WO2016101660A1 - 终端位置信息保护方法及智能终端 - Google Patents
终端位置信息保护方法及智能终端 Download PDFInfo
- Publication number
- WO2016101660A1 WO2016101660A1 PCT/CN2015/089812 CN2015089812W WO2016101660A1 WO 2016101660 A1 WO2016101660 A1 WO 2016101660A1 CN 2015089812 W CN2015089812 W CN 2015089812W WO 2016101660 A1 WO2016101660 A1 WO 2016101660A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- app
- location
- level
- current
- user
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72448—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
- H04M1/72457—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to geographic location
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/52—Network services specially adapted for the location of the user terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/02—Access restriction performed under specific conditions
- H04W48/04—Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72448—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
- H04M1/72463—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Definitions
- the present invention relates to the field of terminal security, and in particular, to a terminal location information protection method and an intelligent terminal.
- Geographic location information is one of the most popular data collected by various APPs (short for applications) on smart terminals, and is also the key data that many APPs rely on to perform their core business.
- Location information is usually represented by location coordinates, which may be an important contextual geographic data that may reveal user privacy or even trade secrets. For example, if a user appears multiple times in a mental hospital, it may imply that the user may have a mental illness; the CEO of a large company repeatedly appears in another company's position, suggesting that the company is planning an acquisition or significant Commercial transactions. Therefore, it is imperative to prevent the APP from excessively collecting the user's location information and protecting the user's privacy.
- location information is the core data that many APP's business logic relies on. If you can't get location data, many functions can't be executed normally (such as maps, location-based queries, location-based social, etc.).
- Intelligent terminals can use a variety of devices and facilities to achieve location information, such as GPS (Global Positioning System), wireless base stations.
- GPS positioning takes a long time, and the power consumption in the process is relatively large, but the positioning accuracy is high.
- the wireless base station has a fast positioning speed and a small power consumption, but the accuracy is not as good as GPS.
- various APPs use a unified location API (Application Programming Interface) to read the current location data of the terminal, and the location data is returned to the APP in the form of latitude and longitude coordinates, such as (124.123, 87.231). Since location is an important data resource, the smart terminal operating system uses permissions to protect this resource. When the APP calls the API to read the terminal location, the operating system will first check if the APP is Obtain the appropriate permissions. If you do not have this permission, the APP access location will be rejected.
- API Application Programming Interface
- Some existing APP rights management schemes such as mobile phone housekeepers and security butlers, allow users to deprive the already installed APP of the right to read the geographical location, so that the APP cannot read the user's location. Once the APP is deprived of location rights, it can't read the user's real location, which affects the normal business functions of the APP, such as map location query, location-based social, and so on. Although the user can re-grant the APP location permissions, the user needs to decide when to deprive the APP of the location permissions, and when to re-grant the location permissions of the APP.
- This process is cumbersome and cumbersome, and requires the user to have specific knowledge to determine whether each APP can read the location data at this time, affecting the normal operation of the APP.
- the human operation is slow, and it is difficult to ensure that the APP does not read the location where the user does not want the APP to read, and the protection of the location information is insufficient.
- the embodiment of the invention provides a terminal location information protection method and an intelligent terminal, which can more effectively ensure the normal operation of the APP and more powerfully protect the location information of the smart terminal.
- An aspect of the present invention provides a method for protecting a terminal location information of a terminal, the method comprising:
- the APP Retrieving the current location coordinates of the smart terminal in response to the location query request from the APP; the APP is installed in an operating system running by the smart terminal;
- the privacy sensitivity level of the region where the current location coordinate is located corresponds to the difficulty level of the APP obtaining the current location coordinate, and the privacy sensitivity level of the region where the current location coordinate is located is higher. , the APP is more difficult to obtain the current position coordinates;
- the location trust level of the APP corresponds to the difficulty level of the APP obtaining the current location coordinates, and the higher the location trust level of the APP, the lower the difficulty for the APP to obtain the current location coordinates;
- a corresponding response manner to the location query request from the APP is determined according to the location trust level of the APP and the privacy sensitivity level of the region where the current location coordinates are located.
- obtaining the location trust level of the APP in the foregoing method specifically includes:
- the location trust level of the APP is obtained according to the source of the APP and the user identity inference capability of the APP; the user identity inference capability of the APP indicates the APP's ability to identify the identity of the smart terminal user.
- obtaining the location trust level of the APP according to the source of the APP and the user identity inference capability of the APP in the foregoing method specifically includes:
- determining a corresponding response manner to a location query request from the APP according to a location trust level of the APP and a privacy sensitivity level of the region where the current location coordinate is located including:
- the method for responding to a location query request from the APP includes: rejecting a location query request from the APP.
- the method for responding to the location query request from the APP includes: alerting the smart terminal user that the APP is attempting to access the current location.
- the method for responding to the location query request from the APP includes: recording the current access behavior of the APP.
- the method for responding to a location query request from the APP includes:
- the false position coordinates are any one of a randomly generated position coordinate, a coordinate of a position near the current position, and a coordinate representing a larger area to which the current position belongs.
- Another aspect of the present invention provides an intelligent terminal, where the smart terminal includes:
- a location obtaining module configured to obtain a current location coordinate of the smart terminal in response to a location query request from the APP;
- the APP is installed in an operating system running by the smart terminal;
- a privacy level obtaining module configured to acquire a privacy sensitivity level of an area where the current location coordinate acquired by the location acquiring module is located, where a privacy sensitivity level of the area where the current location coordinate is located corresponds to a difficulty level of the APP obtaining the current location coordinate, The higher the privacy sensitivity level of the area where the current location coordinates are located, the higher the difficulty for the APP to obtain the current location coordinates;
- a trust level obtaining module configured to obtain a location trust level of the APP, where the location trust level of the APP corresponds to the difficulty level of the APP obtaining the current location coordinate, and the higher the location trust level of the APP, the APP obtains the current The lower the difficulty of the position coordinates;
- a location processing module configured to determine, according to the location trust level of the APP obtained by the module, the privacy sensitivity level of the region where the current location coordinate obtained by the privacy level obtaining module is located, and determine a corresponding location query request from the APP Ground response method.
- the trust level acquisition module is specifically configured to:
- the location processing module includes:
- the response mode determining unit is specifically configured to:
- the false position coordinates are any one of a randomly generated position coordinate, a coordinate of a position near the current position, and a coordinate representing a larger area to which the current position belongs.
- the response mode determining unit is specifically configured to: log the current access behavior of the APP.
- the response mode determining unit is specifically configured to reject a location query request from the APP.
- the response mode determining unit is specifically configured to:
- the embodiment of the present invention automatically determines whether the APP accesses the current location according to the location sensitivity level of the APP and the privacy sensitivity level of the area where the current location coordinates are located, by classifying the APP into a location with different privacy sensitivity levels. It will form a privacy leak, determine the specific response method for the location query request from the APP, and restrict the APP to access the user's real location if necessary, and can more effectively protect the location information of the terminal without requiring the user to manually deprive and open the APP. The location permission can more effectively guarantee the normal business function of the APP.
- FIG. 1 is a schematic diagram of an application scenario of a terminal location information protection method according to an embodiment of the present invention
- FIG. 2 is a schematic diagram of still another application scenario of the solution of the embodiment of the present invention.
- FIG. 3 is a flowchart of a method for protecting location information of a terminal according to an embodiment of the present invention
- FIG. 4 is a structural diagram of an intelligent terminal according to an embodiment of the present invention.
- FIG. 5 is a structural diagram of an intelligent terminal according to an embodiment of the present invention.
- the embodiment of the present invention performs location trust grading according to the ability and source of the APP to infer the user identity, and automatically determines whether the APP accesses the current location to form a privacy leak by dividing the user activity range into regions with different privacy sensitivity levels.
- the user protects the privacy and restricts the APP to the real location of the user only when necessary, and tries to ensure the normal business function of the APP.
- the solution may be implemented as one or several modules in the intelligent terminal, and may optionally be implemented as a function module executed in an operating system location API.
- the main protection object is location data generated by the intelligent terminal, and the main control object is an intelligent terminal.
- the timing of the trigger is when the APP accesses the current location of the terminal by calling the system location API.
- the APP in the intelligent terminal system acquires the current location of the terminal by calling the location API.
- the API executes the current location coordinates are acquired by the location acquisition module, where the location acquisition module is part of the terminal system, and may be through the GPS device or through the wireless base station. Contact to get the location coordinates.
- the location acquisition module can be a GPS device or a terminal antenna.
- APP calls the location API to obtain the location of the smart terminal
- the location API starts executing, and the location acquisition module is called to obtain the current location coordinates
- the location processing module acquires the coordinates returned by the location acquisition module, and processes the coordinate data according to the current APP location trust level and the privacy sensitivity level of the current location.
- the location processing module returns the processed coordinates to the API
- the API returns the processed position coordinates to the APP, and the API execution ends.
- the location processing module is the focus of the entire system, which provides a process for how to process the coordinates returned by the location acquisition module.
- the terminal location information protection scheme provided by the embodiment of the present invention is triggered when the APP program calls the location API to access the current location coordinates. Specifically, after the location API is executed, the current location coordinates are determined by the GPS or the wireless base station, and before being returned to the APP, the location processing module performs corresponding processing on the current location coordinates.
- FIG. 2 is a schematic diagram of still another application scenario of the solution according to the embodiment of the present invention.
- the location processing module obtains the coordinates returned by the location acquiring module
- the location sensitivity level of the current APP location and the privacy sensitivity level of the current location are The coordinate data is processed, and after completion, the logic returned to the location API is returned, and the processed coordinate data is returned to the location API.
- the location trust level of the current APP can be obtained through the APP location trust level database.
- the APP location trust level database records the package path of each APP (ie, the source of the APP) and the corresponding location trust level.
- the privacy sensitivity level of the area where the current location is located may be obtained through the regional privacy sensitivity level database.
- the area privacy sensitivity level database records the location range of each area and the privacy sensitivity level of each area.
- an embodiment of the present invention provides a terminal location information protection method, where the method includes:
- S101 Acquire a current location coordinate of the smart terminal in response to a location query request from the APP; the APP is installed in an operating system running by the smart terminal;
- the APP can acquire the location of the smart terminal by calling the location API.
- the APP program call location API triggers the acquisition of the current position coordinates of the terminal.
- an APP wants to query the current location coordinates of the smart terminal, it sends a query request for the current location by calling the location API. After receiving the location query request, the location API triggers an action of acquiring the current location coordinates of the smart terminal.
- the terminal may determine the current location coordinates through a GPS or a wireless base station.
- S102 Obtain a privacy sensitivity level of an area where the current location coordinate is located.
- the privacy sensitivity level of the area where the current location coordinate is located corresponds to the difficulty level of the current location coordinate of the APP.
- the privacy sensitivity level of the region in which the current location is located may be obtained through a regional privacy sensitivity level database.
- the area privacy sensitivity level database records the location range of each area and the privacy sensitivity level of each area.
- the privacy sensitivity level of the area in which the current location is located may be specified by the user.
- the location trust level of the APP corresponds to the difficulty level of the APP to obtain the current location coordinate. The higher the location trust level of the APP, the difficulty for the APP to obtain the current location coordinate. The lower
- the location trust level of the APP can be obtained through the APP location trust level database.
- the APP location trust level database records the package path of each APP (ie, the source of the APP) and the corresponding location trust level.
- the location trust level of the APP may be calculated based on the APP's ability to infer the user's identity (generally referred to as the user identity inference capability of the APP) and the source of the APP.
- the processing method of the location query request of the APP may be restricted.
- the specific restriction manner may include one or a combination of the following ways:
- the APP's location query request can return the true current location coordinates.
- the APP first classifies the user's identity inference ability and the source of the APP according to the APP, and respectively assigns different location trust levels to the APP; and then divides the daily activity range of the user into different according to rules or user-specified data.
- a privacy-sensitive location area when a user carries a smart terminal into a privacy-sensitive area, the privacy sensitivity of the current location coordinates is determined according to the privacy sensitivity level of the area, and then the APP-based location trust level and current location privacy are determined.
- Sensitivity handles the access (query request) of each APP to the current location.
- the embodiment of the present invention automatically determines whether the APP accesses the current location according to the location sensitivity level of the APP and the privacy sensitivity level of the area where the current location coordinates are located, by classifying the APP into a location with different privacy sensitivity levels. It will form a privacy leak, determine the specific response method for the location query request from the APP, and restrict the APP to access the user's real location if necessary, and can more effectively protect the location information of the terminal without requiring the user to manually deprive and open the APP. The location permission can more effectively guarantee the normal business function of the APP.
- the embodiment of the invention provides a geographical location protection scheme based on geographic region privacy sensitivity and APP identity recognition capability, taking into account the user's location privacy protection requirement and the location-based service function availability of the APP, so that the APP only does not endanger the user privacy.
- the user's location can be read, and at the same time, the business function of the APP is not disturbed.
- the solution ensures that only those applications with high location credibility can access the user's real location coordinates; for insensitive location areas, as many APPs as possible can access the user's real location.
- step S102 For the "privacy sensitivity level of the area where the current location coordinates are located" mentioned in step S102, there are various ways to obtain the privacy sensitivity level of different areas, as follows:
- the user's activity area always has some repetitiveness. For example, most users will go back and forth according to a fixed line. For example, the CEO who plans to acquire the company may need to go to another company several times to discuss the acquisition terms.
- the system can automatically determine the privacy sensitivity of the current location and control the current location according to the relevant location protection policy. The visibility of locations to different APPs with different levels of trust.
- an area is a collection of consecutive geographical locations having the same privacy sensitivity level.
- the user may be an area on the way to and from work because the area is geographically continuous and each position thereof Have the same privacy sensitivity.
- a range of 500 meters around a building can also be an area.
- different regions and their corresponding privacy sensitivity levels may be specified by the user via the map APP.
- map app Through a map app, users use their fingers to directly map some privacy-sensitive areas on the touch screen and then specify the corresponding privacy sensitivity level.
- the subsequent area only needs to match the area where the current position coordinates are located and the area specified by the user, thereby obtaining the privacy sensitivity level of the area where the current position coordinates are located.
- the user is allowed to pre-set the privacy sensitivity level of the current route to be passed in the smart terminal, and record the geographical location actually taken by the user, and use the preset privacy sensitivity level for the location. mark. Later, when the user repeatedly enters the same area, the privacy sensitivity level of the current location can be automatically determined according to the previous mark.
- the privacy sensitivity level of the current position can be automatically determined according to the previous mark.
- the user may also set the privacy sensitivity level of the new area automatically acquired/determined by the smart terminal.
- the terminal queries the server or other nearby users for the privacy sensitivity level of the new location or area, and then directly uses the server's recommended value or an average of other user settings.
- the method of (3) above can be used to obtain the privacy sensitivity level of the area.
- an area privacy sensitivity level database may be established, where the database records the location range of each area and corresponding to each area. The level of privacy sensitivity. When you subsequently determine the privacy sensitivity level of the current location, you can search directly in the database.
- the privacy sensitivity level of the current location may still be obtained according to one or more of the foregoing three methods, and the result is updated. In the database.
- the location trust level of the APP may be obtained in multiple ways, as follows:
- the three ways can be used separately or in combination with each other.
- the three ways are:
- a list of trust levels of the APP may be preset in the terminal device, and may be directly queried to determine the location trust level of the APP. This list can be upgraded or updated.
- the APP's trust level list can be obtained directly or in real time from an external server (the list can be upgraded or updated), or the location trust level of the APP can be queried to the server when a new APP is installed, and the trust level of the APP is usually saved on the server. List.
- the APP's location trust level T can be calculated based on the source of the APP and/or the user identity inference ability of the APP.
- the user identity inference capability of the APP indicates the ability of the APP to identify the identity of the smart terminal user.
- m be [0, 1] represent the trust given to the source of the APP, where 0 is the lowest trust, 1 is the highest trust; n belongs to [0, 1] represents the user identity inference ability of the APP, where 0 There is no identity inference ability at all, and 1 is that the APP completely knows the identity of the user.
- the user identity inference capability of the APP is the coefficient used in determining the location trust level of the APP.
- the trust degree m given to the source of the APP reflects the application market information from the developer of the APP and the APP.
- the APP developer can confirm according to the signature on the APP, and the APP comes from
- the application market can be recorded when the APP is downloaded, and the user can set his own trust level to different APP developers or APP application markets or be uniformly recommended by the cloud.
- the APP location trust level database records the package path of each APP (ie, the source of the APP) and the corresponding location trust level.
- the trust level of the APP may be updated in the APP trust level list.
- an APP location trust level database may be established based on the APP's trust level list, where the APP location trust level database records the package path of each APP (ie, the source of the APP) and the corresponding location trust level.
- the location trust level of the APP that currently requests the query address is subsequently determined, it can be directly searched in the database.
- the location trust level of the APP that currently requests the query address may still be calculated according to the foregoing method (3), and the result is updated. In the database.
- n of the APP there are various calculation methods as follows, which can be comprehensively judged by using one or more combined methods:
- Social class (such as mobile QQ, WeChat, etc.) has a strong user identity inference ability because it has a lot of social information;
- the general document reading and map APP's user identity inference ability is weak.
- the degree of influence of each permission in the system on the inferred user identity is different, such as reading a short message, reading a contact list, reading a web browsing record, etc., which are more easily utilized and inferred user identity.
- Different weights can be set for these rights, and the weight of the APP can be calculated to obtain the identity judgment capability n of the APP.
- the value of the user identity inferring ability of the APP is n value.
- the APP can easily infer the user identity under the same permission status, so the value of n should be increased. For another example, if the number of short messages is greater than a certain threshold, the weight of the “read SMS” permission in the above b method can be adjusted.
- the same developer's APP can share data through the underlying system. If the APP has an associated APP (the same developer) in the user's terminal, the value of the APP is raised.
- the n value of the APP can be reduced in this case
- the n value of the APP can be adjusted.
- APP's user identity inference ability can also be judged by the cloud by analyzing the code of the APP and determining whether it will collect user identity information.
- step S104 The method for determining the processing of the location query request for the APP according to the privacy sensitivity level of the location of the APP and the location sensitivity of the current location coordinates mentioned in step S104 is as follows:
- the real number using the interval [0, 1] represents the location trust level T of the APP, 0 corresponds to the lowest location trust level, and 1 corresponds to the highest location trust level.
- T The specific calculation manner of T has been described in detail in the above embodiments, and details are not described herein again.
- the real number in the interval [0,1] represents the privacy sensitivity level L of the region.
- the privacy level of the region can be divided into three levels: public, generally sensitive, sensitive, corresponding to values 0, 0.6, 1.0, respectively. .
- the values may be appropriately adjusted, for example, may be adjusted to 0, 0.5, and 0.8, and the present invention is not particularly limited.
- step S104 includes:
- the access restriction includes alerting the user that the APP is accessing the user location, logging the current access behavior, or returning to a fake location (eg, a random value, a location near the real location, a blur representing a larger area) Value, etc.).
- a fake location eg, a random value, a location near the real location, a blur representing a larger area
- the embodiment of the present invention first classifies the user's identity inference ability according to the APP and the source of the APP, and respectively assigns different location trust levels; then divides the user's daily activity range into rules according to rules or user-specified data.
- a location area with different privacy-sensitive levels when a user carries a smart terminal into an area with a privacy-sensitive level, the privacy sensitivity of the current location coordinates is determined according to the privacy sensitivity level of the area, and then based on the location trust level of the APP and the current Location privacy sensitivity limits access by the APP to the current location.
- a region is a collection of consecutive geographic locations with the same level of privacy sensitivity.
- the user can be an area on the way to and from work because the area is geographically continuous and each location has the same privacy sensitivity. Sex.
- a range of 500 meters around a building can also be an area.
- the APP's ability to infer the user's identity and the source of the APP are decisive for determining whether the APP may compromise the user's privacy when reading the user's location data.
- the APP source refers to the APP developer and the application market or website where the user downloads the APP. These factors have an important influence on whether the APP may maliciously infer the user's identity and steal the user's privacy.
- an APP can infer the identity of the user on a large program (for example, Zhang San), then when the user appears in a more sensitive location (such as a mental hospital), the APP can send this sensitive information (may be mentally ill) The disease is linked to a specific user, thus forming a privacy leak such as "Zhang San may suffer from mental illness.”
- a privacy leak such as "Zhang San may suffer from mental illness.”
- an APP is difficult to infer the user's identity, even if the APP reads the user's location in a mental hospital, because the APP cannot infer the user's identity, the APP can only get "someone may have mental illness". Such information, which does not reveal anyone's privacy because it has no identity information.
- the system can automatically determine the privacy sensitivity of the current location and control the current location according to the relevant location protection policy.
- the embodiment of the present invention automatically determines whether the APP accesses the current location according to the location sensitivity level of the APP and the privacy sensitivity level of the area where the current location coordinates are located, by classifying the APP into a location with different privacy sensitivity levels. It will form a privacy leak, determine the specific response method for the location query request from the APP, and restrict the APP to access the user's real location if necessary, and can more effectively protect the location information of the terminal. The user manually deprives and opens the location permission of the APP, which can more effectively ensure the normal business function of the APP.
- the embodiment of the invention provides a geographical location protection scheme based on geographic region privacy sensitivity and APP identity recognition capability, taking into account the user's location privacy protection requirement and the location-based service function availability of the APP, so that the APP only does not endanger the user privacy.
- the user's location can be read, and at the same time, the business function of the APP is not disturbed.
- the solution ensures that only those applications with high location credibility can access the user's real location coordinates; for insensitive location areas, as many APPs as possible can access the user's real location.
- an embodiment of the present invention discloses an intelligent terminal, where the terminal includes:
- the location obtaining module 110 is configured to obtain a current location coordinate of the smart terminal in response to a location query request from the APP.
- an APP wants to query the current location coordinates of the smart terminal, it sends a query request for the current location by calling the location API. After receiving the location query request, the location API triggers the action of acquiring the current location coordinates of the smart terminal, and acquires the current location coordinates of the smart terminal by using the location acquisition module 110.
- the privacy level obtaining module 120 is configured to obtain a privacy sensitivity level of the area where the current location coordinates acquired by the location acquiring module 110 is located, where the privacy sensitivity level of the area where the current location coordinates are located corresponds to the difficulty level of the APP obtaining the current location coordinates; The higher the privacy sensitivity level of the area where the current location coordinates are located, the higher the difficulty for the APP to obtain the current location coordinates;
- the specific manner of how the privacy level obtaining module 120 obtains the privacy sensitivity level of the current location coordinate is described in detail in the description of the foregoing method embodiment in the step S102, and details are not described herein again.
- the trust level obtaining module 130 is configured to obtain a location trust level of the APP, where the location trust level of the APP corresponds to the difficulty level of the APP to obtain the current location coordinate; the higher the location trust level of the APP, the APP obtains The lower the difficulty of the current position coordinate;
- the location processing module 140 is configured to determine, according to the location trust level of the APP acquired by the trust level obtaining module 130 and the privacy sensitivity level of the area where the current location coordinates acquired by the privacy level obtaining module 120 is located, and determine correspondingly the location query request for the APP. How to respond.
- the location processing module 140 includes:
- the access restriction includes alerting the user that the APP is accessing the user location, logging the current access behavior, or returning to a fake location (eg, a random value, a location near the real location, a blur representing a larger area) Value, etc.).
- a fake location eg, a random value, a location near the real location, a blur representing a larger area
- the user activity range is divided into regions with different privacy sensitivity levels, and it is automatically determined whether the APP accesses the current location may form a privacy leak, and if necessary, restricts the APP to access the user.
- the location can protect the location information of the terminal more flexibly and try to ensure the normal business function of the APP.
- the embodiment of the invention provides an intelligent terminal that takes into account the location privacy protection requirements of the user and the availability of the location-based service function of the APP, so that the APP can read the user's location only without jeopardizing the user's privacy, and try to do the best. Ensure that the business functions of the APP are not disturbed. Specifically, for sensitive location areas, the solution ensures that only those applications with high location credibility can access the user's real location coordinates; for insensitive location areas, as many APPs as possible can access the user's real location. To ensure the normal business function of the APP; and to automatically determine the privacy sensitivity of the location according to the different geographical activity rules of the users, and apply a corresponding privacy protection strategy.
- FIG. 5 is a schematic structural diagram of an intelligent terminal according to an embodiment of the present invention; wherein the smart terminal includes an RF circuit 1201, a Wi-Fi module 1202, a display unit 1203, an input unit 1204, a first memory 1205, and a first A hardware module such as a memory 1206, a processor 1207, a power supply 1208, and a GPS module 1209.
- the terminal 1200 can be a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), or a vehicle-mounted computer.
- PDA Personal Digital Assistant
- the RF circuit 1201 is used to transmit and receive communication signals, and the Wi-Fi module 1202 is used to connect to the network and scan network signals.
- the RF circuit 1201 and/or the Wi-Fi module 1202 can contact the wireless base station to obtain the current location coordinates of the smart terminal.
- the display unit 1203 is used to display a user interaction interface, and the display unit 1203 can be used to display information input by the user or information provided to the user and various menu interfaces of the smart terminal.
- the display unit 1203 may include a display panel.
- the display panel may be configured in the form of an LCD (Liquid Crystal Display) or an OLED (Organic Light-Emitting Diode).
- the touch panel covers the display panel to form a touch display screen, and the processor 1207 provides a corresponding visual output on the touch display screen according to the type of the touch event.
- the input unit 1204 can be configured to receive input numeric or character information, receive user switching application interface operations, and generate switching signals, and generate signal inputs related to user settings and function control of the terminal.
- the input unit 1204 may include a touch panel, also referred to as a touch screen, which can collect touch operations on or near the user (such as a user using a finger, a stylus, or the like, any suitable object or accessory).
- the touch panel can be realized by various types such as resistive, capacitive, infrared, and surface acoustic waves.
- the input unit 1204 may also include other input devices including, but not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackballs, mice, joysticks, and the like. .
- function keys such as volume control buttons, switch buttons, etc.
- trackballs mice, joysticks, and the like.
- the first memory 1205 stores the preset number of APPs and the interface information of the terminal. It can be understood that the second memory 1206 can be the external storage of the terminal 1200, and the first memory 1205 can be the memory of the smart terminal.
- the first memory 1205 may be one of an NVRAM nonvolatile memory, a DRAM dynamic random access memory, an SRAM static random access memory, a flash flash memory, and the like; an operating system running on the smart terminal is usually mounted on the first memory 1205.
- the second memory 1206 can be a hard disk, an optical disk, a USB disk, a floppy disk or a tape drive, a cloud server, or the like. Alternatively, some third party apps may now be installed on the second memory 1206.
- the processor 1207 is a control center of the intelligent terminal, and connects various parts of the entire terminal by using various interfaces and lines, by running or executing software programs and/or modules stored in the first memory 1205, and calling the second part stored therein.
- the data in the memory 1206 performs various functions and processing data of the smart terminal.
- the processor 1207 can include one or more processing units.
- the power supply 1208 can power the entire terminal, including various types of lithium batteries.
- the GPS module 1209 is configured to acquire the position coordinates of the smart terminal.
- the APP invokes a location API of an operating system installed in the first memory 1205 to obtain the location of the smart terminal;
- the processor 1207 calls the GPS module 1209 or the RF circuit 1201 or the Wi-Fi module 1202 to obtain the current position coordinates of the smart terminal;
- the processor 1207 processes the current location coordinate data according to the current APP location trust level and the privacy sensitivity level of the current location by calling the processing program stored on the first memory 1205;
- the processor 1207 returns the processed coordinates to the API
- the API returns the processed position coordinates to the APP, and the API execution ends.
- the embodiment of the present invention automatically determines whether the APP accesses the current location according to the location sensitivity level of the APP and the privacy sensitivity level of the area where the current location coordinates are located, by classifying the APP into a location with different privacy sensitivity levels. It will form a privacy leak, determine the specific response method for the location query request from the APP, and restrict the APP to access the user's real location if necessary, and can more effectively protect the location information of the terminal without requiring the user to manually deprive and open the APP. The location permission can more effectively guarantee the normal business function of the APP.
- the embodiment of the invention provides an intelligent terminal that takes into account the location privacy protection requirements of the user and the availability of the location-based service function of the APP, so that the APP can read the user's location only without jeopardizing the user's privacy, and try to do the best. Ensure that the business functions of the APP are not disturbed. Specifically, for sensitive location areas, the solution ensures that only those applications with high location credibility can access the user's real location coordinates; for insensitive location areas, as many APPs as possible can access the user's real location. To ensure the normal business function of the APP; and to automatically determine the privacy sensitivity of the location according to the different geographical activity rules of the user. And apply the corresponding privacy protection strategy.
- the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Environmental & Geological Engineering (AREA)
- Human Computer Interaction (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
- Traffic Control Systems (AREA)
Abstract
本发明实施例公开了一种智能端位置信息保护方法,该方法包括:响应来自APP的位置查询请求,获取该智能终端的当前位置坐标;获取该当前位置坐标所在区域的隐私敏感级别;获取该APP的位置信任级别;根据该APP的位置信任级别和该当前位置坐标所在区域的隐私敏感级别,确定对来自该APP的位置查询请求的相应地响应方式。另外本发明实施例还公开了一种智能终端。通过本发明所公开的方案,能有力度的保护该智能终端的位置信息。
Description
本申请要求于2014年12月22日提交中国专利局、申请号为201410811351.0、发明名称为“终端位置信息保护方法及智能终端”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本发明涉及终端安全领域,特别涉及一种终端位置信息保护方法及智能终端。
地理位置信息是智能终端上各种APP(应用程序的简称)最热衷收集的数据之一,也是很多APP执行其核心业务所依赖的关键性数据。位置信息通常通过位置坐标来表示,位置坐标作为一种重要的具有上下文的地理数据可能可能泄露用户隐私,甚至是商业机密。例如一个用户多次出现在一个精神医院,可以暗示该用户可能患有某种精神疾病;一个大公司的CEO反复出现在另一个公司的位置上,可以暗示这家公司正在计划某种收购或者重大商业交易。所以避免APP过度收集用户的位置信息,保护用户隐私势在必行。另一方面,位置信息是很多APP的业务逻辑所依赖的核心数据,如果不能得到位置数据,很多功能就没法正常执行(如地图、基于位置的查询、基于位置的社交等)。
智能终端可以利用多种设备和设施实现对位置信息的获取,如GPS(Global Positioning System,全球定位系统)、无线基站。GPS定位所需要时间较长,过程中耗电量比较大,但定位精度较高。无线基站定位速度快,过程耗电量小,但精度不如GPS。在智能终端中,各种APP使用统一的位置API(Application Programming Interface,应用程序接口)来读取终端当前的位置数据,位置数据以经纬度坐标的形式返回给APP,如(124.123,87.231)。由于位置是一种重要的数据资源,智能终端操作系统使用权限来保护这一资源。当APP调用API读取终端位置时,操作系统会首先检查APP是否
取得相应的权限,如果没有此权限,则会拒绝APP访问位置。
现有的一些APP权限管理方案,如手机管家、安全管家,允许用户在剥夺已经安装的APP的读取地理位置的权限,从而使得APP无法读取用户的位置。APP一旦被剥夺了位置权限,则就没法读取用户的真实位置,从而影响APP的正常业务功能,如地图位置查询、基于位置的社交等。虽然用户可以重新赋予APP位置权限,但用户需要自己决定何时剥夺那款APP的位置权限,又在何时重新赋予那款APP的位置权限。
这个过程反复繁琐,而且需要用户有专门的知识去判断每款APP是否可以在此时读取位置数据,影响APP的正常运行。另外,人为操作缓慢,也难以保证APP不会读取到用户不希望APP读取的位置,对位置信息的保护力度不够。
发明内容
本发明实施例提供一种终端位置信息保护方法及智能终端,能更有效地保证APP的正常运行和更有力度地保护该智能终端的位置信息。
本发明一方面提供一种终智能端位置信息保护方法,该方法包括:
响应来自APP的位置查询请求,获取该智能终端的当前位置坐标;该APP安装在该智能终端运行的操作系统中;
获取该当前位置坐标所在区域的隐私敏感级别;其中,该当前位置坐标所在区域的隐私敏感级别和该APP获得该当前位置坐标的难易程度对应,该当前位置坐标所在区域的隐私敏感级别越高,该APP获得该当前位置坐标的难度越高;
获取该APP的位置信任级别;其中,该APP的位置信任级别和该APP获得该当前位置坐标的难易程度对应,该APP的位置信任级别越高该APP获得该当前位置坐标的难度越低;
根据该APP的位置信任级别和该当前位置坐标所在区域的隐私敏感级别,确定对来自该APP的位置查询请求的相应地响应方式。
结合本发明一方面,在一个实例中,上述方法中的获取该APP的位置信任级别具体包括:
根据该APP的来源以及该APP的用户身份推断能力获得该APP的位置信任级别;该APP的用户身份推断能力表示该APP识别该智能终端用户身份的能力。
结合本发明一方面和上述一个实例,在又一个实例中,上述方法中的根据该APP的来源以及该APP的用户身份推断能力获得该APP的位置信任级别具体包括:
根据公式T=p*m+q*(1-n)计算APP的位置信任级别;其中,T表示该APP的位置信任级别,m为实数且属于[0,1]表示对该APP的来源所赋予的信任度;n为实数且属于[0,1]表示该APP的用户身份推断能力;p为实数且属于[0,1],q为实数且属于[0,1],且p+q=1,p和q分别表示对该APP的来源所赋予的信任度和该APP的用户身份推断能力在计算该APP的位置信任级别中所使用的系数。
结合本发明一方面及上述实例中的任一个,该根据该APP的位置信任级别和该当前位置坐标所在区域的隐私敏感级别,确定对来自该APP的位置查询请求的相应地响应方式,包括:
根据公式s=(1-T)*L计算该APP请求查询的终端当前位置坐标的综合敏感度值s;其中,*表示乘法,T表示该APP的位置信任级别,L表示该当前位置坐标所在区域的隐私敏感级别;
将该当前位置坐标的综合敏感度值s与预设的阈值比较,如果s<M,返回真实的该当前位置坐标;如果s>=M,对来自该APP的位置查询请求进行响应方式限制。
结合本发明一方面及上述实例中的任一个,该对来自该APP的位置查询请求进行响应方式限制,包括:拒绝来自该APP的位置查询请求。
结合本发明一方面及上述实例中的任一个,该对来自该APP的位置查询请求进行响应方式限制,包括:对该智能终端用户提醒该APP正在试图访问当前的位置。
结合本发明一方面及上述实例中的任一个,该对来自该APP的位置查询请求进行响应方式限制,包括:对该APP的本次访问行为进行日志记录。
结合本发明一方面及上述实例中的任一个,该对来自该APP的位置查询请求进行响应方式限制,包括:
返回虚假位置坐标给该APP,该虚假位置坐标为随机生成的位置坐标、该当前位置附近的位置的坐标、代表该当前位置所属的较大区域的坐标中的任意一个。
本发明另一方面提供一种智能终端,该智能终端包括:
位置获取模块,用于响应来自APP的位置查询请求,获取该智能终端的当前位置坐标;该APP安装在该智能终端运行的操作系统中;
隐私级别获取模块,用于获取该位置获取模块获取的当前位置坐标所在区域的隐私敏感级别;其中,该当前位置坐标所在区域的隐私敏感级别和该APP获得该当前位置坐标的难易程度对应,该当前位置坐标所在区域的隐私敏感级别越高,该APP获得该当前位置坐标的难度越高;
信任级别获取模块,用于获取该APP的位置信任级别;其中,该APP的位置信任级别和该APP获得该当前位置坐标的难易程度对应,该APP的位置信任级别越高该APP获得该当前位置坐标的难度越低;
位置处理模块,用于根据该信任级别获取模块获取的该APP的位置信任级别和该隐私级别获取模块获取的该当前位置坐标所在区域的隐私敏感级别,确定对来自该APP的位置查询请求的相应地响应方式。
结合本发明另一方面,在一个实例中,该信任级别获取模块具体用于:
根据公式T=p*m+q*(1-n)计算APP的位置信任级别;其中,T表示该APP的位置信任级别,m为实数且属于[0,1]表示对该APP的来源所赋予的信任度;n为实数且属于[0,1]表示该APP的用户身份推断能力;p为实数且属于[0,1],q为实数且属于[0,1],且p+q=1,p和q分别表示对该APP的来源所赋予的信任度和该APP的用户身份推断能力在计算该APP的位置信任级别中所使用的系数。
结合本发明另一方面和上述实例,在一个实例中,该位置处理模块包括:
综合敏感度计算单元,用于根据公式s=(1-T)*L计算该智能终端当前位置坐标的综合敏感度值s;其中,*表示乘法,T表示该APP的位置信任级别,L表示该当前位置坐标所在区域的隐私敏感级别;
响应方式确定单元,用于将该综合敏感度计算单元计算得到的当前位置坐标的综合敏感度值s与预设的阈值比较,如果s<M,返回真实的该当前位置坐标;如果s>=M,对来自该APP的位置查询请求进行响应方式限制。
结合本发明另一方面和上述实例,在一个实例中,该响应方式确定单元具体用于:
返回虚假位置坐标给该APP,该虚假位置坐标为随机生成的位置坐标、该当前位置附近的位置的坐标、代表该当前位置所属的较大区域的坐标中的任意一个。
结合本发明另一方面和上述实例,在一个实例中,该响应方式确定单元具体用于:对该APP的本次访问行为进行日志记录。
结合本发明另一方面和上述实例,在一个实例中,该响应方式确定单元具体用于:拒绝来自该APP的位置查询请求。
结合本发明另一方面和上述实例,在一个实例中,该响应方式确定单元具体用于:
对该智能终端用户提醒该APP正在试图访问当前的位置
本发明实施例通过对APP进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,根据APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别自动判定APP访问当前位置是否会形成隐私泄露,确定对来自APP的位置查询请求的具体响应方式,在必要情况下限制APP访问用户真实的位置,能更有力度地保护终端的位置信息,不需要用户手动的剥夺和开启APP的位置权限,能更有效的保证APP的正常业务功能。
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1本发明实施例提供一种终端位置信息保护方法应用场景示意图;
图2本发明实施例方案的又一应用场景示意图;
图3本发明实施例提供一种终端位置信息保护方法流程图;
图4本发明实施例提供一种智能终端结构图;
图5本发明实施例提供一种智能终端结构图。
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。
本发明实施例通过对APP按照其各自推断用户身份的能力和来源进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,自动判定APP访问当前位置是否会形成隐私泄露,帮助用户保护隐私,并只在必要情况下限制APP访问用户真实的位置,尽量保证APP的正常业务功能。
为了使本领域普通技术人员更为形象的理解本发明实施例的技术方案,下面结合图1所示的本发明实施例方案的应用场景示意图,来对本发明实施例进行介绍:
本方案可以实现成智能终端中的一个或几个模块,可选地可能实现成在操作系统位置API中执行的一个功能模块,主要保护对象是智能终端产生的位置数据,主要控制对象是智能终端中的APP,触发的时机是当APP通过调用系统位置API访问终端当前所在位置的时候。
智能终端系统中的APP通过调用位置API来获取终端当前的位置,该API执行时通过位置获取模块获取当前的位置坐标,这里位置获取模块是终端系统的一部分,可以通过GPS设备或者通过与无线基站联系获取位置坐标。例如这个位置获取模块可以是GPS器件或者终端天线。
在这里,本方案的技术方案都封装在位置处理模块中,整个系统执行流程如下:
1.APP调用位置API以便获取智能终端的位置;
2.位置API开始执行,调用位置获取模块获取当前位置坐标;
3.位置处理模块获取位置获取模块返回的坐标,根据当前APP位置信任级别、当前位置所在区域的隐私敏感级别,对坐标数据进行处理;
4.位置处理模块将处理过的坐标返回给API;
5.API将处理过的位置坐标返回给APP,API执行结束。
位置处理模块是整个系统的重点,该模块提供了如何对位置获取模块返回的坐标进行处理的过程。
本发明实施例提供的终端位置信息保护方案,在APP程序调用位置API访问当前位置坐标时被触发。具体讲,位置API执行后通过GPS或者无线基站确定了当前位置坐标后,在返回给APP之前,位置处理模块对当前位置坐标进行相应的处理。
图2为本发明实施例方案的又一应用场景示意图,如图2所示,位置处理模块获取位置获取模块返回的坐标后,根据当前APP位置信任级别、当前位置所在区域的隐私敏感级别,对坐标数据进行处理,完成后返回给位置API剩余的逻辑,即将处理后的坐标数据返回给位置API。
如图2所示,在一个实施例中,当前APP的位置信任级别可以通过APP位置信任级别数据库获得。该APP位置信任级别数据库记录了每个APP的包路径(即,APP的来源)以及对应的位置信任级别。
如图2所示,在一个实施例中,当前位置所在区域的隐私敏感级别可以通过区域隐私敏感级别数据库获得。该区域隐私敏感级别数据库记录了每个区域的位置范围以及各区域对应的隐私敏感级别。
下面对本发明技术方案的整个流程进行详细的介绍。如图3所示,本发明实施例提供一种终端位置信息保护方法,该方法包括:
S101,响应来自APP的位置查询请求,获取智能终端的当前位置坐标;该APP安装在该智能终端运行的操作系统中;
具体地,APP可以通过调用位置API来获取智能终端的位置。APP程序调用位置API触发对终端当前位置坐标的获取。
具体地,某个APP想查询智能终端的当前位置坐标时,会通过调用位置API的方式,发送对当前位置的查询请求。位置API接收到此位置查询请求后,触发获取智能终端当前位置坐标的动作。
可选地,终端可以通过GPS或者无线基站确定当前位置坐标。
S102,获取当前位置坐标所在区域的隐私敏感级别;其中,当前位置坐标所在区域的隐私敏感级别和该APP获得该当前位置坐标的难易程度对应;当前位置坐标所在区域的隐私敏感级别越高,该APP获得该当前位置坐标的难度越高;
在一个实施例中,当前位置所在区域的隐私敏感级别可以通过区域隐私敏感级别数据库获得。该区域隐私敏感级别数据库记录了每个区域的位置范围以及各区域对应的隐私敏感级别。
在一个实施例中,当前位置所在区域的隐私敏感级别可以由用户进行指定。
S103,获取该APP的位置信任级别;其中,该APP的位置信任级别和该APP获得所述当前位置坐标的难易程度对应;该APP的位置信任级别越高该APP获得该当前位置坐标的难度越低;
在一个实施例中,该APP的位置信任级别可以通过APP位置信任级别数据库获得。该APP位置信任级别数据库记录了每个APP的包路径(即,APP的来源)以及对应的位置信任级别。
在一个实施例中,该APP的位置信任级别可以根据该APP对用户身份的推断能力(通常称之为APP的用户身份推断能力)和该APP的来源来计算得到。
S104,根据该APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别,确定对该APP的位置查询请求的相应地响应方式。
可选地,如果该APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别没有达到预设的要求,例如,该APP的位置信任级别很低,当前位置坐标所在区域的隐私敏感级别很高,对该APP的位置查询请求的处理方式可以进行限制,具体的限制方式可以包括如下几种方式的一种或者多种的结合:
1、拒绝该查询请求;
2、对用户提醒该APP正在试图访问用户的位置;
3、对该APP的本次访问行为进行日志记录;
4、返回虚假位置(例如随机值、真实位置附近的某位置、代表较大区域的模糊值等)。
例如,如果该APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别达到预设的要求,例如,该APP的位置信任级别很高,当前位置坐标所在区域的隐私敏感级别很低,那么对该APP的位置查询请求可以返回真实的当前位置坐标。
本发明实施例首先对APP按照APP对用户的身份推断能力以及APP的来源进行分级,分别赋予各APP不同的位置信任级别;然后按照规则或者用户指定的数据把用户的日常活动范围划分成具有不同隐私敏感级别的位置区域;当用户携带智能终端进入某个具有隐私敏感级别的区域时,根据所在区域的隐私敏感级别决定当前位置坐标的隐私敏感性,然后基于APP的位置信任级别和当前位置隐私敏感性对各APP对所述当前位置的访问(查询请求)进行处理。
本发明实施例通过对APP进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,根据APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别自动判定APP访问当前位置是否会形成隐私泄露,确定对来自APP的位置查询请求的具体响应方式,在必要情况下限制APP访问用户真实的位置,能更有力度地保护终端的位置信息,不需要用户手动的剥夺和开启APP的位置权限,能更有效的保证APP的正常业务功能。
本发明实施例提出了一种基于地理区域隐私敏感性和APP身份识别能力的地理位置保护方案,兼顾用户的位置隐私保护需求以及APP基于位置的业务功能可用性,使得APP只有在不会危及用户隐私情况下才能读取用户的位置,同时尽力保障APP的业务功能不受干扰。具体而言,对于敏感的位置区域,本方案保证只有那些具有很高位置可信性APP才能访问用户真实的位置坐标;对于不敏感的位置区域,使得尽量多的APP能够访问到用户的真实位置,保证APP的正常业务功能;并且允许根据用户各自不同的地理区域活动规律,自动确定位置的隐私敏感性,并施加相应的隐私保护策略。
对于步骤S102中提到的“获取当前位置坐标所在区域的隐私敏感级别”,可以有多种的方式去获得不同区域的隐私敏感级别,详述如下:
通常,由于家庭和工作单位的相对固定性,大部分用户的日常活动区域一般都有一个大致的范围。用户的日常活动范围中,总有一些区域相对于其它区域更加敏感,例如用户在家中的时候更不希望自己的位置被收集从而暴漏家庭位置,而用户出现上下班的路上时则相对不太敏感。由此可见,用户可能希望在他活动范围的不同区域中实施不同的位置保护策略,以保护自己
的隐私。
另外用户的活动区域总有一定的重复性,例如大部分用户都会按照一个固定线路来回上下班,例如计划公司收购的CEO可能需要反复前往另外一家公司几次去讨论收购条款。在首次把用户的日常活动范围划分成具有不同敏感级别的区域之后,以后当用户携带智能终端进入该区域时,系统就可以自动决定当前位置的隐私敏感性,并根据相关的位置保护策略控制当前位置对具有不同位置信任级别的不同APP的可见性。
需要说明的是,在这里一个区域是一个具有相同隐私敏感级别的连续的地理位置的集合,例如用户上下班的路上可以是一个区域,因为这个区域在地理上是连续的,且其中的各个位置具有相同的隐私敏感性。再例如,一个大厦周围500米范围也可以是一个区域。
确定区域的隐私敏感级别方式可以有如下多种,可以使用一种或多种结合的方法综合判断,例如:
(1)在一种实现方式中,不同的区域及其对应的隐私敏感级别可以由用户通过地图APP指定。用户通过一款地图APP,使用手指在触屏上直接勾画出一些隐私敏感的区域然后指定对应的隐私敏感级别。
例如,用户指定完毕后,后续只需将当前位置坐标所在区域和用户指定的区域进行匹配,从而获得当前位置坐标所在区域的隐私敏感级别。
(2)在一种实现方式中,在智能终端中允许用户预先设置当前要经过的路线的隐私敏感级别,并记录用户实际走过的地理位置,并对这些位置进行使用预设的隐私敏感级别标记。以后当用户重复进入同一区域时,可以根据以前的标记,自动确定当前位置的隐私敏感级别。
例如,当前位置坐标所在区域属于上述区域时,可以根据以前的标记,自动确定当前位置的隐私敏感级别。
(3)在一种实现方式中,用户还可设置由智能终端自动获取/判断新区域的隐私敏感级别。当到达或途径一个新位置或区域时,终端向服务器或附近其他用户查询该新位置或区域的隐私敏感级别,然后直接使用服务器的推荐值或其他用户设置的平均值。
例如,如果当前位置坐标所在区域是一个新的区域,之前没有设置过隐私敏感级别,这时就可以采取上述(3)的方法获得该区域的隐私敏感级别。
可选地,通过上述三种方法中的一种或者几种预先获得各区域对的隐私敏感级别后,可以建立一个区域隐私敏感级别数据库,该数据库记录了每个区域的位置范围以及各区域对应的隐私敏感级别。后续判断当前位置所在区域的隐私敏感级别时,可以直接在该数据库中查找。
可选地,如果在该数据库中查找不到当前位置所在区域的隐私敏感级别,则仍然可以根据上述三种方法中的一种或者几种获得当前位置所在区域的隐私敏感级别,并将结果更新在数据库中。
对于步骤S103中提到的“获取该APP的位置信任级别”,可以有多种方式获取该APP的位置信任级别,详述如下:
获取APP的位置信任级别的方式可以有如下三种方式,这三种方式可以单独或者相互结合使用。这三种方式为:
(1)查询预设清单
终端设备中可能预置有APP的信任级别清单,可供直接查询确定APP的位置信任级别。该清单可被升级或更新。
(2)从外部服务器获取
可以预先或实时从外部服务器上直接获取APP的信任级别清单(该清单可被升级或更新),或在安装新APP时向服务器查询该APP的位置信任级别,服务器上通常保存有APP的信任级别清单。
(3)本地计算确定
APP的位置信任级别T可根据APP的来源和/或APP的用户身份推断能力进行计算。其中,APP的用户身份推断能力表示APP识别智能终端用户身份的能力。
设m属于[0,1]代表对APP的来源所赋予的信任度,其中0为最低信任度,1为最高信任度;n属于[0,1]代表了APP的用户身份推断能力,其中0完全没有身份推断能力,1为APP完全确知用户的身份。则可以计算APP的位置信任级别T=p*m+q*(1-n),其中p和q都属于[0,1]且p+q=1分别代表APP的来源所赋予的信任度和APP的用户身份推断能力在决定APP的位置信任级别中所使用的系数。
其中,对APP的来源所赋予的信任度m反映APP的开发者和APP来自的应用市场信息。其中APP开发者可以根据APP上的签名确认,APP来自
的应用市场可以在APP下载时进行记录,用户可以自主设置他对不同APP开发者或者APP应用市场的信任程度或者由云端统一推荐。
该APP位置信任级别数据库记录了每个APP的包路径(即,APP的来源)以及对应的位置信任级别。
可选地,通过上述方法(3)获得APP的位置信任级别后,可以将该APP的信任级别更新在APP的信任级别清单中。
可选地,可以以该APP的信任级别清单为基础建立一个APP位置信任级别数据库,该APP位置信任级别数据库记录了每个APP的包路径(即,APP的来源)以及对应的位置信任级别。后续判断当前请求查询地址的APP的位置信任级别时,可以直接在该数据库中查找。
可选地,如果在该数据库中查找不到当前请求查询地址的APP的位置信任级别,则仍然可以根据上述方法(3)来计算当前请求查询地址的APP的位置信任级别,并将结果更新在数据库中。
对于APP的用户身份推断能力n,可以有如下多种计算方法,可以使用一种或多种结合的方法综合判断:
a.目前各大APP应用市场都有对APP的分类,可以基于APP所述分类确定APP的用户身份推断能力。例如:
购物类、支付类APP(例如手机淘宝、支付宝、手机网银等)因为关联了用户的账户身份信息而具有最强的用户身份推断能力;
社交类(例如手机QQ、微信等)因为具有很多社交信息而有比较强的用户身份推断能力;
一般性的文档阅读、地图APP的用户身份推断能力比较弱。
b.根据APP具有的权限计算出APP的用户身份推断能力n。
系统中各权限对于推断用户身份的影响程度不同,例如读取短信、读取联系人清单、读取网页浏览记录等更容易被利用、推断出用户身份。可以为这些权限设置不同的权值,加权计算该APP具有的权限即可得出APP的身份判断能力n。
c.向服务器或周围其他用户获取其他用户对该APP的用户身份推断能力n的设置或建议值,将其他用户最常用的值或平均值设为用户自己终端上对该APP的n值。
d.根据用户终端上特定类型信息数量的多少,影响APP的用户身份推断能力n值。
例如:终端上存储的短信、联系人等个人信息越多,那么在相同的权限状况下,APP更容易推断出用户身份,因此n值要调大。再例如:若短信数量大于某阈值,则可调大上述b方法中“读取短信”权限的权值。
e.同一个开发者的APP之间可以通过系统底层共享数据,如果该APP在该用户的终端中有关联APP(同一个开发者),则调高该APP的n值。
f.结合APP的运行状态进行APP的用户身份推断能力n值的判断。
例如:该APP在最前端运行、用户能看到其行为时,因为用户容易发现其违规行为,所以这种情形下可降低该APP的n值;
而当APP在后台运行时,用户难以感知到其请求位置的行为,此种情形下可调高该APP的n值。
g.APP的用户身份推断能力也可以由云端通过对APP的代码进行分析,并确定其是否会收集用户身份信息来判断。
对于步骤S104中提到的“根据该APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别,确定对该APP的位置查询请求的处理方式”详述如下:
在一种实现中,使用[0,1]区间的实数代表APP的位置信任级别T,0对应于最低位置信任级别,1对应于最高位置信任级别。T的具体计算方式在上述实施例中已经详细描述,在此不再赘述。
使用[0,1]区间的实数代表区域的隐私敏感级别L,特别地,为了便于用户选择,区域的隐私级别可以分为3级别:公开、一般敏感、敏感,分别对应数值0,0.6,1.0。当然在其它实现中,可以对个数值进行适当调整,例如可以调整为0,0.5,0.8,本发明不做特别的限定。
可选地,如图3中的虚线框所示,步骤S104包括:
S1041,根据公式s=(1-T)*L(*代表乘法)计算该APP请求查询的终端当前位置坐标的综合敏感度值s;
S1040,如果s<M(s小于M),则可以不加改变地返回真实位置坐标;如果s>=M(s大于或者等于M,M为预设的阈值),则对当前的位置访问施加特别的访问限制。
在一个实施例中,其中访问限制包括对用户提醒该APP正在访问用户位置、对本次访问行为进行日志记录或者返回虚假位置(例如随机值、真实位置附近的某位置、代表较大区域的模糊值等)等。
综上,本发明实施例首先对APP按照APP对用户的身份推断能力以及APP的来源进行分级,分别赋予其不同的位置信任级别;然后按照规则或者用户指定的数据把用户的日常活动范围划分成具有不同隐私敏感级别的位置区域;当用户携带智能终端进入某个具有隐私敏感级别的区域时,根据所在区域的隐私敏感级别决定当前位置坐标的隐私敏感性,然后基于APP的位置信任级别和当前位置隐私敏感性限制所述APP对所述当前位置的访问。在这里一个区域是一个具有相同隐私敏感级别的连续的地理位置的集合,例如用户上下班的路上可以是一个区域,因为这个区域在地理上是连续的,且其中的各个位置具有相同的隐私敏感性。再例如,一个大厦周围500米范围也可以是一个区域。
APP推断用户身份的能力和APP的来源对于决定APP在读取用户的位置数据时是否可能危及用户的隐私具有决定性意义。APP来源是指APP开发者以及用户下载该APP的应用市场或网站等,这些因素对于APP是否可能恶意推断用户身份并窃取用户隐私有重要影响。如果一个APP能够在很大程序上推断用户的身份(例如张三),那么当用户出现在一个比较的敏感的位置(如精神病院),则APP可以将这种敏感的信息(可能患有精神疾病)关联到一个具体用户的身上,从而形成了“张三可能患有精神疾病”这样的隐私泄露。反之,如果一个APP很难以推断用户的身份,即使这个APP读取到了用户的当位置出现在一个精神病院,因为APP不能推断用户身份,所以APP最多只能得到“某人可能患有精神疾病”这样的信息,而这种信息因为没有身份信息所以不会泄露任何人的隐私。如果当前用户出现在一个并不敏感的区域里,如一条繁华喧闹的街道,因为这样的位置很难推导出有效的暗示信息,所以一个APP即使知道用户的身份,也难以推导出关于该用户的有用信息来,所以不会形成隐私泄露。由此可见,当前APP在访问用户位置时会威胁用户隐私的充要条件是:用户当前位置敏感且APP能够推断用户的身份。
现实中,不同APP在推断用户身份的能力差异巨大,例如支付宝、京
东、淘宝这样的APP,因为关联了用户银行账号并记录了用户的姓名和住址,所以可以清楚的确知每个用户的身份。而像电子书阅读器(如ezPdf)之类的APP因为缺乏用户信息而难以推断用户的身份。尽管有些APP会读取用户的通讯录,但如果没有用户的大量背景知识,他们是难以推断用户身份的。此外,业界著名的开发商或者知名APP市场提供的APP也可能会相对更加注重保护用户的隐私,而蓄意推断用户身份并收集其隐私的可能性相对较小。
注意这里,我们并非说这里APP这样收集用户的位置就是合理和正当的,在现实生活中,很多APP(如支付宝)因为关联了银行账号或者用户详细信息所以可以清楚的知道每个用户的身份,此外这些APP都有在手机后台一直运行的服务,因此它可以随时随地收集用户的位置。用户只要安装和使用这样的APP,就往往难以摆脱位置被收集的状况。这里我们能做的只是,确保这些APP不会收集到一些可能暴漏用户隐私的位置,因为毕竟用户还是在选择使用这些APP。
由于家庭和工作单位的相对固定性,大部分用户的日常活动区域一般都有一个大致的范围。用户的日常活动范围中,总有一些区域相对于其它区域更加敏感,例如用户在家中的时候更不希望自己的位置被收集从而暴漏家庭位置,而用户出现上下班的路上时则相对不太敏感。由此可见,用户可能希望在他活动范围的不同区域中实施不同的位置保护策略,以保护自己的隐私。另外用户的活动区域总有一定的重复性,例如大部分用户都会按照一个固定线路来回上下班,在前面的例子中计划公司收购的CEO可能需要反复前往另外一家公司几次去讨论收购条款。在首次把用户的日常活动范围划分成具有不同敏感级别的区域之后,以后当用户携带智能终端进入该区域时,系统就可以自动决定当前位置的隐私敏感性,并根据相关的位置保护策略控制当前位置对具有不同位置信任级别的不同APP的可见性。
本发明实施例通过对APP进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,根据APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别自动判定APP访问当前位置是否会形成隐私泄露,确定对来自APP的位置查询请求的具体响应方式,在必要情况下限制APP访问用户真实的位置,能更有力度地保护终端的位置信息,不需要
用户手动的剥夺和开启APP的位置权限,能更有效的保证APP的正常业务功能。
本发明实施例提出了一种基于地理区域隐私敏感性和APP身份识别能力的地理位置保护方案,兼顾用户的位置隐私保护需求以及APP基于位置的业务功能可用性,使得APP只有在不会危及用户隐私情况下才能读取用户的位置,同时尽力保障APP的业务功能不受干扰。具体而言,对于敏感的位置区域,本方案保证只有那些具有很高位置可信性APP才能访问用户真实的位置坐标;对于不敏感的位置区域,使得尽量多的APP能够访问到用户的真实位置,保证APP的正常业务功能;并且允许根据用户各自不同的地理区域活动规律,自动确定位置的隐私敏感性,并施加相应的隐私保护策略。
如图4所示,本发明实施例公开了一种智能终端,该终端包括:
位置获取模块110,用于响应来自APP的位置查询请求,获取所述智能终端的当前位置坐标;
具体地,某个APP想查询智能终端的当前位置坐标时,会通过调用位置API的方式,发送对当前位置的查询请求。位置API接收到此位置查询请求后,触发获取智能终端当前位置坐标的动作,通过位置获取模块110获取该智能终端的当前位置坐标。
隐私级别获取模块120,用于获取位置获取模块110获取的当前位置坐标所在区域的隐私敏感级别;其中,当前位置坐标所在区域的隐私敏感级别和该APP获得该当前位置坐标的难易程度对应;当前位置坐标所在区域的隐私敏感级别越高,该APP获得该当前位置坐标的难度越高;
其中,隐私级别获取模块120如何获取当前位置坐标所在区域的隐私敏感级别的具体方式,在前述方法实施例关于步骤S102的描述中已经详细描述,在此不再赘述。
信任级别获取模块130,用于获取该APP的位置信任级别;其中,该APP的位置信任级别和该APP获得所述当前位置坐标的难易程度对应;该APP的位置信任级别越高该APP获得该当前位置坐标的难度越低;
其中,信任级别获取模块130如何获取该APP的位置信任级别的具体方式,在前述方法实施例关于步骤S103的描述中已经详细描述,在此不再
赘述。
位置处理模块140,用于根据信任级别获取模块130获取的该APP的位置信任级别和隐私级别获取模块120获取的当前位置坐标所在区域的隐私敏感级别,确定对该APP的位置查询请求的相应地响应方式。
可选地,如图4中的虚线框所示,位置处理模块140包括:
综合敏感度计算单元1401,用于根据公式s=(1-T)*L(*代表乘法)计算该APP请求查询的终端当前位置坐标的综合敏感度值s;
响应方式确定单元1402,用于在如果s<M(s小于M,M为预设的阈值)时,不加改变地返回真实位置坐标;在s>=M(s大于或者等于M,M为预设的阈值),则对当前的位置访问施加特别的访问限制。
在一个实施例中,其中访问限制包括对用户提醒该APP正在访问用户位置、对本次访问行为进行日志记录或者返回虚假位置(例如随机值、真实位置附近的某位置、代表较大区域的模糊值等)等。
本发明实施例通过对APP进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,自动判定APP访问当前位置是否会形成隐私泄露,并在必要情况下限制APP访问用户真实的位置,能更有力度地保护终端的位置信息,并尽量保证APP的正常业务功能。
本发明实施例提出了一种智能终端,该智能终端兼顾用户的位置隐私保护需求以及APP基于位置的业务功能可用性,使得APP只有在不会危及用户隐私情况下才能读取用户的位置,同时尽力保障APP的业务功能不受干扰。具体而言,对于敏感的位置区域,本方案保证只有那些具有很高位置可信性APP才能访问用户真实的位置坐标;对于不敏感的位置区域,使得尽量多的APP能够访问到用户的真实位置,保证APP的正常业务功能;并且允许根据用户各自不同的地理区域活动规律,自动确定位置的隐私敏感性,并施加相应的隐私保护策略。
请参阅图5,图5为本发明实施例中一种智能终端的结构示意图;其中该智能终端包括RF电路1201、Wi-Fi模块1202、显示单元1203、输入单元1204、第一存储器1205、第二存储器1206、处理器1207、电源1208、GPS模块1209等硬件模块,该终端1200可以为手机、平板电脑、PDA(Personal Digital Assistant,个人数字助理)、或车载电脑等。
其中,RF电路1201用来收发通信信号,Wi-Fi模块1202用来连接网络和扫描网络信号。RF电路1201和/或者Wi-Fi模块1202可以和无线基站联系获取该智能终端的当前位置坐标。
显示单元1203用来显示用户交互界面,该显示单元1203可用于显示由用户输入的信息或提供给用户的信息以及该智能终端的各种菜单界面。该显示单元1203可包括显示面板,可选的,可以采用LCD(Liquid Crystal Display,液晶显示器)或OLED(Organic Light-Emitting Diode,有机发光二极管)等形式来配置显示面板。在具体实现中,上述触控面板覆盖该显示面板,形成触摸显示屏,处理器1207根据触摸事件的类型在触摸显示屏上提供相应的视觉输出。
输入单元1204可用于接收输入的数字或字符信息,接收用户切换应用程序界面操作,并产生切换信号,以及产生与终端的用户设置以及功能控制有关的信号输入。具体地,本发明实施例中,该输入单元1204可以包括触控面板,也称为触摸屏,可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触控面板上操作),可以采用电阻式、电容式、红外线以及表面声波等多种类型实现触控面板。除了触控面板,输入单元1204还可以包括其他输入设备,包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。
其中,第一存储器1205存储该终端预设数量的APP以及界面信息;可以理解的,第二存储器1206可以为该终端1200的外存,第一存储器1205可以为该智能终端的内存。第一存储器1205可以为NVRAM非易失存储器、DRAM动态随机存储器、SRAM静态随机存储器、Flash闪存等其中之一;该智能终端上运行的操作系统通常安装在第一存储器1205上。第二存储器1206可以为硬盘、光盘、USB盘、软盘或磁带机、云服务器等。可选地,现在有一些第三方的APP也可以安装在第二存储器1206上。
处理器1207是智能终端的控制中心,利用各种接口和线路连接整个终端的各个部分,通过运行或执行存储在该第一存储器1205内的软件程序和/或模块,以及调用存储在该第二存储器1206内的数据,执行该智能终端的各种功能和处理数据。可选的,该处理器1207可包括一个或多个处理单元。
电源1208可以为整个终端供电,包括各种型号的锂电池。
GPS模块1209用于获取该智能终端的位置坐标。
当第一存储器1205中安装的某个APP想查询该智能终端的当前位置坐标时,执行步骤如下:
1.该APP调用安装在第一存储器1205中的操作系统的位置API以便获取智能终端的位置;
2.位置API收到该APP的调用指令后,通过处理器1207调用GPS模块1209或者RF电路1201或者Wi-Fi模块1202获取该该智能终端的当前位置坐标;
3.处理器1207通过调用存储在第一存储器1205上的处理程序,根据当前APP位置信任级别、当前位置所在区域的隐私敏感级别,对当前位置坐标数据进行处理;
具体的处理方式,前述方法和装置实施例中都已详细描述,在此不再赘述。
4.处理器1207将处理过的坐标返回给API;
5.API将处理过的位置坐标返回给APP,API执行结束。
本发明实施例通过对APP进行位置信任分级,通过对用户活动范围划分成具有不同隐私敏感级别的区域,根据APP的位置信任级别和当前位置坐标所在区域的隐私敏感级别自动判定APP访问当前位置是否会形成隐私泄露,确定对来自APP的位置查询请求的具体响应方式,在必要情况下限制APP访问用户真实的位置,能更有力度地保护终端的位置信息,不需要用户手动的剥夺和开启APP的位置权限,能更有效的保证APP的正常业务功能。
本发明实施例提出了一种智能终端,该智能终端兼顾用户的位置隐私保护需求以及APP基于位置的业务功能可用性,使得APP只有在不会危及用户隐私情况下才能读取用户的位置,同时尽力保障APP的业务功能不受干扰。具体而言,对于敏感的位置区域,本方案保证只有那些具有很高位置可信性APP才能访问用户真实的位置坐标;对于不敏感的位置区域,使得尽量多的APP能够访问到用户的真实位置,保证APP的正常业务功能;并且允许根据用户各自不同的地理区域活动规律,自动确定位置的隐私敏感性,
并施加相应的隐私保护策略。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random Access Memory,RAM)等。
以上所述仅为本发明的几个实施例,本领域的技术人员依据申请文件公开的可以对本发明进行各种改动或变型而不脱离本发明的精神和范围。
Claims (12)
- 私敏感级别,确定对来自所述APP的位置查询请求的相应地响应方式,包括:根据公式s=(1-T)*L计算所述APP请求查询的终端当前位置坐标的综合敏感度值s;其中,*表示乘法,T表示所述APP的位置信任级别,L表示所述当前位置坐标所在区域的隐私敏感级别;将所述当前位置坐标的综合敏感度值s与预设的阈值比较,如果s<M,返回真实的所述当前位置坐标;如果s>=M,对来自所述APP的位置查询请求进行响应方式限制。
- 如权利要求如权利要求1-4任一项所述的智能端位置信息保护方法,其特征在于,所述对来自所述APP的位置查询请求进行响应方式限制,包括:拒绝来自所述APP的位置查询请求。
- 如权利要求如权利要求1-4任一项所述的智能端位置信息保护方法,其特征在于,所述对来自所述APP的位置查询请求进行响应方式限制,包括:对所述智能终端用户提醒所述APP正在试图访问当前的位置。
- 如权利要求如权利要求1-4任一项所述的智能端位置信息保护方法,其特征在于,所述对来自所述APP的位置查询请求进行响应方式限制,包括:对所述APP的本次访问行为进行日志记录。
- 如权利要求如权利要求1-4任一项所述的智能端位置信息保护方法,其特征在于,所述对来自所述APP的位置查询请求进行响应方式限制,包括:返回虚假位置坐标给所述APP,所述虚假位置坐标为随机生成的位置坐标、所述当前位置附近的位置的坐标、代表所述当前位置所属的较大区域的坐标中的任意一个。
- 一种智能终端,其特征在于,所述智能终端包括:位置获取模块,用于响应来自APP的位置查询请求,获取所述智能终端的当前位置坐标;所述APP安装在所述智能终端运行的操作系统中;隐私级别获取模块,用于获取所述位置获取模块获取的当前位置坐标所 在区域的隐私敏感级别;其中,所述当前位置坐标所在区域的隐私敏感级别和所述APP获得所述当前位置坐标的难易程度对应,所述当前位置坐标所在区域的隐私敏感级别越高,所述APP获得所述当前位置坐标的难度越高;信任级别获取模块,用于获取所述APP的位置信任级别;其中,所述APP的位置信任级别和所述APP获得所述当前位置坐标的难易程度对应,所述APP的位置信任级别越高所述APP获得所述当前位置坐标的难度越低;位置处理模块,用于根据所述信任级别获取模块获取的所述APP的位置信任级别和所述隐私级别获取模块获取的所述当前位置坐标所在区域的隐私敏感级别,确定对来自所述APP的位置查询请求的相应地响应方式。
- 如权利要求9所述的终端,其特征在于,所述信任级别获取模块具体用于:根据公式T=p*m+q*(1-n)计算APP的位置信任级别;其中,T表示所述APP的位置信任级别,m为实数且属于[0,1]表示对所述APP的来源所赋予的信任度;n为实数且属于[0,1]表示所述APP的用户身份推断能力;p为实数且属于[0,1],q为实数且属于[0,1],且p+q=1,p和q分别表示对所述APP的来源所赋予的信任度和所述APP的用户身份推断能力在计算所述APP的位置信任级别中所使用的系数。
- 如权利要求9或10所述的终端,其特征在于,所述位置处理模块包括:综合敏感度计算单元,用于根据公式s=(1-T)*L计算所述智能终端当前位置坐标的综合敏感度值s;其中,*表示乘法,T表示所述APP的位置信任级别,L表示所述当前位置坐标所在区域的隐私敏感级别;响应方式确定单元,用于将所述综合敏感度计算单元计算得到的当前位置坐标的综合敏感度值s与预设的阈值比较,如果s<M,返回真实的所述当前位置坐标;如果s>=M,对来自所述APP的位置查询请求进行响应方式限制。
- 如权利要求11所述的终端,其特征在于,所述响应方式确定单元具体用于:返回虚假位置坐标给所述APP,所述虚假位置坐标为随机生成的位置坐标、所述当前位置附近的位置的坐标、代表所述当前位置所属的较大区域的 坐标中的任意一个。
- 如权利要求11所述的终端,其特征在于,所述响应方式确定单元具体用于:对所述APP的本次访问行为进行日志记录。
- 如权利要求11所述的终端,其特征在于,所述响应方式确定单元具体用于:拒绝来自所述APP的位置查询请求。
- 如权利要求11所述的终端,其特征在于,所述响应方式确定单元具体用于:对所述智能终端用户提醒所述APP正在试图访问当前的位置。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP15871734.8A EP3193519B1 (en) | 2014-12-22 | 2015-09-16 | Method for protecting terminal position information and intelligent terminal |
US15/491,072 US10178548B2 (en) | 2014-12-22 | 2017-04-19 | Method for protecting terminal location information and intelligent terminal |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410811351.0A CN105791516B (zh) | 2014-12-22 | 2014-12-22 | 终端位置信息保护方法及智能终端 |
CN201410811351.0 | 2014-12-22 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/491,072 Continuation US10178548B2 (en) | 2014-12-22 | 2017-04-19 | Method for protecting terminal location information and intelligent terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2016101660A1 true WO2016101660A1 (zh) | 2016-06-30 |
Family
ID=56149181
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2015/089812 WO2016101660A1 (zh) | 2014-12-22 | 2015-09-16 | 终端位置信息保护方法及智能终端 |
Country Status (4)
Country | Link |
---|---|
US (1) | US10178548B2 (zh) |
EP (1) | EP3193519B1 (zh) |
CN (1) | CN105791516B (zh) |
WO (1) | WO2016101660A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106210316A (zh) * | 2016-07-12 | 2016-12-07 | 深圳市中易通安全芯科技有限公司 | 一种基于虚拟地址的移动终端防定位方法及其系统 |
CN113194463A (zh) * | 2021-05-25 | 2021-07-30 | 中国联合网络通信集团有限公司 | 位置获取方法及设备 |
CN117098116A (zh) * | 2023-10-18 | 2023-11-21 | 湖北省国土测绘院 | 一种基于cors的gnss用户终端位置隐私保护方法 |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106295396A (zh) * | 2016-07-29 | 2017-01-04 | 维沃移动通信有限公司 | 一种隐私保护方法和移动终端 |
CN106897610A (zh) * | 2017-01-19 | 2017-06-27 | 北京奇虎科技有限公司 | 一种定位保护的方法和装置 |
US10669122B2 (en) * | 2017-07-17 | 2020-06-02 | Otis Elevator Company | Service tool location-based function availability |
CN107809758B (zh) * | 2017-10-25 | 2020-05-26 | 珠海格力电器股份有限公司 | 一种sim卡信息保护方法及装置 |
CN108012233A (zh) * | 2017-12-05 | 2018-05-08 | 北京元心科技有限公司 | 用于提供位置服务的方法及装置 |
CN108566373B (zh) * | 2018-03-06 | 2020-06-12 | 清华大学 | 保护用户隐私的位置信息发布系统 |
CN108809990B (zh) * | 2018-06-14 | 2021-06-29 | 北京中飞艾维航空科技有限公司 | 一种众包数据安全加密方法、服务器及存储介质 |
CN109905386A (zh) * | 2019-02-20 | 2019-06-18 | 徐建红 | 一种基于用户信息安全的用户地址保护系统及其工作方法 |
CN110505622A (zh) * | 2019-04-18 | 2019-11-26 | 深圳金澜汉源科技有限公司 | 终端位置信息保密方法、操作系统和移动终端 |
CN113157210B (zh) * | 2021-04-16 | 2023-04-07 | 深圳季连科技有限公司 | 一种基于app功能的隐私权限转移方法 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012024156A2 (en) * | 2010-08-18 | 2012-02-23 | Facebook, Inc. | Dynamic place visibility in geo-social networking system |
US20130291086A1 (en) * | 2011-02-11 | 2013-10-31 | Mocana Corporation | Ensuring network connection security between a wrapped app and a remote server |
CN103686600A (zh) * | 2013-11-27 | 2014-03-26 | 深圳酷派技术有限公司 | 终端和信息保护方法 |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6594483B2 (en) * | 2001-05-15 | 2003-07-15 | Nokia Corporation | System and method for location based web services |
US8489110B2 (en) | 2006-05-12 | 2013-07-16 | At&T Intellectual Property I, L.P. | Privacy control of location information |
KR101424411B1 (ko) | 2010-12-21 | 2014-07-28 | 엠파이어 테크놀로지 디벨롭먼트 엘엘씨 | 로케이션 기반 서비스들에서 로케이션 프라이버시를 위한 더미 정보 |
US9894479B2 (en) | 2011-05-08 | 2018-02-13 | Microsoft Technology Licensing, Llc | Privacy preservation platform |
CN102445697A (zh) | 2011-09-06 | 2012-05-09 | 宇龙计算机通信科技(深圳)有限公司 | 保护地理位置信息的方法和装置 |
CN103136472B (zh) | 2011-11-29 | 2016-08-31 | 腾讯科技(深圳)有限公司 | 一种防应用程序窃取隐私的方法及移动设备 |
CN103581417A (zh) | 2012-08-02 | 2014-02-12 | 北京网秦天下科技有限公司 | 一种移动终端的隐私保护装置及其隐私保护方法 |
EP2888869B1 (en) | 2012-08-24 | 2020-10-14 | Environmental Systems Research Institute, Inc. | Systems and methods for managing location data and providing a privacy framework |
US9628482B2 (en) * | 2013-10-31 | 2017-04-18 | Cellco Partnership | Mobile based login via wireless credential transfer |
CN103561384A (zh) * | 2013-11-07 | 2014-02-05 | 中国科学院软件研究所 | 一种基于移动智能终端地理位置信息的数据保护方法 |
-
2014
- 2014-12-22 CN CN201410811351.0A patent/CN105791516B/zh active Active
-
2015
- 2015-09-16 EP EP15871734.8A patent/EP3193519B1/en active Active
- 2015-09-16 WO PCT/CN2015/089812 patent/WO2016101660A1/zh active Application Filing
-
2017
- 2017-04-19 US US15/491,072 patent/US10178548B2/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012024156A2 (en) * | 2010-08-18 | 2012-02-23 | Facebook, Inc. | Dynamic place visibility in geo-social networking system |
US20130291086A1 (en) * | 2011-02-11 | 2013-10-31 | Mocana Corporation | Ensuring network connection security between a wrapped app and a remote server |
CN103686600A (zh) * | 2013-11-27 | 2014-03-26 | 深圳酷派技术有限公司 | 终端和信息保护方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3193519A4 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106210316A (zh) * | 2016-07-12 | 2016-12-07 | 深圳市中易通安全芯科技有限公司 | 一种基于虚拟地址的移动终端防定位方法及其系统 |
CN113194463A (zh) * | 2021-05-25 | 2021-07-30 | 中国联合网络通信集团有限公司 | 位置获取方法及设备 |
CN113194463B (zh) * | 2021-05-25 | 2022-10-21 | 中国联合网络通信集团有限公司 | 位置获取方法及设备 |
CN117098116A (zh) * | 2023-10-18 | 2023-11-21 | 湖北省国土测绘院 | 一种基于cors的gnss用户终端位置隐私保护方法 |
CN117098116B (zh) * | 2023-10-18 | 2023-12-26 | 湖北省国土测绘院 | 一种基于cors的gnss用户终端位置隐私保护方法 |
Also Published As
Publication number | Publication date |
---|---|
EP3193519A1 (en) | 2017-07-19 |
CN105791516A (zh) | 2016-07-20 |
US20170223527A1 (en) | 2017-08-03 |
EP3193519B1 (en) | 2019-12-04 |
CN105791516B (zh) | 2019-10-01 |
US10178548B2 (en) | 2019-01-08 |
EP3193519A4 (en) | 2017-10-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2016101660A1 (zh) | 终端位置信息保护方法及智能终端 | |
US20210243552A1 (en) | Location Service Management | |
US9152786B2 (en) | Method and device for controlling invocation of an application programming interface | |
CN103563406B (zh) | 对从地理围栏离开的监视 | |
US10638305B1 (en) | Policy based location protection service | |
WO2019061362A1 (zh) | 一种访问设备标识符的方法及装置 | |
US11425525B2 (en) | Privacy preservation platform | |
EP3320477B1 (en) | Protecting data from unauthorized access | |
US8981902B2 (en) | Controlling location information | |
US11641596B2 (en) | Crowd sourced privacy preserving access point mapping | |
KR20110033811A (ko) | 콘텍스트 정보 이용 제어 방법, 머신 판독가능한 매체 및 모바일 컴퓨팅 디바이스 | |
US20210194889A1 (en) | Location service authorization and indication | |
WO2018210214A1 (zh) | 设备定位方法及装置 | |
US20150163246A1 (en) | System and method for activation of personas based on activation parameters related to a multiple-persona mobile technology platform (mtp) | |
KR101602480B1 (ko) | 불법 사이트 차단 시스템 및 방법, 이를 수행하기 위한 기록매체 | |
US20210258737A1 (en) | System and method for selecting alternate global positioning system coordinates | |
CN110753909A (zh) | 服务调度方法和装置、计算机设备、计算机可读存储介质 | |
US20240232814A1 (en) | Systems and methods for granular location based data security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15871734 Country of ref document: EP Kind code of ref document: A1 |
|
REEP | Request for entry into the european phase |
Ref document number: 2015871734 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2015871734 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |