WO2017080255A1 - Control method and device - Google Patents

Control method and device Download PDF

Info

Publication number
WO2017080255A1
WO2017080255A1 PCT/CN2016/091625 CN2016091625W WO2017080255A1 WO 2017080255 A1 WO2017080255 A1 WO 2017080255A1 CN 2016091625 W CN2016091625 W CN 2016091625W WO 2017080255 A1 WO2017080255 A1 WO 2017080255A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
network
whitelist
terminal device
user
Prior art date
Application number
PCT/CN2016/091625
Other languages
French (fr)
Chinese (zh)
Inventor
杨鹏
郭泉
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017080255A1 publication Critical patent/WO2017080255A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/34Reselection control
    • H04W36/36Reselection control by user or terminal equipment
    • H04W36/362Conditional handover
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/34Reselection control
    • H04W36/36Reselection control by user or terminal equipment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present application relates to, but is not limited to, the field of communications, and in particular, to a control method and apparatus.
  • WIFI Wireless-Fidelity
  • users generally use the WIFI network to access the Internet.
  • malware that automatically switches to the mobile network to force users to use the mobile network. That is, when the user uses the WIFI network, the malware will forcibly open the mobile network switch and turn off the WIFI network switch. This will consume the user's mobile network traffic extremely, causing the user's economic loss.
  • Embodiments of the present invention provide a control method and apparatus, which effectively monitor network switching.
  • the embodiment of the invention provides a control method, which is applied to a terminal device, and the control method includes:
  • determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
  • the network switching of the terminal device is allowed.
  • determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
  • the user-defined network permission whitelist is searched for the The application, if the application is found in the user-defined network permission white list, allows network switching of the terminal device.
  • determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
  • the user-defined network permission whitelist is searched for the The application, if the application is not found in the user-defined network permission white list, prompts the application to request network switching, and allows the network switching of the terminal device after receiving the network switching confirmation response.
  • the method further includes:
  • the method further includes:
  • the method further includes: when determining that the terminal device is powered on for the first time, generating a boot whitelist according to the pre-installed application.
  • the embodiment of the invention further provides a control device, which is located in the terminal device, and the control device includes:
  • a detection module configured to detect whether there is a network switching request
  • a determining module configured to initiate the network cut according to when the network switching request is detected
  • the requesting application determines whether to allow network switching of the terminal device.
  • the determining module includes a first switching submodule, and the first switching submodule is configured to: when found in a boot whitelist generated by the terminal device or a preset trusted third party application whitelist When the application of the network handover request is initiated, network switching of the terminal device is allowed.
  • the determining module includes a second switching submodule, and the second switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist are searched When the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission white list, and if the application is found in the user-defined network permission white list, the Network switching of the terminal device.
  • the determining module includes a third switching submodule, where the third switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist are searched If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission whitelist. If the application is not found in the user-defined network permission whitelist, the application is prompted. Requesting network handover, allowing network switching of the terminal device after receiving a network handover confirmation response.
  • the third switching submodule is further configured to add the application that initiates the network switching request to the user-defined network permission whitelist.
  • the device further includes: a control module, configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
  • a control module configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
  • the device further includes: a processing module, configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
  • a processing module configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
  • the embodiment of the invention further provides a computer readable storage medium storing computer executable instructions, which are implemented when the computer executable instructions are executed.
  • the above solution effectively avoids malicious switching of the network and avoids leakage of user privacy data, thereby avoiding economic loss of the user.
  • FIG. 1 is a flow chart of a control method in the first embodiment
  • Embodiment 2 is a flow chart of a control method in Embodiment 2;
  • FIG 3 is a schematic structural view of a control device in the third embodiment.
  • the network handover involved in the embodiment of the present invention may be switching from a WIFI network to a mobile network, or may be switching from a mobile network to a WIFI network.
  • the terminal device performs monitoring management on the network handover. After detecting the network handover request initiated by the application, it determines whether the network handover is allowed according to the credibility level of the application.
  • the entire system is scanned when the system of the terminal device is used for the first time, and the package name (such as ID) of the application that can perform network switching is obtained, and the applications may be pre-installed by the terminal device manufacturer, and then the applications are The package name is stored as a boot whitelist. Since the manufacturer is usually unable to switch maliciously to the network, it can be considered that the application in the boot whitelist is the most secure and reasonable software, and the boot whitelist is set to the highest level of credibility, such as the first level of credibility, if the boot white The application in the list requests network switching to allow the network to switch.
  • the package name such as ID
  • the preset third-party software list is used as the secondary trustworthy network switching application white list, and the network switching may be allowed if the application in the third-party software list requests network switching.
  • the user-defined network permission application whitelist is used as the three-level credibility. In the embodiment of the present invention, the credibility of the whitelist is considered to be the lowest. If the application of the level requests network switching, the user may be prompted to confirm first. If the user confirms that the application is allowed to perform network switching, the terminal device performs network switching. Moreover, for this type of application, the terminal device will perform tracking monitoring. Even if the user allows the application of the level to switch the network, the terminal device further tracks whether the application in the white list performs sensitive data operations, such as uploading a contact.
  • the call record the automatic sending of the short message, the uploading of the account information, etc., if the operation of the above sensitive data is performed, the application is considered to be insecure, and the user is prompted to the application as a high-risk application and is prohibited from accessing the network.
  • the credibility level may also be set according to other rules.
  • this embodiment provides a control method, which is applied to a terminal device, where the control method includes the following steps:
  • Step S11 detecting whether there is a network switching request
  • Step S12 When detecting the network handover request, determine, according to an application that initiates the network handover request, whether to allow network handover of the terminal device.
  • the network switching of the terminal device is allowed.
  • the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission is obtained.
  • the application is searched in the whitelist, and if the application is found in the user-defined network permission whitelist, the network switching of the terminal device is allowed.
  • the user-defined network permission is obtained. Searching for the application in the whitelist, if the application is not found in the user-defined network permission whitelist, prompting the application to request network handover, and allowing the network of the terminal device after receiving the network handover confirmation response Switch.
  • control method further includes:
  • the method further includes:
  • the method further includes:
  • a boot whitelist is generated according to the pre-installed application.
  • the above technical solution can prevent malware from performing network switching by hierarchically managing the network switching authority on the terminal device, thereby avoiding the loss of the user unconsciously, and also providing the best to the greatest extent. User experience, reducing user engagement.
  • Step S201 determining whether the terminal device is powered on for the first time; if it is the first time, then proceeding to step S202 to improve the efficiency of processing; if not the first time, then proceeding to step S203;
  • Step S202 Scan the entire system to generate a boot white list
  • the scanning device obtains the signature of the application applying for the network switching permission, which is equivalent to the ID, and is used to uniquely identify an application.
  • the package name is used to identify an APK (Android Package, Android installation package), or the package name may be used instead. Identify the uniqueness of an APK, such as using a binary signature or using an APK signature to identify the uniqueness of an APK.
  • the signature (or ID) of the application is added to the boot whitelist.
  • Step S203 Whether there is a network switching request in the monitoring system
  • the network switching request here refers to turning off the WIFI network switch, or turning off the mobile network switch, and performing network switching. Whether it is switching from a mobile network to a WIFI network or from a WIFI network to a mobile network, it is monitored. If a network switching request is detected, go to step S204.
  • Step S204 Determine whether the application exists in the boot whitelist by using the ID of the application. If the application exists in the boot whitelist, go to step S213. If the application does not exist in the boot whitelist, go to step S205. .
  • Step S205 determining, by the ID of the application, whether the application is in a third-party trusted application white list
  • third-party software that is downloaded by some users and not preset by the system may be needed. For network switching, these softwares need to be excluded from malware to form a whitelist of third-party trusted applications. If the application exists in the third-party trusted application white list, go to step S213; if the application does not exist in the third-party trusted application white list, go to step S206.
  • Step S206 Determine, by the ID of the application, whether the application is in the white list of the network switching allowed by the user, if yes, go to step S213; if no, go to step S207.
  • Step S207 The user confirms whether network switching is allowed
  • the terminal device prompts the user to have an application request for network switching, and displays information about the related application, such as a name, a developer, and the like. If the user chooses to allow network switching, go to step S208; if the user rejects the network switching, go to step S214.
  • step S203 If the user does not make a selection temporarily, wait for the user to make a selection, and then perform the corresponding operation. In the process of displaying the network switching prompt, the listening mechanism always exists, and if there are other applications performing the network switching request, the execution continues from step S203.
  • Step S208 Perform network switching.
  • Step S209 It is determined whether the user selects to add the application to the custom whitelist, and if yes, go to step S210, otherwise go to step S214.
  • Step S210 Add the application to a user-defined white list
  • the ID of the application can be added to the user-defined white list. Since the credibility of the application is not as high as the first two whitelists, the behavior of the application needs to be further monitored. That is, the operation of step S211 is performed.
  • Step S211 Monitor whether the application in the user-defined whitelist accesses user privacy data, such as contact, account information, short message, etc., if yes, go to step S212.
  • user privacy data such as contact, account information, short message, etc.
  • Step S212 Remind the user that the application is risky, and then proceeds to step S214.
  • the application can also be deleted from the user-defined trusted white list while reminding the user.
  • Step S213 Allow network switching.
  • Step S214 End this operation.
  • the embodiment provides a control device, which is located in a terminal device, and the control device includes:
  • the detecting module 11 is configured to detect whether there is a network switching request
  • the determining module 12 is configured to determine, according to the application that initiates the network switching request, whether to allow network switching of the terminal device when the network switching request is detected.
  • the determining module 12 includes a first switching submodule 121.
  • the first switching submodule 121 is configured to: when the booting whitelist generated by the terminal device or a preset trusted third party application whitelist When the application that initiates the network switching request is found, the network switching of the terminal device is allowed.
  • the determining module 12 includes a second switching submodule 122.
  • the second switching submodule 122 is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission white list. If the application is found in the user-defined network permission white list, Allow network switching of the terminal device.
  • the determining module 12 includes a third switching submodule 123.
  • the third switching submodule 123 is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission whitelist. If the application is not found in the user-defined network permission whitelist, Then, the application is prompted to request network switching, and the network switching of the terminal device is allowed after receiving the network switching confirmation response.
  • the third switching submodule 123 is further configured to add the application that initiates the network switching request to the user-defined network permission white list.
  • the device further includes: a control module 13 configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
  • a control module 13 configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
  • the device further includes: a processing module 14 configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
  • a processing module 14 configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
  • the embodiment of the invention further provides a computer readable storage medium storing computer executable instructions, which are implemented when the computer executable instructions are executed.
  • each module/module in the foregoing embodiment may be implemented in the form of hardware, for example, by using an integrated circuit.
  • the corresponding function can also be implemented in the form of a software function module, for example, by executing a program/instruction stored in the memory by the processor to implement its corresponding function. This application is not limited to any specific combination of hardware and software.
  • the embodiment of the present application provides a control method and device, which effectively avoids malicious switching of the network, avoids leakage of user privacy data, and thus avoids economic loss of the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A control method applied in a terminal device, comprising: detecting a network switching request; and when the network switching request is detected, determining whether to permit network switching of a terminal device according to an application initiating the network switching request. By monitoring network switching, the solution prevents malicious network switching effectively and private user data leakage, thus preventing economic loss of the user.

Description

一种控制方法及装置Control method and device 技术领域Technical field
本申请涉及但不限于通信领域,尤其涉及一种控制方法及装置。The present application relates to, but is not limited to, the field of communications, and in particular, to a control method and apparatus.
背景技术Background technique
随着信息技术的发展,智能手机变得越来越普及,成为了生活中的必须品。随着手机的普及,用户经常用手机来上网,而移动网络流量是一种相对昂贵的资源,用户在有WIFI(Wireless-Fidelity,无线保真)网络的情况下,一般会使用WIFI网络来上网。然而,目前存在一种恶意软件,会自动切换到移动网络,强制用户使用移动网络,即用户在使用WIFI网络时,恶意软件会强制打开移动网络开关,关闭WIFI网络开关。这会极度地消耗用户的移动网络流量,造成用户的经济损失。另外,还有一种状况,则是强制用户切换到WIFI网络,即恶意软件会强制关闭移动网络开关,打开WIFI网络开关,发起WIFI连接。这种情况更为危险,当用户的WIFI路由器中毒,或者用户被强制连接到黑客恶意的钓鱼WIFI路由器,则会造成用户账号、密码、联系人等敏感信息的丢失,给用户造成经济损失。With the development of information technology, smart phones have become more and more popular and become a necessity in life. With the popularity of mobile phones, users often use mobile phones to access the Internet, and mobile network traffic is a relatively expensive resource. In the case of a WIFI (Wireless-Fidelity) network, users generally use the WIFI network to access the Internet. . However, there is currently a kind of malware that automatically switches to the mobile network to force users to use the mobile network. That is, when the user uses the WIFI network, the malware will forcibly open the mobile network switch and turn off the WIFI network switch. This will consume the user's mobile network traffic extremely, causing the user's economic loss. In addition, there is a situation in which the user is forced to switch to the WIFI network, that is, the malware will forcibly close the mobile network switch, open the WIFI network switch, and initiate a WIFI connection. This situation is even more dangerous. When the user's WIFI router is poisoned, or the user is forced to connect to the hacker's malicious phishing router, the user's account, password, contact, and other sensitive information will be lost, causing economic losses to the user.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
本发明实施例提供一种控制方法及装置,有效地监控了网络切换。Embodiments of the present invention provide a control method and apparatus, which effectively monitor network switching.
本发明实施例提供一种控制方法,应用于终端设备,所述控制方法包括:The embodiment of the invention provides a control method, which is applied to a terminal device, and the control method includes:
检测是否有网络切换请求;Check if there is a network switch request;
当检测到所述网络切换请求时,根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换。When detecting the network handover request, determining, according to an application that initiates the network handover request, whether to allow network handover of the terminal device.
可选地,所述根据发起所述网络切换请求的应用判断是否允许终端设备的网络切换包括: Optionally, determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。When the application for initiating the network switching request is found in the boot white list generated by the terminal device or the preset trusted third party application white list, the network switching of the terminal device is allowed.
可选地,所述根据发起所述网络切换请求的应用判断是否允许终端设备的网络切换包括:Optionally, determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。When the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission whitelist is searched for the The application, if the application is found in the user-defined network permission white list, allows network switching of the terminal device.
可选地,所述根据发起所述网络切换请求的应用判断是否允许终端设备的网络切换包括:Optionally, determining, according to the application that initiates the network switching request, whether to allow network switching of the terminal device includes:
当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。When the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission whitelist is searched for the The application, if the application is not found in the user-defined network permission white list, prompts the application to request network switching, and allows the network switching of the terminal device after receiving the network switching confirmation response.
可选地,所述当接收到网络切换确认响应后允许所述终端设备的网络切换后,所述方法还包括:Optionally, after the network switching of the terminal device is allowed after receiving the network switch confirmation response, the method further includes:
将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。Adding the application that initiates the network switch request to the user-defined network permission white list.
可选地,所述方法还包括:Optionally, the method further includes:
监测用户自定义的网络权限白名单中的应用是否访问隐私数据;Monitor whether the application in the user-defined network permission whitelist accesses private data;
当监测到任一应用访问隐私数据时,进行风险提示。When any application is detected to access private data, a risk alert is made.
可选地,所述方法还包括:当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。Optionally, the method further includes: when determining that the terminal device is powered on for the first time, generating a boot whitelist according to the pre-installed application.
本发明实施例还提供一种控制装置,位于终端设备,所述控制装置包括:The embodiment of the invention further provides a control device, which is located in the terminal device, and the control device includes:
检测模块,设置为检测是否有网络切换请求;a detection module configured to detect whether there is a network switching request;
判断模块,设置为当检测到所述网络切换请求时,根据发起所述网络切 换请求的应用判断是否允许所述终端设备的网络切换。a determining module, configured to initiate the network cut according to when the network switching request is detected The requesting application determines whether to allow network switching of the terminal device.
可选地,所述判断模块包括第一切换子模块;所述第一切换子模块设置为:当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。Optionally, the determining module includes a first switching submodule, and the first switching submodule is configured to: when found in a boot whitelist generated by the terminal device or a preset trusted third party application whitelist When the application of the network handover request is initiated, network switching of the terminal device is allowed.
可选地,所述判断模块包括第二切换子模块;所述第二切换子模块设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。Optionally, the determining module includes a second switching submodule, and the second switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist are searched When the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission white list, and if the application is found in the user-defined network permission white list, the Network switching of the terminal device.
可选地,所述判断模块包括第三切换子模块;所述第三切换子模块设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。Optionally, the determining module includes a third switching submodule, where the third switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist are searched If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission whitelist. If the application is not found in the user-defined network permission whitelist, the application is prompted. Requesting network handover, allowing network switching of the terminal device after receiving a network handover confirmation response.
可选地,所述第三切换子模块还设置为将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。Optionally, the third switching submodule is further configured to add the application that initiates the network switching request to the user-defined network permission whitelist.
可选地,所述装置还包括:控制模块,设置为监测用户自定义的网络权限白名单中的应用是否访问隐私数据;当监测到任一应用访问隐私数据时,进行风险提示。Optionally, the device further includes: a control module, configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
可选地,所述装置还包括:处理模块,设置为当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。Optionally, the device further includes: a processing module, configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现上述控制方法。The embodiment of the invention further provides a computer readable storage medium storing computer executable instructions, which are implemented when the computer executable instructions are executed.
上述方案通过对网络切换进行监控,有效地避免了网络恶意切换,避免了用户隐私数据的泄露,从而避免了用户的经济损失。By monitoring the network switching, the above solution effectively avoids malicious switching of the network and avoids leakage of user privacy data, thereby avoiding economic loss of the user.
在阅读并理解了附图和详细描述后,可以明白其他方面。 Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1为实施例一中的控制方法的流程图;1 is a flow chart of a control method in the first embodiment;
图2为实施例二中的控制方法的流程图;2 is a flow chart of a control method in Embodiment 2;
图3为实施例三中的控制装置的结构示意图。3 is a schematic structural view of a control device in the third embodiment.
本发明的实施方式Embodiments of the invention
下文中将结合附图对本申请的实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。Embodiments of the present application will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
本发明实施例涉及的网络切换可以是从WIFI网络切换到移动网络,也可以是从移动网络切换到WIFI网络。终端设备对于网络切换进行监听管理,当检测到应用发起的网络切换请求后,根据该应用的可信度级别判断是否允许网络切换。The network handover involved in the embodiment of the present invention may be switching from a WIFI network to a mobile network, or may be switching from a mobile network to a WIFI network. The terminal device performs monitoring management on the network handover. After detecting the network handover request initiated by the application, it determines whether the network handover is allowed according to the credibility level of the application.
在本发明实施例中,在终端设备的系统首次使用时扫描整个系统,获得可以进行网络切换的应用的包名(如ID),这些应用可以是终端设备厂商预装的,然后将这些应用的包名存储下来,作为开机白名单。由于厂商通常不可能对网络进行恶意切换,因此可以认为开机白名单中的应用为合理的最安全的软件,将开机白名单设定为可信度级别最高,如一级可信度,如果开机白名单中的应用请求网络切换可允许该网络切换。In the embodiment of the present invention, the entire system is scanned when the system of the terminal device is used for the first time, and the package name (such as ID) of the application that can perform network switching is obtained, and the applications may be pre-installed by the terminal device manufacturer, and then the applications are The package name is stored as a boot whitelist. Since the manufacturer is usually unable to switch maliciously to the network, it can be considered that the application in the boot whitelist is the most secure and reasonable software, and the boot whitelist is set to the highest level of credibility, such as the first level of credibility, if the boot white The application in the list requests network switching to allow the network to switch.
在本发明实施例中,将预设的第三方软件列表作为二级可信度的网络切换应用白名单,如果第三方软件列表中的应用请求网络切换也可以允许网络切换。将用户自定义的网络权限应用白名单作为三级可信度,在本发明实施例中认为这一级白名单的可信度最低。如果该级别的应用请求网络切换可以先提示用户确认,如果用户确认允许该应用进行网络切换,那么终端设备进行网络切换。而且,对于这一类的应用,终端设备将进行跟踪监控,即便用户允许该级别的应用切换网络,终端设备也会进一步地跟踪这个白名单中的应用是否进行敏感数据的操作,比如上传联系人、通话记录、自动发送短信、上传账号信息等,如果有上述敏感数据的操作,则认为该应用是不安全的,此时会提示用户该应用是高风险应用,并且禁止其访问网络。 In the embodiment of the present invention, the preset third-party software list is used as the secondary trustworthy network switching application white list, and the network switching may be allowed if the application in the third-party software list requests network switching. The user-defined network permission application whitelist is used as the three-level credibility. In the embodiment of the present invention, the credibility of the whitelist is considered to be the lowest. If the application of the level requests network switching, the user may be prompted to confirm first. If the user confirms that the application is allowed to perform network switching, the terminal device performs network switching. Moreover, for this type of application, the terminal device will perform tracking monitoring. Even if the user allows the application of the level to switch the network, the terminal device further tracks whether the application in the white list performs sensitive data operations, such as uploading a contact. The call record, the automatic sending of the short message, the uploading of the account information, etc., if the operation of the above sensitive data is performed, the application is considered to be insecure, and the user is prompted to the application as a high-risk application and is prohibited from accessing the network.
需要说明的是,在其它的实施例中还可以按照其它的规则设定可信度级别。It should be noted that in other embodiments, the credibility level may also be set according to other rules.
实施例一Embodiment 1
下面结合附图进一步说明本发明实施例的技术方案。The technical solutions of the embodiments of the present invention are further described below with reference to the accompanying drawings.
如图1所示,本实施例提供一种控制方法,应用于终端设备,所述控制方法包括以下步骤:As shown in FIG. 1 , this embodiment provides a control method, which is applied to a terminal device, where the control method includes the following steps:
步骤S11:检测是否有网络切换请求;Step S11: detecting whether there is a network switching request;
步骤S12:当检测到所述网络切换请求时,根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换。Step S12: When detecting the network handover request, determine, according to an application that initiates the network handover request, whether to allow network handover of the terminal device.
在本实施例中,当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。In this embodiment, when the application that initiates the network handover request is found in the boot whitelist generated by the terminal device or the preset trusted third-party application whitelist, the network switching of the terminal device is allowed.
在本实施例中,当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。In this embodiment, when the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission is obtained. The application is searched in the whitelist, and if the application is found in the user-defined network permission whitelist, the network switching of the terminal device is allowed.
在本实施例中,当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。In this embodiment, when the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission is obtained. Searching for the application in the whitelist, if the application is not found in the user-defined network permission whitelist, prompting the application to request network handover, and allowing the network of the terminal device after receiving the network handover confirmation response Switch.
可选地,所述当接收到网络切换确认响应后允许所述终端设备的网络切换后,所述控制方法还包括:Optionally, after the network switching of the terminal device is allowed after receiving the network switch confirmation response, the control method further includes:
将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。Adding the application that initiates the network switch request to the user-defined network permission white list.
可选地,所述方法还包括:Optionally, the method further includes:
监测用户自定义的网络权限白名单中的应用是否访问隐私数据; Monitor whether the application in the user-defined network permission whitelist accesses private data;
当监测到任一应用访问隐私数据时,进行风险提示。When any application is detected to access private data, a risk alert is made.
可选地,所述方法还包括:Optionally, the method further includes:
当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。When it is determined that the terminal device is powered on for the first time, a boot whitelist is generated according to the pre-installed application.
上述技术方案通过对终端设备上的网络切换权限进行分级别的管理,可以很好地防止恶意软件进行网络切换,避免了用户在不知不觉中遭受损失,同时还可以最大程度上提供最好的用户体验,减少用户参与。The above technical solution can prevent malware from performing network switching by hierarchically managing the network switching authority on the terminal device, thereby avoiding the loss of the user unconsciously, and also providing the best to the greatest extent. User experience, reducing user engagement.
实施例二Embodiment 2
如图2所示,下面结合具体的场景进一步说明本实施例的技术方案。本实施例提供的方法包括以下步骤:As shown in FIG. 2, the technical solution of this embodiment is further described below in conjunction with a specific scenario. The method provided in this embodiment includes the following steps:
步骤S201:判断终端设备是否是第一次开机;如果是第一次开机,则转至步骤S202以提高处理的效率;如果不是第一次开机,则转至步骤S203;Step S201: determining whether the terminal device is powered on for the first time; if it is the first time, then proceeding to step S202 to improve the efficiency of processing; if not the first time, then proceeding to step S203;
步骤S202:扫描整个系统,生成开机白名单;Step S202: Scan the entire system to generate a boot white list;
其中,扫描系统后获取申请网络切换权限的应用的特征码,相当于ID,用于唯一标识一个应用,这里用包名来标识一个APK(Android Package,安卓安装包),也可以不用包名来标识APK的唯一性,比如用二进制特征码或者用APK签名来标识一个APK的唯一性。得到应用的特征码之后,将这个应用的特征码(或ID)加入开机白名单中。The scanning device obtains the signature of the application applying for the network switching permission, which is equivalent to the ID, and is used to uniquely identify an application. Here, the package name is used to identify an APK (Android Package, Android installation package), or the package name may be used instead. Identify the uniqueness of an APK, such as using a binary signature or using an APK signature to identify the uniqueness of an APK. After obtaining the applied signature, the signature (or ID) of the application is added to the boot whitelist.
步骤S203:监听系统中是否有网络切换请求;Step S203: Whether there is a network switching request in the monitoring system;
这里的网络切换请求是指关闭WIFI网络开关,或者关闭移动网络开关,并进行网络切换。无论是从移动网络切换到WIFI网络还是从WIFI网络切换到移动网络,都进行监听。如果监听到有网络切换请求,则转步骤S204。The network switching request here refers to turning off the WIFI network switch, or turning off the mobile network switch, and performing network switching. Whether it is switching from a mobile network to a WIFI network or from a WIFI network to a mobile network, it is monitored. If a network switching request is detected, go to step S204.
步骤S204:通过该应用的ID,判断该应用是否存在于开机白名单中,如果该应用存在于开机白名单中,则转步骤S213,如果该应用不存在于开机白名单中,则转步骤S205。Step S204: Determine whether the application exists in the boot whitelist by using the ID of the application. If the application exists in the boot whitelist, go to step S213. If the application does not exist in the boot whitelist, go to step S205. .
步骤S205:通过该应用的ID,判断该应用是否在第三方可信任应用白名单中;Step S205: determining, by the ID of the application, whether the application is in a third-party trusted application white list;
比如某些用户自己下载的、非系统预置的知名的第三方软件,有可能需 要进行网络切换,对于这些软件,需要将其排除在恶意软件之外,将其构成一个第三方可信任应用白名单。如果该应用存在于第三方可信任应用白名单中,则转步骤S213;如果该应用不存在于第三方可信任应用白名单中,则转步骤S206。For example, some well-known third-party software that is downloaded by some users and not preset by the system may be needed. For network switching, these softwares need to be excluded from malware to form a whitelist of third-party trusted applications. If the application exists in the third-party trusted application white list, go to step S213; if the application does not exist in the third-party trusted application white list, go to step S206.
步骤S206:通过该应用的ID,判断该应用是否在用户自己设置的允许网络切换的白名单中,如果是,则转步骤S213;如果否,则转步骤S207。Step S206: Determine, by the ID of the application, whether the application is in the white list of the network switching allowed by the user, if yes, go to step S213; if no, go to step S207.
步骤S207:用户确认是否允许网络切换;Step S207: The user confirms whether network switching is allowed;
终端设备提示用户有应用请求进行网络切换,并显示相关应用的信息,如名称、开发商等。如果用户选择允许网络切换,则转步骤S208;如果用户拒绝网络切换,则转步骤S214。The terminal device prompts the user to have an application request for network switching, and displays information about the related application, such as a name, a developer, and the like. If the user chooses to allow network switching, go to step S208; if the user rejects the network switching, go to step S214.
如果用户暂时没有进行选择,则等待用户进行选择,进行选择后再进行相应操作。在显示网络切换提示过程中,监听机制一直存在,如果有其它应用进行网络切换请求,则继续从步骤S203开始执行。If the user does not make a selection temporarily, wait for the user to make a selection, and then perform the corresponding operation. In the process of displaying the network switching prompt, the listening mechanism always exists, and if there are other applications performing the network switching request, the execution continues from step S203.
步骤S208:进行网络切换;Step S208: Perform network switching.
步骤S209:判断用户是否选中将该应用加入到自定义白名单中,如果是,则转步骤S210,否则转步骤S214。Step S209: It is determined whether the user selects to add the application to the custom whitelist, and if yes, go to step S210, otherwise go to step S214.
步骤S210:将该应用加入到用户自定义的白名单中;Step S210: Add the application to a user-defined white list;
其中,可以将该应用的ID加入到用户自定义的白名单中。由于该应用的可信度没有前两个白名单高,需要进一步监控该应用的行为。即执行步骤S211的操作。The ID of the application can be added to the user-defined white list. Since the credibility of the application is not as high as the first two whitelists, the behavior of the application needs to be further monitored. That is, the operation of step S211 is performed.
步骤S211:监控用户自定义的白名单中的应用是否访问用户隐私数据,比如联系人、账号信息、短信等行为,如果是则转步骤S212。Step S211: Monitor whether the application in the user-defined whitelist accesses user privacy data, such as contact, account information, short message, etc., if yes, go to step S212.
步骤S212:提醒用户该应用是有风险的,然后转步骤S214。Step S212: Remind the user that the application is risky, and then proceeds to step S214.
其中,还可以在提醒用户的同时将该应用从用户自定义的可信任的白名单中删除。The application can also be deleted from the user-defined trusted white list while reminding the user.
步骤S213:允许网络切换。Step S213: Allow network switching.
步骤S214:结束本次操作。 Step S214: End this operation.
实施例三Embodiment 3
如图3所示,本实施例提供一种控制装置,位于终端设备,所述控制装置包括:As shown in FIG. 3, the embodiment provides a control device, which is located in a terminal device, and the control device includes:
检测模块11,设置为检测是否有网络切换请求;The detecting module 11 is configured to detect whether there is a network switching request;
判断模块12,设置为当检测到所述网络切换请求时,根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换。The determining module 12 is configured to determine, according to the application that initiates the network switching request, whether to allow network switching of the terminal device when the network switching request is detected.
可选地,所述判断模块12包括第一切换子模块121;所述第一切换子模块121设置为:当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。Optionally, the determining module 12 includes a first switching submodule 121. The first switching submodule 121 is configured to: when the booting whitelist generated by the terminal device or a preset trusted third party application whitelist When the application that initiates the network switching request is found, the network switching of the terminal device is allowed.
可选地,所述判断模块12包括第二切换子模块122;所述第二切换子模块122设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。Optionally, the determining module 12 includes a second switching submodule 122. The second switching submodule 122 is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission white list. If the application is found in the user-defined network permission white list, Allow network switching of the terminal device.
可选地,所述判断模块12包括第三切换子模块123;所述第三切换子模块123设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。Optionally, the determining module 12 includes a third switching submodule 123. The third switching submodule 123 is configured to: when the booting whitelist generated by the terminal device and the preset trusted third party application whitelist If the application that initiates the network switching request is not found, the application is searched for in the user-defined network permission whitelist. If the application is not found in the user-defined network permission whitelist, Then, the application is prompted to request network switching, and the network switching of the terminal device is allowed after receiving the network switching confirmation response.
可选地,所述第三切换子模块123还设置为将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。Optionally, the third switching submodule 123 is further configured to add the application that initiates the network switching request to the user-defined network permission white list.
可选地,所述装置还包括:控制模块13,设置为监测用户自定义的网络权限白名单中的应用是否访问隐私数据;当监测到任一应用访问隐私数据时,进行风险提示。Optionally, the device further includes: a control module 13 configured to monitor whether the application in the user-defined network permission whitelist accesses the private data; and when any application is monitored to access the private data, the risk prompt is performed.
可选地,所述装置还包括:处理模块14,设置为当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。 Optionally, the device further includes: a processing module 14 configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现上述控制方法。The embodiment of the invention further provides a computer readable storage medium storing computer executable instructions, which are implemented when the computer executable instructions are executed.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件(例如处理器)完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现,相应地,上述实施例中的各模块/模块可以采用硬件的形式实现,例如通过集成电路来实现其相应功能,也可以采用软件功能模块的形式实现,例如通过处理器执行存储于存储器中的程序/指令来实现其相应功能。本申请不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the above steps may be performed by a program to instruct related hardware, such as a processor, which may be stored in a computer readable storage medium, such as a read only memory, disk or optical disk. Wait. Optionally, all or part of the steps of the foregoing embodiments may also be implemented by using one or more integrated circuits. Accordingly, each module/module in the foregoing embodiment may be implemented in the form of hardware, for example, by using an integrated circuit. The corresponding function can also be implemented in the form of a software function module, for example, by executing a program/instruction stored in the memory by the processor to implement its corresponding function. This application is not limited to any specific combination of hardware and software.
以上所述仅为本申请的可选实施例而已,并不用于限制本申请,对于本领域的技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。The above description is only an optional embodiment of the present application, and is not intended to limit the present application, and various changes and modifications may be made to the present application. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of this application are intended to be included within the scope of the present application.
工业实用性Industrial applicability
本申请实施例提供一种控制方法及装置,有效地避免了网络恶意切换,避免了用户隐私数据的泄露,从而避免了用户的经济损失。 The embodiment of the present application provides a control method and device, which effectively avoids malicious switching of the network, avoids leakage of user privacy data, and thus avoids economic loss of the user.

Claims (14)

  1. 一种控制方法,应用于终端设备,所述方法包括:A control method is applied to a terminal device, and the method includes:
    检测是否有网络切换请求;Check if there is a network switch request;
    当检测到所述网络切换请求时,根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换。When detecting the network handover request, determining, according to an application that initiates the network handover request, whether to allow network handover of the terminal device.
  2. 如权利要求1所述的方法,其中,所述根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换包括:The method of claim 1, wherein the determining, according to an application that initiates the network switching request, whether to allow network switching of the terminal device comprises:
    当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。When the application for initiating the network switching request is found in the boot white list generated by the terminal device or the preset trusted third party application white list, the network switching of the terminal device is allowed.
  3. 如权利要求1所述的方法,其中,所述根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换包括:The method of claim 1, wherein the determining, according to an application that initiates the network switching request, whether to allow network switching of the terminal device comprises:
    当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。When the application that initiates the network switching request is not found in the boot whitelist generated by the terminal device and the preset trusted third-party application whitelist, the user-defined network permission whitelist is searched for the The application, if the application is found in the user-defined network permission white list, allows network switching of the terminal device.
  4. 如权利要求1所述的方法,其中,所述根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换包括:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。The method of claim 1, wherein the determining, according to an application that initiates the network switching request, whether to allow network switching of the terminal device comprises: a boot whitelist generated at the terminal device and a preset If the application that initiates the network switching request is not found in the trusted third-party application whitelist, the application is searched for in the user-defined network permission whitelist, if the user is customized in the user-defined network permission whitelist. If the application is not available, the application is prompted to request network handover, and the network handover of the terminal device is allowed after receiving the network handover confirmation response.
  5. 如权利要求4所述的方法,所述当接收到网络切换确认响应后允许所述终端设备的网络切换后,所述方法还包括:将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。The method of claim 4, after the network switching of the terminal device is allowed after receiving the network switching confirmation response, the method further comprises: adding the application that initiates the network switching request to the user Defined in the whitelist of network permissions.
  6. 如权利要求1所述的方法,所述方法还包括:监测用户自定义的网络权限白名单中的应用是否访问隐私数据;当监测到任一应用访问隐私数据时,进行风险提示。 The method of claim 1, further comprising: monitoring whether the application in the user-defined network permission whitelist accesses the private data; and when detecting that any application accesses the private data, performing a risk prompt.
  7. 如权利要求1所述的方法,所述方法还包括:当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。The method of claim 1, further comprising: generating a boot whitelist based on the pre-installed application when determining that the terminal device is powered on for the first time.
  8. 一种控制装置,位于终端设备,所述控制装置包括:A control device is located at a terminal device, and the control device includes:
    检测模块,设置为检测是否有网络切换请求;a detection module configured to detect whether there is a network switching request;
    判断模块,设置为当检测到所述网络切换请求时,根据发起所述网络切换请求的应用判断是否允许所述终端设备的网络切换。The determining module is configured to determine, according to the application that initiates the network switching request, whether to allow network switching of the terminal device, when the network switching request is detected.
  9. 如权利要求8所述的装置,其中,所述判断模块包括第一切换子模块;所述第一切换子模块设置为:当在所述终端设备生成的开机白名单或者预设的可信任第三方应用白名单中查找到发起所述网络切换请求的应用时,允许所述终端设备的网络切换。The apparatus of claim 8, wherein the determining module comprises a first switching submodule; the first switching submodule is configured to: when a boot whitelist or a preset trusted first generated by the terminal device The network switching of the terminal device is allowed when the application for initiating the network switching request is found in the three-party application whitelist.
  10. 如权利要求8所述的装置,其中,所述判断模块包括第二切换子模块;所述第二切换子模块设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找到所述应用,则允许所述终端设备的网络切换。The apparatus of claim 8, wherein the determining module comprises a second switching submodule; the second switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted first If the application that initiates the network switching request is not found in the whitelist application whitelist, the application is searched for in the user-defined network permission whitelist, and if the user is found in the user-defined network permission whitelist. The application allows network switching of the terminal device.
  11. 如权利要求8所述的装置,其中,所述判断模块包括第三切换子模块;所述第三切换子模块设置为:当在所述终端设备生成的开机白名单以及预设的可信任第三方应用白名单中都查找不到发起所述网络切换请求的应用时,在用户自定义的网络权限白名单中查找所述应用,如果在所述用户自定义的网络权限白名单中查找不到所述应用,则提示应用请求网络切换,当接收到网络切换确认响应后允许所述终端设备的网络切换。The apparatus of claim 8, wherein the determining module comprises a third switching submodule; the third switching submodule is configured to: when the booting whitelist generated by the terminal device and the preset trusted first If the application that initiates the network switching request is not found in the whitelist of the three-party application, the application is searched for in the user-defined network permission whitelist, and is not found in the user-defined network permission whitelist. The application prompts the application to request network handover, and allows network switching of the terminal device after receiving the network handover confirmation response.
  12. 如权利要求11所述的装置,其中,所述第三切换子模块还设置为将所述发起网络切换请求的应用添加到所述用户自定义的网络权限白名单中。The apparatus of claim 11, wherein the third handover sub-module is further configured to add the application that initiates the network handover request to the user-defined network rights whitelist.
  13. 如权利要求8所述的装置,所述装置还包括:控制模块,设置为:监测用户自定义的网络权限白名单中的应用是否访问隐私数据;当监测到任一应用访问隐私数据时,进行风险提示。The device of claim 8, further comprising: a control module configured to: monitor whether the application in the user-defined network permission whitelist accesses the private data; when monitoring any application accessing the private data, proceeding risk warning.
  14. 如权利要求8所述的装置,所述装置还包括:处理模块,设置为当判断所述终端设备为首次开机时,根据预装的应用生成开机白名单。 The device of claim 8, further comprising: a processing module configured to generate a boot whitelist according to the pre-installed application when determining that the terminal device is powered on for the first time.
PCT/CN2016/091625 2015-11-10 2016-07-25 Control method and device WO2017080255A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510760111.7 2015-11-10
CN201510760111.7A CN106686624A (en) 2015-11-10 2015-11-10 Control method and device

Publications (1)

Publication Number Publication Date
WO2017080255A1 true WO2017080255A1 (en) 2017-05-18

Family

ID=58694725

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/091625 WO2017080255A1 (en) 2015-11-10 2016-07-25 Control method and device

Country Status (2)

Country Link
CN (1) CN106686624A (en)
WO (1) WO2017080255A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220283848A1 (en) * 2021-03-08 2022-09-08 Dell Products L.P. Enabling modern standby for unsupported applications

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100136978A1 (en) * 2008-12-03 2010-06-03 Electronics And Telecommunications Research Method for handoff of portable terminal between heterogeneous wireless networks
CN102355667A (en) * 2011-06-30 2012-02-15 北京邮电大学 Method and system for controlling network connection of application programs in mobile intelligent terminal system
CN104486785A (en) * 2014-12-23 2015-04-01 广东欧珀移动通信有限公司 Switching method and system of mobile terminal network optimization
CN104883680A (en) * 2015-05-15 2015-09-02 深圳市理奥网络技术有限公司 Data protection method and user terminal
CN104902430A (en) * 2015-05-19 2015-09-09 广东欧珀移动通信有限公司 Method and system for flow control of intelligent terminal

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004876B (en) * 2009-12-31 2012-07-18 郑州信大捷安信息技术股份有限公司 Security terminal reinforcing model and reinforcing method of tolerable non-trusted component

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100136978A1 (en) * 2008-12-03 2010-06-03 Electronics And Telecommunications Research Method for handoff of portable terminal between heterogeneous wireless networks
CN102355667A (en) * 2011-06-30 2012-02-15 北京邮电大学 Method and system for controlling network connection of application programs in mobile intelligent terminal system
CN104486785A (en) * 2014-12-23 2015-04-01 广东欧珀移动通信有限公司 Switching method and system of mobile terminal network optimization
CN104883680A (en) * 2015-05-15 2015-09-02 深圳市理奥网络技术有限公司 Data protection method and user terminal
CN104902430A (en) * 2015-05-19 2015-09-09 广东欧珀移动通信有限公司 Method and system for flow control of intelligent terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220283848A1 (en) * 2021-03-08 2022-09-08 Dell Products L.P. Enabling modern standby for unsupported applications
US11900154B2 (en) * 2021-03-08 2024-02-13 Dell Products L.P. Enabling modern standby for unsupported applications

Also Published As

Publication number Publication date
CN106686624A (en) 2017-05-17

Similar Documents

Publication Publication Date Title
US10834124B2 (en) Remote malware remediation
US8656465B1 (en) Userspace permissions service
JP5830102B2 (en) Reputation check of acquired file
US9087190B2 (en) Context-aware permission control of hybrid mobile applications
RU2622876C2 (en) Method, device and electronic device for connection control
US9230085B1 (en) Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services
US8863291B2 (en) Reputation checking of executable programs
US10334066B2 (en) Method and system applications for push notifications
KR20140044991A (en) Method and apparatus for managing application in a user device
JP2007241562A (en) Computer readable recording medium having device driver program recorded thereon, storage device access method and storage device access system
CN107690175B (en) Method and equipment for managing wireless access point
US20150347774A1 (en) Restricted resource classes of an operating system
CN110445769B (en) Access method and device of business system
US20200226250A1 (en) Isolating an application running inside a native container application
KR20140068935A (en) Per process networking capabilities
US9460317B2 (en) Data processor and storage medium
US11652818B2 (en) Method and apparatus for accessing service system
WO2019037521A1 (en) Security detection method, device, system, and server
RU2626658C2 (en) Processing of content for applications
US11558365B1 (en) Multi-second factor authentication
US20170126662A1 (en) Federating Devices to Improve User Experience with Adaptive Security
WO2017080255A1 (en) Control method and device
US20200334365A1 (en) Self-Management of Devices Using Personal Mobile Device Management
WO2016165674A1 (en) Trusted environment operating method and device for terminal
US8640242B2 (en) Preventing and detecting print-provider startup malware

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16863433

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16863433

Country of ref document: EP

Kind code of ref document: A1