monitoring module, a communication module connected to the terminal, configured to The data from the communication module of the terminal performs type determination, and determines to transmit data to the first processor or the second processor according to the determination result.
  • the data from the external device can be identified and classified, which not only helps speed up the processing, but also improves data security through data classification.
  • all communication modules can be connected to the communication monitoring module, and then the classified monitoring data can be transmitted to the first processor or the second processor by the communication monitoring module; in another case, each can be The communication modules are separately configured with a communication monitoring module, and each of the communication monitoring modules transmits the classified data to the first processor or the second processor.
  • the communication monitoring module is further configured to: directly transmit data to the first channel if there is a path between the first processor or the second processor a processor or the second processor; adding an identification to data that needs to be transmitted to the second processor to be used by the first processor in the presence of a path only between the first processor Forwarding to the second processor; in only with the second Where there is a path between the processors, an identification is added to the data that needs to be transmitted to the first processor for forwarding by the second processor to the first processor.
  • the communication monitoring module may have a connection path with the first processor or the second processor, and may directly perform data interaction; or may only be associated with one of the first processor or the second processor. If there is a connected path, the remaining processors can perform data forwarding to the remaining processors.
  • the communication monitoring module is connected to the first processor.
  • the port connected to the communication monitoring module and the port connected to the second processor may be connected by the first processor.
  • the first processor establishes a DMA transmission channel by configuring the port, The manner of calling the bus of the first processor is directly used by the communication monitoring module to transmit the data to the second processor.
  • the method further includes: a restriction type communication module, connected to one end of the communication monitoring module, and the other end of the communication monitoring module is connected to the first processor;
  • the communication monitoring module performs type determination on data from the restricted communication module, directly transmits data corresponding to the first processor to the first processor, and needs to transmit to the second processor Data is added to the identifier for forwarding by the first processor to the second processor.
  • the restricted communication module contacts the data, and the data with high importance and high degree of privacy is more. Therefore, after the type identification of the data of the restricted communication module is performed, only the first processor is still connected.
  • the first processor enables further viewing and monitoring of all data, which helps to improve the security of the terminal; or, the restricted communication module can be more interactive with the first processor than the other communication module. High, so by transferring all data directly to the first processor, enabling the first processor to acquire the required data faster, helps to improve data processing efficiency.
  • the method further includes: an unrestricted communication module, connected to one end of the communication monitoring module, and the other end of the communication monitoring module is connected to the second processor;
  • the communication monitoring module performs type determination on data from the unrestricted communication module, and directly transmits data corresponding to the second processor to the second processor, and needs to transmit to the first
  • the data of the processor is added with an identification to be forwarded by the second processor to the first processor.
  • the non-restricted communication module contacts the data, has less importance, has less privacy data, or has a higher frequency of data interaction with the second processor, so that all data is directly transmitted.
  • the second processor enables the second processor to acquire the required data more quickly, which helps to improve data processing efficiency.
  • the method further includes: a shared communication module, connected to one end of the communication monitoring module, and the other end of the communication monitoring module is simultaneously connected to the first processor and the a second processor; wherein the communication monitoring module performs type determination on data from the shared communication module And transmitting data to the first processor or the second processor according to the judgment result.
  • the number of types of data touched by the shared communication module is similar, and the frequency of interaction with the first processor and the second processor is similar, so that various types of data can be directly transmitted to the first processor and The second processor facilitates the orderly execution of data processing and data interaction.
  • the first processor is configured to process private data in the terminal
  • the second processor is configured to process non-private data in the terminal.
  • the terminal there may be multiple types of data in the terminal, such as the importance of the data, the degree of privacy, the size of the data, the difference in the data format, etc., even based on the actual needs of the user, processed by each processor.
  • the data types are adjusted and changed.
  • the private data may be processed by the first processor according to the degree of privacy of the data, and the non-private data is processed by the second processor.
  • the communication monitoring module is further configured to: determine that data of the communication module from the terminal corresponds to a protected application or an unprotected application, where the determination corresponds to the The data of the protected application is private data, and the data corresponding to the unprotected application is non-private data.
  • the present invention also provides a terminal, including: a first processor and a second processor, configured to separately process different types of data in the terminal; wherein, the first processor is further configured to: The data of the at least one external device and/or the at least one communication module is type-determined, and according to the determination result, it is determined that the received data is processed by itself or transmitted to the second processor.
  • the identification and classification of data from external devices and/or communication modules by the first processor directly helps to reduce the improvement of the existing structure of the terminal and reduce the complexity of the terminal structure.
  • the technical solution may be specifically applied to an external device and/or a communication module connected only to the first processor, or to an external device and/or a communication module that are simultaneously connected to the first processor and the second processor. .
  • the method further includes: a restriction-type external device connected only to the first processor; and an unrestricted external device connected to only the second processor; wherein, the first processing Directly receiving data from the restricted type external device, and receiving data from the non-restricted external device directly forwarded by the second processor, and according to the external device from the restricted class or the unrestricted
  • the type determination of the data of the external device of the class it is determined that the received data is processed by itself or transmitted to the second processor.
  • type identification is performed on all data of the restricted class external device and the non-restricted class external device by the first processor, so that the first processor can view all the data, especially when the first process is performed.
  • the first processor is a "secure processor" relative to the second processor, thereby helping to avoid erroneous transmission of data and preventing malicious applications from passing through the first
  • the second processor steals important, private data.
  • the second processor is further configured to: at least one from the connection The data of the external device and/or the at least one communication module is type-determined, and according to the determination result, it is determined that the received data is processed by itself or transmitted to the first processor.
  • the data from the external device and/or the communication module is directly identified and classified by the second processor, which helps to reduce the improvement of the existing structure of the terminal and reduce the complexity of the terminal structure.
  • the technical solution may be specifically applied to an external device and/or a communication module connected only to the second processor, or to an external device and/or a communication module that are simultaneously connected to the first processor and the second processor. .
  • the method further includes: a restricted external device connected only to the first processor; and an unrestricted external device connected only to the second processor; a processor receives data from the restricted external device, and determines to process the received data by itself or transmits the data to the second processor according to a result of type determination of the received data; The second processor receives data from the non-restricted external device and determines to process the received data by itself or transmit the data to the first processor according to a result of type determination of the received data.
  • the external device is restricted from accessing the data, the data with high importance and high degree of privacy is more, or the external device is restricted to interact with the first processor more frequently; the non-restricted external device is exposed to the device.
  • the first processor and the second processor respectively identify, distribute, and process data from the restricted external device and the non-restricted external device, thereby helping to avoid data security problems caused by data crossover. Helps improve the efficiency of data processing and enhance the user experience.
  • the first processor is configured to process private data in the terminal
  • the second processor is configured to process non-private data in the terminal.
  • the terminal there may be multiple types of data in the terminal, such as the importance of the data, the degree of privacy, the size of the data, the difference in the data format, etc., even based on the actual needs of the user, processed by each processor.
  • the data types are adjusted and changed.
  • the private data may be processed by the first processor according to the degree of privacy of the data, and the non-private data is processed by the second processor.
  • the private data is data corresponding to a protected application
  • the non-private data is data corresponding to an unprotected application
  • the present invention also provides a terminal, comprising: a first processor and a second processor, configured to separately process different types of data in the terminal; and a communication module, configured to perform data received from an external communication device Type determining, and determining to transmit data to the first processor or the second processor according to the result of the determination.
  • the communication module directly recognizes and classifies the data from the external device and/or the data received by itself, which helps to reduce the improvement of the existing structure of the terminal and reduce the complexity of the terminal structure.
  • the communication module is further configured to: directly transmit data to the first process if there is a path between the first processor or the second processor Or the second An identifier is added to data that needs to be transmitted to the second processor for forwarding to the second processor by the first processor in the case where there is only a path between the first processor and the first processor Adding an identification to data that needs to be transmitted to the first processor for forwarding to the first processor by the second processor in the case where there is a path only between the second processor .
  • the communication module may have a connection path with the first processor or the second processor, and the data interaction may be directly performed; or only one of the first processor or the second processor may exist.
  • the connected path can be forwarded by the connected processor to the remaining processors.
  • the communication module is connected to the first processor.
  • the port connected to the communication module and the port connected to the second processor may be configured by the first processor.
  • the first processor establishes a DMA transmission channel by configuring the port to invoke the first The way of the bus of the processor, the communication module directly uses the DMA transmission channel to transmit data to the second processor.
  • the first processor is configured to process private data in the terminal
  • the second processor is configured to process non-private data in the terminal.
  • the terminal there may be multiple types of data in the terminal, such as the importance of the data, the degree of privacy, the size of the data, the difference in the data format, etc., even based on the actual needs of the user, processed by each processor.
  • the data types are adjusted and changed.
  • the private data may be processed by the first processor according to the degree of privacy of the data, and the non-private data is processed by the second processor.
  • the communication module is further configured to: determine that data from the external communication device corresponds to a protected application or an unprotected application, where the determination corresponds to the protected application.
  • the data is private data, and the data corresponding to the unprotected application is non-private data.
  • the first processor and the second processor are not intended to limit the number of processors in the terminal to two, and it is apparent that the terminal can actually contain more processors.
  • “first” and “second” represent the relationship between any two processors in the terminal, and are used to distinguish any two processors that are compared.
  • processor 1 and processor 2 when processor 1 and processor 2 are selected for comparison, either one of processor 1 and processor 2 may be referred to as a "first processor” and the other is “ “Second processor”; and when processor 2 and processor 3 are selected for comparison, either processor 2 and processor 3 may be referred to as “first processor” and the other as “second processor” " , So on and so forth.
  • processors can be used to process the same type of data, and the multiple processors should be treated as one processor group, then the "first processor” and the "second processor". It is also possible to actually represent a processor group for processing the same type of data, each processor group containing one or more processors. At the same time, in order to correspond to more types of data, there may obviously be more processor groups in the terminal. Such as “third processor group”, “fourth processor group” and so on.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can be embodied in the form of one or more computer program products embodied on a computer-usable storage medium (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program code.
  • a computer-usable storage medium including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • FIG. 1 is a schematic diagram showing a terminal architecture of a conventional single processor in the related art
  • FIG. 2 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • FIG. 3 is a schematic structural diagram of a terminal in a specific embodiment of the embodiment shown in FIG. 2;
  • FIG. 4 is a schematic structural diagram of a terminal in another specific embodiment of the embodiment shown in FIG.
  • FIG. 6 is a diagram showing a terminal structure for monitoring an external device or a communication module according to an embodiment of the present invention
  • FIG. 7 shows a terminal for monitoring an external device or a communication module according to another embodiment of the present invention. Schematic;
  • FIG. 8 is a block diagram showing the structure of a terminal according to another embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a terminal in a specific embodiment of the embodiment shown in FIG. 8.
  • FIG. 10 is a schematic structural diagram of a terminal in another specific embodiment of the embodiment shown in FIG. detailed description
  • FIG. 2 shows a schematic diagram of a terminal structure according to an embodiment of the present invention.
  • a terminal includes: a first processor (CPU1 shown in FIG. 2) and a second processor (CPU2 shown in FIG. 2) for processing separately Different types of data in the terminal.
  • CPU1 shown in FIG. 2
  • CPU2 shown in FIG. 2
  • the type of data from the external device 102 of the terminal can be identified within the terminal.
  • a peripheral monitoring module 104, an external device 102 connected to the terminal, and/or a communication monitoring module 106 wherein: the peripheral monitoring module 104 is configured to external device 102 from the terminal
  • the data is type-determined, and determines to transmit data to the first processor or the second processor according to the determination result;
  • the communication monitoring module 106 is configured to use a communication module from the terminal (as shown in FIG. 2)
  • the data of the illustrated Modem is type-determined, and based on the result of the determination, it is determined that the data is transmitted to the first processor or the second processor.
  • the type of data of the external device 102 from the terminal can be identified in the terminal.
  • a communication monitoring module 106 a communication module connected to the terminal (such as the Modem shown in FIG. 2), configured to perform type determination on data of the communication module from the terminal, and determine according to the determination result. Transmitting data to the first processor or the second processor.
  • peripheral monitoring module 104 and the communication monitoring module 106 are simultaneously shown in FIG. 2, those skilled in the art should understand that: according to actual conditions and requirements, only the peripheral monitoring module 104 may be set in the terminal, or Only the communication monitoring module 106 is provided, and the peripheral monitoring module 104 and the communication monitoring module 106 can also be set at the same time, which are easy to change and implement.
  • the data processed by the first processor and the second processor can be stored in different storage spaces respectively. Having, for example, storing data processed by the first processor in a first memory connected only to the first processor, and storing data processed by the second processor in a second memory connected only to the second processor, thereby Avoid data crossover and further improve the security of the terminal.
  • the first memory and the second memory may include a terminal
  • RAM RAM. EMMC and so on.
  • first processor and the second processor are not used to limit the number of processors in the terminal to two, and it is obvious that more processors can be included in the terminal.
  • first and second represent the relationship between any two processors in the terminal, and are used to distinguish any two processors that are compared.
  • processor 1 and processor 2 when processor 1 and processor 2 are selected for comparison, either processor 1 and processor 2 may be referred to as “first processor” and the other is “ “Second processor”; and when processor 2 and processor 3 are selected for comparison, either processor 2 and processor 3 may be referred to as “first processor” and the other as “second processor” " , So on and so forth.
  • processors can be used to process the same type of data, and the multiple processors should be treated as one processor group, then the "first processor” and the "second processor". It is also possible to actually represent a processor group for processing the same type of data, each processor group containing one or more processors. At the same time, in order to correspond to more types of data, it is obvious that there may be more processor groups in the terminal, such as "third processor group", "fourth processor group” and the like.
  • the first processor and the second processor are respectively used to process different types of data within the terminal, and thus involve classifying data within the terminal. For example, according to the importance of the data, the data is divided into core data and non-core data; or according to the privacy of the data, the data is divided into private data and non-private data; or according to the data transmission direction, the data is divided into Send data and received data, and so on.
  • Each classification can be preset by the manufacturer, or it can be determined by the user according to his actual situation.
  • data associated with certain applications can be used as private data or non-private data, such as "address book” and "call record”.
  • Application-related data such as ",” “short message”, “mail”, whether read or written, is counted as private data, or data related to a game application is treated as non-private data;
  • a certain type of data may be used as private data or non-private data, such as interactive data with online banking as private data, and software update package data as non-private data, etc., and may also include other The way to distinguish, not here - enumeration.
  • the identification and classification of data from the external device 102 and/or the communication module by setting up a dedicated peripheral monitoring module 104 and/or communication monitoring module 106 not only helps speed up processing but also improves data classification. Data security.
  • the specific data transmission method may be different:
  • peripheral monitoring module 104 and/or the communication monitoring module 106 may, depending on the type of data detected, Transfer directly to CPU1 or CPU2.
  • CPU1 can directly transmit data corresponding to CPU1, and data corresponding to CPU2 needs to be forwarded by CPU1.
  • the peripheral monitoring module 104 and/or the communication monitoring module 106 add an identifier to the data that needs to be transmitted to the CPU 2, and after receiving the data, the CPU 1 transmits the data to the CPU 2 by viewing the identification.
  • the peripheral monitoring module 104 and/or the communication monitoring module 106 notifies the CPU 1 (such as sending a notification message or other preset manner) after discovering that there is data that needs to be sent to the CPU 2, and is connected to the peripheral monitoring module by the CPU1.
  • the data transfer channel transfers data to CPU2.
  • a DMA transmission channel is established by configuring a port to directly use the DMA by the peripheral monitoring module 104 and/or the communication monitoring module 106 in a manner of calling the bus of the CPU1. Transfer channel to transfer data to CPU2.
  • the external device 102 in the terminal shown in FIG. 2 can be divided into: a restricted external device 102A connected only to the CPU 1 and a non-connected only to the CPU 2 according to the connection relationship with the CPU 1 and the CPU 2.
  • the class external device 102B is restricted and the shared class external device 102C is simultaneously connected to the CPU 1, CPU 2.
  • Modem in the terminal shown in Figure 2 according to its connection relationship with CPU1 and CPU2, it can be divided into: Modeml connected only to CPU1, Modem2 connected only to CPU2, and Modem3 connected to CPU1 and CPU2 at the same time.
  • the specific connection method used actually involves the classification of the external device 102 and the Modem. For example, it can be classified according to the type of data involved in each external device 102/Modem. For example, when more data (greater than or equal to the preset amount of data) processed by an external device 102/Modem is data of high importance and high privacy, it can be connected only to CPU1 (dedicated for handling important A processor with high data and high privacy; and when an external device 102/Modem processes all types of data, it can be connected to both CPU1 and CPU2 (ie, simultaneously connected to all processing) In order to speed up data interaction efficiency; when an external device processes more data with low importance and low privacy, it can be connected to CPU2 only.
  • each external device 102/Modem can be categorized according to the relationship between each external device 102/Modem and the processor. For example, when an external device 102/Modem interacts with the first processor frequently, it can be connected only to the first processor; when an external device 102/Modem interacts with the second processor frequently, Connect it only to the second processor; the rest can be connected to all processors at the same time.
  • the external device 102 is connected to the peripheral monitoring module 104 and the Modem is connected to the communication monitoring module 106, in fact, the "external device 102" shown in FIG. 2 does not represent the terminal. Contains only one external device, “Modem” does not mean that only one Modem is included in the terminal; “External Device 102", “Modem” in Figure 2 should actually be represented as a collection of one or more external devices, and one Or a collection of multiple modems.
  • connection relationship between the external device 102 or Modem in the "set” and the peripheral monitoring module 104 or the communication monitoring module 106 is not limited to that shown in FIG. The following is a detailed description with reference to FIG. 6 and FIG. 7.
  • the connection mode of the external device 102 and the Modem is similar, the two are described together, and the "monitoring module” is used instead of the specific "peripheral monitoring module 104" or “Communication Monitoring Module 106", but it is apparent that the external device 102 corresponds to the peripheral monitoring module 104, and the Modem corresponds to the communication monitoring module 106.
  • the external device 1 and the external device 2 are included in the terminal as an example.
  • multiple external devices such as the external device 1, the external device 2, and the like are connected to the same monitoring module, which helps reduce the number of monitoring modules used and reduces the complexity of the terminal;
  • a plurality of external devices such as an external device 1, an external device 2, and the like are respectively connected to corresponding monitoring modules, for example, the external device 1 is connected to the monitoring module 1, and the external device 2 is connected to the monitoring device.
  • Module 2, etc. helps to reduce the calculation amount of each monitoring module and improve data processing efficiency.
  • the specific connection modes of the external device 1 and the external device 2 can also be applied to communication modules such as Modeml and Modem2, and details are not described herein.
  • the monitoring module 1 and the monitoring module 2 are connected to the CPU1 and CPU2 respectively, but this is only for the specific For example, it is actually possible to use any of the specific connections as shown in Figures 2-4.
  • peripheral monitoring module 104 and/or communication monitoring module 106 the identification of data types within external devices and/or communication modules can be implemented in other ways.
  • Embodiment 1 Data type monitoring by a processor
  • the external device 102 and Modem connected to the CPU 1 include only connected to the CPU 1 or simultaneously connected to the CPU 1 and the CPU 2, and the data is transmitted to the CPU 1 , and the specific data type is recognized by the CPU 1 and The CPU 1 determines to directly process the data or forward the data to the CPU 2 based on the result of the determination.
  • the data can be directly forwarded to the CPU 1 by the CPU 2, and then the CPU 1 determines whether to directly process the data or forward the data to the CPU 1 according to the judgment result.
  • CPU2 the external device 102 and Modem connected to the CPU 2, including only connecting to the CPU 2 or simultaneously connected to the CPU 1, CPU 2, the data can be directly forwarded to the CPU 1 by the CPU 2, and then the CPU 1 determines whether to directly process the data or forward the data to the CPU 1 according to the judgment result.
  • the CPU 1 may be a processor in the terminal for processing data of high importance and high privacy, so as to avoid data parsing by other processors as much as possible, thereby reducing the possibility of stealing and leaking important and private data. Sex.
  • CPU1 and CPU2 can receive the data transmitted from the connected external device 102 or Modem, identify the data type, and determine whether to directly process it according to the recognition result, or forward it to other processors for processing.
  • Data identification and processing by multiple processors can help reduce the computational burden of a single CPU and improve the computational efficiency of data.
  • Embodiment 2 Type monitoring of data by Modem
  • the received data is type-recognized directly by the modem in the terminal, and based on the recognition result, it is determined which CPU should be processed. Although there may be one or more Modems in the terminal, for each Modem, the specific connection with the CPU is the same or similar. The following takes a specific Modem as an example to illustrate the connection relationship between it and the CPU.
  • the Modem establishes a connection with all CPUs in the terminal. For example, if it is connected to CPU1 and CPU2 at the same time, when the Modem needs to transfer data to any CPU, it can be directly transmitted.
  • Modem is only connected to a preset CPU in the terminal.
  • Modeml is only connected to CPU1
  • Modem2 is only connected to CPU2
  • Modeml needs to transfer data to CPU2.
  • Modem2 When Modem2 needs to transfer data to CPU1, it needs to perform data forwarding by CPU1 and CPU2.
  • FIG. 10 is a specific implementation manner.
  • multiple modems in the terminal can be connected to only the same CPU, for example, Modeml and Modem2 can be connected only to CPU1, thereby helping to improve data security. Sexuality, to avoid malicious applications receiving some data through CPU2.
  • the method further includes: an update unit (not shown), and updating, according to the received update instruction, a determination condition for determining the data, so that the monitoring module is configured according to The updated determination condition is to judge the private data and the non-private data.
  • the monitoring module may be the peripheral monitoring module 104 and/or the communication monitoring module 106 shown in FIG. 2-4, or may be the CPU1 shown in FIG. CPU2 can also be the Modem (or Modeml and Modem2) shown in Figure 9-10.
  • the type of the user's private data will also change.
  • the short message, the address book, and the like belong to the user's private data
  • the power on/off password, the application protection password, the terminal anti-theft password, and the screen unlock password are also private data of the user, and the data is selected by thinning.
  • the update of the judgment conditions makes the selection of data more accurate, thereby ensuring the security of the user's private data.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can be embodied in the form of one or more computer program products embodied on a computer-usable storage medium (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer usable program code.
  • a computer-usable storage medium including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • a terminal which can make different types of data in the terminal be processed by different processors, and can be identified by type for data input to the processor. Accurate input into the first processor or the second processor avoids data crossover and effectively improves the security of the terminal.
  • first and second are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
  • the term “plurality” refers to two or more, unless specifically defined otherwise.

Landscapes

  • Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un terminal, qui comprend : un premier processeur et un second processeur, utilisés pour traiter différents types de données dans le terminal, respectivement; et un module de surveillance externe, utilisé pour réaliser une détermination de type sur les données provenant d'un dispositif externe du terminal puis déterminer, en fonction d'un résultat de détermination, de transmettre les données au premier processeur ou au second processeur. Grâce à la solution technique de la présente invention, différents types de données dans le terminal peuvent être traités par différents processeurs et l'identification de type est réalisée pour les données entrées dans le processeur, de sorte que les données soient correctement entrées dans le premier processeur ou le second processeur, ce qui évite que les données ne se croisent et améliore efficacement la sécurité du terminal.
PCT/CN2013/084356 2013-07-30 2013-09-26 Terminal WO2015014015A1 (fr)

Applications Claiming Priority (16)

Application Number Priority Date Filing Date Title
CN201310326660.4 2013-07-30
CN201310326660.4A CN103400086B (zh) 2013-07-30 2013-07-30 一种终端
CN201310327027.7 2013-07-30
CN201310326690.5 2013-07-30
CN2013103270277A CN103391190A (zh) 2013-07-30 2013-07-30 终端和数据处理方法
CN201310325579.4 2013-07-30
CN201310326703.9A CN103390138B (zh) 2013-07-30 2013-07-30 一种终端
CN201310325472.X 2013-07-30
CN201310325602.X 2013-07-30
CN2013103267221A CN103391189A (zh) 2013-07-30 2013-07-30 终端和数据处理方法
CN201310326690.5A CN103369148B (zh) 2013-07-30 2013-07-30 终端和数据处理方法
CN201310325602.XA CN103402014B (zh) 2013-07-30 2013-07-30 终端和数据处理方法
CN201310325472XA CN103402013A (zh) 2013-07-30 2013-07-30 终端和数据处理方法
CN201310326703.9 2013-07-30
CN201310326722.1 2013-07-30
CN201310325579.4A CN103400084B (zh) 2013-07-30 2013-07-30 一种终端

Publications (1)

Publication Number Publication Date
WO2015014015A1 true WO2015014015A1 (fr) 2015-02-05

Family

ID=52430917

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/084356 WO2015014015A1 (fr) 2013-07-30 2013-09-26 Terminal

Country Status (1)

Country Link
WO (1) WO2015014015A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1794256A (zh) * 2004-12-23 2006-06-28 因芬尼昂技术股份公司 数据处理设备、电信终端设备和借助数据处理设备处理数据的方法
CN101304322A (zh) * 2008-06-30 2008-11-12 杭州华三通信技术有限公司 一种网络设备和报文转发方法
CN101860894A (zh) * 2010-03-04 2010-10-13 宇龙计算机通信科技(深圳)有限公司 一种移动终端处理器间通讯的系统、方法及移动终端
CN102857999A (zh) * 2012-05-14 2013-01-02 中兴通讯股份有限公司 多模终端及多模终端的业务实现方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1794256A (zh) * 2004-12-23 2006-06-28 因芬尼昂技术股份公司 数据处理设备、电信终端设备和借助数据处理设备处理数据的方法
CN101304322A (zh) * 2008-06-30 2008-11-12 杭州华三通信技术有限公司 一种网络设备和报文转发方法
CN101860894A (zh) * 2010-03-04 2010-10-13 宇龙计算机通信科技(深圳)有限公司 一种移动终端处理器间通讯的系统、方法及移动终端
CN102857999A (zh) * 2012-05-14 2013-01-02 中兴通讯股份有限公司 多模终端及多模终端的业务实现方法

Similar Documents

Publication Publication Date Title
US10678913B2 (en) Apparatus and method for enhancing security of data on a host computing device and a peripheral device
EP3329416B1 (fr) Gestion sécurisée de dispositifs d'entrée/sortie
US11294846B2 (en) System, apparatus and method for secure communication on a bus
WO2016049076A1 (fr) Sécurisation de communications audio
WO2014194793A1 (fr) Procédé d'utilisation de dispositif partagé dans un appareil pouvant faire fonctionner deux systèmes d'exploitation
US20230071723A1 (en) Technologies for establishing secure channel between i/o subsystem and trusted application for secure i/o data transfer
WO2017016070A1 (fr) Procédé de partage, appareil de partage et système de partage pour une carte sim virtuelle
WO2019154175A1 (fr) Procédé et système d'accès à des services de ressources
US11727153B2 (en) Multi-master security circuit
WO2016082549A1 (fr) Procédé et appareil permettant d'établir une mise en correspondance de dispositifs
CN113449347B (zh) 微处理器、数据处理方法、电子设备和存储介质
US11997192B2 (en) Technologies for establishing device locality
WO2016136223A1 (fr) Dispositif d'interconnexion, dispositif de gestion, système d'ordinateur à ressources désassemblées, procédé et programme
TWI541657B (zh) 提供主機即時切換及分享通用串列匯流排(usb)電子設備之電子裝置
WO2016115833A1 (fr) Appareil de traitement de données et procédé de traitement de données
WO2015014015A1 (fr) Terminal
EP4170971A1 (fr) Réseau sécurisé de point d'extrémité
US10585689B1 (en) Shared memory interface for application processes
US20230025979A1 (en) Systems and methods for peripheral device security
CN106899545A (zh) 一种终端安全通信的系统和方法
WO2015014017A1 (fr) Terminal, procédé d'équilibrage de charge, et appareil d'équilibrage de charge
JP2015216450A (ja) 情報処理装置、情報処理システム及び中継プログラム
TWM494348U (zh) 提供主機即時切換及分享通用串列匯流排(usb)電子設備之電子裝置
US9942196B2 (en) Canonical network isolator component
WO2015014014A1 (fr) Terminal, et procédé et système pour l'interaction de données

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13890338

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13890338

Country of ref document: EP

Kind code of ref document: A1