WO2017045311A1 - 短信读取方法及装置 - Google Patents
短信读取方法及装置 Download PDFInfo
- Publication number
- WO2017045311A1 WO2017045311A1 PCT/CN2015/099986 CN2015099986W WO2017045311A1 WO 2017045311 A1 WO2017045311 A1 WO 2017045311A1 CN 2015099986 W CN2015099986 W CN 2015099986W WO 2017045311 A1 WO2017045311 A1 WO 2017045311A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- short message
- party application
- information
- short
- access
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/214—Monitoring or handling of messages using selective forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72403—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
- H04M1/7243—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality with interactive means for internal management of messages
- H04M1/72436—User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality with interactive means for internal management of messages for text messaging, e.g. SMS or e-mail
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/37—Managing security policies for mobile devices or for controlling mobile applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/60—Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
- G06Q20/3255—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
Definitions
- the embodiments of the present disclosure relate to the field of information security, and in particular, to a method and device for reading a short message.
- SMS Short Message Service
- third-party applications can have access to read short messages. If the third-party application is a malicious application, you can obtain the permission to perform sensitive operations by reading the verification code in the short message, such as the permission to perform the payment operation, the permission to perform registration and login, and so on.
- the embodiment of the present disclosure provides a method and device for reading a short message.
- the technical solution is as follows:
- a method for reading a short message comprising:
- the short message is a short message carrying sensitive information
- the third party application receives the read request for the short message, including:
- the operating system forwards the read request and the identifier of the third-party application to the short message component;
- the short message component receives the read request forwarded by the operating system and the identifier of the third party application.
- detecting whether the third-party application belongs to the access permission list corresponding to the short message includes:
- the short message to be read by the read request is a short message carrying sensitive information, it is detected according to the identifier whether the third-party application belongs to the access permission list.
- the method further includes:
- the short message is a short message carrying sensitive information, obtain a list of access rights corresponding to the short message.
- the short message is a short message carrying sensitive information
- obtaining a list of access rights corresponding to the short message including:
- the access permission list includes the source party trust application.
- identifying whether the received short message is a short message carrying sensitive information includes:
- the short message is used to identify whether the short message is short information carrying sensitive information, and the feature information includes at least one of a sender number, a short message content, and a short message template.
- a short message reading apparatus comprising:
- a request receiving module configured to receive a read request of the third party application for the short message
- the access detection module is configured to detect, if the short message is a short message carrying sensitive information, detecting whether the third-party application belongs to an access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message;
- the information feedback module is configured to feed the short message to the third party application when belonging to the access permission list.
- the request receiving module includes:
- Reading the receiving submodule configured to receive a read request of the third party application for the short message through the operating system
- the first permission submodule is configured to detect whether the third party application has the short message read permission by using the operating system
- the request forwarding submodule is configured to forward the read request and the identifier of the third party application to the short message component through the operating system when the third party application has the short message read permission;
- the identifier receiving submodule is configured to receive, by the short message component, a read request forwarded by the operating system and an identifier of the third party application.
- the detecting access module includes:
- the information detecting submodule is configured to detect, by using the short message component, whether the short message to be read by the read request is short information carrying sensitive information;
- the second permission sub-module is configured to be sensitive to the short message to be read during the read request When the short message of the information is sensed, it is detected according to the identifier whether the third-party application belongs to the access permission list.
- the device further includes:
- the short message identification module is configured to identify whether the received short message is short information carrying sensitive information
- the privilege acquisition module is configured to obtain an access privilege list corresponding to the short information when the short message is a short message carrying the sensitive information.
- the rights acquisition module includes:
- the source identification submodule is configured to identify a source side of the short message by using the feature information of the short message, where the feature information includes: at least one of a sender number, a short message content, and a short message template;
- the list obtaining submodule is configured to obtain an access permission list corresponding to the source party, and the access permission list includes an application trusted by the source party.
- the short message identification module is further configured to identify, by using the feature information of the short message, whether the short message is short information carrying sensitive information, and the feature information includes: a sender number, a short message content, and a short message template. At least one of them.
- a short message reading apparatus comprising:
- a memory configured to store processor executable instructions
- processor is configured to:
- the short message is a short message carrying sensitive information, detecting whether the third-party application belongs to the access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message;
- the application in the access permission list has the right to access the short message; receiving the third party application to read the short message; detecting the third party Whether the application belongs to the access permission list; if it belongs to the access permission list, it feeds back the short message to the third-party application; and solves the problem that the third-party application can read the short message component when it has only the operating system level SMS read permission.
- the content of the short message which causes the malicious application to obtain the permission to perform the sensitive operation by reading the verification code in the short message; the short message for the sensitive information is obtained, and only the right to access the short message with the short message is obtained.
- the three-party application can read the short message content in the short message, avoiding the leakage effect of the sensitive information in the short message, and realize the effect of controlling the authority of the single short message.
- FIG. 1 is a schematic diagram showing the composition of a mobile terminal according to an exemplary embodiment, according to an exemplary embodiment
- FIG. 2 is a flowchart of a method for reading a short message according to an exemplary embodiment
- FIG. 3A is a flowchart of a method for reading a short message according to another exemplary embodiment
- FIG. 3B is a flowchart of a sub-step of a short message reading method according to another exemplary embodiment
- FIG. 4 is a flowchart of a method for reading a short message according to another exemplary embodiment
- FIG. 5 is a schematic diagram of an interface of a short message reading method according to another exemplary embodiment
- FIG. 6 is a block diagram of a short message reading apparatus according to an exemplary embodiment
- FIG. 7 is a block diagram of a short message reading apparatus according to another exemplary embodiment.
- FIG. 8 is a block diagram of a short message reading apparatus according to an exemplary embodiment.
- Android operating system A Linux-based free and open source operating system produced by Google Inc. of the United States, mainly used in mobile terminals.
- the mobile terminal can be a mobile phone, a tablet computer, an e-book reader, an MP3 player (Moving Picture Experts Group Audio Layer III), an MP4 (Moving Picture Experts Group Audio Layer IV), a motion picture expert. Compress standard audio layers 4) Players and laptops, etc.
- an application In the Android operating system, an application usually includes at least one program component. There are four types of program components: Activity: Activity component, Service component, Content Provider component, and Broadcast Receiver component.
- Active component A component of the Android application that is responsible for interacting with the user, providing a visual user interface for Android applications.
- An Android app can include zero to more active components.
- Service component A component of an Android application that runs in the background and does not provide a user interface.
- An Android app can include zero to more service components.
- Content Provider Component A component of an Android application that is configured to provide data to other applications or other components in the current application, such as SMS, ringtones, wallpaper, phone book, and so on. It can encapsulate data in various formats and provide it to other applications or components in standard form. use.
- the short message component in the embodiment of the present disclosure is one of content provider components.
- Broadcast Receiver Component A message configured to receive and respond to broadcasts by the operating system. It can receive messages of interest to itself (or pre-defined messages of a certain message type) and then process or forward them to other components in the current application.
- Third-party applications Applications in mobile devices that are relative to the operating system's own applications.
- FIG. 1 shows a schematic diagram of the composition of a mobile terminal shown in an exemplary embodiment.
- the mobile terminal includes a short message component 120, an operating system 140, and a third party application 160.
- the operating system 140 receives the read request sent by the third party application 160 and forwards the read request to the short message component 120.
- the mobile terminal can be a mobile phone, a tablet computer, an e-book reader, an MP3 player (Moving Picture Experts Group Audio Layer III), and an MP4 (Moving Picture Experts Group Audio Layer IV). Standard audio level 4) Players and laptops, etc.
- the short message component 120 is one of the content provider components in the Android application, configured as a component that provides SMS data to other applications or other components in the current application.
- the short message component 120 can receive the short message sent by the source and store the received short message to form a short message list.
- a configuration file is stored in the operating system 140, and the configuration file stores the short message reading authority of the third party application 160 at the operating system level.
- the operating system 140 stores a total configuration file, where the third-party application 160 stores the short-message read permission of the third-party application 160 at the operating system level.
- the operating system 140 stores a plurality of configuration files, and the third-party application 160 corresponds to a respective configuration file at the operating system level.
- the third-party application 160 has the read-write permission of the operating system level, all the short messages in the short message component 120 can be read; the third-party application 160 does not have the operating system level.
- the short message reading permission is performed, any short message in the short message component 120 cannot be read.
- One or more program components may be included in the third party application 160, each of which may be any of the activity component 162, the service component 164, the content provider component 166, and the broadcast receiver component 168.
- the third-party application 160 When the third-party application 160 needs to read the short message in the short message component 120, the third-party application 160 first sends a read request of the short message to the operating system 140, and after the operating system 140 receives the read request, it detects the first Whether the three-party application 160 exists in the short message read permission list, and if the third-party application 160 exists in the short message read permission list, the operating system 140 forwards the short message read request sent by the third-party application 160 to The short message component 120, after receiving the read request forwarded by the operating system 140, the short message component 120 searches for the short information to be read in the short message list according to the short information that needs to be read in the read request, and the short message information is found. The short message is fed back to the third party application 160 via the operating system 140.
- FIG. 2 is a flowchart of a method for reading a short message according to an exemplary embodiment. This embodiment is illustrated by using the short message reading method in the mobile terminal shown in FIG. 1 .
- the short message reading method includes the following steps.
- a third party application receives a read request for short messages.
- This third-party application is an application that belongs to the operating system's configuration file.
- a configuration file is a file that is controlled by permissions based on the granularity of the application.
- step 202 if the short message is short message carrying sensitive information, it is detected whether the third-party application belongs to the access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message.
- the access permission list is a list of rights belonging to the short message component, and the access permission list is a list of rights control according to a single message granularity.
- step 203 if it belongs to the access permission list, the short message is fed back to the third party application.
- the short message reading method receives a short message read request by a third party application; if the short message is short information carrying sensitive information, detects whether the third party application is A list of access rights corresponding to the short message, the application in the access permission list has the right to access the short message; if it belongs to the access permission list, the short message is fed back to the third-party application; and the third-party application only has the operation
- the system-level short message reading permission is read, all the short messages in the short message component can be read, thereby causing the malicious application to obtain the permission to perform the sensitive operation by reading the verification code in the short message;
- the short message of the information only the third party application having the access right to the short message can read the short message content in the short message, otherwise the sensitive information in the short message cannot be read, thereby avoiding the sensitivity in the short message.
- the effect of the leakage of information while achieving the effect of the authority control of a single SMS granularity.
- FIG. 3A is a flowchart of a short message reading method according to another exemplary embodiment. This embodiment is illustrated by using the short message reading method in a mobile terminal in the implementation environment shown in FIG. 1 .
- the short message reading method includes the following steps.
- step 301 it is identified whether the received short message is short message carrying sensitive information.
- Sensitive information is information related to the user's virtual property and/or control rights in the network.
- the short message component receives the short message sent by the source of the short message, and the short message component identifies the received short message to identify whether the short message carries the sensitive information.
- the short message component identifies the short message by using the feature information of the short message to identify whether the short message is short information carrying sensitive information, where the feature information includes at least one of a sender number, a short message content, and a short message template.
- step 302 if the short message is not a short message carrying sensitive information, the short message is directly stored.
- the short message is not a short message carrying sensitive information, and the short message component directly stores the short message.
- step 303 if the short message is short message carrying sensitive information, the access permission list corresponding to the short message is obtained, and the application in the access permission list has the right to access the short message.
- the short message component obtains the access permission list corresponding to the short message according to the source of the short message, and the application in the access permission list has access to the short message. Permissions for short messages.
- each source party and an access permission list corresponding thereto are pre-stored in the mobile terminal.
- the mobile terminal periodically obtains an access permission list corresponding to each source party from the server.
- step 303 may include the following sub-steps, as shown in FIG. 3B:
- the source side of the short message is identified by the feature information of the short message, and the feature information includes at least one of a sender number, a short message content, and a short message template.
- the short message component After identifying the short message as the short message carrying the sensitive information, the short message component identifies the source of the short message by using the feature information of the short message, and the feature information includes at least one of a sender number, a short message content, and a short message template.
- the short message component can obtain the source of the short message according to the sender number of the short message, for example, the sender number is 95588, and the short message component obtains the short message according to 95588 is the short message of the Industrial and Commercial Bank of China.
- the source of the short message is “ICBC”.
- the short message component may obtain the source of the short message according to the short message content, for example, the short message content of the short message carries “You are using Xiaomi payment to make payment, and your payment password is 100582” In the case of content, the short message component can obtain the source of the short message according to the keyword "Millet Payment” as "Millet Company”.
- the short message component can also obtain the source of the short message according to the short message template, and the short message component pre-stores a plurality of short message templates carrying the sensitive information, and stores the source party corresponding to the short message template, for example:
- the SMS template is "You are using Xiaomi to make a payment.
- the payment amount is xxxxx”
- the short message component stores the short message template, and the information corresponding to the source party is "Millet Company" in the corresponding location of the short message template; after identifying the short message, the short message component will recognize The short message carrying the sensitive information is matched with the stored short message template to obtain the source of the short message corresponding thereto.
- step 303b an access permission list corresponding to the source party is obtained, and the access permission list includes an application trusted by the source party.
- the short message component After obtaining the source of the short message, the short message component obtains an access permission list corresponding to the source party according to the source side of the short message, and the access permission list includes the application trusted by the source party.
- the corresponding access rights list contains four trusted applications of Huawei Payment, Huawei Cinema, Huawei Application Mall and Huawei Mall.
- the short message component marks the short message as a short message carrying sensitive information, and the associated storage access list is correspondingly stored.
- step 304 a read request of the short message by the third party application is received by the operating system.
- a third-party application When a third-party application needs to read the short message in the short message component, it first sends a read request for the short message to the operating system, and correspondingly, the operating system receives the third-party application for short A read request for information.
- the third-party application may be a short message application, a payment application, or a registration application. Embodiments of the present disclosure do not define the types of third party applications.
- step 305 the operating system detects whether the third party application has the short message read permission.
- the operating system pre-stores the permission for each third-party application to read the short message.
- the operating system receives a request for reading the short message from a third-party application
- the operating system first acquires the pre-stored configuration file, and detects the Whether the third-party application exists in the pre-stored configuration file, if it exists in the configuration file, the third-party application has the short-message read permission; if it does not exist in the configuration file, the third-party application does not have the short message Read permission.
- step 306 if the third party application does not have the short message read permission, the operating system does not forward the read request and the identifier of the third party application to the short message component.
- step 307 if the third party application has the short message read permission, the read request and the identifier of the third party application are forwarded to the short message component by the operating system.
- the operating system obtains the identifier of the third-party application from the read request sent by the third-party application, and forwards the message to the short message component.
- the read request of the three-party application and the identity of the obtained third-party application are the same or not.
- the information forwarded by the operating system to the short message component includes two parts of the short message read request sent by the third party application and the identifier of the third party application.
- the operating system adds the identifier of the third-party application to the read request, and forwards the read request carrying the third-party application identifier to the short message component.
- step 308 the read request forwarded by the operating system and the identification of the third party application are received by the short message component.
- the short message component receives the read request forwarded by the operating system and the identifier of the third party application
- the short message component receives a read request carried by the operating system and carries the identifier of the third party application.
- the third-party application "Xiaomi Mall” sends a short message to the operating system to read the "Millet Payment” payment password in the short message component.
- the operating system After the operating system receives the read request, it detects whether the "Millet Mall” is in the operating system. Having the right to read the short message, when having the read permission, the read request sent by "Millet Mall” is forwarded together with the identifier of "Millet Mall” to the short message component, and the short message component receives the read request forwarded by the operating system. And the logo of "Millet Mall".
- the short message component detects whether the short message to be read by the read request is short message carrying sensitive information.
- the short message component obtains the short message that needs to be read in the read request according to the received read request, and detects whether the short message to be read in the read request carries a mark, and if the tag is carried, the short message is carried A short message with sensitive information; if there is no tag, the short message does not carry sensitive information.
- step 310 if the short message to be read by the read request is not the short message carrying the sensitive information, the short message component feeds the short message back to the third party application.
- step 311 if the short message to be read by the read request is short message carrying sensitive information, it is detected according to the identifier whether the third-party application belongs to the access right list.
- the short message component obtains an access permission list of the short message carrying the sensitive information, and detects whether the identifier of the third-party application exists in the access permission list. in.
- the application in the access list has access to the short message;
- step 312 if the third party application belongs to the access rights list, the short message is fed back to the third party application.
- the short message component detects that the identity of the third-party application exists in the access permission column In the table, the short message component feeds the short message carrying the sensitive information to the corresponding third party application.
- step 313 if the third party application does not belong to the access permission list, the short message is not fed back to the third party application.
- the short message component identifies whether the short message is a short message carrying the sensitive information. After receiving the read request forwarded by the operating system, the short message may be recognized in advance before receiving the read request forwarded by the operating system. Whether it is a short message with sensitive information.
- the short message reading method receives a short message read request by a third party application; if the short message is short information carrying sensitive information, detects whether the third party application is A list of access rights corresponding to the short message, the application in the access permission list has the right to access the short message; if it belongs to the access permission list, the short message is fed back to the third-party application; and the third-party application only has the operation
- the system-level short message reading permission is read, all the short messages in the short message component can be read, thereby causing the malicious application to obtain the permission to perform the sensitive operation by reading the verification code in the short message;
- the short message of the information only the third party application having the access right to the short message can read the short message content in the short message, otherwise the sensitive information in the short message cannot be read, thereby avoiding the sensitivity in the short message.
- the effect of the leakage of information while achieving the effect of the authority control of a single SMS granularity.
- the operating system forwards the read request and the identifier of the third-party application to the short message component, and the short message component detects whether the third-party application has access rights according to the identifier of the third-party application, so that the third-party application needs to have two at the same time. Levels of access to read the effects of sensitive information.
- the method for identifying, by the short message component in step 301, whether the short message is a short message carrying sensitive information includes the following situations:
- the short message component may identify, according to the sender number of the received short message, whether the short message carries sensitive information.
- the short message backend server stores a list, for example, the company is stored in the list.
- a and the SMS number corresponding to company A have SMS number 1 and SMS number 2
- company B and SMS number corresponding to company B SMS number 3 and SMS number 4
- company C and SMS number corresponding to company C have SMS number 5 and SMS number 6 and so on.
- the sender number of the short message received by the short message component is the short message number 5, according to the corresponding relationship in Table 2, the source of the short message is "company C, the short message component and the short message is identified as carrying Short messages with sensitive information.
- the short message component can identify whether the short message carries sensitive information according to the short message content of the received short message, for example, the content of the short message is “[A3 Travel ⁇ Go] 06-22 07:15 Kunming Changshui Airport--Fly-08:55 Chongqing Jiangbei Airport 2B Jiangxiang Air 8L9863, order XXXXXXXX is paying, Zhang Wuji (ticket number: XXX-XXXXXXXXXXX). Click http://tb.cn/3eXI06y client to view the itinerary details.
- the short message component identifies the short message as a short message carrying sensitive information according to the keyword in the short message content [A3 Travel ⁇ Go].
- the short message component may further identify, according to the short message template, whether the short message carries sensitive information, for example, the short message component pre-stores a plurality of short message templates carrying sensitive information, and when receiving the short message, the short message component The received short message is matched with the stored short message template. If the received short message matches a certain short message template, the short message is identified as a short message carrying sensitive information.
- Short Message 1 Sender: 140000621 "[Company A] Order No. XXXXXXXXXX is paying, the verification code is XXXXXX. Click http://tb.cn/3eXI06y client to view the detailed information.”
- Short Message 2 Sender: 140000622 "[Company A] Order No. XXXXXXXXXX is paying, the verification code is XXXXXX. Click http://tb.cn/3eXI06y client to view the details.”
- Short message 1 and short message 2 are short messages sent by Jingdong Company.
- the source party identifier of short message 1 is "140000621”
- the source party identifier of short message 2 is "140000622”
- the two source identifiers have the same prefix "1400062”.
- the two short messages have the keyword "[company A]”.
- the two short message templates constructed with the short message 1 and the short message 2 described above are as follows:
- the correspondence between the combination of the short message source identification feature and the keyword and the extracted template is as shown in Table 3 below:
- the short message component When the short message received in the short message component carries the feature of "14000062X+[company A]", it matches the ⁇ payment template 2> in the short message template, and therefore, the short message component identifies the short message as carried. Short messages for sensitive information.
- step 401 the short message component receives the short message sent by the source.
- the short message component identifies the short message as the short message carrying the sensitive information according to the sender of the received short message.
- the short message component identifies that the short message carries the verification code information according to the sender 160000621 of the short message, that is, the short message is the short message carrying the sensitive information.
- step 403 the short message component obtains an access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message.
- the short message component is paying according to the "[ ⁇ ] order number XXXXXXXXXXX in the short message, the verification code is XXXXX. Click http://tb.cn/3eXI06y client to view the detailed information.”
- the source of the short message is obtained. "Millet Company”, obtain a list of access rights corresponding to Huawei Company.
- step 404 the third party application "Millet Mall” sends a read request to the operating system.
- the operating system receives a request for reading the short message from the third-party application "Millet Mall".
- step 405 the operating system detects that the third-party application "Millet Mall” has the right to read the short message.
- step 406 the operating system forwards the read request sent by the third party application and the identifier "Millet Mall" of the third party application to the short message component.
- the short message component detects the short message to be read by the read request as the short message carrying the sensitive information.
- step 408 the short message component detects that the third party application "Millet Mall" belongs to the access permission list according to the identity detection of the third party application.
- step 409 the short message component feeds back the short message to the third party application "Millet Mall".
- step 410 the third party application "Company A" sends a read request to the operating system.
- the operating system receives a request for reading the short message from the third party application "Company A".
- step 410 the operating system detects that the third party application "Company A" has the right to read the short message.
- step 411 the operating system forwards the read request sent by the third party application and the identifier "Company A" of the third party application to the short message component.
- the short message component detects the short message to be read by the read request as the short message carrying the sensitive information.
- the short message component detects that the third party application "Company A" does not belong to the access permission list according to the identity detection of the third party application.
- step 414 the short message component does not feed back the short message to the third party application "Company A.”
- the interface diagram of the short message reading success process shown in FIG. 4 is as shown in FIG. 5.
- FIG. 6 is a block diagram of a short message reading apparatus according to an exemplary embodiment, which may be implemented as a whole or a part of a mobile terminal by software or hardware.
- the short message reading device includes but is not limited to:
- the request receiving module 620 is configured to receive a read request of the third party application for the short message.
- the access detection module 640 is configured to detect, if the short message is short information carrying sensitive information, whether the third-party application belongs to the access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message. .
- the information feedback module 660 is configured to feed the short message to the third party application when belonging to the access rights list.
- the short message reading apparatus receives the short message read request by the third party application; if the short message is the short information carrying the sensitive information, detects whether the third party application is A list of access rights corresponding to the short message, the application in the access permission list has the right to access the short message; if it belongs to the access permission list, the short message is fed back to the third-party application; and the third-party application only has the operation
- the system-level short message reading permission is read, all the short messages in the short message component can be read, thereby causing the malicious application to obtain the permission to perform the sensitive operation by reading the verification code in the short message;
- the short message of the information only the third party application having the access right to the short message can read the short message content in the short message, otherwise the sensitive information in the short message cannot be read, thereby avoiding the sensitivity in the short message.
- the effect of the leakage of information while achieving the effect of the authority control of a single SMS granularity.
- FIG. 7 is a block diagram of a short message reading apparatus according to another exemplary embodiment,
- the short message reading device can be implemented as a whole or a part of the mobile terminal through a combination of software or hardware.
- the short message reading device includes but is not limited to:
- the short message identification module 710 is configured to identify whether the received short message is short information carrying sensitive information.
- the short message identification module 710 is further configured to: identify, by using the feature information of the short message, whether the short message is short information carrying the sensitive information, where the feature information includes: at least one of a sender number, a short message content, and a short message template. .
- the privilege acquisition module 720 is configured to obtain an access privilege list corresponding to the short message when the short message is the short message carrying the sensitive information, and the application in the access privilege list has the right to access the short message.
- the permission obtaining module 720 includes:
- the source identification sub-module 721 is configured to identify a source of the short message by using the feature information of the short message, where the feature information includes at least one of a sender number, a short message content, and a short message template.
- the list obtaining sub-module 722 is configured to obtain an access permission list corresponding to the source party, and the access permission list includes an application trusted by the source party.
- the request receiving module 730 is configured to receive a read request of the third party application for the short message.
- the request receiving module 730 includes:
- the read receiving submodule 731 is configured to receive a read request of the third party application for the short message through the operating system.
- the first permission sub-module 732 is configured to detect whether the third-party application has the short message read permission by the operating system.
- the request forwarding sub-module 733 is configured to forward the read request and the identifier of the third-party application to the short message component through the operating system when the third-party application has the short message read permission.
- An identifier receiving submodule 734 configured to receive an operating system forwarded read by the short message component Take the identification of the request and the third-party application.
- the access detection module 740 is configured to detect, if the short message is short information carrying sensitive information, whether the third-party application belongs to the access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message. .
- the access detection module 740 includes:
- the information detecting sub-module 741 is configured to detect, by the short message component, whether the short message to be read by the read request is short information carrying sensitive information.
- the second permission sub-module 742 is configured to detect, according to the identifier, whether the third-party application belongs to the access permission list according to the identifier when the short message to be read by the read request is short information carrying the sensitive information.
- the information feedback module 750 is configured to feed the short message to the third party application when belonging to the access rights list.
- the short message reading apparatus receives the short message read request by the third party application; if the short message is the short information carrying the sensitive information, detects whether the third party application is A list of access rights corresponding to the short message, the application in the access permission list has the right to access the short message; if it belongs to the access permission list, the short message is fed back to the third-party application; and the third-party application only has the operation
- the system-level short message reading permission is read, all the short messages in the short message component can be read, thereby causing the malicious application to obtain the permission to perform the sensitive operation by reading the verification code in the short message;
- the short message of the information only the third party application having the access right to the short message can read the short message content in the short message, otherwise the sensitive information in the short message cannot be read, thereby avoiding the sensitivity in the short message.
- the effect of the leakage of information while achieving the effect of the authority control of a single SMS granularity.
- the operating system sends the read request and the identifier of the third-party application to the short message component, and the short message component detects whether the third-party application has the third-party application according to the identifier of the third-party application.
- Access rights allow third-party applications to have access to two levels of access to read sensitive information.
- the access permission list with granularity of a single short message is added only in the short message component, thereby realizing the control of the granularity of the single short message, and the operation is simple and easy to implement.
- the embodiment of the present disclosure further provides a short message reading device, which may be configured to implement the short message reading method provided by the embodiment of the present disclosure.
- the apparatus includes: a processor; a memory configured to store processor executable instructions;
- processor is configured to:
- the short message is a short message carrying sensitive information, detecting whether the third-party application belongs to the access permission list corresponding to the short message, and the application in the access permission list has the right to access the short message;
- FIG. 8 is a block diagram of a short message reading apparatus according to an exemplary embodiment.
- device 800 can be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a gaming console, a tablet device, a medical device, a fitness device, a personal digital assistant, and the like.
- apparatus 800 can include one or more of the following components: processing component 802, memory 804, power component 806, multimedia component 808, audio component 810, input/output (I/O) interface 812, sensor component 814, and Communication component 816.
- Processing component 802 typically controls the overall operation of device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations.
- Processing component 802 can include one or more processors 818 to execute instructions to perform all or part of the steps described above.
- processing component 802 can include one or more modules to facilitate processing component 802 and others The interaction between components.
- processing component 802 can include a multimedia module to facilitate interaction between multimedia component 808 and processing component 802.
- Memory 804 is configured to store various types of data to support operation at device 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phone book data, messages, pictures, videos, and the like.
- the memory 804 can be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read only memory (EEPROM), erasable.
- SRAM static random access memory
- EEPROM electrically erasable programmable read only memory
- EPROM Electrically erasable programmable read only memory
- PROM Programmable Read Only Memory
- ROM Read Only Memory
- Magnetic Memory Flash Memory
- Disk Disk or Optical Disk.
- Power component 806 provides power to various components of device 800.
- Power component 806 can include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for device 800.
- the multimedia component 808 includes a screen between the device 800 and the user that provides an output interface.
- the screen can include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen can be implemented as a touch screen to receive input signals from the user.
- the touch panel includes one or more touch sensors to sense touches, slides, and gestures on the touch panel. The touch sensor can sense not only the boundaries of the touch or sliding action, but also the duration and pressure associated with the touch or slide operation.
- the multimedia component 808 includes a front camera and/or a rear camera. When the device 800 is in an operation mode, such as a shooting mode or a video mode, the front camera and/or the rear camera can receive external multimedia data. Each front and rear camera can be a fixed optical lens system or have focal length and optical zoom capabilities.
- the audio component 810 is configured to output and/or input an audio signal.
- the audio component 810 includes a microphone (MIC) that is configured to receive an external audio signal when the device 800 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. Received audio The signals may be further stored in memory 804 or transmitted via communication component 816.
- the audio component 810 also includes a speaker configured to output an audio signal.
- the I/O interface 812 provides an interface between the processing component 802 and the peripheral interface module, which may be a keyboard, a click wheel, a button, or the like. These buttons may include, but are not limited to, a home button, a volume button, a start button, and a lock button.
- Sensor assembly 814 includes one or more sensors configured to provide a status assessment of various aspects of device 800.
- sensor assembly 814 can detect an open/closed state of device 800, a relative positioning of components, such as a display and a keypad of device 800, and sensor component 814 can also detect a change in position of a component of device 800 or device 800, the user The presence or absence of contact with device 800, device 800 orientation or acceleration/deceleration and temperature variation of device 800.
- Sensor assembly 814 can include a proximity sensor configured to detect the presence of nearby objects without any physical contact.
- Sensor assembly 814 can also include a light sensor, such as a CMOS or CCD image sensor, configured for use in imaging applications.
- the sensor assembly 814 can also include an acceleration sensor, a gyro sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
- Communication component 816 is configured to facilitate wired or wireless communication between device 800 and other devices.
- the device 800 can access a wireless network based on a communication standard, such as Wi-Fi, 2G or 3G, or a combination thereof.
- communication component 816 receives broadcast signals or broadcast associated information from an external broadcast management system via a broadcast channel.
- communication component 816 also includes a near field communication (NFC) module to facilitate short range communication.
- NFC near field communication
- the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
- RFID radio frequency identification
- IrDA infrared data association
- UWB ultra-wideband
- Bluetooth Bluetooth
- device 800 may be implemented by one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable Gate array (FPGA), controller, microcontroller, micro Implemented by a processor or other electronic component, configured to perform the above-described short message reading method.
- ASICs application specific integrated circuits
- DSPs digital signal processors
- DSPDs digital signal processing devices
- PLDs programmable logic devices
- FPGA field programmable Gate array
- controller microcontroller, micro Implemented by a processor or other electronic component, configured to perform the above-described short message reading method.
- non-transitory computer readable storage medium comprising instructions, such as a memory 804 comprising instructions executable by processor 818 of apparatus 800 to perform the above described short message reading method.
- the non-transitory computer readable storage medium can be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, and an optical data storage device.
- the access permission list by identifying whether the received short message is short information carrying sensitive information; if the short message is short information carrying sensitive information, obtaining an access permission list corresponding to the short information, the access permission list
- the application in the middle has access to the short message; receives the read request of the third party application for the short message; detects whether the third party application belongs to the access permission list; and if it belongs to the access permission list, feeds the short message to the third party application
- the third-party application can read the short message component in the short message component when only the operating system level of the short message reading permission is obtained, thereby causing the malicious application to obtain the sensitive operation by reading the verification code in the short message.
- the content of the short message avoids the leakage of sensitive information in the short message, and at the same time realizes the effect of controlling the authority of a single short message.
Abstract
Description
Claims (13)
- 一种短信读取方法,所述方法包括:接收第三方应用程序对短信息的读取请求;若所述短信息是携带有敏感信息的短信息,则检测所述第三方应用程序是否属于与所述短信息对应的访问权限列表,所述访问权限列表中的应用程序拥有访问所述短信息的权限;若属于所述访问权限列表,则向所述第三方应用程序反馈所述短信息。
- 根据权利要求1所述的方法,其中,所述接收第三方应用程序对短信息的读取请求,包括:通过操作系统接收所述第三方应用程序对所述短信息的读取请求;通过所述操作系统检测所述第三方应用程序是否具有短信读取权限;若所述第三方应用程序具有所述短信读取权限,则通过所述操作系统向短信息组件转发所述读取请求和所述第三方应用程序的标识;通过所述短信息组件接收所述操作系统转发的所述读取请求和所述第三方应用程序的标识。
- 根据权利要求2所述的方法,其中,所述若所述短信息是携带有敏感信息的短信息,则检测所述第三方应用程序是否属于与所述短信息对应的访问权限列表,包括:通过所述短信息组件检测所述读取请求所要读取的短信息是否为携带有敏感信息的所述短信息;若所述读取请求所要读取的短信息是携带有敏感信息的所述短信息,则根据所述标识检测所述第三方应用程序是否属于所述访问权限列表。
- 根据权利要求1至3任一所述的方法,其中,所述方法还包括:识别接收到的短信息是否为携带有敏感信息的短信息;若所述短信息是携带有敏感信息的短信息,获取与所述短信息对应的访问权限列表。
- 根据权利要求4所述的方法,其中,所述若所述短信息是携带有敏感信息的短信息,则获取与所述短信息对应的访问权限列表,包括:通过所述短信息的特征信息识别所述短信息的来源方,所述特征信息包括:发送方号码、短信内容和短信模板中的至少一种;获取与所述来源方对应的访问权限列表,所述访问权限列表包括所述来源方信任的应用程序。
- 根据权利要求4所述的方法,其中,所述识别接收到的短信息是否为携带有敏感信息的短信息,包括:通过所述短信息的特征信息识别所述短信息是否为携带有敏感信息的短信息,所述特征信息包括:发送方号码、短信内容和短信模板中的至少一种。
- 一种短信读取装置,所述装置包括:请求接收模块,被配置为接收第三方应用程序对短信息的读取请求;访问检测模块,被配置为若所述短信息是携带有敏感信息的短信息,则检测所述第三方应用程序是否属于与所述短信息对应的访问权限列表,所述访问权限列表中的应用程序拥有访问所述短信息的权限;信息反馈模块,被配置为在属于所述访问权限列表时,向所述第三方应用程序反馈所述短信息。
- 根据权利要求6所述的装置,其中,所述请求接收模块,包括:读取接收子模块,被配置为通过操作系统接收所述第三方应用程序对所述短信息的读取请求;第一权限子模块,被配置为检测通过所述操作系统检测所述第三方应用程序是否具有短信读取权限;请求转发子模块,被配置为在所述第三方应用程序具有所述短信读取权限时,通过所述操作系统向短信息组件转发所述读取请求和所述第三方应用程序的标识;标识接收子模块,被配置为通过所述短信息组件接收所述操作系统转发的所述读取请求和所述第三方应用程序的标识。
- 根据权利要求7所述的装置,其中,所述检测访问模块,包括:信息检测子模块,被配置为通过所述短信息组件检测所述读取请求所要读取的短信息是否为携带有敏感信息的所述短信息;第二权限子模块,被配置为在所述读取请求所要读取的短信息是携带有敏感信息的所述短信息时,根据所述标识检测所述第三方应用程序是否属于所述访问权限列表。
- 根据权利要求6至8任一所述的装置,其中,所述装置,还包括:短信识别模块,被配置为识别接收到的短信息是否为携带有敏感信息的短信息;权限获取模块,被配置为在所述短信息是携带有敏感信息的短信息时,获取与所述短信息对应的访问权限列表。
- 根据权利要求9所述的装置,其中,所述权限获取模块,包括:来源识别子模块,被配置为通过所述短信息的特征信息识别所述短信息的来源方,所述特征信息包括:发送方号码、短信内容和短信模板中的至少一种;列表获取子模块,被配置为获取与所述来源方对应的访问权限列表,所述访问权限列表包括所述来源方信任的应用程序。
- 根据权利要求9所述的装置,其中,所述短信识别模块,还被配置为通过所述短信息的特征信息识别所述短信息是否为携带有敏感信息的短信息,所述特征信息包括:发送方号码、短信内容和短信模板中的至少一种。
- 一种短信读取装置,所述装置包括:处理器;配置为存储所述处理器可执行指令的存储器;其中,所述处理器被配置为:接收第三方应用程序对所述短信息的读取请求;若所述短信息是携带有敏感信息的短信息,则检测所述第三方应用程序是否属于与所述短信息对应的访问权限列表,所述访问权限列表中的应用程序拥有访问所述短信息的权限;若属于所述访问权限列表,则向所述第三方应用程序反馈所述短信息。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020167028071A KR101839744B1 (ko) | 2015-09-18 | 2015-12-30 | 단문 메시지 서비스 판독 방법 및 장치 |
JP2016556782A JP6339693B2 (ja) | 2015-09-18 | 2015-12-30 | ショートメッセージの読取方法及び装置 |
MX2016011985A MX361314B (es) | 2015-09-18 | 2015-12-30 | Método y dispositivo para lectura de un servicio de mensajes cortos. |
RU2016135920A RU2656588C2 (ru) | 2015-09-18 | 2015-12-30 | Способ и устройство для чтения sms-сообщений |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510599211.6A CN105307137B (zh) | 2015-09-18 | 2015-09-18 | 短信读取方法及装置 |
CN201510599211.6 | 2015-09-18 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017045311A1 true WO2017045311A1 (zh) | 2017-03-23 |
Family
ID=55203785
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2015/099986 WO2017045311A1 (zh) | 2015-09-18 | 2015-12-30 | 短信读取方法及装置 |
Country Status (8)
Country | Link |
---|---|
US (1) | US9998887B2 (zh) |
EP (1) | EP3145151B1 (zh) |
JP (1) | JP6339693B2 (zh) |
KR (1) | KR101839744B1 (zh) |
CN (1) | CN105307137B (zh) |
MX (1) | MX361314B (zh) |
RU (1) | RU2656588C2 (zh) |
WO (1) | WO2017045311A1 (zh) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190089595A1 (en) * | 2017-09-18 | 2019-03-21 | Cyber 2.0 (2015) LTD | Automatic security configuration |
CN107103245B (zh) * | 2016-02-23 | 2022-08-02 | 中兴通讯股份有限公司 | 文件的权限管理方法及装置 |
CN105893868A (zh) * | 2016-03-29 | 2016-08-24 | 北京小米移动软件有限公司 | 信息保护方法及装置 |
CN105912922A (zh) * | 2016-04-29 | 2016-08-31 | 北京小米移动软件有限公司 | 信息的管理方法、装置及终端 |
CN107346487A (zh) * | 2016-05-06 | 2017-11-14 | 中兴通讯股份有限公司 | 数据处理方法及装置 |
CN106330958B (zh) * | 2016-09-29 | 2020-07-07 | 上海创功通讯技术有限公司 | 一种安全访问方法及装置 |
CN109792436B (zh) * | 2016-10-12 | 2021-08-03 | 华为技术有限公司 | 一种验证码处理方法及移动终端 |
CN106330978A (zh) * | 2016-10-31 | 2017-01-11 | 宇龙计算机通信科技(深圳)有限公司 | 验证码短信处理方法及系统 |
CN106598377A (zh) * | 2016-10-31 | 2017-04-26 | 努比亚技术有限公司 | 一种基于虚拟聚合键应用的信息处理方法及其装置 |
CN108076440B (zh) * | 2016-11-16 | 2021-04-20 | 中国电信股份有限公司 | 短信安全保护方法、装置、短信中心和终端 |
CN107182043A (zh) * | 2017-06-27 | 2017-09-19 | 努比亚技术有限公司 | 验证码短信的标记方法及移动终端 |
CN107451488B (zh) * | 2017-07-21 | 2021-01-05 | 珠海格力电器股份有限公司 | 一种提供个人信息的方法、装置及移动终端 |
CN107347117A (zh) * | 2017-08-07 | 2017-11-14 | 努比亚技术有限公司 | 一种短信管理方法、移动终端及计算机可读存储介质 |
CN109510797A (zh) * | 2017-09-14 | 2019-03-22 | 中兴通讯股份有限公司 | 消息转发方法、系统、服务器及计算机可读存储介质 |
CN108052803B (zh) * | 2018-01-02 | 2021-11-16 | 联想(北京)有限公司 | 一种访问控制方法、装置及电子设备 |
CN110022536A (zh) * | 2018-01-08 | 2019-07-16 | 中国移动通信有限公司研究院 | 验证信息处理方法、通信设备、业务平台及存储介质 |
CN110457935B (zh) * | 2019-06-26 | 2022-07-22 | 维沃移动通信有限公司 | 一种权限配置方法及终端设备 |
CN112769672B (zh) * | 2019-11-01 | 2022-07-29 | 腾讯科技(深圳)有限公司 | 数据通信方法和装置及通信配置方法和装置 |
US11112937B2 (en) | 2019-12-31 | 2021-09-07 | Motorola Solutions, Inc. | Incident management system and method with card-based workflow integration and map thumbnail hot zones |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102917346A (zh) * | 2012-10-17 | 2013-02-06 | 浙江大学城市学院 | 一种基于Android的应用程序运行时安全策略管理系统及方法 |
CN103116716A (zh) * | 2013-01-25 | 2013-05-22 | 复旦大学 | 一种针对移动平台的低干扰的即时权限授予方法 |
CN103310135A (zh) * | 2012-03-13 | 2013-09-18 | 腾讯科技(深圳)有限公司 | 一种屏蔽应用权限的方法和移动终端 |
CN103514397A (zh) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | 一种服务器、终端及权限管理、许可方法 |
CN103761472A (zh) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | 基于智能终端设备的应用程序访问方法与装置 |
CN103761471A (zh) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | 基于智能终端设备安装应用程序的方法与装置 |
CN104768139A (zh) * | 2015-02-28 | 2015-07-08 | 北京奇艺世纪科技有限公司 | 一种短信发送的方法及装置 |
Family Cites Families (49)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004102394A (ja) | 2002-09-05 | 2004-04-02 | Hitachi Ltd | 自動券売機 |
US7984488B2 (en) | 2004-04-09 | 2011-07-19 | Microsoft Corporation | Credential roaming in electronic computing systems |
WO2006001524A1 (ja) | 2004-06-25 | 2006-01-05 | Nec Corporation | 移動端末、移動端末のリソースアクセス制御システムおよび移動端末におけるリソースアクセス制御方法 |
US7908329B2 (en) | 2005-08-16 | 2011-03-15 | Microsoft Corporation | Enhanced e-mail folder security |
JP2007164613A (ja) | 2005-12-15 | 2007-06-28 | Hitachi Software Eng Co Ltd | 電子メールの送受信方法及びプログラム |
CN101072093B (zh) | 2006-05-12 | 2010-11-24 | 中兴通讯股份有限公司 | 短信内容保护系统及方法 |
JP5689574B2 (ja) | 2006-11-17 | 2015-03-25 | 任天堂株式会社 | ゲーム装置、ゲームプログラム、ゲームシステムおよびゲーム制御方法 |
US9391997B2 (en) | 2007-08-23 | 2016-07-12 | Intel Deutschland Gmbh | Message processing apparatus, wireless device and method of storing a message in a wireless device |
US8347396B2 (en) | 2007-11-30 | 2013-01-01 | International Business Machines Corporation | Protect sensitive content for human-only consumption |
CN101252748A (zh) * | 2008-04-11 | 2008-08-27 | 北京北纬通信科技股份有限公司 | 一种在移动终端上实现隐私短信的方法及其系统 |
US8561206B1 (en) * | 2008-07-01 | 2013-10-15 | Mcafee, Inc. | System, method, and computer program product for allowing access to data based on a recipient identifier included with the data |
GB0816062D0 (en) | 2008-09-03 | 2008-10-08 | Symbian Software Ltd | Message storage and retrieval |
US8307412B2 (en) * | 2008-10-20 | 2012-11-06 | Microsoft Corporation | User authentication management |
KR101277149B1 (ko) | 2008-11-06 | 2013-06-20 | 삼성전자주식회사 | 사용자 데이터 암호화 방법 및 장치 |
JP5322288B2 (ja) | 2009-05-29 | 2013-10-23 | Necシステムテクノロジー株式会社 | 通信処理装置、通信処理方法、及びプログラム |
DE102009025414A1 (de) * | 2009-06-16 | 2010-12-30 | T-Mobile International Ag | Verfahren zum Schützen von mit einer elektronischen Nachricht versendeten vertraulichen Daten |
CN102103537A (zh) | 2009-12-17 | 2011-06-22 | 珠海市君天电子科技有限公司 | 一种发现安全软件之间兼容性问题的方法和装置 |
US20110207593A1 (en) | 2010-02-25 | 2011-08-25 | Carlos Duran | Expansivity in Low Expansion Silica-Titania Glasses |
CN102480726A (zh) | 2010-11-24 | 2012-05-30 | 比亚迪股份有限公司 | 密码保护方法、密码保护系统及具有其的移动终端 |
JP5862122B2 (ja) | 2010-12-03 | 2016-02-16 | 株式会社イトーキ | ガラスパネルの取付構造 |
US20120157049A1 (en) * | 2010-12-17 | 2012-06-21 | Nichola Eliovits | Creating a restricted zone within an operating system |
US20120192287A1 (en) * | 2011-01-25 | 2012-07-26 | Yigang Cai | Text message security |
US20120291103A1 (en) | 2011-05-09 | 2012-11-15 | Google Inc. | Permission-based administrative controls |
JP2013045384A (ja) | 2011-08-26 | 2013-03-04 | Konica Minolta Business Technologies Inc | アクセス制御システム及びアクセス制御プログラム |
US20130097203A1 (en) | 2011-10-12 | 2013-04-18 | Mcafee, Inc. | System and method for providing threshold levels on privileged resource usage in a mobile network environment |
US9043918B2 (en) | 2011-10-13 | 2015-05-26 | Mcafee, Inc. | System and method for profile based filtering of outgoing information in a mobile environment |
CN103079113B (zh) | 2011-10-26 | 2016-05-25 | 康佳集团股份有限公司 | 一种限时使用应用程序的智能电视及其控制方法 |
US8543821B1 (en) | 2011-10-28 | 2013-09-24 | Amazon Technologies, Inc. | Scalably displaying sensitive data to users with varying authorization levels |
CN102810143B (zh) | 2012-04-28 | 2015-01-14 | 天津大学 | 基于Android平台手机应用程序的安全检测系统及方法 |
US8732802B2 (en) * | 2012-08-04 | 2014-05-20 | Facebook, Inc. | Receiving information about a user from a third party application based on action types |
JP2014039193A (ja) | 2012-08-17 | 2014-02-27 | Ntt Docomo Inc | 情報処理装置、管理装置、情報処理方法及びプログラム |
KR101417334B1 (ko) | 2012-08-31 | 2014-08-06 | 주식회사 팬택 | 모바일 디바이스 및 모바일 디바이스에서의 침입 차단 방법 |
JP6013613B2 (ja) * | 2012-10-19 | 2016-10-25 | マカフィー, インコーポレイテッド | モバイル・アプリケーション管理 |
US8913994B2 (en) * | 2012-11-02 | 2014-12-16 | Lookout, Inc. | System and method for call blocking and SMS blocking |
CN103106578A (zh) | 2012-12-13 | 2013-05-15 | 张德珍 | 移动互联网支付方法 |
WO2014172909A1 (en) | 2013-04-27 | 2014-10-30 | Tencent Technology (Shenzhen) Company Limited | Managing private information in instant messaging |
CN103310169B (zh) | 2013-04-28 | 2016-09-21 | 东莞宇龙通信科技有限公司 | 一种保护sd卡数据的方法和保护系统 |
CN103327492B (zh) * | 2013-06-04 | 2016-01-06 | 王天时 | 一种安卓手机入侵检测方法及其检测系统 |
KR101510150B1 (ko) | 2013-07-05 | 2015-04-10 | 충남대학교산학협력단 | 메시지 가로채기 방지 방법 및 이를 이용하는 휴대 단말기 |
KR102072134B1 (ko) | 2013-12-04 | 2020-01-31 | 주식회사 케이티 | 메시지 전송 장치, 메시지 서버 및 메시지 수신 장치 |
CN103686716B (zh) * | 2013-12-19 | 2017-01-11 | 复旦大学 | 安卓系统机密性完整性增强访问控制系统 |
KR102285850B1 (ko) | 2013-12-24 | 2021-08-05 | 삼성전자주식회사 | 사용자 단말 장치, 통신 시스템 및 그 제어 방법 |
CN103916471A (zh) | 2014-04-02 | 2014-07-09 | 小米科技有限责任公司 | 一种信息显示方法及装置 |
CN104009977B (zh) | 2014-05-09 | 2016-10-05 | 北京奇虎科技有限公司 | 一种信息保护的方法和系统 |
CN105207775B (zh) * | 2014-05-30 | 2019-03-01 | 北京奇虎科技有限公司 | 验证信息的读取方法及装置 |
CN104125547B (zh) | 2014-07-18 | 2017-12-15 | 北京奇虎科技有限公司 | 处理短信的方法及短信处理装置 |
CN104202735A (zh) | 2014-08-11 | 2014-12-10 | 上海一端科技有限公司 | 一种隐藏短信的方法 |
CN104640116B (zh) | 2014-12-31 | 2018-05-29 | 广东欧珀移动通信有限公司 | 一种诈骗短信防护方法和通信终端 |
CN104657674B (zh) | 2015-01-16 | 2018-02-23 | 北京邮电大学 | 一种手机中隐私数据的隔离保护系统及方法 |
-
2015
- 2015-09-18 CN CN201510599211.6A patent/CN105307137B/zh active Active
- 2015-12-30 KR KR1020167028071A patent/KR101839744B1/ko active IP Right Grant
- 2015-12-30 RU RU2016135920A patent/RU2656588C2/ru active
- 2015-12-30 WO PCT/CN2015/099986 patent/WO2017045311A1/zh active Application Filing
- 2015-12-30 MX MX2016011985A patent/MX361314B/es active IP Right Grant
- 2015-12-30 JP JP2016556782A patent/JP6339693B2/ja active Active
-
2016
- 2016-06-22 EP EP16175767.9A patent/EP3145151B1/en active Active
- 2016-07-19 US US15/213,818 patent/US9998887B2/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103310135A (zh) * | 2012-03-13 | 2013-09-18 | 腾讯科技(深圳)有限公司 | 一种屏蔽应用权限的方法和移动终端 |
CN102917346A (zh) * | 2012-10-17 | 2013-02-06 | 浙江大学城市学院 | 一种基于Android的应用程序运行时安全策略管理系统及方法 |
CN103116716A (zh) * | 2013-01-25 | 2013-05-22 | 复旦大学 | 一种针对移动平台的低干扰的即时权限授予方法 |
CN103514397A (zh) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | 一种服务器、终端及权限管理、许可方法 |
CN103761472A (zh) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | 基于智能终端设备的应用程序访问方法与装置 |
CN103761471A (zh) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | 基于智能终端设备安装应用程序的方法与装置 |
CN104768139A (zh) * | 2015-02-28 | 2015-07-08 | 北京奇艺世纪科技有限公司 | 一种短信发送的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN105307137B (zh) | 2019-05-07 |
JP2018506083A (ja) | 2018-03-01 |
KR20170044058A (ko) | 2017-04-24 |
EP3145151A1 (en) | 2017-03-22 |
US9998887B2 (en) | 2018-06-12 |
US20170086040A1 (en) | 2017-03-23 |
EP3145151B1 (en) | 2018-01-31 |
MX2016011985A (es) | 2017-09-01 |
RU2656588C2 (ru) | 2018-06-05 |
MX361314B (es) | 2018-12-03 |
RU2016135920A3 (zh) | 2018-03-14 |
JP6339693B2 (ja) | 2018-06-06 |
RU2016135920A (ru) | 2018-03-14 |
CN105307137A (zh) | 2016-02-03 |
KR101839744B1 (ko) | 2018-03-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017045311A1 (zh) | 短信读取方法及装置 | |
WO2017045313A1 (zh) | 短信读取方法及装置 | |
WO2016023367A1 (zh) | 访问认证方法、装置及系统 | |
WO2015180384A1 (zh) | 一种处理儿童模式的方法和装置 | |
US20180034772A1 (en) | Method and apparatus for bluetooth-based identity recognition | |
US10922444B2 (en) | Method and apparatus for displaying application interface | |
EP3145152B1 (en) | Short message service reading method and device | |
US9667424B2 (en) | Methods and apparatuses for binding token key to account | |
US10972395B2 (en) | Method and device for granting and acquiring qualification | |
WO2017096927A1 (zh) | 应用程序排布方法及装置 | |
CN107087022B (zh) | 应用程序的操作方法和装置 | |
CN110139230B (zh) | 转发短信的方法、装置及智能设备 | |
CN106411869A (zh) | 通信方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 2016135920 Country of ref document: RU Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2016556782 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: MX/A/2016/011985 Country of ref document: MX |
|
ENP | Entry into the national phase |
Ref document number: 20167028071 Country of ref document: KR Kind code of ref document: A |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15903998 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 15903998 Country of ref document: EP Kind code of ref document: A1 |