WO2019144928A1 - 一种应用程序访问权限设置方法、系统、设备及可读介质 - Google Patents
一种应用程序访问权限设置方法、系统、设备及可读介质 Download PDFInfo
- Publication number
- WO2019144928A1 WO2019144928A1 PCT/CN2019/073173 CN2019073173W WO2019144928A1 WO 2019144928 A1 WO2019144928 A1 WO 2019144928A1 CN 2019073173 W CN2019073173 W CN 2019073173W WO 2019144928 A1 WO2019144928 A1 WO 2019144928A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- setting
- policy
- access
- permission
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Definitions
- the present application belongs to the field of computer data processing technologies, and in particular, to a method, system, device, and readable medium for setting application access rights.
- the embodiment of the present application provides a method, a system, a device, and a readable medium for setting an application access right, which are used to solve the problem that some application permission requests or permission requests are too frequent in the prior art, resulting in user setting. There are too many problems with access permissions.
- the embodiment of the present specification provides an application access permission setting method, including:
- setting access rights of the application according to the at least one access permission setting policy including:
- the access authority of the application is set by using the to-be-executed setting policy.
- the method further includes: reporting the to-be-executed setting policy to the server.
- determining, according to the access permission configuration request of the application, the at least one access permission setting policy of the application including:
- the at least one access permission setting policy comprises at least one of the following setting policies:
- the application requires minimal permissions when running
- the user selects the permissions of the application for the custom selection on the server.
- the at least one access permission setting policy further includes: a right of the user selected by the user to be backed up on the server.
- the application also provides a method for setting application access rights, including:
- the at least one access permission setting policy comprises at least one of the following setting policies:
- the application requires minimal permissions when running
- the user's permission to set the application based on the big data algorithm The user's permission to set the application based on the big data algorithm.
- the at least one access permission setting policy further includes: a right of the user selected by the user to be backed up on the server.
- the permission of the user to set the application according to the big data algorithm is generated, including:
- generating permission of the user to set the application according to the big data algorithm further comprising: setting the application according to a configuration policy of a plurality of users setting the application There is at least one privilege level.
- the terminal device performs a permission setting operation on the access permission configuration request of the received application according to the at least one access permission setting policy, including:
- the terminal device performs a permission setting operation according to the access permission configuration request of the application that is to be executed according to the to-be-executed setting policy.
- the present application further provides an apparatus for application access setting, the apparatus comprising a memory for storing computer program instructions and a processor for executing program instructions, wherein when the computer program instructions are executed by the processor, Trigger the device to perform the above method.
- the application further provides a computer readable medium having stored thereon computer readable instructions executable by a processor to implement the methods described above.
- the foregoing at least one technical solution adopted by the embodiment of the present application can achieve the following beneficial effects: providing a recommended permission setting scheme according to an access permission configuration request of the application, and setting an access permission of the application according to a scheme selected by the user, simplifying User operations have improved the user experience.
- FIG. 1 is a schematic flowchart of a method for setting an access right of an application according to an embodiment of the present application
- FIG. 2 is a schematic flowchart of a method for setting an access right of an application according to an embodiment of the present disclosure.
- FIG. 3 is a schematic structural diagram of an application access authority setting system according to an embodiment of the present application.
- FIG. 1 is a schematic flowchart of a method for setting an access right of an application according to an embodiment of the present application.
- the method can be as follows.
- the executor of the embodiment of the present application may be a system program (hereinafter referred to as a “privilege program”) for managing access rights of other applications, which is not specifically limited in this application.
- the permission program may be a system program installed by default when the terminal device is shipped from the factory.
- the permission program may be an application installed by the user in the process of using the terminal device. Before installing the permission program, the user may perform ROOT on the terminal device and set administrator rights for the permission program. The administrator rights can be used to manage access rights for other applications.
- S101 Acquire an access permission configuration request of an application, where the access permission configuration request includes an application identifier.
- the application identifier includes, but is not limited to, an application package name PackageName.
- the application package name is a unique identifier of the application, and the application can be classified according to the application package name, for example, a system application, a map application, a social application, an office class. Applications and game applications, etc., are not specifically limited in this application.
- the access rights configuration request may include a request for at least one of the following access rights: read and write rights, background running rights, positioning rights, address book rights, camera rights, microphone rights, and network connection rights, etc., This is not specifically limited.
- Some access permission configuration requests are application permissions that must be obtained when the application is running. For example, the map application must have permission to locate, the office application must have read and write permissions, etc.; some access permission configuration requests are not required when the application is running.
- Obtain application permissions or maliciously acquired application permissions for example, an office application to obtain address book permissions, a game application to obtain location permissions, and the like.
- S103 Determine at least one access permission setting policy of the application according to the access permission configuration request of the application.
- the terminal device sends a query message to the server, where the query message includes the application identifier.
- the server generates, according to the application identifier, at least one access permission setting policy corresponding to the application identifier, and sends the query result to the terminal device, where the query result includes the application a program identifier and the at least one access authority setting policy corresponding to the application identifier.
- the terminal device determines at least one access rights setting policy corresponding to the application identifier from the query result according to the application identifier.
- the at least one access permission setting policy is generated by the server according to the application identifier.
- the server may classify the application according to the application package name, and generate an access permission setting policy of the application according to the classification information of the application.
- the server may be divided into: a system application, a map application, a social application, an office application, and a game application. The application does not specifically limit this.
- the server may generate an access permission setting policy according to the classification information of the application.
- the access permission setting policy may include: setting a minimum permission required for the application to run (referred to as a “least privilege policy”); setting a permission of the user to set the application based on the big data algorithm (abbreviation) "General Permission Policy”); set the permissions of the application selected by the user to be backed up on the server (referred to as "custom permission policy”).
- the access permission setting policy may be generated by the server according to the classification information of the application and the pre-stored access permission setting policy of the similar application.
- the server generates the permission of the user to set the application according to the big data algorithm, including: the server acquiring a configuration policy of the multiple terminal devices to the application And the server generates, according to the obtained configuration policy of the plurality of terminal devices to the application, the permission of the user to obtain the setting of the application by the big data algorithm. Further, the server may further set at least one permission level to the application according to a configuration policy of a plurality of users setting the application. When there are multiple privilege levels, when pushing to the terminal device, multiple privilege level policies can be pushed to the terminal device for the user to select.
- Step S105 Set access rights of the application according to the at least one access permission setting policy.
- setting the access right of the application according to the at least one access permission setting policy includes: determining a to-be-executed setting policy from the at least one access permission setting policy; And setting the access authority of the application by using the to-be-executed setting policy.
- a to-be-executed setting policy is determined from the at least one access permission setting policy based on a specified operation of the user.
- the specified operation of the user includes, but is not limited to, clicking on a screen of the terminal device.
- an privilege policy is determined from the foregoing minimum privilege policy, a regular privilege policy, and a custom privilege policy, and the determined privilege policy is a to-be-executed setting policy.
- the normal permission policy is determined from the foregoing minimum rights policy, the regular rights policy, and the customized rights policy
- the to-be-executed setting policy is the regular rights policy.
- the user may not directly determine a to-be-executed setting policy from the at least one access permission setting policy within a preset time, directly from the at least one access permission setting policy. Select one as the pending setup policy. Specifically, when there is only one access permission setting policy, the default access permission setting policy is the access permission setting policy. When the number of access permission setting policies is greater than 1, the general permission policy may be set as a default policy, or the minimum rights policy may be set as a default policy.
- the terminal device sets an access right of the application program based on the to-be-executed setting policy.
- the permission setting policy for the application is a general permission policy.
- FIG. 2 is a schematic flowchart of a method for setting an access right of an application provided in another embodiment of the present application.
- the method can be as follows.
- the application access permission setting method includes: receiving a query message sent by the terminal device, where the query message includes an application identifier, as shown in step S202 in FIG. 2; generating and describing according to the application identifier At least one access authority setting policy corresponding to the application identifier, as shown in step S204 in FIG. 2; sending the at least one access rights setting policy to the terminal device, so that the terminal device is configured according to the at least one access
- the privilege setting policy performs an privilege setting operation on the access privilege configuration request request of the received application, as shown in step S206 in FIG.
- S202 Receive a query message sent by the terminal device, where the query message includes an application identifier.
- the query message includes an application identifier, including but not limited to: an application package name PackageName.
- the application package name is a unique identifier of the application, and the application can be classified according to the application package name, for example, a system application, a map application, a social application, an office class. Applications and game applications, etc., are not specifically limited in this application.
- the access permission configuration request may include a request for at least one of the following access rights: read/write permission, background running permission, positioning permission, address book permission, camera permission, microphone permission, and network connection permission, etc., the application does not specifically limited.
- Some access permission configuration requests are application permissions that must be obtained when the application is running. For example, the map application must have permission to locate, the office application must have read and write permissions, etc.; some access permission configuration requests are not required when the application is running.
- Obtain application permissions or maliciously acquired application permissions for example, an office application to obtain address book permissions, a game application to obtain location permissions, and the like.
- S204 Generate at least one access permission setting policy corresponding to the application identifier according to the application identifier.
- the server may generate an access permission setting policy according to the classification information of the application.
- the access permission setting policy may include: a minimum rights policy, a general rights policy, and a custom rights policy.
- the minimum privilege policy may include only read and write privilege, etc.
- the general privilege policy may include read and write privilege, background running privilege, and network connection privilege
- the custom privilege policy may include the access privilege configuration request list. Any permissions in .
- the terminal device may acquire the minimum rights policy and the regular rights policy from the server according to the application package name. The terminal device may obtain the customized permission policy according to a custom policy of a user in the local client to access the application.
- the customized permission policy may include: an energy saving policy, a flight policy, and a privacy policy, which are not specifically limited in this application.
- the user may increase or decrease the permission option allowed in the access request list as the custom permission policy according to the minimum rights policy and the regular rights policy.
- the server generates the permission of the user to set the application according to the big data algorithm, including: the server acquiring a configuration policy of the multiple terminal devices to the application And the server generates, according to the obtained configuration policy of the plurality of terminal devices to the application, the permission of the user to obtain the setting of the application by the big data algorithm. Further, the server may further set at least one permission level to the application according to a configuration policy of a plurality of users setting the application. When there are multiple privilege levels, when pushing to the terminal device, multiple privilege level policies can be pushed to the terminal device for the user to select.
- S206 Send the at least one access permission setting policy to the terminal device.
- the server sends the generated at least one access right setting policy to the terminal device, so that the terminal device performs an authority setting operation on the access right configuration request of the received application according to the at least one access right setting policy.
- the terminal device may set an access right of the application according to an access permission setting policy of the application generated from the server.
- the terminal device can invoke a permission status function (eg, GrantPermissions) in the system toolkit to change the access rights of the application.
- one of the at least one access rights setting policy is selected as a to-be-executed setting policy based on a specified operation of the user, specifically, from the minimum rights policy, the regular rights policy, and Selecting a setting policy in the definition authority policy, for example, selecting the minimum rights policy, and then setting the access right of the application at the terminal device with a key.
- the permission setting in the access permission setting policy may be manually adjusted.
- the obtaining condition of the access permission setting policy of the acquiring application may be acquired once every time period (for example, 1 hour) or the access authority setting policy of the application is changed.
- the access permission setting policies of the application may include: a minimum rights policy, a general rights policy, and a custom rights policy. For example, if the access permission is not allowed in the general permission policy of the application, and the access permission is allowed in the changed general permission policy, the regular permission policy is considered to be changed.
- the server may count the frequency of the access permission allowed in the access rights configuration request list corresponding to the application history access permission setting policy, and allow access in the highest frequency access permission configuration request list.
- the permissions option is set as the updated access permission policy.
- the least privilege policy or the regular privilege policy of an application recommended by the server is often manually changed by the user, or the user often selects a custom privilege policy. For example, by statistic of user data for one month, the user allows access to camera rights in the regular rights policy to be more frequent than denying access to camera rights, then updating the application's general rights policy will allow the camera to be allowed Access to the permissions joins the regular rights policy. For example, by counting the user data for one month, if the frequency of selecting the same custom permission policy is higher than the frequency of any other access permission setting policy, the customized permission policy is used as the updated general permission policy. .
- the server receives a package name of an application installed by the terminal device.
- the server determines, according to the package name, that the application is a map application, the application is not pre-stored on the server, and the access permission configuration request includes: positioning permission, read and write permission, background running permission, address book permission, camera Permissions, microphone permissions, and network connection permissions.
- the server generates a minimum rights policy and a regular rights policy for the application according to a pre-stored permission policy setting method of another map class application, where the minimum rights policy includes a permission to locate and a network connection permission, and the regular permission policy Includes targeting permissions, background running permissions, and network connectivity permissions.
- the client provides the generated minimum permission policy and the regular permission policy as an alternative permission setting policy to the user. After the user selects, the terminal device sets a corresponding permission in the access permission configuration request for the map application. .
- the terminal device acquires an access rights configuration request of an application that is being used.
- the access rights configuration request may be a single function permission request.
- the application being used is a social application
- the current access permission setting policy is a privacy policy in a custom permission policy
- the social application requests access to an address book.
- the terminal device may automatically deny access to the address book according to the privacy policy.
- the terminal device may also prompt the user to change the permission setting policy or adjust the setting of the address book permission in the privacy policy.
- the server may collect the adjustment as a basis for updating the permission setting policy.
- the terminal device may acquire its current running state.
- the current operating state of the terminal device may include: a power state, a memory usage, and the like.
- the terminal device can set an access right for the application according to its current running state.
- the custom rights policy may include: an energy saving policy and an insufficient memory policy. For example, for an office application, when the power is less than 20%, the access permission setting policy can be automatically adjusted from the normal permission policy to the energy saving policy, and the energy saving policy rejects the background running permission and the network connection right.
- FIG. 3 is a schematic structural diagram of an application access permission setting system according to an embodiment of the present application.
- the system includes: a terminal device 301 and a server 303.
- the terminal device 301 sends a query message to the server 303, where the query message includes an application identifier, and receives at least one access permission setting policy generated by the server 303 corresponding to the application identifier, based on the user. And the specified operation, determining a to-be-executed setting policy from the at least one access permission setting policy, and performing a permission setting operation on the access permission configuration request of the received application according to the to-be-executed setting policy.
- the server 303 receives the query information sent by the terminal device 301, and generates at least one access permission setting policy corresponding to the application identifier according to an application identifier included in the query information, and The at least one access rights setting policy is sent to the terminal device 301.
- the embodiment of the present application further provides an apparatus for setting application access rights, the device comprising a memory for storing computer program instructions and a processor for executing program instructions, wherein the computer program When the instruction is executed by the processor, the device is triggered to perform the above method.
- the embodiment of the present application further provides a computer readable medium having stored thereon computer readable instructions executable by a processor to implement the above method.
- an application access permission setting method, system, device, and readable medium provided by an embodiment of the present application, according to an access permission configuration request of an application, a recommended permission setting scheme is provided for a user, and a key is selected according to a scheme selected by the user. Setting access to the application simplifies user operations and improves the user experience.
- the device and the medium and the method provided by the embodiments of the present application have a one-to-one correspondence. Therefore, the device and the medium also have similar beneficial technical effects corresponding to the corresponding method. Since the beneficial technical effects of the method have been described in detail above, The beneficial technical effects of the device and the medium will not be described here.
- embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
- computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
- the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
- the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
- the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
- a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
- processors CPUs
- input/output interfaces network interfaces
- memory volatile and non-volatile memory
- the memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory.
- RAM random access memory
- ROM read only memory
- Memory is an example of a computer readable medium.
- Computer readable media includes both permanent and non-persistent, removable and non-removable media.
- Information storage can be implemented by any method or technology.
- the information can be computer readable instructions, data structures, modules of programs, or other data.
- Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other memory technology, compact disk read only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape storage or other magnetic storage devices or any other non-transportable media can be used to store information that can be accessed by a computing device.
- computer readable media does not include temporary storage of computer readable media, such as modulated data signals and carrier waves.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
本申请提供了一种应用程序访问权限设置方法、设备、系统以及可读介质,其中,所述方法包括:获取应用程序的访问权限配置请求,所述访问权限配置请求中包含应用程序标识符;根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略;根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置。根据应用程序的访问权限配置请求,为用户提供推荐的权限设置方案,根据用户选择的方案一键设置应用程序的访问权限,简化了用户操作,改善了用户体验。
Description
本申请属于计算机数据处理技术领域,尤其涉及一种应用程序访问权限设置方法、系统、设备及可读介质。
在终端设备系统中,不同类型的应用程序在安装或使用时,会向系统发送大量的访问权限配置请求。通常,系统通过弹窗的形式,让用户自行选择需要设置的访问权限。一些应用程序权限请求过多或权限请求过于频繁,导致用户设置访问权限的操作过多,会降低用户的使用便捷性体验。
发明内容
有鉴于此,本申请实施例提供了一种应用程序访问权限设置方法、系统、设备及可读介质,用于解决现有技术中一些应用程序权限请求过多或权限请求过于频繁,导致用户设置访问权限的操作过多的问题。
本说明书实施例采用下述技术方案:
本说明书实施例一种应用程序访问权限设置方法,包括:
获取应用程序的访问权限配置请求,所述访问权限配置请求中包含所述应用程序标识符;
根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略;
根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置。
优选的,在上述的方法中,根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置,包括:
从所述至少一个访问权限设置策略中确定一个待执行设置策略;
利用所述待执行设置策略,对所述应用程序的访问权限进行设置。
优选的,在上述的方法中,所述方法还包括:将所述待执行设置策略上报至所述服务器。
优选的,在上述的方法中,根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略,包括:
向服务器发送查询消息,所述查询消息中包含所述应用程序标识符;
接收所述服务器返回的查询结果,所述查询结果中包含所述应用程序标识符和与所述应用程序标识符对应的至少一个访问权限设置策略。
优选的,在上述的方法中,所述至少一个访问权限设置策略包括以下设置策略中的至少一种:
所述应用程序运行时所需最少的权限;
基于大数据算法获取的用户对所述应用程序的设置的权限;以及
用户在服务器上备份的自定义选择的所述应用程序的权限。
优选的,在上述的方法中,所述至少一个访问权限设置策略还包括:用户在服务器上备份的自定义选择的所述应用程序的权限。
本申请还提供了一种应用程序访问权限设置方法,包括:
接收终端设备发送的查询消息,所述查询消息中包含应用程序标识符;
根据所述应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略;
将所述至少一个访问权限设置策略发送给所述终端设备,使得所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作。
优选的,在上述的方法中,所述至少一个访问权限设置策略包括以下设置策略中的至少一种:
所述应用程序运行时所需最少的权限;
基于大数据算法获取的用户对所述应用程序的设置的权限。
优选的,在上述的方法中,所述至少一个访问权限设置策略还包括:用户在服务器上备份的自定义选择的所述应用程序的权限。
优选的,在上述的方法中,生成基于大数据算法获取的用户对所述应用程序的设置的权限,包括:
获取多个终端设备对所述应用程序的配置策略;
根据获取的多个终端设备对所述应用程序的配置策略,生成所述基于大数据算法获取的用户对所述应用程序的设置的权限。
优选的,在上述的方法中,生成基于大数据算法获取的用户对所述应用程序的设置的权限,还包括:根据多个用户对所述应用程序的设置的配置策略对所述应用程序设置有至少一个权限级别。
优选的,在上述的方法中,所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作,包括:
从所述至少一个访问权限设置策略中确定一个待执行设置策略;
所述终端设备根据所述待执行设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作。
本申请又提供了一种应用程序访问权限设置的设备,该设备包括用于存储计算机程序指令的存储器和用于执行程序指令的处理器,其中,当该计算机程序指令被该处理器执行时,触发该设备执行上述的方法。
本申请更提供了一种计算机可读介质,其上存储有计算机可读指令,所述计算机可读指令可被处理器执行以实现上述的方法。
本申请实施例采用的上述至少一个技术方案能够达到以下有益效果:根据应用程序的访问权限配置请求,为用户提供推荐的权限设置方案,根据用户选择的方案一键设置应用程序的访问权限,简化了用户操作,改善了用户体验。
此处所说明的附图用来提供对本申请的进一步理解,构成本申请的一部分,本申请的示意性实施例及其说明用于解释本申请,并不构成对本申请的不当限 定。在附图中:
图1为本申请实施例提供的一种应用程序访问权限设置方法的流程示意图;
图2为本申请实施例提供的一种应用程序访问权限设置方法的流程示意图;和
图3为本申请一实施例中应用程序访问权限设置系统的结构示意图。
为了实现本申请的目的、技术方案和优点更加清楚,下面将结合本申请具体实施例及相应的附图对本申请技术方案进行清楚、完整地描述。显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
以下结合附图,详细说明本申请各实施例提供的技术方案。
图1为本申请实施例提供的一种应用程序访问权限设置方法的流程示意图。所述方法可以如下所示。本申请实施例的执行主体可以是管理其他应用程序的访问权限的系统程序(以下简称“权限程序”),本申请对此不作具体限定。在本申请的一些实施例中,所述权限程序可以是终端设备出厂前默认安装的系统程序。在本申请的另一些实施例中,所述权限程序可以是用户在使用终端设备的过程中自行安装的应用程序。用户在安装所述权限程序之前,可以对所述终端设备进行ROOT,并为所述权限程序设置管理员权限。所述管理员权限可以用于管理其他应用程序的访问权限。
S101:获取应用程序的访问权限配置请求,所述访问权限配置请求中包含应用程序标识符。
所述应用程序标识符包括但不限于应用程序包名PackageName。所述应用程序包名是所述应用程序的唯一标识,根据所述应用程序包名可以对所述应用程序进行分类,例如,系统类应用程序、地图类应用程序、社交类应用程序、办公类应用程序和游戏类应用程序等,本申请对此不作具体限定。
进一步的,所述访问权限配置请求可以包括对以下至少一种访问权限的请求:读写权限、后台运行权限、定位权限、通讯录权限、相机权限、麦克风权限和网络连接权限等,本申请对此不作具体限定。其中,部分访问权限配置请求是应用程序运行时必需获取的应用权限,例如,地图类应用程序必需定位权限,办公类应用程序必需读写权限等;部分访问权限配置请求是应用程序运行时不必需获取的应用权限或恶意获取的应用权限,例如,办公类应用程序获取通讯录权限,游戏类应用程序获取定位权限等。
S103:根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略。
具体的,首先,终端设备向服务器发送查询消息,所述查询消息中包含所述应用程序标识符。其次,所述服务器根据所述应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略,并将查询结果发送给所述终端设备,所述查询结果中包含所述应用程序标识符和与所述应用程序标识符对应的所述至少一个访问权限设置策略。然后,所述终端设备在接收到所述服务器发送的查询结果后,根据所述应用程序标识符,从所述查询结果中确定与所述应用程序标识符对应的至少一个访问权限设置策略。
其中,所述至少一个访问权限设置策略为服务器根据所述应用程序标识符生成的。在本申请的一些实施例中,所述服务器可以根据所述应用程序包名对所述应用程序进行分类,并根据所述应用程序的分类信息生成所述应用程序的访问权限设置策略。例如,所述服务器可以将所述应用程序分为:系统类应用程序、地图类应用程序、社交类应用程序、办公类应用程序和游戏类应用程序等,本申请对此不作具体限定。所述服务器可以根据所述应用程序的分类信息生成访问权限设置策略。所述访问权限设置策略可以包括:设置所述应用程序运行时所需最少的权限(简称为“最小权限策略”);设置基于大数据算法获取的用户对所述应用程序的设置的权限(简称为“常规权限策略”);设置用户在服务器上备份的自定义选择的所述应用程序的权限(简称为“自定义权限策略”)。所述访问权限设置策略可以是服务器根据所述应用程序的分类信息和已预存的同类应用程序的访问权限设置策略生成的。
进一步的,在本申请一些实施例中,所述服务器生成基于大数据算法获取的用户对所述应用程序的设置的权限,包括:所述服务器获取多个终端设备对 所述应用程序的配置策略;所述服务器根据获取的多个终端设备对所述应用程序的配置策略,生成所述基于大数据算法获取的用户对所述应用程序的设置的权限。更进一步的,所述服务器根据多个用户对所述应用程序的设置的配置策略对所述应用程序还可以设置有至少一个权限级别。当有多个权限级别时,在向终端设备推送时,可以向所述终端设备推送多个权限级别的策略,以供用户选择。
步骤S105,根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置。
具体的,在本申请一实施例中,根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置包括:从所述至少一个访问权限设置策略中确定一个待执行设置策略;以及利用所述待执行设置策略,对所述应用程序的访问权限进行设置。
具体的,在本申请一实施例中,基于用户的指定操作,从所述至少一个访问权限设置策略中确定一个待执行设置策略。
所述用户的指定操作包括但不限于点击所述终端设备的屏幕。基于所述用户的指定操作,从所述至少一个访问权限设置策略中确定一个待执行设置策略。具体而言,在本申请一实施例中,从上述的最小权限策略、常规权限策略以及自定义权限策略中确定一个权限策略,确定的这个权限策略即为待执行设置策略。例如,在本申请一实施例中,从上述的最小权限策略、常规权限策略以及自定义权限策略中确定的是常规权限策略,则所述待执行设置策略即为所述常规权限策略。
在本申请的其他实施例中,还可以是在预设时间内,用户没有从所述至少一个访问权限设置策略中确定一个待执行设置策略时,直接从所述至少一个访问权限设置策略中默认选择一个作为待执行设置策略。具体的,当只有一个访问权限设置策略时,则默认选择的访问权限设置策略即为该访问权限设置策略。当访问权限设置策略的数量大于1时,则可以将所述常规权限策略设置为默认策略,也可以将所述最小权限策略设置为默认策略。
所述终端设备基于所述待执行设置策略,对所述应用程序的访问权限进行设置。接上例,对所述应用程序的权限设置策略为常规权限策略。
本申请实施例还提供了一种应用程序访问权限设置方法,如图2所示,图2为本申请又一实施例中提供的一种应用程序访问权限设置方法的流程示意图。所述方法可以如下所示。所述应用程序访问权限设置方法包括:接收终端设备发送的查询消息,所述查询消息包含应用程序标识符,如图2中的步骤S202所示;根据所述应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略,如图2中的步骤S204所示;将所述至少一个访问权限设置策略发送给所述终端设备,使得所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作,如图2中的步骤S206所示。
S202:接收终端设备发送的查询消息,所述查询消息中包含应用程序标识符。
所述查询消息中包含应用程序标识符,所述应用程序标识符包括但不限于:应用程序包名PackageName。所述应用程序包名是所述应用程序的唯一标识,根据所述应用程序包名可以对所述应用程序进行分类,例如,系统类应用程序、地图类应用程序、社交类应用程序、办公类应用程序和游戏类应用程序等,本申请对此不作具体限定。
所述访问权限配置请求可以包括对以下至少一种访问权限的请求:读写权限、后台运行权限、定位权限、通讯录权限、相机权限、麦克风权限和网络连接权限等,本申请对此不作具体限定。其中,部分访问权限配置请求是应用程序运行时必需获取的应用权限,例如,地图类应用程序必需定位权限,办公类应用程序必需读写权限等;部分访问权限配置请求是应用程序运行时不必需获取的应用权限或恶意获取的应用权限,例如,办公类应用程序获取通讯录权限,游戏类应用程序获取定位权限等。
S204:根据所述应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略。
在本申请的一些实施例中,所述服务器可以根据所述应用程序的分类信息生成访问权限设置策略。所述访问权限设置策略可以包括:最小权限策略、常规权限策略和自定义权限策略。例如,所述最小权限策略可以仅包括读写权限等;所述常规权限策略可以包括读写权限、后台运行权限和网络连接权限等; 所述自定义权限策略可以包括所述访问权限配置请求列表中任意权限。在一些实施例中,所述终端设备可以根据所述应用程序包名从所述服务器获取所述最小权限策略和常规权限策略。所述终端设备可以根据本地客户端中用户对所述应用程序访问权限的自定义策略获取所述自定义权限策略。所述自定义权限策略可以包括:节能策略、飞行策略和隐私策略等,本申请对此不作具体限定。用户可以根据所述最小权限策略和常规权限策略增加或减少所述访问请求列表中允许访问的权限选项作为自定义权限策略。
进一步的,在本申请一些实施例中,所述服务器生成基于大数据算法获取的用户对所述应用程序的设置的权限,包括:所述服务器获取多个终端设备对所述应用程序的配置策略;所述服务器根据获取的多个终端设备对所述应用程序的配置策略,生成所述基于大数据算法获取的用户对所述应用程序的设置的权限。更进一步的,所述服务器根据多个用户对所述应用程序的设置的配置策略对所述应用程序还可以设置有至少一个权限级别。当有多个权限级别时,在向终端设备推送时,可以向所述终端设备推送多个权限级别的策略,以供用户选择。
S206:将所述至少一个访问权限设置策略发送给所述终端设备。
所述服务器将生成的至少一个访问权限设置策略发送给所述终端设备,使得所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作。在本申请的一些实施例中,所述终端设备可以根据从所述服务器生成的所述应用程序的访问权限设置策略,设置应用程序的访问权限。例如,所述终端设备可以调用系统工具包中的权限状态函数(例如,GrantPermissions)的更改所述应用程序的访问权限。
在本申请的一些实施例中,基于用户的指定操作,从所述所述至少一个访问权限设置策略中选择一个作为待执行设置策略,具体的,从所述最小权限策略、常规权限策略以及自定义权限策略中选择一个设置策略,例如选择所述最小权限策略,然后在所述终端设备一键设置所述应用程序的访问权限。在一些实施例中,若用户对所述访问权限设置策略不满意,可以手动调整所述访问权限设置策略中的权限设置。
在本申请的一些实施例中,所述获取应用程序的访问权限设置策略的获取 条件可以是每隔一时间段(例如,1小时)获取一次或所述应用程序的访问权限设置策略发生变化。所述应用程序的访问权限设置策略可以包括:最小权限策略、常规权限策略和自定义权限策略。例如,所述应用程序的常规权限策略中不允许访问通讯录权限,而变化后的所述常规权限策略中允许访问通讯录权限,则认为所述常规权限策略发生变化。
在本申请的一些实施例中,所述服务器可以统计所述应用程序历史访问权限设置策略对应的访问权限配置请求列表中允许访问的权限的频次,将频次最高的访问权限配置请求列表中允许访问的权限选项作为更新的访问权限设置策略。在一些实施例中,所述服务器推荐的一种应用程序的最小权限策略或常规权限策略经常被用户手动更改,或者用户经常选择自定义权限策略。例如,通过一个月对用户数据的统计,用户在所述常规权限策略中允许对相机权限的访问的频次大于拒绝对相机权限的访问,则更新所述应用程序的常规权限策略,将允许对相机权限的访问加入所述常规权限策略。再例如,通过一个月对用户数据的统计,用户选择同一种自定义权限策略的频次高于其他任意一种访问权限设置策略的频次,则将所述自定义权限策略作为更新后的常规权限策略。
具体实施例一
在本申请的一实施例方案中,所述服务器接收所述终端设备最新安装的应用程序的包名。所述服务器根据所述包名判断所述应用程序为地图类应用程序,所述应用程序在服务器没有预存,访问权限配置请求包括:定位权限、读写权限、后台运行权限、通讯录权限、相机权限、麦克风权限和网络连接权限。所述服务器根据预存的其他地图类应用程序的权限策略设置方法,为所述应用程序生成最小权限策略和常规权限策略,所述最小权限策略包括允许定位权限和网络连接权限,所述常规权限策略包括定位权限、后台运行权限和网络连接权限。所述客户端将生成的最小权限策略和常规权限策略作为备选权限设置策略提供给用户,用户选择后,所述终端设备为所述地图类应用程序一键设置访问权限配置请求中对应的权限。
具体实施例二
在本申请的一实施例方案中,所述终端设备获取其正在使用的应用程序的访问权限配置请求。所述访问权限配置请求可以是单个功能的权限请求。例如, 所述正在使用的应用程序为社交类应用程序,当前访问权限设置策略为自定义权限策略中的隐私策略,所述社交类应用程序请求访问通讯录。所述终端设备可以根据所述隐私策略自动拒绝访问通讯录的权限。所述终端设备也可以提示用户改变权限设置策略或者调整所述隐私策略中对通讯录权限的设置。当所述权限设置策略调整后或者所述隐私策略中对通讯录权限的设置调整后,所述服务器可以统计所述调整,作为更新权限设置策略的依据。
具体实施例三
在本申请的一实施例方案中,所述终端设备可以获取其当前运行状态。所述终端设备的当前运行状态可以包括:电量状态和内存使用率等。所述终端设备可以根据其当前运行状态为应用程序设置访问权限。所述自定义权限策略可以包括:节能策略和内存不足策略。例如,对于办公类应用程序,当电量低于20%,所述访问权限设置策略可以从常规权限策略自动调整为节能策略,所述节能策略拒绝后台运行权限和网络连接权限等。
本申请实施例还提供了一种应用程序访问权限设置系统,如图3所示,图3为本申请一实施例中应用程序访问权限设置系统的结构示意图。所述系统包括:终端设备301和服务器303。
其中,所述终端设备301向服务器303发送查询消息,所述查询消息中包含应用程序标识符,接收所述服务器303生成的与所述应用程序标识符对应的至少一个访问权限设置策略,基于用户的指定操作,从所述至少一个访问权限设置策略中确定一个待执行设置策略,并根据所述待执行设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作.
所述服务器303接收所述终端设备301发送的所述查询信息,根据所述查询信息中包含的应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略,并将所述至少一个访问权限设置策略发送给所述终端设备301。
基于同一个发明构思,本申请实施例又提供了一种应用程序访问权限设置的设备,该设备包括用于存储计算机程序指令的存储器和用于执行程序指令的处理器,其中,当该计算机程序指令被该处理器执行时,触发该设备执行上述的方法。
基于同一个发明构思,本申请实施例更提供了一种计算机可读介质,其上存储有计算机可读指令,所述计算机可读指令可被处理器执行以实现上述的方法。
在本申请实施例提供的一种应用程序访问权限设置方法、系统、设备及可读介质中,根据应用程序的访问权限配置请求,为用户提供推荐的权限设置方案,根据用户选择的方案一键设置应用程序的访问权限,简化了用户操作,改善了用户体验。
本申请中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于设备和介质实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。
本申请实施例提供的设备和介质与方法是一一对应的,因此,设备和介质也具有与其对应的方法类似的有益技术效果,由于上面已经对方法的有益技术效果进行了详细说明,因此,这里不再赘述设备和介质的有益技术效果。
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个 流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。
以上所述仅为本申请的实施例而已,并不用于限制本申请。对于本领域技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本申请的权利要求范围之内。
Claims (14)
- 一种应用程序访问权限设置方法,其特征在于,包括:获取应用程序的访问权限配置请求,所述访问权限配置请求中包含所述应用程序标识符;根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略;根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置。
- 权利要求1所述的方法,其特征在于,根据所述至少一个访问权限设置策略,对所述应用程序的访问权限进行设置,包括:从所述至少一个访问权限设置策略中确定一个待执行设置策略;利用所述待执行设置策略,对所述应用程序的访问权限进行设置。
- 根据权利要求2所述的方法,其特征在于,所述方法还包括:将所述待执行设置策略上报至所述服务器。
- 权利要求1所述的方法,其特征在于,根据所述应用程序的访问权限配置请求,确定所述应用程序的至少一个访问权限设置策略,包括:向服务器发送查询消息,所述查询消息中包含所述应用程序标识符;接收所述服务器返回的查询结果,所述查询结果中包含所述应用程序标识符和与所述应用程序标识符对应的至少一个访问权限设置策略。
- 权利要求4所述的方法,其特征在于,所述至少一个访问权限设置策略包括以下设置策略中的至少一种:所述应用程序运行时所需最少的权限;基于大数据算法获取的用户对所述应用程序的设置的权限。
- 根据权利要求5所述的方法,所述至少一个访问权限设置策略还包括:用户在服务器上备份的自定义选择的所述应用程序的权限。
- 一种应用程序访问权限设置方法,其特征在于,包括:接收终端设备发送的查询消息,所述查询消息中包含应用程序标识符;根据所述应用程序标识符,生成与所述应用程序标识符对应的至少一个访问权限设置策略;将所述至少一个访问权限设置策略发送给所述终端设备,使得所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作。
- 根据权利要求7所述的方法,其特征在于,所述至少一个访问权限设置策略包括以下设置策略中的至少一种:所述应用程序运行时所需最少的权限;基于大数据算法获取的用户对所述应用程序的设置的权限。
- 根据权利要求8所述的方法,其特征在于,所述至少一个访问权限设置策略还包括:用户在服务器上备份的自定义选择的所述应用程序的权限。
- 根据权利要求8所述的方法,其特征在于,生成基于大数据算法获取的用户对所述应用程序的设置的权限,包括:获取多个终端设备对所述应用程序的配置策略;根据获取的多个终端设备对所述应用程序的配置策略,生成所述基于大数据算法获取的用户对所述应用程序的设置的权限。
- 根据权利要求10所述的方法,其特征在于,生成基于大数据算法获取的用户对所述应用程序的设置的权限,还包括:根据多个用户对所述应用程序的设置的配置策略对所述应用程序设置有至少一个权限级别。
- 根据权利要求7所述的方法,其特征在于,所述终端设备根据所述至少一个访问权限设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作,包括:从所述至少一个访问权限设置策略中确定一个待执行设置策略;所述终端设备根据所述待执行设置策略对其接收到的应用程序的访问权限配置请求执行权限设置操作。
- 一种应用程序访问权限设置的设备,该设备包括用于存储计算机程序 指令的存储器和用于执行程序指令的处理器,其中,当该计算机程序指令被该处理器执行时,触发该设备执行权利要求1至12中任一项所述的方法。
- 一种计算机可读介质,其上存储有计算机可读指令,所述计算机可读指令可被处理器执行以实现权利要求1至12中任一项所述的方法。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/937,596 US20200356682A1 (en) | 2018-01-25 | 2020-07-24 | Method, a system, a device and a readable medium for setting access permission for an application |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810072371.9 | 2018-01-25 | ||
CN201810072371.9A CN108427886B (zh) | 2018-01-25 | 2018-01-25 | 一种应用程序访问权限设置方法、系统、设备及可读介质 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/937,596 Continuation US20200356682A1 (en) | 2018-01-25 | 2020-07-24 | Method, a system, a device and a readable medium for setting access permission for an application |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019144928A1 true WO2019144928A1 (zh) | 2019-08-01 |
Family
ID=63156174
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/073173 WO2019144928A1 (zh) | 2018-01-25 | 2019-01-25 | 一种应用程序访问权限设置方法、系统、设备及可读介质 |
Country Status (3)
Country | Link |
---|---|
US (1) | US20200356682A1 (zh) |
CN (1) | CN108427886B (zh) |
WO (1) | WO2019144928A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4152190A4 (en) * | 2020-06-18 | 2023-10-25 | Huawei Technologies Co., Ltd. | PERMIT MANAGEMENT METHOD AND DEVICE FOR APPLICATION AND ELECTRONIC DEVICE |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109145580A (zh) * | 2018-08-31 | 2019-01-04 | 北京奇虎科技有限公司 | 软件权限管理方法、装置、计算设备及计算机存储介质 |
CN110908728B (zh) * | 2018-09-15 | 2021-04-09 | Oppo广东移动通信有限公司 | 权限配置方法及相关产品 |
CN109462576B (zh) * | 2018-10-16 | 2020-04-21 | 腾讯科技(深圳)有限公司 | 权限策略配置方法、装置及计算机可读存储介质 |
CN111209574B (zh) * | 2018-11-22 | 2023-06-20 | 阿里巴巴集团控股有限公司 | 访问控制与访问行为识别方法、系统、设备及存储介质 |
CN109740307A (zh) * | 2018-12-27 | 2019-05-10 | 上海碳蓝网络科技有限公司 | 一种权限管理方法及设备 |
CN110084047A (zh) * | 2019-03-20 | 2019-08-02 | 努比亚技术有限公司 | 一种访问权限控制方法、终端及计算机可读存储介质 |
CN110119276A (zh) * | 2019-04-18 | 2019-08-13 | 深圳壹账通智能科技有限公司 | 未读消息提示的实现方法、装置、计算机设备和存储介质 |
CN110188520B (zh) * | 2019-05-29 | 2021-06-25 | 维沃移动通信有限公司 | 一种应用的权限管理方法及移动终端 |
CN114175025A (zh) * | 2019-08-05 | 2022-03-11 | 宇龙计算机通信科技(深圳)有限公司 | 一种应用监控方法、装置、存储介质及电子设备 |
CN110826081B (zh) * | 2019-09-27 | 2022-09-16 | 维沃移动通信有限公司 | 一种权限管理方法及终端设备 |
CN110780944B (zh) * | 2019-10-22 | 2023-08-29 | 上海掌门科技有限公司 | 一种应用权限的启动方法、设备及机器可读存储介质 |
CN112784247A (zh) * | 2019-11-07 | 2021-05-11 | 北京京东尚科信息技术有限公司 | 一种应用程序的权限验证方法和装置 |
CN111222153B (zh) * | 2020-01-07 | 2023-04-07 | 腾讯科技(深圳)有限公司 | 应用程序权限管理方法、装置和存储介质 |
CN113949514B (zh) * | 2020-07-16 | 2024-01-26 | 中国电信股份有限公司 | 应用越权检测方法、装置和存储介质 |
CN112052030B (zh) * | 2020-08-24 | 2024-06-21 | 东风汽车有限公司 | 车载应用程序的接口权限配置方法、存储介质和系统 |
CN112287330B (zh) * | 2020-11-23 | 2024-03-01 | 腾讯科技(北京)有限公司 | 应用程序的权限配置方法、装置、计算机设备及存储介质 |
CN113792328B (zh) * | 2021-08-12 | 2024-08-23 | 荣耀终端有限公司 | 权限管理方法、用户界面及电子设备 |
CN115017522B (zh) * | 2021-09-30 | 2023-09-29 | 荣耀终端有限公司 | 一种权限推荐方法及电子设备 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102917346A (zh) * | 2012-10-17 | 2013-02-06 | 浙江大学城市学院 | 一种基于Android的应用程序运行时安全策略管理系统及方法 |
CN103514397A (zh) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | 一种服务器、终端及权限管理、许可方法 |
CN104008324A (zh) * | 2013-02-22 | 2014-08-27 | 三星电子株式会社 | 用于应用安全策略的终端和服务器及其控制方法 |
CN106354399A (zh) * | 2015-07-16 | 2017-01-25 | 阿里巴巴集团控股有限公司 | 应用权限配置方法、装置及电子设备 |
CN106778089A (zh) * | 2016-12-01 | 2017-05-31 | 联信摩贝软件(北京)有限公司 | 一种对软件权限和行为进行安全管控的系统和方法 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5841870A (en) * | 1996-11-12 | 1998-11-24 | Cheyenne Property Trust | Dynamic classes of service for an international cryptography framework |
US7996879B1 (en) * | 2007-07-03 | 2011-08-09 | Trend Micro Incorporated | Network deployment techniques employing radio frequency identification (RFID) |
CN105512545B (zh) * | 2015-12-03 | 2018-07-27 | 小米科技有限责任公司 | 访问权限管理方法和装置 |
CN106598776A (zh) * | 2016-11-11 | 2017-04-26 | 北京珠穆朗玛移动通信有限公司 | 移动终端备份的方法及移动终端 |
-
2018
- 2018-01-25 CN CN201810072371.9A patent/CN108427886B/zh active Active
-
2019
- 2019-01-25 WO PCT/CN2019/073173 patent/WO2019144928A1/zh active Application Filing
-
2020
- 2020-07-24 US US16/937,596 patent/US20200356682A1/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102917346A (zh) * | 2012-10-17 | 2013-02-06 | 浙江大学城市学院 | 一种基于Android的应用程序运行时安全策略管理系统及方法 |
CN104008324A (zh) * | 2013-02-22 | 2014-08-27 | 三星电子株式会社 | 用于应用安全策略的终端和服务器及其控制方法 |
CN103514397A (zh) * | 2013-09-29 | 2014-01-15 | 西安酷派软件科技有限公司 | 一种服务器、终端及权限管理、许可方法 |
CN106354399A (zh) * | 2015-07-16 | 2017-01-25 | 阿里巴巴集团控股有限公司 | 应用权限配置方法、装置及电子设备 |
CN106778089A (zh) * | 2016-12-01 | 2017-05-31 | 联信摩贝软件(北京)有限公司 | 一种对软件权限和行为进行安全管控的系统和方法 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4152190A4 (en) * | 2020-06-18 | 2023-10-25 | Huawei Technologies Co., Ltd. | PERMIT MANAGEMENT METHOD AND DEVICE FOR APPLICATION AND ELECTRONIC DEVICE |
Also Published As
Publication number | Publication date |
---|---|
CN108427886A (zh) | 2018-08-21 |
US20200356682A1 (en) | 2020-11-12 |
CN108427886B (zh) | 2020-06-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019144928A1 (zh) | 一种应用程序访问权限设置方法、系统、设备及可读介质 | |
US9935847B2 (en) | Dynamic grouping of managed devices | |
US10521245B2 (en) | Method and system for recursive plug-in application recipe generation | |
US11750455B2 (en) | Secure configuration of cloud computing nodes | |
US10375054B2 (en) | Securing user-accessed applications in a distributed computing environment | |
US10257207B2 (en) | Managed clone applications | |
US10033604B2 (en) | Providing compliance/monitoring service based on content of a service controller | |
US10257184B1 (en) | Assigning policies for accessing multiple computing resource services | |
JP5989001B2 (ja) | ペルソナベースのアプリケーションエクスペリエンスの提供 | |
EP3812899B1 (en) | Operation request allocation method, apparatus and device | |
JP2020502895A (ja) | メッセージングプロトコル通信の管理 | |
JP2021170397A (ja) | ユーザアカウントと企業ワークスペースとの関連付け | |
US20190273657A1 (en) | Multiuser device staging | |
US9537893B2 (en) | Abstract evaluation of access control policies for efficient evaluation of constraints | |
US11178141B2 (en) | Persistable identity tokens | |
US10681031B2 (en) | Federating devices to improve user experience with adaptive security | |
US10116701B2 (en) | Device-type based content management | |
US20160044060A1 (en) | Policy synchronization for multiple devices | |
US20160359909A1 (en) | Virtual private network based parental control service | |
CN111970194B (zh) | 一种api网关的配置及请求处理方法 | |
US11411813B2 (en) | Single user device staging | |
US20230418964A1 (en) | Generating customized policy decision point services for controlling access to computing resources | |
CN110995699A (zh) | 一种网络安全统一管控方法、管控端、客户端、设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19743318 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19743318 Country of ref document: EP Kind code of ref document: A1 |