WO2017143879A1 - Procédé et dispositif de gestion d'autorisation sur un fichier - Google Patents

Procédé et dispositif de gestion d'autorisation sur un fichier Download PDF

Info

Publication number
WO2017143879A1
WO2017143879A1 PCT/CN2017/070878 CN2017070878W WO2017143879A1 WO 2017143879 A1 WO2017143879 A1 WO 2017143879A1 CN 2017070878 W CN2017070878 W CN 2017070878W WO 2017143879 A1 WO2017143879 A1 WO 2017143879A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
authorization level
access
determining
preset
Prior art date
Application number
PCT/CN2017/070878
Other languages
English (en)
Chinese (zh)
Inventor
黄勤波
杨鹏
郭泉
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017143879A1 publication Critical patent/WO2017143879A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of communications, and in particular to a method and apparatus for managing rights of a file.
  • the invention provides a method and device for managing rights of a file, so as to at least solve the problem of low file security in the related art.
  • a method for managing rights of a file including:
  • the file is scanned, and the access authority of the file is determined according to the preset feature information and the authorization level of the feature information, including one of the following:
  • the file is a text file, determining the access authority of the file according to the keyword in the preset feature information and the authorization level of the keyword;
  • the access authority of the multimedia file is determined by using key data in the preset feature information and an authorization level of the key data.
  • the method further includes:
  • determining, according to the keyword in the preset feature information and the authorization level of the keyword, the access permission of the file includes: setting according to the preset message Processing status and an authorization level of the processing status, determining access rights of the short message;
  • determining the access authority of the multimedia file by using the key data in the preset feature information and the authorization level of the key data includes: according to a preset body part And determining an authorization level of the human body part map, or an identifier in the picture video and an authorization level of the identifier, determining an access right of the picture video;
  • determining, by using the key data in the preset feature information and the authorization level of the key data, the access rights of the multimedia file includes: according to a preset voice keyword The segment and the authorization level of the voice key segment, or the voice creation user and the authorization level of the voice creation user determine the access rights of the voice.
  • the method includes:
  • Accessing the file modifying the file, deleting the file, and moving the file.
  • a determining module configured to scan the file, and determine access rights of the file according to preset feature information and an authorization level of the feature information
  • a determining module configured to determine whether the control authority of the operation action is within the access authority of the file, and if the control authority is not within the scope of the access authority, not corresponding to the operation action Operation.
  • the determining module includes:
  • a first determining unit configured to determine, according to a keyword in the preset feature information and an authorization level of the keyword, an access right of the file, where the file is a text file;
  • the first determining unit is further configured to determine the access of the contact file according to a preset name field and an authorization level set for the name field. Permission
  • the first determining unit is further configured to determine an access right of the short message according to a preset processing state of the short message setting and an authorization level set by the processing state;
  • the second determining unit is further configured to: according to the preset body part map and the authorization level of the body part map, or the identifier in the picture video and the An authorization level of the identifier, determining access rights of the picture video;
  • the second determining unit is further configured to: according to the preset voice key segment and the authorization level of the voice key segment, or the voice creation user and the voice The authorization level of the created user determines the access rights of the voice.
  • the device further includes:
  • the verification module is configured to send the verification request information if the control authority is not within the access authority of the file after determining whether the control authority of the operation action is within the access authority of the file Receiving feedback information corresponding to the verification request information;
  • the operation action includes at least one of the following:
  • Accessing the file modifying the file, deleting the file, and moving the file.
  • Another embodiment of the present invention provides a computer storage medium, where the computer storage medium stores execution instructions for performing one or a combination of the steps in the foregoing method embodiments.
  • FIG. 1 is a flowchart of a method for managing rights of a file according to an embodiment of the present invention
  • FIG. 2 is a structural block diagram 1 of a file authority management apparatus according to an embodiment of the present invention.
  • FIG. 3 is a structural block diagram 2 of a file authority management apparatus according to an embodiment of the present invention.
  • FIG. 4 is a structural block diagram 3 of a file authority management apparatus according to an embodiment of the present invention.
  • FIG. 5 is a structural block diagram of a file adaptive hierarchical authority control system according to a preferred embodiment of the present invention.
  • FIG. 7 is a flow diagram of accessing private contact data in accordance with a preferred embodiment of the present invention.
  • FIG. 1 is a flowchart of a method for managing rights of a file according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
  • Step S102 acquiring an operation action of the file
  • Step S106 determining whether the control authority of the operation action is within the access authority of the file, and if the control authority is not within the scope of the access authority, the operation corresponding to the operation action is not performed.
  • the operation action of the file is obtained, the file is scanned, the access authority of the file is determined according to the preset feature information and the authorization level of the feature information, and it is determined whether the control authority of the operation action is within the access authority of the file. If the control authority is not within the scope of the access authority, the operation corresponding to the operation action is not performed, and when the control authority is within the scope of the access authority, the operation corresponding to the operation action is performed, The control permission of the operation action is preset, which solves the problem of low file security and ensures the security when the file is accessed.
  • the file is scanned, and the access authority of the file is determined according to the preset feature information and the authorization level of the feature information, including one of the following:
  • the access authority of the file is determined according to the keyword in the preset feature information and the authorization level of the keyword;
  • the key data in the preset feature information and the key data are used.
  • the authorization level determines the access rights of the multimedia file.
  • determining the access authority of the file according to the keyword in the preset feature information and the authorization level of the keyword includes: according to the preset name field And the authorization level of the name field to determine the access rights of the contact file, for example, the private contact has the highest authorization level.
  • the control authority of the operation action after determining whether the control authority of the operation action is within the access authority of the file, if the control authority is not within the scope of the access authority, sending the verification request information, and receiving the verification request.
  • the feedback information corresponding to the information when it is determined that the feedback information is consistent with the preset verification setting, performs an operation corresponding to the operation action. For example, if the permission of the operation action is not within the access authority of the file, a password or a secret question is required, and the operation action is allowed when the password is correct or the password question is answered.
  • the operation action includes at least one of the following:
  • the control permission of the operation action is preset. For example, the permission to delete the file is the highest, the permission to move the file and the file to be modified is second, and the permission to access the file is low.
  • a file rights management device is also provided, which is used to implement the above-mentioned embodiments and preferred embodiments, and has not been described again.
  • the term “module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 2 is a structural block diagram of a file authority management apparatus according to an embodiment of the present invention. As shown in FIG. 2, the apparatus includes:
  • the obtaining module 22 is configured to obtain an operation action of the file
  • the determining module 24 is connected to the obtaining module 22 and configured to scan the file according to the preset feature information and the feature letter.
  • the authorization level of the information determines the access rights of the file;
  • the determining module 26 is connected to the determining module 24, and is configured to determine whether the control authority of the operation action is within the access authority of the file, and if the control authority is not within the scope of the access authority, the operation is not performed. Corresponding operation.
  • the obtaining module 22 acquires an operation action of the file
  • the determining module 24 scans the file, determines the access authority of the file according to the preset feature information and the authorization level of the feature information, and the determining module 26 determines the control permission of the operation action. Whether the control authority is not within the scope of the access authority within the access authority of the file, the operation corresponding to the operation action is not performed, and the problem of low file security is solved, and the file is used for access. Time security.
  • the first determining unit 32 is configured to determine, according to the keyword in the preset feature information and the authorization level of the keyword, the access permission of the file, in the case that the file is a text file;
  • the second determining unit 34 is configured to determine the access authority of the multimedia file by using the key data in the preset feature information and the authorization level of the key data if the file is a multimedia file.
  • the verification module 42 is connected to the determination module 24, and is configured to send an verification request after the control authority is within the access authority of the file after determining whether the control authority of the operation action is within the access authority of the file. Information; receiving feedback information corresponding to the verification request information; and performing an operation corresponding to the operation action if it is determined that the feedback information is consistent with the preset verification setting.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are respectively located. Different processors.
  • the preferred embodiment of the present invention is intended to provide a file authorization access method based on the intrinsic feature of the file or related content, and the basic method is to monitor the file system, and when the file is accessed or the file is modified, the content of the file is performed. Scan, if the file is found to meet the pre-set characteristics, the user is prompted to perform a higher level of authorization or access to the specified permission by default. If the user is authorized to authenticate successfully, the content of the file corresponding to the permission may be accessed; if the authorization fails, only the ordinary content of the file or resource or the content or resource corresponding to the low authority may be accessed, and part of the content or resource exceeding the permission is automatically Filtered or ignored. At the same time, in order to enhance security, when the file is deleted, copied, etc., it is also required to authorize or access with default permissions. This also ensures the security of sensitive content of a single file or resource on the basis of convenience.
  • a preferred embodiment of the present invention provides a method for active security triggering based on file content, by which it is possible to detect whether a file has content that requires access control, if any.
  • the default user only accesses content within the scope of the permission.
  • For files with hierarchical access control if you want to edit, delete, move operations. The password is required, otherwise no further operations can be performed, which improves the security of the file and prevents the user from illegally deleting (incorrectly deleting) or accessing (for forwarding, etc.) content that is higher than the scope of its authority.
  • the preset module 52 is responsible for importing or pre-presetting some common resources and corresponding privacy feature data through the network server, and the user may also participate in modifying and sharing the data later;
  • the resource scanning module 56 (corresponding to the determining module 24 of the foregoing embodiment) is configured to scan the file and determine whether the file has the privacy content feature by using the resource privacy feature and the feature provided by the corresponding authorization information library;
  • the authentication judging module 58 (corresponding to part of the functions of the judging module 26 of the above embodiment) is configured to determine whether the application accessing the resource has the permission of the private part data of the accessed file;
  • the resource processing module 60 processes the resource file according to the authentication judging module to determine whether the application accesses all the contents of the file (including the privacy data portion).
  • FIG. 6 is a flow chart of hierarchical access control of file content according to a preferred embodiment of the present invention, as shown in FIG. 6, the specific steps are as follows:
  • the characteristics of the sensitive or private data and the authorization level thereof are set in advance according to the category of the single file resource, and the scope of the file may be a text class (such as an electronic business card vCard, a message vMessage, an e-commerce card vCalender, a normal text file, Documents, etc.), image classes (photos, screenshots, etc.), audio (music, recording), video (video, movies, etc.).
  • the so-called authorization rating identifier or sensitive content refers to a key segment or sensitive privacy data of a specific feature set by the user in advance based on the resource file category.
  • vCard contacts such as the contact importance field, such as whether it is a private contact, etc.
  • vMessage SMS it refers to whether it belongs to a favorite SMS, and for important image video, it may be a human face map or an important wearable identifier that involves privacy.
  • logo Keywords or key data in sensitive or privacy characteristics database (sensitive keyword database can be stored locally, or network, sensitive keyword database can be established through intelligent learning and manual input, of course, third-party database can also be used, this part Not the focus of the present invention), if the match can be successful, then according to the semantics of the sensitive keyword itself and the number of sensitive keywords.
  • Step S603 scanning and monitoring the content of the file, and matching the sensitive or private data features preset in step S601.
  • Text class files can match related keywords through text (such as SMS text keywords, vCard key fields, etc.), multimedia
  • the volume file is categorized by the "Perceptual hash algorithm”. If the identification requires authorization, go to step S604, otherwise the file or resource is normally accessed.
  • the application authorization can be divided into only three types: the authorization, the permanent authorization, and the unauthorized authorization.
  • the user can select according to his own situation to facilitate subsequent operations, avoid unnecessary unnecessary authorization, and affect the user experience. Then, the process goes to step S605.
  • Step S605 If the access authority of the application is higher than the preset permission or the common permission of the application, the user is prompted to use the file as a security risk such as a privacy file, and the user is given different according to the privacy level of the preset file. Tips, such as prompting for suggestion authorization, or simply ignoring the privacy content, etc., to remind the user of the importance of the file.
  • the access authority control means that the user needs to verify the legality of the identity right when the file is opened, deleted, moved, etc., that is, the authorization mode such as the password is required to authorize the access.
  • FIG. 7 is a flow chart of accessing private contact data according to a preferred embodiment of the present invention. As shown in FIG. 7, the steps are as follows:
  • the preset contact of the business card folder resource file is set as a privacy contact in advance, and an application such as Bluetooth, a third-party contact, etc. is requested to apply for advanced permission access;
  • step S704 is there a preset vCard privacy feature? If yes, go to step S705, otherwise go directly to step S709;
  • the authorization level of the business card holder privacy file is higher than the authorization level of the application such as Bluetooth;
  • the part can be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, CD), including a number of instructions for making a terminal device (which can be a mobile phone, a computer)
  • a storage medium such as ROM/RAM, disk, CD
  • the server, or network device, etc. performs the methods described in various embodiments of the present invention.
  • S2. Scan the file, and determine access rights of the file according to the preset feature information and an authorization level of the feature information.
  • the storage medium is further arranged to store program code for performing the steps described above:
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the method and apparatus for managing rights of a file provided by the embodiment of the present invention have the following beneficial effects: the problem of low file security is solved, and the security when the file is accessed and used is ensured.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un dispositif de gestion d'autorisation sur un fichier. Le procédé consiste : à obtenir une action d'opération d'un fichier (S102) ; à analyser le fichier, et à déterminer une autorisation d'accès du fichier selon des informations de caractéristiques prédéfinies et le niveau d'autorité desdites informations de caractéristiques (S104) ; à déterminer si une autorisation de commande de l'action d'opération est conforme à l'autorisation d'accès du fichier, et à ne pas exécuter une opération correspondant à l'action d'opération si l'autorisation de commande n'est pas conforme à l'autorisation d'accès (S106). La présente invention résout le problème du bas niveau de sécurité des fichiers, ce qui permet d'assurer la sécurité lors de l'accès à un fichier et de son utilisation.
PCT/CN2017/070878 2016-02-23 2017-01-11 Procédé et dispositif de gestion d'autorisation sur un fichier WO2017143879A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610099261.2A CN107103245B (zh) 2016-02-23 2016-02-23 文件的权限管理方法及装置
CN201610099261.2 2016-02-23

Publications (1)

Publication Number Publication Date
WO2017143879A1 true WO2017143879A1 (fr) 2017-08-31

Family

ID=59658380

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/070878 WO2017143879A1 (fr) 2016-02-23 2017-01-11 Procédé et dispositif de gestion d'autorisation sur un fichier

Country Status (2)

Country Link
CN (1) CN107103245B (fr)
WO (1) WO2017143879A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737655A (zh) * 2018-05-16 2018-11-02 Oppo广东移动通信有限公司 图片处理方法及相关装置
CN108846634A (zh) * 2018-05-30 2018-11-20 北京尚易德科技有限公司 一种案件自动授权方法及系统
CN110532764A (zh) * 2019-08-19 2019-12-03 维沃移动通信有限公司 一种权限处理的方法、移动终端及可读存储介质
CN115103456A (zh) * 2022-04-28 2022-09-23 成都交投智慧停车产业发展有限公司 一种pda智能对接方法和智能对接系统

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108280333A (zh) * 2017-12-25 2018-07-13 努比亚技术有限公司 一种用户权限确定方法、终端设备及计算机存储介质
CN110830496B (zh) * 2018-03-30 2021-08-17 厦门白山耘科技有限公司 一种防止扫描权限文件的系统的使用方法及作业方法
CN109711170A (zh) * 2018-05-04 2019-05-03 360企业安全技术(珠海)有限公司 防护pdf的异常操作行为的方法及装置
CN108804903A (zh) * 2018-06-12 2018-11-13 平安科技(深圳)有限公司 文件查看方法和装置及计算机可读存储介质
CN108985062B (zh) * 2018-07-06 2020-12-15 Oppo(重庆)智能科技有限公司 文件传输控制方法、装置及设备
CN109815717A (zh) * 2019-01-17 2019-05-28 平安科技(深圳)有限公司 数据权限管理方法、数据访问方法、装置、设备及介质
CN112231648A (zh) * 2019-07-15 2021-01-15 百度在线网络技术(北京)有限公司 一种信息传输方法、装置、电子设备及存储介质
CN111339513B (zh) * 2020-01-23 2023-05-09 华为技术有限公司 数据分享的方法和装置
CN113342753B (zh) * 2021-06-25 2023-04-14 长江存储科技有限责任公司 文件安全管理方法、装置、设备及计算机可读存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101008966A (zh) * 2005-11-12 2007-08-01 英特尔公司 独立于操作系统的数据管理
CN101957894A (zh) * 2009-07-17 2011-01-26 精品科技股份有限公司 条件式电子文件权限控管系统及方法
CN102930225A (zh) * 2012-10-25 2013-02-13 中国航天科工集团第二研究院七〇六所 基于密级标识的电子文档访问控制方法
US20140075577A1 (en) * 2012-09-10 2014-03-13 Hon Hai Precision Industry Co., Ltd. File security control system and method
CN104866770A (zh) * 2014-02-20 2015-08-26 腾讯科技(深圳)有限公司 敏感数据扫描方法和系统

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7380120B1 (en) * 2001-12-12 2008-05-27 Guardian Data Storage, Llc Secured data format for access control
DE102004004101A1 (de) * 2003-03-14 2004-09-30 Siemens Ag Verfahren und System zum Schutz elektronischer Datenobjekte vor unberechtigtem Zugriff
JP4501156B2 (ja) * 2004-10-28 2010-07-14 日本電気株式会社 機密モードに応じたアクセスフォルダ切り替え方法、プログラム、及びコンピュータシステム
CN1979511B (zh) * 2005-12-09 2012-04-18 北京书生国际信息技术有限公司 一种文档数据安全管理系统和方法
CN102314449B (zh) * 2010-07-05 2013-11-06 日电(中国)有限公司 后置数据访问过滤器和过滤方法
JP2013012070A (ja) * 2011-06-29 2013-01-17 Ricoh Co Ltd 画像形成装置、ファイル管理システム、プログラム
CN102868713B (zh) * 2011-07-07 2017-12-19 中兴通讯股份有限公司 一种处理文件的方法、装置及无线终端
CN102930221A (zh) * 2011-08-09 2013-02-13 三星电子(中国)研发中心 一种保护手持设备中数据的方法
CN102271141B (zh) * 2011-09-13 2014-04-02 大连佳姆信息安全软件技术有限公司 一种电子文件权限动态适配控管方法及系统
US9183407B2 (en) * 2011-10-28 2015-11-10 Microsoft Technology Licensing Llc Permission based query processing
US9015807B2 (en) * 2011-12-01 2015-04-21 Microsoft Technology Licensing, Llc Authorizing application access to secure resources
CN103686722B (zh) * 2012-09-13 2018-06-12 中兴通讯股份有限公司 访问控制方法及装置
EP2725513B1 (fr) * 2012-10-24 2018-12-19 BlackBerry Limited Gestion des réglages d'autorisations appliquée à des applications
CN103324893B (zh) * 2013-05-31 2017-11-07 华为技术有限公司 隐私保护的方法和装置
CN109040439B (zh) * 2013-08-14 2021-01-12 华为终端有限公司 实现隐私保护方法及装置
CN104123391B (zh) * 2014-08-11 2018-04-13 陈包容 一种通过识别手机文件内容中的联系人信息实现快捷通讯的方法和装置
CN104318171B (zh) * 2014-10-09 2017-11-07 中国科学院信息工程研究所 基于权限标签的Android隐私数据保护方法及系统
CN104657674B (zh) * 2015-01-16 2018-02-23 北京邮电大学 一种手机中隐私数据的隔离保护系统及方法
CN104732161A (zh) * 2015-03-16 2015-06-24 联想(北京)有限公司 一种信息处理方法及电子设备
CN104951707A (zh) * 2015-05-13 2015-09-30 上海交通大学 基于Android平台的敏感资源访问控制策略系统
CN105072255A (zh) * 2015-07-10 2015-11-18 北京奇虎科技有限公司 移动设备隐私权限控制方法、装置及相应的手机设备
CN105307137B (zh) * 2015-09-18 2019-05-07 小米科技有限责任公司 短信读取方法及装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101008966A (zh) * 2005-11-12 2007-08-01 英特尔公司 独立于操作系统的数据管理
CN101957894A (zh) * 2009-07-17 2011-01-26 精品科技股份有限公司 条件式电子文件权限控管系统及方法
US20140075577A1 (en) * 2012-09-10 2014-03-13 Hon Hai Precision Industry Co., Ltd. File security control system and method
CN102930225A (zh) * 2012-10-25 2013-02-13 中国航天科工集团第二研究院七〇六所 基于密级标识的电子文档访问控制方法
CN104866770A (zh) * 2014-02-20 2015-08-26 腾讯科技(深圳)有限公司 敏感数据扫描方法和系统

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737655A (zh) * 2018-05-16 2018-11-02 Oppo广东移动通信有限公司 图片处理方法及相关装置
CN108737655B (zh) * 2018-05-16 2020-10-09 Oppo广东移动通信有限公司 图片处理方法及相关装置
CN108846634A (zh) * 2018-05-30 2018-11-20 北京尚易德科技有限公司 一种案件自动授权方法及系统
CN108846634B (zh) * 2018-05-30 2022-08-12 北京尚易德科技有限公司 一种案件自动授权方法及系统
CN110532764A (zh) * 2019-08-19 2019-12-03 维沃移动通信有限公司 一种权限处理的方法、移动终端及可读存储介质
CN115103456A (zh) * 2022-04-28 2022-09-23 成都交投智慧停车产业发展有限公司 一种pda智能对接方法和智能对接系统
CN115103456B (zh) * 2022-04-28 2023-08-18 成都交投智慧停车产业发展有限公司 一种pda智能对接方法和智能对接系统

Also Published As

Publication number Publication date
CN107103245A (zh) 2017-08-29
CN107103245B (zh) 2022-08-02

Similar Documents

Publication Publication Date Title
WO2017143879A1 (fr) Procédé et dispositif de gestion d'autorisation sur un fichier
US10410016B1 (en) Cloud-based system for protecting sensitive information in shared content
EP3905078A1 (fr) Procédé de vérification d'identité et système à cet effet
US11790077B2 (en) Methods, mediums, and systems for establishing and using security questions
CN112513857A (zh) 可信执行环境中的个性化密码安全访问控制
CN106575342B (zh) 包括关系数据库的内核程序、以及用于执行所述程序的方法和装置
KR102107277B1 (ko) 피싱 또는 랜섬웨어 공격을 차단하는 방법 및 시스템
US11972637B2 (en) Systems and methods for liveness-verified, biometric-based encryption
US20170185790A1 (en) Dynamic management of protected file access
US11321489B2 (en) System for improving data security when storing data
US11201741B2 (en) System for improving data security
US10210337B2 (en) Information rights management using discrete data containerization
US11954230B2 (en) System for improving data security through key management
US20220207123A1 (en) System for improving data security when redeeming data
US10503920B2 (en) Methods and systems for management of data stored in discrete data containers
WO2017112640A1 (fr) Obtention d'une clé de déchiffrement à partir d'un dispositif mobile
US9733852B2 (en) Encrypted synchronization
US11853451B2 (en) Controlled data access
US20230076870A1 (en) Protections for sensitive content items in a content management system
KR101745390B1 (ko) 데이터 유출 방지장치 및 그 방법
EP3764264B1 (fr) Procédés et dispositifs pour crypter automatiquement des fichiers
CN111199049A (zh) 文件权限管理方法及装置
US20220092193A1 (en) Encrypted file control
US20220174067A1 (en) Securing data and tracking actions upon data
KR102005534B1 (ko) 스마트 기기 기반의 원격 접근 제어 및 멀티 팩터 인증 시스템

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17755708

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 17755708

Country of ref document: EP

Kind code of ref document: A1