WO2020207253A1 - Application permission management method and apparatus, and storage medium and electronic device - Google Patents

Application permission management method and apparatus, and storage medium and electronic device Download PDF

Info

Publication number
WO2020207253A1
WO2020207253A1 PCT/CN2020/081192 CN2020081192W WO2020207253A1 WO 2020207253 A1 WO2020207253 A1 WO 2020207253A1 CN 2020081192 W CN2020081192 W CN 2020081192W WO 2020207253 A1 WO2020207253 A1 WO 2020207253A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
application
electronic device
permission
authorization
Prior art date
Application number
PCT/CN2020/081192
Other languages
French (fr)
Chinese (zh)
Inventor
陈仲铭
何明
Original Assignee
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oppo广东移动通信有限公司 filed Critical Oppo广东移动通信有限公司
Publication of WO2020207253A1 publication Critical patent/WO2020207253A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • This application belongs to the technical field of electronic equipment, and in particular relates to a method, device, storage medium, and electronic equipment for rights management of application programs.
  • Electronic equipment can process data through various algorithm models to provide users with various functions.
  • the electronic device can learn the user's behavior characteristics according to the algorithm model, so as to provide the user with personalized service.
  • This application provides a method, device, storage medium, and electronic equipment for managing permissions of an application program, which can intelligently assign permissions for application programs and improve the security of electronic equipment.
  • an embodiment of the present application provides a permission management method for an application program, including:
  • an embodiment of the present application provides a permission management device for an application program, including: a recording module, a first processing module, a second processing module, and an allocation module;
  • the recording module is used to record the authorization history information of the application in the electronic device, the authorization history information includes the permission authorization record of the application;
  • the first processing module is configured to obtain current state information of the electronic device, process the state information according to a first algorithm model, and output user state information;
  • the second processing module is configured to process the authorization history information and user status information according to a second algorithm model, and output authority management information;
  • the allocation module is configured to allocate permissions to the application program according to the permission management information.
  • an embodiment of the present application provides a storage medium on which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the above-mentioned application program rights management method.
  • an embodiment of the present application provides an electronic device, including a processor and a memory, the memory stores a plurality of instructions, and the processor loads the instructions in the memory to perform the following steps:
  • FIG. 1 is a schematic diagram of an application scenario of the application permission management method provided by an embodiment of the application.
  • FIG. 2 is a schematic flowchart of a method for managing application permissions provided by an embodiment of the application.
  • FIG. 3 is a schematic diagram of another flow chart of the application permission management method provided by an embodiment of the application.
  • FIG. 4 is a schematic diagram of a structure of an application authority management apparatus provided by an embodiment of the application.
  • FIG. 5 is a schematic diagram of another structure of an application authority management apparatus provided by an embodiment of the application.
  • FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the application.
  • FIG. 7 is a schematic diagram of another structure of an electronic device provided by an embodiment of the application.
  • the third-party application authorization management mechanism for electronic devices is to open the third-party application for the first time. If the third-party application requires additional permissions, the user will be reminded whether to authorize or not. Once the user is authorized, the third-party will be subsequently directly granted The application automatically releases the permission.
  • Another way of authorization management is to open the application, when a certain sub-function or sub-business of the application is used, the third-party application will need additional permissions. At this time, the user will also be reminded whether to authorize.
  • Follow-up third-party applications Take over the authority directly. According to the above-mentioned electronic device authorization mechanism, third-party applications may monitor user information, leading to excessive use of application permissions.
  • the application may monitor the user and other operations, and the camera memory may be activated from time to time to cause the camera to pop up or turn on the camera, in order to prevent third-party application developers Abuse of system permissions to track user common behaviors.
  • This application provides a technical solution to solve the problem of unclear third-party application permissions. It proposes smart application permissions based on electronic devices that can learn user behavior habits , According to the panoramic perception technology to determine whether the user needs authorization at this time, to achieve dynamic and flexible application authorization management.
  • FIG. 1 is a schematic diagram of an application scenario of a method for managing application permissions provided by an embodiment of the application.
  • the permission management method of the application program is applied to an electronic device.
  • the electronic device is provided with a panoramic sensing architecture.
  • the panoramic perception architecture is the integration of hardware and software used to implement the permission management method of the application in an electronic device.
  • the panoramic perception architecture includes an information perception layer, a data processing layer, a feature extraction layer, a scenario modeling layer, and an intelligent service layer.
  • the information perception layer is used to obtain the information of the electronic device itself or the information in the external environment.
  • the information perception layer may include multiple sensors.
  • the information sensing layer includes multiple sensors such as a distance sensor, a magnetic field sensor, a light sensor, an acceleration sensor, a fingerprint sensor, a Hall sensor, a position sensor, a gyroscope, an inertial sensor, a posture sensor, a barometer, and a heart rate sensor.
  • the distance sensor can be used to detect the distance between the electronic device and an external object.
  • the magnetic field sensor can be used to detect the magnetic field information of the environment in which the electronic device is located.
  • the light sensor can be used to detect the light information of the environment in which the electronic device is located.
  • the acceleration sensor can be used to detect the acceleration data of the electronic device.
  • the fingerprint sensor can be used to collect the user's fingerprint information.
  • Hall sensor is a kind of magnetic field sensor made according to Hall effect, which can be used to realize automatic control of electronic equipment.
  • the location sensor can be used to detect the current geographic location of the electronic device. Gyroscopes can be used to detect the angular velocity of electronic devices in various directions. Inertial sensors can be used to detect movement data of electronic devices.
  • the attitude sensor can be used to sense the attitude information of the electronic device.
  • the barometer can be used to detect the air pressure of the environment where the electronic device is located.
  • the heart rate sensor can be used to detect the user's heart rate information.
  • the data processing layer is used to process the data obtained by the information perception layer.
  • the data processing layer can perform data cleaning, data integration, data transformation, and data reduction on the data acquired by the information perception layer.
  • data cleaning refers to cleaning up a large amount of data obtained by the information perception layer to eliminate invalid data and duplicate data.
  • Data integration refers to the integration of multiple single-dimensional data acquired by the information perception layer into a higher or more abstract dimension to comprehensively process multiple single-dimensional data.
  • Data transformation refers to the data type conversion or format conversion of the data acquired by the information perception layer, so that the transformed data meets the processing requirements.
  • Data reduction means to minimize the amount of data while maintaining the original appearance of the data as much as possible.
  • the feature extraction layer is used to perform feature extraction on data processed by the data processing layer to extract features included in the data.
  • the extracted features can reflect the state of the electronic device itself or the state of the user or the environmental state of the environment in which the electronic device is located.
  • the feature extraction layer can extract features or process the extracted features through methods such as filtering, packaging, and integration.
  • the filtering method refers to filtering the extracted features to delete redundant feature data.
  • the packaging method is used to screen the extracted features.
  • the integration method refers to the integration of multiple feature extraction methods to construct a more efficient and accurate feature extraction method for feature extraction.
  • the scenario modeling layer is used to construct a model based on the features extracted by the feature extraction layer, and the obtained model can be used to represent the state of the electronic device or the state of the user or the environment.
  • the scenario modeling layer can construct key value models, pattern identification models, graph models, entity connection models, object-oriented models, etc. based on the features extracted by the feature extraction layer.
  • the intelligent service layer is used to provide users with intelligent services based on the model constructed by the scenario modeling layer.
  • the intelligent service layer can provide users with basic application services, can perform system intelligent optimization for electronic devices, and can also provide users with personalized intelligent services.
  • the panoramic perception architecture may also include multiple algorithms, each of which can be used to analyze and process data, and the multiple algorithms can form an algorithm library.
  • the algorithm library may include Markov algorithm, implicit Dirichlet distribution algorithm, Bayesian classification algorithm, support vector machine, K-means clustering algorithm, K-nearest neighbor algorithm, conditional random field, residual network , Long and short-term memory networks, convolutional neural networks, recurrent neural networks and other algorithms.
  • the embodiment of the application provides a method for managing the permission of an application program.
  • the execution subject of the method for managing the permission of the application program may be the permission management device of the application program provided in the embodiment of the application, or the permission management device integrated with the application program.
  • Electronic equipment, wherein the permission management device of the application program can be implemented in hardware or software.
  • the embodiment of the present application will be described from the perspective of the permission management device of the application program, and the permission management device of the application program may be specifically integrated in the electronic device.
  • the permission management method of the application includes: recording the authorization history information of the application in the electronic device, and the authorization history information includes the permission authorization record of the application;
  • recording the authorization history information of the application in the electronic device includes:
  • the authorization history information is generated according to the identification information of the authority and the identification information of the application.
  • the current state information of the electronic device includes sensor information
  • processing the state information according to the first algorithm model to output user state information includes:
  • the sensor tensor is processed according to the first algorithm model, and user state information is output.
  • processing the authorization history information and user status information according to the second algorithm model and outputting authority management information includes:
  • performing vectorization processing on the authorization history information to obtain an authorization history vector includes:
  • the authorization history vector is generated according to the vector sequence.
  • the second algorithm model is a Bayesian model.
  • assigning permissions to the application program according to the permission management information includes:
  • FIG. 2 is a schematic flowchart of a method for managing application permissions provided by an embodiment of this application.
  • the application permission management method provided by the embodiment of the application is applied to electronic equipment, and the specific process may be as follows:
  • Step 101 Record the authorization history information of the application in the electronic device.
  • the authorization history information includes the permission authorization record of the application.
  • the above-mentioned permission authorization record includes all the application permission records of the electronic device. For example, when the application is installed or the application is opened for the first time, a dialog box will pop up, and the user will determine whether the relevant permission is enabled. After agreeing, the application can call to change permissions.
  • Android has prepared many optional permissions for the application, including the permission to obtain network status information, the permission to obtain WI-FI network status information, the permission to obtain battery status information, and to make calls.
  • different applications require different permissions.
  • desktop beautification applications generally apply for the permission to read user albums and set desktop wallpapers
  • navigation applications generally apply for the permission to access GPS.
  • the application can use related functions. For example, the application can make a call in the application after obtaining the permission to make a call. If the permission is not obtained, the user needs to manually log in The dial interface of the system makes a call.
  • the authorization history information of the application program includes all the permissions applied for by the application program, including the permissions authorized by the user and the permissions denied by the user.
  • Step 102 Obtain current state information of the electronic device, process the state information according to the first algorithm model, and output user state information.
  • the current state information of the above electronic device may include system operation information and sensor information of the electronic device, and so on.
  • the electronic device has built-in sensors with different functions, and these sensors can detect the current state of the electronic device at any time.
  • the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope.
  • the acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device.
  • the gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device.
  • the electronic device If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state. As long as a value of the acceleration sensor and the gyroscope changes within a unit time, it can be considered that the electronic device is in motion. In addition, the electronic device can also detect the intensity of ambient light through the light sensor. Regarding the working principles of the acceleration sensor, the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
  • the information may be input into the user state prediction model to predict the current state of the user to obtain the current state information of the user.
  • the output result of the aforementioned user state prediction model may be multiple user states and corresponding probabilities, and the highest probability may be selected as the prediction result.
  • Step 103 Process authorization history information and user status information according to the second algorithm model, and output authority management information.
  • the above-mentioned second algorithm model may be a Bayesian model.
  • the authorization history information obtained in step 101 and the user status information obtained in step 102 are used as the input of the Bayesian model, and the output is authorization management information.
  • the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
  • Step 104 Assign permissions to the application according to the permission management information.
  • the electronic device After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device to assign authority to the application.
  • the permission to be applied for by the application program is controlled according to the above-mentioned permission management information. If the authorization is approved, the system can automatically open the permission to be called, so that the user does not need to operate manually. Then you can turn on permissions. Or, a check box can be popped up, and the user can again choose whether to enable the to-be-invoked permission to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
  • the application applies for the permission to make calls and the permission to use the camera.
  • the electronic device predicts that the user is currently playing with a mobile phone on the bed at night and in a dark environment based on the current state of the electronic device.
  • the authorization management letter output at this time may include agreeing to the application to obtain the right to make calls, and disagreeing to the application to obtain the right to use the camera.
  • the application authority management method can record the authorization history information of the application in the electronic device.
  • the authorization history information includes the authority authorization record of the application, obtains the current state information of the electronic device, and obtains the current status information of the electronic device according to the An algorithm model processes the status information, outputs user status information, processes authorization history information and user status information according to the second algorithm model, outputs permission management information, and assigns permissions to applications based on the permission management information.
  • the embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
  • FIG. 3 is a schematic diagram of another flow chart of an application authority management method provided by an embodiment of the application, and the application authority management method includes:
  • Step 201 When an application in the electronic device requests permission for the first time, the identification information of the permission and the identification information of the application are recorded.
  • the first request for permission for the application in the above electronic device may be when the application is installed, or when the application is opened for the first time. For example, a dialog box may be popped up to allow the user to determine whether the relevant permission is enabled.
  • the identification information of the authority may be the name of the authority, and the identification information of the application may be the name of the application.
  • Step 202 Generate authorization history information according to the identification information of the authority and the identification information of the application.
  • the above-mentioned authorization history information includes application program identification and corresponding authority identification.
  • the permission applied by application A is the permission to obtain network status information
  • the permission to obtain WI-FI network status information is the permission to obtain battery status information.
  • the permission applied by application B is the permission to make calls and the permission to use the camera.
  • Permission, permission to read the user's contact data, the permissions applied by application C are the permission to read the user's photo album, the permission to access GPS, the permission to set the desktop wallpaper, and so on.
  • Step 203 Acquire current sensor information of the electronic device, process the sensor information according to the first algorithm model, and output user status information.
  • the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope.
  • the acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device.
  • the gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device. If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state.
  • the electronic device can also detect the intensity of ambient light through the light sensor.
  • the acceleration sensor the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
  • the sensor may be input to the user state prediction model to predict the user's current state to obtain the user's current state information.
  • processing the sensor information according to the first algorithm model and outputting user status information may include:
  • the sensor tensor is processed according to the first algorithm model, and user state information is output.
  • Step 204 Perform vectorization processing on the authorization history information to obtain an authorization history vector.
  • performing vectorization processing on the authorization history information to obtain an authorization history vector may include:
  • the authorization history vector is generated according to the vector sequence.
  • the aforementioned word embedding model can be configured in an electronic device, so that the electronic device can convert the received word sequence into a vector sequence through the word embedding model.
  • the electronic device may convert the word sequence into a vector sequence through a pre-trained word embedding model, which may specifically include: determining the first word vector corresponding to each word in the word sequence according to the vocabulary; using the word embedding model The first word vector corresponding to each word is converted into a second word vector; finally, the second word vector corresponding to each word is used to generate a vector sequence.
  • the above word embedding model can be an X ⁇ Y matrix, X can be used as the dimension after conversion, and Y can be used as the dimension before conversion.
  • the pre-conversion dimension Y can be configured according to the size of the vocabulary, and the post-conversion dimension X can generally be smaller than the pre-conversion dimension Y, so that useful information can be represented in a more compact form for convenient processing.
  • Step 205 Process the authorization history vector and user status information according to the Bayesian model, and output authority management information.
  • the authorization history vector obtained in step 204 and the user state information obtained in step 203 are used as the input of the Bayesian model, and the output is the authorization management information.
  • the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
  • Step 206 When the application program initiates a request for invoking the permission, it is judged according to the permission management information whether the permission is authorized, if so, step 207 is executed, and if not, the request is rejected.
  • the electronic device After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device, and the system layer determines whether the authority is authorized.
  • the application program initiates a request for calling permission
  • the permission to be applied for by the application is judged according to the above permission management information, and if the authorization is approved, step 207 is executed and the system automatically opens the permission to be called, so that Users do not need to manually operate, can open permissions. If you do not agree, directly reject the above application request for calling permission.
  • Step 207 Turn on the permission of the application.
  • a check box may also be popped up, and the user can again choose whether to enable the permission to be invoked, so as to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
  • the application applies for the permission to make calls and the permission to use the camera.
  • the electronic device predicts that the user is currently playing with a mobile phone on the bed at night and in a dark environment based on the current state of the electronic device.
  • the authorization management letter output at this time may include agreeing to the application to obtain the right to make calls, and disagreeing to the application to obtain the right to use the camera.
  • the application authority management method can record the identification information of the authority and the identification information of the application when the application in the electronic device requests the authority for the first time, and according to the identification information of the authority and the application
  • the identification information generates authorization history information, obtains the current sensor information of the electronic device, processes the sensor information according to the first algorithm model, outputs user status information, and vectorizes the authorization history information to obtain the authorization history vector, according to Bayesian
  • the model processes the authorization history vector and user status information, and outputs authority management information.
  • the application initiates a request for calling authority, it judges whether the authority is authorized according to the authority management information, and if so, the application authority is opened.
  • the embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
  • FIG. 4 is a schematic structural diagram of an application authority management apparatus provided by an embodiment of the application.
  • the authority management device 30 of the application program includes a recording module 301, a first processing module 302, a second processing module 303, and a distribution module 304;
  • the recording module 301 is used to record authorization history information of an application in an electronic device, and the authorization history information includes a permission authorization record of the application.
  • the above-mentioned permission authorization record includes all the application permission records of the electronic device. For example, when the application is installed or the application is opened for the first time, a dialog box will pop up, and the user will determine whether the relevant permission is enabled. After agreeing, the application can call to change permissions.
  • Android has prepared many optional permissions for the application, including the permission to obtain network status information, the permission to obtain WI-FI network status information, the permission to obtain battery status information, and to make calls.
  • different applications require different permissions.
  • desktop beautification applications generally apply for the permission to read user albums and set desktop wallpapers
  • navigation applications generally apply for the permission to access GPS.
  • the application can use related functions. For example, the application can make a call in the application after obtaining the permission to make a call. If the permission is not obtained, the user needs to manually log in The dial interface of the system makes a call.
  • the first processing module 302 is configured to obtain the current state information of the electronic device, process the state information according to the first algorithm model, and output user state information.
  • the current state information of the above electronic device may include system operation information and sensor information of the electronic device, and so on.
  • the electronic device has built-in sensors with different functions, and these sensors can detect the current state of the electronic device at any time.
  • the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope.
  • the acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device.
  • the gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device.
  • the electronic device If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state. As long as a value of the acceleration sensor and the gyroscope changes within a unit time, it can be considered that the electronic device is in motion. In addition, the electronic device can also detect the intensity of ambient light through the light sensor. Regarding the working principles of the acceleration sensor, the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
  • the information may be input into the user state prediction model to predict the current state of the user to obtain the current state information of the user.
  • the second processing module 303 is configured to process the authorization history information and user status information according to the second algorithm model, and output authority management information.
  • the above-mentioned second algorithm model may be a Bayesian model.
  • the authorization history information obtained by the recording module 301 and the user status information obtained by the first processing module 302 are used as the input of the Bayesian model, and the output is the authorization management. information.
  • the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
  • the allocation module 304 is configured to allocate permissions for the application program according to the permission management information.
  • the electronic device After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device to assign authority to the application.
  • the permission to be applied for by the application program is controlled according to the above-mentioned permission management information. If the authorization is approved, the system can automatically open the permission to be called, so that the user does not need to operate manually. Then you can turn on permissions. Or, a check box can be popped up, and the user can again choose whether to enable the to-be-invoked permission to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
  • FIG. 5 is a schematic diagram of a structure of an application authority management apparatus provided in an embodiment of the present application.
  • the recording module 301 includes: a recording submodule 3011 and a generating submodule 3012 ;
  • the recording submodule 3011 is configured to record the identification information of the authority and the identification information of the application when the application in the electronic device requests permission for the first time;
  • the generating submodule 3012 is configured to generate the authorization history information according to the identification information of the authority and the identification information of the application.
  • the current state information of the electronic device includes sensor information
  • the first processing module 302 includes: a first processing sub-module 3021 and a first output sub-module 3022;
  • the first processing submodule 3021 is configured to perform vectorization processing on the sensor information to obtain sensor vectors;
  • the first output submodule 3022 is configured to superimpose the sensor vectors to obtain a sensor tensor, process the sensor tensor according to the first algorithm model, and output user state information.
  • the second processing module 303 includes: a second processing sub-module 3031 and a second output sub-module 3032;
  • the second processing module 3031 is configured to perform vectorization processing on the authorization history information to obtain an authorization history vector
  • the second output sub-module 3032 is configured to process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
  • the permission management apparatus of the application in the embodiment of the present application can record the authorization history information of the application in the electronic device.
  • the authorization history information includes the permission authorization record of the application, obtains the current status information of the electronic device, and according to The algorithm model processes the status information, outputs user status information, processes authorization history information and user status information according to the second algorithm model, outputs authority management information, and assigns permissions to applications based on the authority management information.
  • the embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
  • the permission management device of the application belongs to the same concept as the permission management method of the application in the above embodiment, and the permission management method of the application can be run on the permission management device of the application.
  • the permission management method of the application program please refer to the embodiment of the permission management method of the application program, which will not be repeated here.
  • module used herein can be regarded as a software object executed on the operating system.
  • the different components, modules, engines, and services described in this article can be regarded as implementation objects on the computing system.
  • the devices and methods described herein can be implemented in the form of software, or of course, can also be implemented on hardware, and they are all within the protection scope of the present application.
  • the embodiment of the present application also provides a storage medium on which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the above-mentioned application program authority management method.
  • the embodiment of the present application also provides an electronic device, such as a tablet computer, a mobile phone, and so on.
  • the processor in the electronic device will load the instructions corresponding to the process of one or more application programs into the memory according to the following steps, and the processor will run the application programs stored in the memory to realize various functions:
  • the processor when recording the authorization history information of the application in the electronic device, the processor is configured to perform the following steps:
  • the authorization history information is generated according to the identification information of the authority and the identification information of the application.
  • the current state information of the electronic device includes sensor information
  • the state information is processed according to the first algorithm model
  • the processor is configured to perform the following steps:
  • the sensor tensor is processed according to the first algorithm model, and user state information is output.
  • the authorization history information and user status information are processed according to the second algorithm model, and when the authority management information is output, the processor is configured to perform the following steps:
  • the processor when performing vectorization processing on the authorization history information to obtain an authorization history vector, the processor is configured to perform the following steps:
  • the authorization history vector is generated according to the vector sequence.
  • the second algorithm model is a Bayesian model.
  • the processor when assigning permissions to the application program according to the permission management information, the processor is configured to perform the following steps:
  • the electronic device 400 includes a processor 401 and a memory 402.
  • the processor 401 is electrically connected to the memory 402.
  • the processor 400 is the control center of the electronic device 400. It uses various interfaces and lines to connect various parts of the entire electronic device. It executes the electronic device by running or loading the computer program stored in the memory 402, and calling the data stored in the memory 402. Various functions of the device 400 and processing data, so as to monitor the electronic device 400 as a whole.
  • the memory 402 can be used to store software programs and modules.
  • the processor 401 executes various functional applications and data processing by running the computer programs and modules stored in the memory 402.
  • the memory 402 may mainly include a storage program area and a storage data area.
  • the storage program area may store an operating system, a computer program required by at least one function (such as a sound playback function, an image playback function, etc.), etc.; Data created by the use of electronic equipment, etc.
  • the memory 402 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.
  • the memory 402 may also include a memory controller to provide the processor 401 with access to the memory 402.
  • the processor 401 in the electronic device 400 will load the instructions corresponding to the process of one or more computer programs into the memory 402 according to the following steps, and the processor 401 will run and store the instructions in the memory 402 In order to realize various functions in the computer program, as follows:
  • the electronic device 400 may further include a display 403, a radio frequency circuit 404, an audio circuit 405, and a power supply 406.
  • the display 403, the radio frequency circuit 404, the audio circuit 405, and the power supply 406 are electrically connected to the processor 401, respectively.
  • the display 403 may be used to display information input by the user or information provided to the user, and various graphical user interfaces. These graphical user interfaces may be composed of graphics, text, icons, videos, and any combination thereof.
  • the display 403 may include a display panel.
  • the display panel may be configured in the form of a liquid crystal display (LCD), or an organic light-emitting diode (OLED).
  • LCD liquid crystal display
  • OLED organic light-emitting diode
  • the radio frequency circuit 404 may be used to transmit and receive radio frequency signals to establish wireless communication with network equipment or other electronic equipment through wireless communication, and to transmit and receive signals with the network equipment or other electronic equipment.
  • the audio circuit 405 may be used to provide an audio interface between the user and the electronic device through a speaker or a microphone.
  • the power supply 406 can be used to power various components of the electronic device 400.
  • the power supply 406 may be logically connected to the processor 401 through a power management system, so that functions such as charging, discharging, and power consumption management can be managed through the power management system.
  • the electronic device 400 may also include a camera, a Bluetooth module, etc., which will not be repeated here.
  • the storage medium may be a magnetic disk, an optical disc, a read only memory (Read Only Memory, ROM), or a random access memory (Random Access Memory, RAM), etc.
  • the computer program may be stored in a computer readable storage medium, such as stored in the memory of an electronic device, and executed by at least one processor in the electronic device.
  • the execution process may include applications such as The procedure of the embodiment of the program permission management method.
  • the storage medium can be magnetic disk, optical disk, read-only memory, random access memory, etc.
  • the permission management apparatus of the application program in the embodiment of the present application its functional modules may be integrated in one processing chip, or each module may exist alone physically, or two or more modules may be integrated in one module.
  • the above-mentioned integrated modules can be implemented in the form of hardware or software functional modules. If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer readable storage medium, such as a read-only memory, a magnetic disk, or an optical disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

Disclosed is an application permission management method, comprising: recording authorization history information of an application; obtaining status information of an electronic device, processing the status information according to a first algorithm model, and outputting user status information; processing the authorization history information and the user status information according to a second algorithm model, and outputting permission management information; and allocating permission to the application. The present application also provides an application permission management apparatus, a storage medium and an electronic device.

Description

应用程序的权限管理方法、装置、存储介质及电子设备Application program authority management method, device, storage medium and electronic equipment 技术领域Technical field
本申请属于电子设备技术领域,尤其涉及一种应用程序的权限管理方法、装置、存储介质及电子设备。This application belongs to the technical field of electronic equipment, and in particular relates to a method, device, storage medium, and electronic equipment for rights management of application programs.
背景技术Background technique
随着电子技术的发展,诸如智能手机等电子设备的智能化程度越来越高。电子设备可以通过各种各样的算法模型来进行数据处理,从而为用户提供各种功能。例如,电子设备可以根据算法模型对用户的行为特征进行学习,从而为用户提供个性化的服务。With the development of electronic technology, electronic devices such as smart phones are becoming more and more intelligent. Electronic equipment can process data through various algorithm models to provide users with various functions. For example, the electronic device can learn the user's behavior characteristics according to the algorithm model, so as to provide the user with personalized service.
发明内容Summary of the invention
本申请提供一种应用程序的权限管理方法、装置、存储介质及电子设备,可以智能化为应用程序分配权限,提高电子设备的安全性。This application provides a method, device, storage medium, and electronic equipment for managing permissions of an application program, which can intelligently assign permissions for application programs and improve the security of electronic equipment.
第一方面,本申请实施例提供一种应用程序的权限管理方法,包括:In the first aspect, an embodiment of the present application provides a permission management method for an application program, including:
记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
第二方面,本申请实施例提供一种应用程序的权限管理装置,包括:记录模块、第一处理模块、第二处理模块以及分配模块;In a second aspect, an embodiment of the present application provides a permission management device for an application program, including: a recording module, a first processing module, a second processing module, and an allocation module;
所述记录模块,用于记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;The recording module is used to record the authorization history information of the application in the electronic device, the authorization history information includes the permission authorization record of the application;
所述第一处理模块,用于获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;The first processing module is configured to obtain current state information of the electronic device, process the state information according to a first algorithm model, and output user state information;
所述第二处理模块,用于根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;The second processing module is configured to process the authorization history information and user status information according to a second algorithm model, and output authority management information;
所述分配模块,用于根据所述权限管理信息为所述应用程序分配权限。The allocation module is configured to allocate permissions to the application program according to the permission management information.
第三方面,本申请实施例提供一种存储介质,其上存储有计算机程序,当所述计算机程序在计算机上运行时,使得所述计算机执行上述的应用程序的权限管理方法。In a third aspect, an embodiment of the present application provides a storage medium on which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the above-mentioned application program rights management method.
第四方面,本申请实施例提供一种电子设备,包括处理器和存储器,所述存储器存储有多条指令,所述处理器加载所述存储器中的指令用于执行以下步骤:In a fourth aspect, an embodiment of the present application provides an electronic device, including a processor and a memory, the memory stores a plurality of instructions, and the processor loads the instructions in the memory to perform the following steps:
记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的 权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
附图说明Description of the drawings
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍。显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly describe the technical solutions in the embodiments of the present application, the following will briefly introduce the drawings that need to be used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the application. For those skilled in the art, other drawings can be obtained based on these drawings without creative work.
图1为本申请实施例提供的应用程序的权限管理方法的应用场景示意图。FIG. 1 is a schematic diagram of an application scenario of the application permission management method provided by an embodiment of the application.
图2为本申请实施例提供的应用程序的权限管理方法的一种流程示意图。FIG. 2 is a schematic flowchart of a method for managing application permissions provided by an embodiment of the application.
图3为本申请实施例提供的应用程序的权限管理方法的另一流程示意图。FIG. 3 is a schematic diagram of another flow chart of the application permission management method provided by an embodiment of the application.
图4为本申请实施例提供的应用程序的权限管理装置的一种结构示意图。FIG. 4 is a schematic diagram of a structure of an application authority management apparatus provided by an embodiment of the application.
图5为本申请实施例提供的应用程序的权限管理装置的另一结构示意图。FIG. 5 is a schematic diagram of another structure of an application authority management apparatus provided by an embodiment of the application.
图6为本申请实施例提供的电子设备的结构示意图。FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the application.
图7为本申请实施例提供的电子设备的另一结构示意图。FIG. 7 is a schematic diagram of another structure of an electronic device provided by an embodiment of the application.
具体实施方式detailed description
请参照图式,其中相同的组件符号代表相同的组件,本申请的原理是以实施在一适当的运算环境中来举例说明。以下的说明是基于所例示的本申请具体实施例,其不应被视为限制本申请未在此详述的其它具体实施例。Please refer to the drawings, in which the same component symbols represent the same components, and the principle of the present application is implemented in an appropriate computing environment for illustration. The following description is based on the exemplified specific embodiments of the present application, which should not be regarded as limiting other specific embodiments that are not described in detail herein.
在以下的说明中,本申请的具体实施例将参考由一部或多部计算机所执行的步骤及符号来说明,除非另有述明。因此,这些步骤及操作将有数次提到由计算机执行,本文所指的计算机执行包括了由代表了以一结构化型式中的数据的电子信号的计算机处理单元的操作。此操作转换该数据或将其维持在该计算机的内存系统中的位置处,其可重新配置或另外以本领域测试人员所熟知的方式来改变该计算机的运作。该数据所维持的数据结构为该内存的实体位置,其具有由该数据格式所定义的特定特性。但是,本申请原理以上述文字来说明,其并不代表为一种限制,本领域测试人员将可了解到以下所述的多种步骤及操作亦可实施在硬件当中。In the following description, specific embodiments of the present application will be described with reference to steps and symbols executed by one or more computers, unless otherwise stated. Therefore, these steps and operations will be mentioned several times as being executed by a computer. The computer execution referred to in this article includes the operation of a computer processing unit that represents an electronic signal of data in a structured form. This operation converts the data or maintains it in a position in the computer's memory system, which can be reconfigured or otherwise changed the operation of the computer in a manner well known to testers in the art. The data structure maintained by the data is the physical location of the memory, which has specific characteristics defined by the data format. However, the principle of this application is described in the above text, which does not represent a limitation. Testers in the field will understand that the various steps and operations described below can also be implemented in hardware.
本申请中的术语“第一”、“第二”和“第三”等是用于区别不同对象,而不是用于描述特定顺序。此外,术语“包括”和“具有”以及它们任何变形,意图在于覆盖不排他的包含。例如包含了一系列步骤或模块的过程、方法、系统、产品或设备没有限定于已列出的步骤或模块,而是某些实施例还包括没有列出的步骤或模块,或某些实施例还包括对于这些过程、方法、产品或设备固有的其它步骤或模块。The terms "first", "second" and "third" in this application are used to distinguish different objects, rather than describing a specific order. In addition, the terms "including" and "having" and any variations thereof are intended to cover non-exclusive inclusion. For example, a process, method, system, product, or device that includes a series of steps or modules is not limited to the listed steps or modules, but some embodiments also include steps or modules that are not listed, or some embodiments It also includes other steps or modules inherent to these processes, methods, products, or equipment.
现有技术当中,对电子设备的第三方应用程序授权管理机制是通过首次打开第三方应用程序,第三方应用程序如果需要额外权限,会提醒用户是否授权,一旦用户授权后,后续直接赋予第三方应用程序对该权限自动放行。另外一种授权管理方式是打开应用程序后,当使用到应用程序的某个子功能或者子业务的时候,第三方应用程序会需要额外权限,此时同样会提醒用户是否授权,后续第三方应用程序直接接管该权限。按照上述的电子设备授权机制,可能会造成第三方应用程序监听用户信息,导致应用权限使用泛滥。In the prior art, the third-party application authorization management mechanism for electronic devices is to open the third-party application for the first time. If the third-party application requires additional permissions, the user will be reminded whether to authorize or not. Once the user is authorized, the third-party will be subsequently directly granted The application automatically releases the permission. Another way of authorization management is to open the application, when a certain sub-function or sub-business of the application is used, the third-party application will need additional permissions. At this time, the user will also be reminded whether to authorize. Follow-up third-party applications Take over the authority directly. According to the above-mentioned electronic device authorization mechanism, third-party applications may monitor user information, leading to excessive use of application permissions.
例如现有的电子设备系统中一旦对某应用程序赋予摄像头权限,可能会因为应用程序对用户进行监听等操作,会时不时启动摄像头记性拍照以导致摄像头弹出或者摄像头开启,为了防止第三方应用开发者滥用系统权限,对用户常用行为进行跟踪,本申请提供一种技术方案,旨在解决第三方应用程序权限使用不明确的问题,提出了基于电子设备的智能应用程序权限,能够学习用户的行为习惯,根据全景感知技术确定用户此时是否需要授权,做到动态和弹性应用授权管理。For example, once the camera permission is granted to an application in the existing electronic equipment system, the application may monitor the user and other operations, and the camera memory may be activated from time to time to cause the camera to pop up or turn on the camera, in order to prevent third-party application developers Abuse of system permissions to track user common behaviors. This application provides a technical solution to solve the problem of unclear third-party application permissions. It proposes smart application permissions based on electronic devices that can learn user behavior habits , According to the panoramic perception technology to determine whether the user needs authorization at this time, to achieve dynamic and flexible application authorization management.
参考图1,图1为本申请实施例提供的应用程序的权限管理方法的应用场景示意图。所述应用程序的权限管理方法应用于电子设备。所述电子设备中设置有全景感知架构。所述全景感知架构为电子设备中用于实现所述应用程序的权限管理方法的硬件和软件的集成。Referring to FIG. 1, FIG. 1 is a schematic diagram of an application scenario of a method for managing application permissions provided by an embodiment of the application. The permission management method of the application program is applied to an electronic device. The electronic device is provided with a panoramic sensing architecture. The panoramic perception architecture is the integration of hardware and software used to implement the permission management method of the application in an electronic device.
其中,全景感知架构包括信息感知层、数据处理层、特征抽取层、情景建模层以及智能服务层。Among them, the panoramic perception architecture includes an information perception layer, a data processing layer, a feature extraction layer, a scenario modeling layer, and an intelligent service layer.
信息感知层用于获取电子设备自身的信息或者外部环境中的信息。所述信息感知层可以包括多个传感器。例如,所述信息感知层包括距离传感器、磁场传感器、光线传感器、加速度传感器、指纹传感器、霍尔传感器、位置传感器、陀螺仪、惯性传感器、姿态感应器、气压计、心率传感器等多个传感器。The information perception layer is used to obtain the information of the electronic device itself or the information in the external environment. The information perception layer may include multiple sensors. For example, the information sensing layer includes multiple sensors such as a distance sensor, a magnetic field sensor, a light sensor, an acceleration sensor, a fingerprint sensor, a Hall sensor, a position sensor, a gyroscope, an inertial sensor, a posture sensor, a barometer, and a heart rate sensor.
其中,距离传感器可以用于检测电子设备与外部物体之间的距离。磁场传感器可以用于检测电子设备所处环境的磁场信息。光线传感器可以用于检测电子设备所处环境的光线信息。加速度传感器可以用于检测电子设备的加速度数据。指纹传感器可以用于采集用户的指纹信息。霍尔传感器是根据霍尔效应制作的一种磁场传感器,可以用于实现电子设备的自动控制。位置传感器可以用于检测电子设备当前所处的地理位置。陀螺仪可以用于检测电子设备在各个方向上的角速度。惯性传感器可以用于检测电子设备的运动数据。姿态感应器可以用于感应电子设备的姿态信息。气压计可以用于检测电子设备所处环境的气压。心率传感器可以用于检测用户的心率信息。Among them, the distance sensor can be used to detect the distance between the electronic device and an external object. The magnetic field sensor can be used to detect the magnetic field information of the environment in which the electronic device is located. The light sensor can be used to detect the light information of the environment in which the electronic device is located. The acceleration sensor can be used to detect the acceleration data of the electronic device. The fingerprint sensor can be used to collect the user's fingerprint information. Hall sensor is a kind of magnetic field sensor made according to Hall effect, which can be used to realize automatic control of electronic equipment. The location sensor can be used to detect the current geographic location of the electronic device. Gyroscopes can be used to detect the angular velocity of electronic devices in various directions. Inertial sensors can be used to detect movement data of electronic devices. The attitude sensor can be used to sense the attitude information of the electronic device. The barometer can be used to detect the air pressure of the environment where the electronic device is located. The heart rate sensor can be used to detect the user's heart rate information.
数据处理层用于对信息感知层获取到的数据进行处理。例如,数据处理层可以对信息感知层获取到的数据进行数据清理、数据集成、数据变换、数据归约等处理。The data processing layer is used to process the data obtained by the information perception layer. For example, the data processing layer can perform data cleaning, data integration, data transformation, and data reduction on the data acquired by the information perception layer.
其中,数据清理是指对信息感知层获取到的大量数据进行清理,以剔除无效数据和重复数据。数据集成是指将信息感知层获取到的多个单维度数据集成到一个更高或者更抽象的维度,以对多个单维度的数据进行综合处理。数据变换是指对信息感知层获取到的数据 进行数据类型的转换或者格式的转换等,以使变换后的数据满足处理的需求。数据归约是指在尽可能保持数据原貌的前提下,最大限度的精简数据量。Among them, data cleaning refers to cleaning up a large amount of data obtained by the information perception layer to eliminate invalid data and duplicate data. Data integration refers to the integration of multiple single-dimensional data acquired by the information perception layer into a higher or more abstract dimension to comprehensively process multiple single-dimensional data. Data transformation refers to the data type conversion or format conversion of the data acquired by the information perception layer, so that the transformed data meets the processing requirements. Data reduction means to minimize the amount of data while maintaining the original appearance of the data as much as possible.
特征抽取层用于对数据处理层处理后的数据进行特征抽取,以提取所述数据中包括的特征。提取到的特征可以反映出电子设备自身的状态或者用户的状态或者电子设备所处环境的环境状态等。The feature extraction layer is used to perform feature extraction on data processed by the data processing layer to extract features included in the data. The extracted features can reflect the state of the electronic device itself or the state of the user or the environmental state of the environment in which the electronic device is located.
其中,特征抽取层可以通过过滤法、包装法、集成法等方法来提取特征或者对提取到的特征进行处理。Among them, the feature extraction layer can extract features or process the extracted features through methods such as filtering, packaging, and integration.
过滤法是指对提取到的特征进行过滤,以删除冗余的特征数据。包装法用于对提取到的特征进行筛选。集成法是指将多种特征提取方法集成到一起,以构建一种更加高效、更加准确的特征提取方法,用于提取特征。The filtering method refers to filtering the extracted features to delete redundant feature data. The packaging method is used to screen the extracted features. The integration method refers to the integration of multiple feature extraction methods to construct a more efficient and accurate feature extraction method for feature extraction.
情景建模层用于根据特征抽取层提取到的特征来构建模型,所得到的模型可以用于表示电子设备的状态或者用户的状态或者环境状态等。例如,情景建模层可以根据特征抽取层提取到的特征来构建关键值模型、模式标识模型、图模型、实体联系模型、面向对象模型等。The scenario modeling layer is used to construct a model based on the features extracted by the feature extraction layer, and the obtained model can be used to represent the state of the electronic device or the state of the user or the environment. For example, the scenario modeling layer can construct key value models, pattern identification models, graph models, entity connection models, object-oriented models, etc. based on the features extracted by the feature extraction layer.
智能服务层用于根据情景建模层所构建的模型为用户提供智能化的服务。例如,智能服务层可以为用户提供基础应用服务,可以为电子设备进行系统智能优化,还可以为用户提供个性化智能服务。The intelligent service layer is used to provide users with intelligent services based on the model constructed by the scenario modeling layer. For example, the intelligent service layer can provide users with basic application services, can perform system intelligent optimization for electronic devices, and can also provide users with personalized intelligent services.
此外,全景感知架构中还可以包括多种算法,每一种算法都可以用于对数据进行分析处理,所述多种算法可以构成算法库。例如,所述算法库中可以包括马尔科夫算法、隐含狄里克雷分布算法、贝叶斯分类算法、支持向量机、K均值聚类算法、K近邻算法、条件随机场、残差网络、长短期记忆网络、卷积神经网络、循环神经网络等算法。In addition, the panoramic perception architecture may also include multiple algorithms, each of which can be used to analyze and process data, and the multiple algorithms can form an algorithm library. For example, the algorithm library may include Markov algorithm, implicit Dirichlet distribution algorithm, Bayesian classification algorithm, support vector machine, K-means clustering algorithm, K-nearest neighbor algorithm, conditional random field, residual network , Long and short-term memory networks, convolutional neural networks, recurrent neural networks and other algorithms.
本申请实施例提供一种应用程序的权限管理方法,该应用程序的权限管理方法的执行主体可以是本申请实施例提供的应用程序的权限管理装置,或者集成了该应用程序的权限管理装置的电子设备,其中该应用程序的权限管理装置可以采用硬件或者软件的方式实现。The embodiment of the application provides a method for managing the permission of an application program. The execution subject of the method for managing the permission of the application program may be the permission management device of the application program provided in the embodiment of the application, or the permission management device integrated with the application program. Electronic equipment, wherein the permission management device of the application program can be implemented in hardware or software.
本申请实施例将从应用程序的权限管理装置的角度进行描述,该应用程序的权限管理装置具体可以集成在电子设备中。该应用程序的权限管理方法包括:记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;The embodiment of the present application will be described from the perspective of the permission management device of the application program, and the permission management device of the application program may be specifically integrated in the electronic device. The permission management method of the application includes: recording the authorization history information of the application in the electronic device, and the authorization history information includes the permission authorization record of the application;
获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
一实施例中,记录电子设备当中应用程序的授权历史信息,包括:In one embodiment, recording the authorization history information of the application in the electronic device includes:
当所述电子设备中的应用程序首次请求权限时,记录所述权限的标识信息和所述应用程序的标识信息;When the application in the electronic device requests permission for the first time, record the identification information of the permission and the identification information of the application;
根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The authorization history information is generated according to the identification information of the authority and the identification information of the application.
一实施例中,所述电子设备当前的状态信息包括传感器信息,根据第一算法模型对所述状态信息进行处理,输出用户状态信息,包括:In an embodiment, the current state information of the electronic device includes sensor information, and processing the state information according to the first algorithm model to output user state information includes:
对所述传感器信息进行向量化处理以得到传感器向量;Performing vectorization processing on the sensor information to obtain a sensor vector;
对所述传感器向量进行叠加以得到传感器张量;Superimpose the sensor vectors to obtain a sensor tensor;
根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The sensor tensor is processed according to the first algorithm model, and user state information is output.
一实施例中,根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息,包括:In an embodiment, processing the authorization history information and user status information according to the second algorithm model and outputting authority management information includes:
对所述授权历史信息进行向量化处理以得到授权历史向量;Vectorize the authorization history information to obtain an authorization history vector;
根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。Process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
一实施例中,对所述授权历史信息进行向量化处理以得到授权历史向量,包括:In an embodiment, performing vectorization processing on the authorization history information to obtain an authorization history vector includes:
在所述授权历史信息当中提取词序列;Extract word sequences from the authorization history information;
通过预先配置的词嵌入模型对所述词序列进行转换,生成对应的向量序列;Convert the word sequence through a pre-configured word embedding model to generate a corresponding vector sequence;
根据所述向量序列生成所述授权历史向量。The authorization history vector is generated according to the vector sequence.
一实施例中,所述第二算法模型为贝叶斯模型。In an embodiment, the second algorithm model is a Bayesian model.
一实施例中,根据所述权限管理信息为所述应用程序分配权限,包括:In an embodiment, assigning permissions to the application program according to the permission management information includes:
当所述应用程序发起调用权限的请求时,根据所述权限管理信息判断所述权限是否被授权;When the application program initiates a request for invoking permission, judging whether the permission is authorized according to the permission management information;
若是,则开启所述应用程序的权限。If yes, open the permissions of the application.
请参阅图2,图2为本申请实施例提供的应用程序的权限管理方法的流程示意图。本申请实施例提供的应用程序的权限管理方法应用于电子设备,具体流程可以如下:Please refer to FIG. 2. FIG. 2 is a schematic flowchart of a method for managing application permissions provided by an embodiment of this application. The application permission management method provided by the embodiment of the application is applied to electronic equipment, and the specific process may be as follows:
步骤101,记录电子设备当中应用程序的授权历史信息,授权历史信息包括应用程序的权限授权记录。Step 101: Record the authorization history information of the application in the electronic device. The authorization history information includes the permission authorization record of the application.
其中,上述权限授权记录当中包括电子设备当中所有应用程序申请权限的记录,比如,在安装应用程序或首次打开应用程序时,会弹出对话框,由用户判断段是否开启相关权限,其中,当用户同意后,该应用程序便可以调用改权限。Among them, the above-mentioned permission authorization record includes all the application permission records of the electronic device. For example, when the application is installed or the application is opened for the first time, a dialog box will pop up, and the user will determine whether the relevant permission is enabled. After agreeing, the application can call to change permissions.
比如,在运行Android系统的电子设备当中,Android中为应用程序准备了很多可选权限,包括获取网络状态信息的权限、获取WI-FI网络状态信息的权限、获取电池状态信息的权限、拨打电话的权限、使用照相机的权限、读取用户的联系人数据的权限、读取用户相册的权限、访问GPS的权限、设置桌面壁纸的权限等等。一般来说,不同的应用程序所需要的权限也不相同,比如桌面美化类应用程序一般会申请读取用户相册的权限和设置桌面壁纸的权限,导航类应用程序一般会申请访问GPS的权限。应用程序在得到用户授权后获取到该权限,便可以使用相关功能,比如应用程序在获取到拨打电话的权限后便可以在应用程序当中拨打电话,而若未获取到该权限则需要用户手动在系统的拨号界面进行拨 打电话。For example, among the electronic devices running the Android system, Android has prepared many optional permissions for the application, including the permission to obtain network status information, the permission to obtain WI-FI network status information, the permission to obtain battery status information, and to make calls. Permission to use camera, permission to read user’s contact data, permission to read user’s photo album, permission to access GPS, permission to set desktop wallpaper, etc. Generally speaking, different applications require different permissions. For example, desktop beautification applications generally apply for the permission to read user albums and set desktop wallpapers, and navigation applications generally apply for the permission to access GPS. After the application is authorized by the user to obtain the permission, it can use related functions. For example, the application can make a call in the application after obtaining the permission to make a call. If the permission is not obtained, the user needs to manually log in The dial interface of the system makes a call.
在一实施例中,上述应用程序的授权历史信息包括该应用程序所申请的全部权限,包括被用户授权过的权限以及被用户拒绝过的权限。In an embodiment, the authorization history information of the application program includes all the permissions applied for by the application program, including the permissions authorized by the user and the permissions denied by the user.
步骤102,获取电子设备当前的状态信息,并根据第一算法模型对状态信息进行处理,输出用户状态信息。Step 102: Obtain current state information of the electronic device, process the state information according to the first algorithm model, and output user state information.
在一实施例中,上述电子设备当前的状态信息可以包括电子设备的系统运行信息和传感器信息等等。其中,电子设备内置有功能不一的传感器,这些传感器能够随时检测电子设备当前所处的状态。作为本申请的一个实施例,可以通过加速度传感器(G-Sensor)和陀螺仪检测电子设备的运动状态。其中加速度传感器可以是三轴线性加速度传感器,用于检测电子设备三个互相正交的轴向上的线性加速度。陀螺仪则用于检测电子设备三个互相正交的轴向上转动的速度。如当加速度传感器和陀螺仪在单位时间内检测到的数值没有变化,则认为电子设备处于静止状态。只要加速度传感器和陀螺仪在单位时间内有一个数值发生变化,则可以认为电子设备处于运动状态。此外,电子设备还可以通过光传感器检测周围环境光的强度。关于加速度传感器、陀螺仪以及光传感器的工作原理可参考现有技术,在此不作赘述。In an embodiment, the current state information of the above electronic device may include system operation information and sensor information of the electronic device, and so on. Among them, the electronic device has built-in sensors with different functions, and these sensors can detect the current state of the electronic device at any time. As an embodiment of the present application, the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope. The acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device. The gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device. If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state. As long as a value of the acceleration sensor and the gyroscope changes within a unit time, it can be considered that the electronic device is in motion. In addition, the electronic device can also detect the intensity of ambient light through the light sensor. Regarding the working principles of the acceleration sensor, the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
在一实施例中,在获取到电子设备当前的状态信息后,可以将该信息输入到用户状态预测模型,对用户当前的状态进行预测,以得到用户当前的状态信息。其中,上述用户状态预测模型的输出结果可以为多种用户状态以及分别对应的概率,可以选取概率最高的作为预测结果。In an embodiment, after obtaining the current state information of the electronic device, the information may be input into the user state prediction model to predict the current state of the user to obtain the current state information of the user. Among them, the output result of the aforementioned user state prediction model may be multiple user states and corresponding probabilities, and the highest probability may be selected as the prediction result.
步骤103,根据第二算法模型对授权历史信息和用户状态信息进行处理,输出权限管理信息。Step 103: Process authorization history information and user status information according to the second algorithm model, and output authority management information.
在一实施例中,上述第二算法模型可以为贝叶斯模型,将步骤101当中获取的授权历史信息和步骤102得到的用户状态信息作为贝叶斯模型的输入,输出为授权管理信息。其中,上述授权管理信息包括应用程序所需要的所有权限的判定结果,该判定结果可以包括同意授权的第一判定结果和不同意授权的第二判定结果。In an embodiment, the above-mentioned second algorithm model may be a Bayesian model. The authorization history information obtained in step 101 and the user status information obtained in step 102 are used as the input of the Bayesian model, and the output is authorization management information. Wherein, the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
步骤104,根据权限管理信息为应用程序分配权限。Step 104: Assign permissions to the application according to the permission management information.
在电子设备获取到权限管理信息后,将其传送给电子设备的系统层,以对应用程序分配权限。在一实施例中,当应用程序申请权限时,根据上述权限管理信息对应用程序所要申请的权限进行管控,若同意授权可以直接由系统自动开启该待调用权限,从而可以使得用户无需手动操作,便能开启权限。或者还可以弹出复选框,由用户再次选择是否开启该待调用权限,以满足不同用户的需求。例如,若用户对该权限的保密需求较高,则需要由用户完成进一步判断。若不同意授权,则拒绝开启该权限。After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device to assign authority to the application. In one embodiment, when an application program applies for permission, the permission to be applied for by the application program is controlled according to the above-mentioned permission management information. If the authorization is approved, the system can automatically open the permission to be called, so that the user does not need to operate manually. Then you can turn on permissions. Or, a check box can be popped up, and the user can again choose whether to enable the to-be-invoked permission to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
比如,在启动应用程序A后,该应用程序申请拨打电话的权限和使用照相机的权限,此时电子设备根据电子设备当前的状态预测用户当前在晚上并且在床上玩手机,并且处于 漆黑的环境,此时输出的权限管理信可以包括同意应用程序获取拨打电话的权限,不同意应用程序获取使用照相机的权限。For example, after the application A is started, the application applies for the permission to make calls and the permission to use the camera. At this time, the electronic device predicts that the user is currently playing with a mobile phone on the bed at night and in a dark environment based on the current state of the electronic device. The authorization management letter output at this time may include agreeing to the application to obtain the right to make calls, and disagreeing to the application to obtain the right to use the camera.
由上可知,本申请实施例提供的应用程序的权限管理方法可以记录电子设备当中应用程序的授权历史信息,授权历史信息包括应用程序的权限授权记录,获取电子设备当前的状态信息,并根据第一算法模型对状态信息进行处理,输出用户状态信息,根据第二算法模型对授权历史信息和用户状态信息进行处理,输出权限管理信息,根据权限管理信息为应用程序分配权限。本申请实施例可以有效地记录下用户使用应用程序时候所需要的权限,根据当前的用户状态信息,然后智能地为第三方应用分配其应用的权限,从而提高电子设备的安全性,还能降低电子设备的功耗。It can be seen from the above that the application authority management method provided by the embodiment of the present application can record the authorization history information of the application in the electronic device. The authorization history information includes the authority authorization record of the application, obtains the current state information of the electronic device, and obtains the current status information of the electronic device according to the An algorithm model processes the status information, outputs user status information, processes authorization history information and user status information according to the second algorithm model, outputs permission management information, and assigns permissions to applications based on the permission management information. The embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
下面将在上述实施例描述的方法基础上,对本申请的清理方法做进一步介绍。参阅图3,图3为本申请实施例提供的应用程序的权限管理方法的另一流程示意图,该应用程序的权限管理方法包括:On the basis of the method described in the foregoing embodiment, the cleaning method of the present application will be further introduced below. Referring to FIG. 3, FIG. 3 is a schematic diagram of another flow chart of an application authority management method provided by an embodiment of the application, and the application authority management method includes:
步骤201,当电子设备中的应用程序首次请求权限时,记录权限的标识信息和应用程序的标识信息。Step 201: When an application in the electronic device requests permission for the first time, the identification information of the permission and the identification information of the application are recorded.
在一实施例中,上述电子设备中的应用程序首次请求权限可以为应用程序安装完成时,还可以为应用程序首次打开时,比如可以通过弹出对话框的方式,由用户判断段是否开启相关权限。权限的标识信息可以为权限的名字,应用程序的标识信息可以为应用程序的名字。In one embodiment, the first request for permission for the application in the above electronic device may be when the application is installed, or when the application is opened for the first time. For example, a dialog box may be popped up to allow the user to determine whether the relevant permission is enabled. . The identification information of the authority may be the name of the authority, and the identification information of the application may be the name of the application.
步骤202,根据权限的标识信息和应用程序的标识信息生成授权历史信息。Step 202: Generate authorization history information according to the identification information of the authority and the identification information of the application.
其中,上述授权历史信息包括应用程序标识和对应的权限标识。比如,应用程序A所申请的权限为获取网络状态信息的权限、获取WI-FI网络状态信息的权限、获取电池状态信息的权限,应用程序B所申请的权限为拨打电话的权限、使用照相机的权限、读取用户的联系人数据的权限,应用程序C所申请的权限为读取用户相册的权限、访问GPS的权限、设置桌面壁纸的权限等等。Wherein, the above-mentioned authorization history information includes application program identification and corresponding authority identification. For example, the permission applied by application A is the permission to obtain network status information, the permission to obtain WI-FI network status information, and the permission to obtain battery status information. The permission applied by application B is the permission to make calls and the permission to use the camera. Permission, permission to read the user's contact data, the permissions applied by application C are the permission to read the user's photo album, the permission to access GPS, the permission to set the desktop wallpaper, and so on.
步骤203,获取电子设备当前的传感器信息,并根据第一算法模型对传感器信息进行处理,输出用户状态信息。Step 203: Acquire current sensor information of the electronic device, process the sensor information according to the first algorithm model, and output user status information.
比如,电子设备内置有功能不一的传感器,这些传感器能够随时检测电子设备当前所处的状态。作为本申请的一个实施例,可以通过加速度传感器(G-Sensor)和陀螺仪检测电子设备的运动状态。其中加速度传感器可以是三轴线性加速度传感器,用于检测电子设备三个互相正交的轴向上的线性加速度。陀螺仪则用于检测电子设备三个互相正交的轴向上转动的速度。如当加速度传感器和陀螺仪在单位时间内检测到的数值没有变化,则认为电子设备处于静止状态。只要加速度传感器和陀螺仪在单位时间内有一个数值发生变化,则可以认为电子设备处于运动状态。此外,电子设备还可以通过光传感器检测周围环境光的强度。关于加速度传感器、陀螺仪以及光传感器的工作原理可参考现有技术,在此不作赘述。For example, electronic devices have built-in sensors with different functions, and these sensors can detect the current state of the electronic device at any time. As an embodiment of the present application, the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope. The acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device. The gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device. If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state. As long as a value of the acceleration sensor and the gyroscope changes within a unit time, it can be considered that the electronic device is in motion. In addition, the electronic device can also detect the intensity of ambient light through the light sensor. Regarding the working principles of the acceleration sensor, the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
在一实施例中,在获取到电子设备当前的传感器信息后,可以将该传感器输入到用户状态预测模型,对用户当前的状态进行预测,以得到用户当前的状态信息。In an embodiment, after acquiring the current sensor information of the electronic device, the sensor may be input to the user state prediction model to predict the user's current state to obtain the user's current state information.
在一实施例中,根据第一算法模型对所述传感器信息进行处理,输出用户状态信息,可以包括:In an embodiment, processing the sensor information according to the first algorithm model and outputting user status information may include:
对所述传感器信息进行向量化处理以得到传感器向量;Performing vectorization processing on the sensor information to obtain a sensor vector;
对所述传感器向量进行叠加以得到传感器张量;Superimpose the sensor vectors to obtain a sensor tensor;
根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The sensor tensor is processed according to the first algorithm model, and user state information is output.
步骤204,对授权历史信息进行向量化处理以得到授权历史向量。Step 204: Perform vectorization processing on the authorization history information to obtain an authorization history vector.
在一实施例中,对所述授权历史信息进行向量化处理以得到授权历史向量,可以包括:In an embodiment, performing vectorization processing on the authorization history information to obtain an authorization history vector may include:
在所述授权历史信息当中提取词序列;Extract word sequences from the authorization history information;
通过预先配置的词嵌入模型对所述词序列进行转换,生成对应的向量序列;Convert the word sequence through a pre-configured word embedding model to generate a corresponding vector sequence;
根据所述向量序列生成所述授权历史向量。The authorization history vector is generated according to the vector sequence.
具体的,上述词嵌入模型可以配置于电子设备当中,从而使得电子设备可以通过该词嵌入模型将接收到的词序列转换为向量序列。在一实施例中,电子设备可以通过预先训练的词嵌入模型,将词序列转换成向量序列,具体可以包括:依据词表确定词序列中的各词对应的第一词向量;通过词嵌入模型将各词对应的第一词向量转换为第二词向量;最后采用各词对应的第二词向量生成向量序列。Specifically, the aforementioned word embedding model can be configured in an electronic device, so that the electronic device can convert the received word sequence into a vector sequence through the word embedding model. In an embodiment, the electronic device may convert the word sequence into a vector sequence through a pre-trained word embedding model, which may specifically include: determining the first word vector corresponding to each word in the word sequence according to the vocabulary; using the word embedding model The first word vector corresponding to each word is converted into a second word vector; finally, the second word vector corresponding to each word is used to generate a vector sequence.
需要说明的是,上述词嵌入模型可以为一个X×Y的矩阵,X可以作为转换后维度,Y可以作为转换前维度。本申请实施例可以依据词表的大小配置转换前维度Y,转换后维度X通常可以小于转换前维度Y,从而使得有用的信息可以用更加紧凑的形式来表示,方便处理。It should be noted that the above word embedding model can be an X×Y matrix, X can be used as the dimension after conversion, and Y can be used as the dimension before conversion. In the embodiment of the present application, the pre-conversion dimension Y can be configured according to the size of the vocabulary, and the post-conversion dimension X can generally be smaller than the pre-conversion dimension Y, so that useful information can be represented in a more compact form for convenient processing.
步骤205,根据贝叶斯模型对授权历史向量和用户状态信息进行处理,输出权限管理信息。Step 205: Process the authorization history vector and user status information according to the Bayesian model, and output authority management information.
其中,将步骤204当中获取的授权历史向量和步骤203得到的用户状态信息作为贝叶斯模型的输入,输出为授权管理信息。其中,上述授权管理信息包括应用程序所需要的所有权限的判定结果,该判定结果可以包括同意授权的第一判定结果和不同意授权的第二判定结果。Among them, the authorization history vector obtained in step 204 and the user state information obtained in step 203 are used as the input of the Bayesian model, and the output is the authorization management information. Wherein, the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
步骤206,当应用程序发起调用权限的请求时,根据权限管理信息判断权限是否被授权,若是,则执行步骤207,若否,则拒绝请求。Step 206: When the application program initiates a request for invoking the permission, it is judged according to the permission management information whether the permission is authorized, if so, step 207 is executed, and if not, the request is rejected.
在电子设备获取到权限管理信息后,将其传送给电子设备的系统层,由系统层判断权限是否被授权。在一实施例中,当应用程序发起调用权限的请求时,根据上述权限管理信息对应用程序所要申请的权限进行判断,若同意授权则执行步骤207由系统自动开启该待调用权限,从而可以使得用户无需手动操作,便能开启权限。若不同意则直接拒绝上述应用程序发起调用权限的请求。After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device, and the system layer determines whether the authority is authorized. In one embodiment, when the application program initiates a request for calling permission, the permission to be applied for by the application is judged according to the above permission management information, and if the authorization is approved, step 207 is executed and the system automatically opens the permission to be called, so that Users do not need to manually operate, can open permissions. If you do not agree, directly reject the above application request for calling permission.
步骤207,开启应用程序的权限。Step 207: Turn on the permission of the application.
在一实施例中,在开启应用程序的权限之前,还可以弹出复选框,由用户再次选择是否开启该待调用权限,以满足不同用户的需求。例如,若用户对该权限的保密需求较高,则需要由用户完成进一步判断。若不同意授权,则拒绝开启该权限。In one embodiment, before the permission of the application is opened, a check box may also be popped up, and the user can again choose whether to enable the permission to be invoked, so as to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
比如,在启动应用程序A后,该应用程序申请拨打电话的权限和使用照相机的权限,此时电子设备根据电子设备当前的状态预测用户当前在晚上并且在床上玩手机,并且处于漆黑的环境,此时输出的权限管理信可以包括同意应用程序获取拨打电话的权限,不同意应用程序获取使用照相机的权限。For example, after the application A is started, the application applies for the permission to make calls and the permission to use the camera. At this time, the electronic device predicts that the user is currently playing with a mobile phone on the bed at night and in a dark environment based on the current state of the electronic device. The authorization management letter output at this time may include agreeing to the application to obtain the right to make calls, and disagreeing to the application to obtain the right to use the camera.
由上可知,本申请实施例提供的应用程序的权限管理方法可以当电子设备中的应用程序首次请求权限时,记录权限的标识信息和应用程序的标识信息,根据权限的标识信息和应用程序的标识信息生成授权历史信息,获取电子设备当前的传感器信息,并根据第一算法模型对传感器信息进行处理,输出用户状态信息,对授权历史信息进行向量化处理以得到授权历史向量,根据贝叶斯模型对授权历史向量和用户状态信息进行处理,输出权限管理信息,当应用程序发起调用权限的请求时,根据权限管理信息判断权限是否被授权,若是,则开启应用程序的权限。本申请实施例可以有效地记录下用户使用应用程序时候所需要的权限,根据当前的用户状态信息,然后智能地为第三方应用分配其应用的权限,从而提高电子设备的安全性,还能降低电子设备的功耗。As can be seen from the above, the application authority management method provided by the embodiment of the present application can record the identification information of the authority and the identification information of the application when the application in the electronic device requests the authority for the first time, and according to the identification information of the authority and the application The identification information generates authorization history information, obtains the current sensor information of the electronic device, processes the sensor information according to the first algorithm model, outputs user status information, and vectorizes the authorization history information to obtain the authorization history vector, according to Bayesian The model processes the authorization history vector and user status information, and outputs authority management information. When the application initiates a request for calling authority, it judges whether the authority is authorized according to the authority management information, and if so, the application authority is opened. The embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
请参阅图4,图4为本申请实施例提供的应用程序的权限管理装置的一种结构示意图。其中该应用程序的权限管理装置30包括记录模块301、第一处理模块302、第二处理模块303以及分配模块304;Please refer to FIG. 4, which is a schematic structural diagram of an application authority management apparatus provided by an embodiment of the application. The authority management device 30 of the application program includes a recording module 301, a first processing module 302, a second processing module 303, and a distribution module 304;
所述记录模块301,用于记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录。The recording module 301 is used to record authorization history information of an application in an electronic device, and the authorization history information includes a permission authorization record of the application.
其中,上述权限授权记录当中包括电子设备当中所有应用程序申请权限的记录,比如,在安装应用程序或首次打开应用程序时,会弹出对话框,由用户判断段是否开启相关权限,其中,当用户同意后,该应用程序便可以调用改权限。Among them, the above-mentioned permission authorization record includes all the application permission records of the electronic device. For example, when the application is installed or the application is opened for the first time, a dialog box will pop up, and the user will determine whether the relevant permission is enabled. After agreeing, the application can call to change permissions.
比如,在运行Android系统的电子设备当中,Android中为应用程序准备了很多可选权限,包括获取网络状态信息的权限、获取WI-FI网络状态信息的权限、获取电池状态信息的权限、拨打电话的权限、使用照相机的权限、读取用户的联系人数据的权限、读取用户相册的权限、访问GPS的权限、设置桌面壁纸的权限等等。一般来说,不同的应用程序所需要的权限也不相同,比如桌面美化类应用程序一般会申请读取用户相册的权限和设置桌面壁纸的权限,导航类应用程序一般会申请访问GPS的权限。应用程序在得到用户授权后获取到该权限,便可以使用相关功能,比如应用程序在获取到拨打电话的权限后便可以在应用程序当中拨打电话,而若未获取到该权限则需要用户手动在系统的拨号界面进行拨打电话。For example, among the electronic devices running the Android system, Android has prepared many optional permissions for the application, including the permission to obtain network status information, the permission to obtain WI-FI network status information, the permission to obtain battery status information, and to make calls. Permission to use camera, permission to read user’s contact data, permission to read user’s photo album, permission to access GPS, permission to set desktop wallpaper, etc. Generally speaking, different applications require different permissions. For example, desktop beautification applications generally apply for the permission to read user albums and set desktop wallpapers, and navigation applications generally apply for the permission to access GPS. After the application is authorized by the user to obtain the permission, it can use related functions. For example, the application can make a call in the application after obtaining the permission to make a call. If the permission is not obtained, the user needs to manually log in The dial interface of the system makes a call.
所述第一处理模块302,用于获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息。The first processing module 302 is configured to obtain the current state information of the electronic device, process the state information according to the first algorithm model, and output user state information.
在一实施例中,上述电子设备当前的状态信息可以包括电子设备的系统运行信息和传感器信息等等。其中,电子设备内置有功能不一的传感器,这些传感器能够随时检测电子设备当前所处的状态。作为本申请的一个实施例,可以通过加速度传感器(G-Sensor)和陀螺仪检测电子设备的运动状态。其中加速度传感器可以是三轴线性加速度传感器,用于检测电子设备三个互相正交的轴向上的线性加速度。陀螺仪则用于检测电子设备三个互相正交的轴向上转动的速度。如当加速度传感器和陀螺仪在单位时间内检测到的数值没有变化,则认为电子设备处于静止状态。只要加速度传感器和陀螺仪在单位时间内有一个数值发生变化,则可以认为电子设备处于运动状态。此外,电子设备还可以通过光传感器检测周围环境光的强度。关于加速度传感器、陀螺仪以及光传感器的工作原理可参考现有技术,在此不作赘述。In an embodiment, the current state information of the above electronic device may include system operation information and sensor information of the electronic device, and so on. Among them, the electronic device has built-in sensors with different functions, and these sensors can detect the current state of the electronic device at any time. As an embodiment of the present application, the motion state of the electronic device can be detected by an acceleration sensor (G-Sensor) and a gyroscope. The acceleration sensor may be a three-axis linear acceleration sensor, which is used to detect linear accelerations in three mutually orthogonal axes of the electronic device. The gyroscope is used to detect the upward rotation speed of the three mutually orthogonal axes of the electronic device. If the value detected by the acceleration sensor and the gyroscope within a unit time does not change, the electronic device is considered to be in a static state. As long as a value of the acceleration sensor and the gyroscope changes within a unit time, it can be considered that the electronic device is in motion. In addition, the electronic device can also detect the intensity of ambient light through the light sensor. Regarding the working principles of the acceleration sensor, the gyroscope, and the light sensor, reference may be made to the prior art, which will not be repeated here.
在一实施例中,在获取到电子设备当前的状态信息后,可以将该信息输入到用户状态预测模型,对用户当前的状态进行预测,以得到用户当前的状态信息。In an embodiment, after obtaining the current state information of the electronic device, the information may be input into the user state prediction model to predict the current state of the user to obtain the current state information of the user.
所述第二处理模块303,用于根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息。The second processing module 303 is configured to process the authorization history information and user status information according to the second algorithm model, and output authority management information.
在一实施例中,上述第二算法模型可以为贝叶斯模型,将记录模块301获取的授权历史信息和第一处理模块302获取的用户状态信息作为贝叶斯模型的输入,输出为授权管理信息。其中,上述授权管理信息包括应用程序所需要的所有权限的判定结果,该判定结果可以包括同意授权的第一判定结果和不同意授权的第二判定结果。In an embodiment, the above-mentioned second algorithm model may be a Bayesian model. The authorization history information obtained by the recording module 301 and the user status information obtained by the first processing module 302 are used as the input of the Bayesian model, and the output is the authorization management. information. Wherein, the above authorization management information includes the determination result of all permissions required by the application program, and the determination result may include a first determination result of agreeing to authorization and a second determination result of disagreeing with authorization.
所述分配模块304,用于根据所述权限管理信息为所述应用程序分配权限。The allocation module 304 is configured to allocate permissions for the application program according to the permission management information.
在电子设备获取到权限管理信息后,将其传送给电子设备的系统层,以对应用程序分配权限。在一实施例中,当应用程序申请权限时,根据上述权限管理信息对应用程序所要申请的权限进行管控,若同意授权可以直接由系统自动开启该待调用权限,从而可以使得用户无需手动操作,便能开启权限。或者还可以弹出复选框,由用户再次选择是否开启该待调用权限,以满足不同用户的需求。例如,若用户对该权限的保密需求较高,则需要由用户完成进一步判断。若不同意授权,则拒绝开启该权限。After the electronic device obtains the authority management information, it is transmitted to the system layer of the electronic device to assign authority to the application. In one embodiment, when an application program applies for permission, the permission to be applied for by the application program is controlled according to the above-mentioned permission management information. If the authorization is approved, the system can automatically open the permission to be called, so that the user does not need to operate manually. Then you can turn on permissions. Or, a check box can be popped up, and the user can again choose whether to enable the to-be-invoked permission to meet the needs of different users. For example, if the user has a high demand for confidentiality of the authority, the user needs to complete further judgment. If you do not agree to the authorization, refuse to open the permission.
在一实施例中,请参阅图5,图5为本申请实施例提供的应用程序的权限管理装置的一种结构示意图,其中,所述记录模块301包括:记录子模块3011和生成子模块3012;In one embodiment, please refer to FIG. 5. FIG. 5 is a schematic diagram of a structure of an application authority management apparatus provided in an embodiment of the present application. The recording module 301 includes: a recording submodule 3011 and a generating submodule 3012 ;
所述记录子模块3011,用于当所述电子设备中的应用程序首次请求权限时,记录所述权限的标识信息和所述应用程序的标识信息;The recording submodule 3011 is configured to record the identification information of the authority and the identification information of the application when the application in the electronic device requests permission for the first time;
所述生成子模块3012,用于根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The generating submodule 3012 is configured to generate the authorization history information according to the identification information of the authority and the identification information of the application.
在一实施例中,所述电子设备当前的状态信息包括传感器信息,所述第一处理模块302 包括:第一处理子模块3021和第一输出子模块3022;In an embodiment, the current state information of the electronic device includes sensor information, and the first processing module 302 includes: a first processing sub-module 3021 and a first output sub-module 3022;
所述第一处理子模块3021,用于对所述传感器信息进行向量化处理以得到传感器向量;The first processing submodule 3021 is configured to perform vectorization processing on the sensor information to obtain sensor vectors;
所述第一输出子模块3022,用于对所述传感器向量进行叠加以得到传感器张量,根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The first output submodule 3022 is configured to superimpose the sensor vectors to obtain a sensor tensor, process the sensor tensor according to the first algorithm model, and output user state information.
在一实施例中,所述第二处理模块303包括:第二处理子模块3031和第二输出子模块3032;In an embodiment, the second processing module 303 includes: a second processing sub-module 3031 and a second output sub-module 3032;
所述第二处理模块3031,用于对所述授权历史信息进行向量化处理以得到授权历史向量;The second processing module 3031 is configured to perform vectorization processing on the authorization history information to obtain an authorization history vector;
所述第二输出子模块3032,用于根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。The second output sub-module 3032 is configured to process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
由上述可知,本申请实施例的应用程序的权限管理装置可以记录电子设备当中应用程序的授权历史信息,授权历史信息包括应用程序的权限授权记录,获取电子设备当前的状态信息,并根据第一算法模型对状态信息进行处理,输出用户状态信息,根据第二算法模型对授权历史信息和用户状态信息进行处理,输出权限管理信息,根据权限管理信息为应用程序分配权限。本申请实施例可以有效地记录下用户使用应用程序时候所需要的权限,根据当前的用户状态信息,然后智能地为第三方应用分配其应用的权限,从而提高电子设备的安全性,还能降低电子设备的功耗。It can be seen from the above that the permission management apparatus of the application in the embodiment of the present application can record the authorization history information of the application in the electronic device. The authorization history information includes the permission authorization record of the application, obtains the current status information of the electronic device, and according to The algorithm model processes the status information, outputs user status information, processes authorization history information and user status information according to the second algorithm model, outputs authority management information, and assigns permissions to applications based on the authority management information. The embodiment of the application can effectively record the permissions required by the user when using the application. According to the current user status information, the third-party application can then intelligently assign its application permissions, thereby improving the security of the electronic device and reducing Power consumption of electronic equipment.
本申请实施例中,应用程序的权限管理装置与上文实施例中的应用程序的权限管理方法属于同一构思,在应用程序的权限管理装置上可以运行应用程序的权限管理方法实施例中提供的任一方法,其具体实现过程详见应用程序的权限管理方法的实施例,此处不再赘述。In the embodiment of this application, the permission management device of the application belongs to the same concept as the permission management method of the application in the above embodiment, and the permission management method of the application can be run on the permission management device of the application. For any method, for the specific implementation process, please refer to the embodiment of the permission management method of the application program, which will not be repeated here.
本文所使用的术语“模块”可看作为在该运算系统上执行的软件对象。本文所述的不同组件、模块、引擎及服务可看作为在该运算系统上的实施对象。而本文所述的装置及方法可以以软件的方式进行实施,当然也可在硬件上进行实施,均在本申请保护范围之内。The term "module" used herein can be regarded as a software object executed on the operating system. The different components, modules, engines, and services described in this article can be regarded as implementation objects on the computing system. The devices and methods described herein can be implemented in the form of software, or of course, can also be implemented on hardware, and they are all within the protection scope of the present application.
本申请实施例还提供一种存储介质,其上存储有计算机程序,当所述计算机程序在计算机上运行时,使得所述计算机执行上述的应用程序的权限管理方法。The embodiment of the present application also provides a storage medium on which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the above-mentioned application program authority management method.
本申请实施例还提供一种电子设备,如平板电脑、手机等。电子设备中的处理器会按照如下的步骤,将一个或一个以上的应用程序的进程对应的指令加载到存储器中,并由处理器来运行存储在存储器中的应用程序,从而实现各种功能:The embodiment of the present application also provides an electronic device, such as a tablet computer, a mobile phone, and so on. The processor in the electronic device will load the instructions corresponding to the process of one or more application programs into the memory according to the following steps, and the processor will run the application programs stored in the memory to realize various functions:
记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
在一实施例中,记录电子设备当中应用程序的授权历史信息时,所述处理器用于执行以下步骤:In one embodiment, when recording the authorization history information of the application in the electronic device, the processor is configured to perform the following steps:
当所述电子设备中的应用程序首次请求权限时,获取所述权限的标识信息和所述应用程序的标识信息;When the application in the electronic device requests permission for the first time, acquiring the identification information of the permission and the identification information of the application;
根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The authorization history information is generated according to the identification information of the authority and the identification information of the application.
在一实施例中,所述电子设备当前的状态信息包括传感器信息,根据第一算法模型对所述状态信息进行处理,输出用户状态信息时,所述处理器用于执行以下步骤:In an embodiment, the current state information of the electronic device includes sensor information, the state information is processed according to the first algorithm model, and when the user state information is output, the processor is configured to perform the following steps:
对所述传感器信息进行向量化处理以得到传感器向量;Performing vectorization processing on the sensor information to obtain a sensor vector;
对所述传感器向量进行叠加以得到传感器张量;Superimpose the sensor vectors to obtain a sensor tensor;
根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The sensor tensor is processed according to the first algorithm model, and user state information is output.
在一实施例中,根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息时,所述处理器用于执行以下步骤:In an embodiment, the authorization history information and user status information are processed according to the second algorithm model, and when the authority management information is output, the processor is configured to perform the following steps:
对所述授权历史信息进行向量化处理以得到授权历史向量;Vectorize the authorization history information to obtain an authorization history vector;
根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。Process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
在一实施例中,对所述授权历史信息进行向量化处理以得到授权历史向量时,所述处理器用于执行以下步骤:In an embodiment, when performing vectorization processing on the authorization history information to obtain an authorization history vector, the processor is configured to perform the following steps:
在所述授权历史信息当中提取词序列;Extract word sequences from the authorization history information;
通过预先配置的词嵌入模型对所述词序列进行转换,生成对应的向量序列;Convert the word sequence through a pre-configured word embedding model to generate a corresponding vector sequence;
根据所述向量序列生成所述授权历史向量。The authorization history vector is generated according to the vector sequence.
在一实施例中,所述第二算法模型为贝叶斯模型。In an embodiment, the second algorithm model is a Bayesian model.
在一实施例中,根据所述权限管理信息为所述应用程序分配权限时,所述处理器用于执行以下步骤:In an embodiment, when assigning permissions to the application program according to the permission management information, the processor is configured to perform the following steps:
当所述应用程序发起调用权限的请求时,根据所述权限管理信息判断所述权限是否被授权;When the application program initiates a request for invoking permission, judging whether the permission is authorized according to the permission management information;
若是,则开启所述应用程序的权限。If yes, open the permissions of the application.
在本文中提及“实施例”意味着,结合实施例描述的特定特征、结构或特性可以包含在本申请的至少一个实施例中。在说明书中的各个位置出现该短语并不一定均是指相同的实施例,也不是与其它实施例互斥的独立的或备选的实施例。本领域技术人员显式地和隐式地理解的是,本文所描述的实施例可以与其它实施例相结合。Reference to "embodiments" herein means that a specific feature, structure, or characteristic described in conjunction with the embodiments may be included in at least one embodiment of the present application. The appearance of the phrase in various places in the specification does not necessarily refer to the same embodiment, nor is it an independent or alternative embodiment mutually exclusive with other embodiments. Those skilled in the art clearly and implicitly understand that the embodiments described herein can be combined with other embodiments.
请参阅图6,电子设备400包括处理器401以及存储器402。其中,处理器401与存储器402电性连接。Please refer to FIG. 6, the electronic device 400 includes a processor 401 and a memory 402. The processor 401 is electrically connected to the memory 402.
处理器400是电子设备400的控制中心,利用各种接口和线路连接整个电子设备的各个部分,通过运行或加载存储在存储器402内的计算机程序,以及调用存储在存储器402 内的数据,执行电子设备400的各种功能并处理数据,从而对电子设备400进行整体监控。The processor 400 is the control center of the electronic device 400. It uses various interfaces and lines to connect various parts of the entire electronic device. It executes the electronic device by running or loading the computer program stored in the memory 402, and calling the data stored in the memory 402. Various functions of the device 400 and processing data, so as to monitor the electronic device 400 as a whole.
存储器402可用于存储软件程序以及模块,处理器401通过运行存储在存储器402的计算机程序以及模块,从而执行各种功能应用以及数据处理。存储器402可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的计算机程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据电子设备的使用所创建的数据等。此外,存储器402可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。相应地,存储器402还可以包括存储器控制器,以提供处理器401对存储器402的访问。The memory 402 can be used to store software programs and modules. The processor 401 executes various functional applications and data processing by running the computer programs and modules stored in the memory 402. The memory 402 may mainly include a storage program area and a storage data area. The storage program area may store an operating system, a computer program required by at least one function (such as a sound playback function, an image playback function, etc.), etc.; Data created by the use of electronic equipment, etc. In addition, the memory 402 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices. Correspondingly, the memory 402 may also include a memory controller to provide the processor 401 with access to the memory 402.
在本申请实施例中,电子设备400中的处理器401会按照如下的步骤,将一个或一个以上的计算机程序的进程对应的指令加载到存储器402中,并由处理器401运行存储在存储器402中的计算机程序,从而实现各种功能,如下:In the embodiment of the present application, the processor 401 in the electronic device 400 will load the instructions corresponding to the process of one or more computer programs into the memory 402 according to the following steps, and the processor 401 will run and store the instructions in the memory 402 In order to realize various functions in the computer program, as follows:
记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
请一并参阅图7,在一些实施方式中,电子设备400还可以包括:显示器403、射频电路404、音频电路405以及电源406。其中,其中,显示器403、射频电路404、音频电路405以及电源406分别与处理器401电性连接。Please also refer to FIG. 7. In some embodiments, the electronic device 400 may further include a display 403, a radio frequency circuit 404, an audio circuit 405, and a power supply 406. Among them, the display 403, the radio frequency circuit 404, the audio circuit 405, and the power supply 406 are electrically connected to the processor 401, respectively.
显示器403可以用于显示由用户输入的信息或提供给用户的信息以及各种图形用户接口,这些图形用户接口可以由图形、文本、图标、视频和其任意组合来构成。显示器403可以包括显示面板,在一些实施方式中,可以采用液晶显示器(Liquid Crystal Display,LCD)、或者有机发光二极管(Organic Light-Emitting Diode,OLED)等形式来配置显示面板。The display 403 may be used to display information input by the user or information provided to the user, and various graphical user interfaces. These graphical user interfaces may be composed of graphics, text, icons, videos, and any combination thereof. The display 403 may include a display panel. In some embodiments, the display panel may be configured in the form of a liquid crystal display (LCD), or an organic light-emitting diode (OLED).
射频电路404可以用于收发射频信号,以通过无线通信与网络设备或其他电子设备建立无线通讯,与网络设备或其他电子设备之间收发信号。The radio frequency circuit 404 may be used to transmit and receive radio frequency signals to establish wireless communication with network equipment or other electronic equipment through wireless communication, and to transmit and receive signals with the network equipment or other electronic equipment.
音频电路405可以用于通过扬声器、传声器提供用户与电子设备之间的音频接口。The audio circuit 405 may be used to provide an audio interface between the user and the electronic device through a speaker or a microphone.
电源406可以用于给电子设备400的各个部件供电。在一些实施例中,电源406可以通过电源管理系统与处理器401逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。The power supply 406 can be used to power various components of the electronic device 400. In some embodiments, the power supply 406 may be logically connected to the processor 401 through a power management system, so that functions such as charging, discharging, and power consumption management can be managed through the power management system.
尽管图7中未示出,电子设备400还可以包括摄像头、蓝牙模块等,在此不再赘述。Although not shown in FIG. 7, the electronic device 400 may also include a camera, a Bluetooth module, etc., which will not be repeated here.
在本申请实施例中,存储介质可以是磁碟、光盘、只读存储器(Read Only Memory,ROM)、或者随机存取记忆体(Random Access Memory,RAM)等。In the embodiment of the present application, the storage medium may be a magnetic disk, an optical disc, a read only memory (Read Only Memory, ROM), or a random access memory (Random Access Memory, RAM), etc.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above-mentioned embodiments, the description of each embodiment has its own focus. For parts that are not described in detail in an embodiment, reference may be made to related descriptions of other embodiments.
需要说明的是,对本申请实施例的应用程序的权限管理方法而言,本领域普通测试人员可以理解实现本申请实施例应用程序的权限管理方法的全部或部分流程,是可以通过计算机程序来控制相关的硬件来完成,计算机程序可存储于一计算机可读取存储介质中,如存储在电子设备的存储器中,并被该电子设备内的至少一个处理器执行,在执行过程中可包括如应用程序的权限管理方法的实施例的流程。其中,的存储介质可为磁碟、光盘、只读存储器、随机存取记忆体等。It should be noted that for the permission management method of the application in the embodiment of the present application, ordinary testers in the field can understand that all or part of the process of implementing the permission management method of the application in the embodiment of the present application can be controlled by a computer program. The computer program may be stored in a computer readable storage medium, such as stored in the memory of an electronic device, and executed by at least one processor in the electronic device. The execution process may include applications such as The procedure of the embodiment of the program permission management method. Among them, the storage medium can be magnetic disk, optical disk, read-only memory, random access memory, etc.
对本申请实施例的应用程序的权限管理装置而言,其各功能模块可以集成在一个处理芯片中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中,存储介质譬如为只读存储器,磁盘或光盘等。For the permission management apparatus of the application program in the embodiment of the present application, its functional modules may be integrated in one processing chip, or each module may exist alone physically, or two or more modules may be integrated in one module. The above-mentioned integrated modules can be implemented in the form of hardware or software functional modules. If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer readable storage medium, such as a read-only memory, a magnetic disk, or an optical disk.
以上对本申请实施例所提供的一种应用程序的权限管理方法、装置、存储介质及电子设备进行了详细介绍,本文中应用了具体个例对本申请的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本申请的方法及其核心思想;同时,对于本领域的技术人员,依据本申请的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本申请的限制。The above describes in detail an application permission management method, device, storage medium, and electronic equipment provided in the embodiments of the present application. Specific examples are used in this article to illustrate the principles and implementation of the present application. The above embodiments The description is only used to help understand the method and core idea of this application; at the same time, for those skilled in the art, according to the idea of this application, there will be changes in the specific implementation and scope of application, in summary , The content of this specification should not be construed as a limitation to this application.

Claims (20)

  1. 一种应用程序的权限管理方法,其中,所述方法包括以下步骤:A permission management method for an application program, wherein the method includes the following steps:
    记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
    获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
    根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
    根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
  2. 根据权利要求1所述的应用程序的权限管理方法,其中,记录电子设备当中应用程序的授权历史信息,包括:The method of claim 1, wherein the recording of the authorization history information of the application in the electronic device includes:
    当所述电子设备中的应用程序首次请求权限时,记录所述权限的标识信息和所述应用程序的标识信息;When the application in the electronic device requests permission for the first time, record the identification information of the permission and the identification information of the application;
    根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The authorization history information is generated according to the identification information of the authority and the identification information of the application.
  3. 根据权利要求1所述的应用程序的权限管理方法,所述电子设备当前的状态信息包括传感器信息,其中,根据第一算法模型对所述状态信息进行处理,输出用户状态信息,包括:The application authority management method according to claim 1, wherein the current state information of the electronic device includes sensor information, and processing the state information according to the first algorithm model to output user state information includes:
    对所述传感器信息进行向量化处理以得到传感器向量;Performing vectorization processing on the sensor information to obtain a sensor vector;
    对所述传感器向量进行叠加以得到传感器张量;Superimpose the sensor vectors to obtain a sensor tensor;
    根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The sensor tensor is processed according to the first algorithm model, and user state information is output.
  4. 根据权利要求1所述的应用程序的权限管理方法,其中,根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息,包括:The application authority management method according to claim 1, wherein processing the authorization history information and user status information according to the second algorithm model to output authority management information includes:
    对所述授权历史信息进行向量化处理以得到授权历史向量;Vectorize the authorization history information to obtain an authorization history vector;
    根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。Process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
  5. 根据权利要求4所述的应用程序的权限管理方法,其中,对所述授权历史信息进行向量化处理以得到授权历史向量,包括:The method of claim 4, wherein the vectorization processing on the authorization history information to obtain the authorization history vector comprises:
    在所述授权历史信息当中提取词序列;Extract word sequences from the authorization history information;
    通过预先配置的词嵌入模型对所述词序列进行转换,生成对应的向量序列;Convert the word sequence through a pre-configured word embedding model to generate a corresponding vector sequence;
    根据所述向量序列生成所述授权历史向量。The authorization history vector is generated according to the vector sequence.
  6. 根据权利要求1所述的应用程序的权限管理方法,其中,所述第二算法模型为贝叶斯模型。The method of claim 1, wherein the second algorithm model is a Bayesian model.
  7. 根据权利要求1所述的应用程序的权限管理方法,其中,根据所述权限管理信息为所述应用程序分配权限,包括:The method for managing permissions of an application program according to claim 1, wherein assigning permissions to the application program according to the permission management information comprises:
    当所述应用程序发起调用权限的请求时,根据所述权限管理信息判断所述权限是否被授权;When the application program initiates a request for invoking permission, judging whether the permission is authorized according to the permission management information;
    若是,则开启所述应用程序的权限。If yes, open the permissions of the application.
  8. 一种应用程序的权限管理装置,其中,所述装置包括:记录模块、第一处理模块、第二处理模块以及分配模块;A permission management device for an application program, wherein the device includes: a recording module, a first processing module, a second processing module, and a distribution module;
    所述记录模块,用于记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;The recording module is used to record the authorization history information of the application in the electronic device, the authorization history information includes the permission authorization record of the application;
    所述第一处理模块,用于获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;The first processing module is configured to obtain current state information of the electronic device, process the state information according to a first algorithm model, and output user state information;
    所述第二处理模块,用于根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;The second processing module is configured to process the authorization history information and user status information according to a second algorithm model, and output authority management information;
    所述分配模块,用于根据所述权限管理信息为所述应用程序分配权限。The allocation module is configured to allocate permissions to the application program according to the permission management information.
  9. 根据权利要求8所述的应用程序的权限管理装置,其中,所述记录模块包括:记录子模块和生成子模块;The application authority management device according to claim 8, wherein the recording module comprises: a recording sub-module and a generating sub-module;
    所述记录子模块,用于当所述电子设备中的应用程序首次请求权限时,记录所述权限的标识信息和所述应用程序的标识信息;The recording submodule is configured to record the identification information of the authority and the identification information of the application when the application in the electronic device requests the authority for the first time;
    所述生成子模块,用于根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The generating submodule is configured to generate the authorization history information according to the identification information of the authority and the identification information of the application.
  10. 根据权利要求8所述的应用程序的权限管理装置,所述电子设备当前的状态信息包括传感器信息,其中,所述第一处理模块包括:第一处理子模块和第一输出子模块;8. The permission management apparatus for an application program according to claim 8, wherein the current state information of the electronic device includes sensor information, wherein the first processing module includes: a first processing submodule and a first output submodule;
    所述第一处理子模块,用于对所述传感器信息进行向量化处理以得到传感器向量;The first processing sub-module is configured to perform vectorization processing on the sensor information to obtain sensor vectors;
    所述第一输出子模块,用于对所述传感器向量进行叠加以得到传感器张量,根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The first output sub-module is configured to superimpose the sensor vector to obtain a sensor tensor, process the sensor tensor according to the first algorithm model, and output user state information.
  11. 根据权利要求8所述的应用程序的权限管理装置,其中,所述第二处理模块包括:第二处理子模块和第二输出子模块;8. The application authority management device according to claim 8, wherein the second processing module comprises: a second processing sub-module and a second output sub-module;
    所述第二处理模块,用于对所述授权历史信息进行向量化处理以得到授权历史向量;The second processing module is configured to perform vectorization processing on the authorization history information to obtain an authorization history vector;
    所述第二输出子模块,用于根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。The second output sub-module is configured to process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
  12. 根据权利要求8所述的应用程序的权限管理装置,其中,所述第二算法模型为贝叶斯模型。8. The permission management device of an application program according to claim 8, wherein the second algorithm model is a Bayesian model.
  13. 一种存储介质,其上存储有计算机程序,其中,当所述计算机程序在计算机上运行时,使得所述计算机执行如权利要求1至7任一项所述的应用程序的权限管理方法。A storage medium having a computer program stored thereon, wherein when the computer program runs on a computer, the computer is caused to execute the method for managing the authority of an application program according to any one of claims 1 to 7.
  14. 一种电子设备,包括处理器和存储器,所述存储器存储有多条指令,其中,所述处理器加载所述存储器中的指令用于执行以下步骤:An electronic device includes a processor and a memory, the memory stores a plurality of instructions, wherein the processor loads the instructions in the memory to perform the following steps:
    记录电子设备当中应用程序的授权历史信息,所述授权历史信息包括所述应用程序的权限授权记录;Record the authorization history information of the application in the electronic device, where the authorization history information includes the permission authorization record of the application;
    获取所述电子设备当前的状态信息,并根据第一算法模型对所述状态信息进行处理,输出用户状态信息;Acquiring current status information of the electronic device, processing the status information according to the first algorithm model, and outputting user status information;
    根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息;Process the authorization history information and user status information according to the second algorithm model, and output authority management information;
    根据所述权限管理信息为所述应用程序分配权限。Assign permissions to the application program according to the permission management information.
  15. 根据权利要求14所述的电子设备,其中,记录电子设备当中应用程序的授权历史信息时,所述处理器用于执行以下步骤:The electronic device according to claim 14, wherein, when recording authorization history information of an application in the electronic device, the processor is configured to perform the following steps:
    当所述电子设备中的应用程序首次请求权限时,获取所述权限的标识信息和所述应用程序的标识信息;When the application in the electronic device requests permission for the first time, acquiring the identification information of the permission and the identification information of the application;
    根据所述权限的标识信息和应用程序的标识信息生成所述授权历史信息。The authorization history information is generated according to the identification information of the authority and the identification information of the application.
  16. 根据权利要求14所述的电子设备,所述电子设备当前的状态信息包括传感器信息,其中,根据第一算法模型对所述状态信息进行处理,输出用户状态信息时,所述处理器用于执行以下步骤:The electronic device according to claim 14, wherein the current state information of the electronic device includes sensor information, wherein the state information is processed according to the first algorithm model, and when the user state information is output, the processor is configured to execute the following step:
    对所述传感器信息进行向量化处理以得到传感器向量;Performing vectorization processing on the sensor information to obtain a sensor vector;
    对所述传感器向量进行叠加以得到传感器张量;Superimpose the sensor vectors to obtain a sensor tensor;
    根据所述第一算法模型对所述传感器张量进行处理,输出用户状态信息。The sensor tensor is processed according to the first algorithm model, and user state information is output.
  17. 根据权利要求14所述的电子设备,其中,根据第二算法模型对所述授权历史信息和用户状态信息进行处理,输出权限管理信息时,所述处理器用于执行以下步骤:The electronic device according to claim 14, wherein the authorization history information and user status information are processed according to the second algorithm model, and when the authority management information is output, the processor is configured to perform the following steps:
    对所述授权历史信息进行向量化处理以得到授权历史向量;Vectorize the authorization history information to obtain an authorization history vector;
    根据第二算法模型对所述授权历史向量和用户状态信息进行处理,输出权限管理信息。Process the authorization history vector and user status information according to the second algorithm model, and output authority management information.
  18. 根据权利要求17所述的电子设备,其中,对所述授权历史信息进行向量化处理以得到授权历史向量时,所述处理器用于执行以下步骤:The electronic device according to claim 17, wherein, when the authorization history information is vectorized to obtain an authorization history vector, the processor is configured to perform the following steps:
    在所述授权历史信息当中提取词序列;Extract word sequences from the authorization history information;
    通过预先配置的词嵌入模型对所述词序列进行转换,生成对应的向量序列;Convert the word sequence through a pre-configured word embedding model to generate a corresponding vector sequence;
    根据所述向量序列生成所述授权历史向量。The authorization history vector is generated according to the vector sequence.
  19. 根据权利要求14所述的电子设备,其中,所述第二算法模型为贝叶斯模型。The electronic device according to claim 14, wherein the second algorithm model is a Bayesian model.
  20. 根据权利要求14所述的电子设备,其中,根据所述权限管理信息为所述应用程序分配权限时,所述处理器用于执行以下步骤:The electronic device according to claim 14, wherein, when assigning permissions to the application program according to the permission management information, the processor is configured to perform the following steps:
    当所述应用程序发起调用权限的请求时,根据所述权限管理信息判断所述权限是否被授权;When the application program initiates a request for invoking permission, judging whether the permission is authorized according to the permission management information;
    若是,则开启所述应用程序的权限。If yes, open the permissions of the application.
PCT/CN2020/081192 2019-04-09 2020-03-25 Application permission management method and apparatus, and storage medium and electronic device WO2020207253A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910282095.3 2019-04-09
CN201910282095.3A CN111797381A (en) 2019-04-09 2019-04-09 Authority management method and device of application program, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
WO2020207253A1 true WO2020207253A1 (en) 2020-10-15

Family

ID=72750968

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/081192 WO2020207253A1 (en) 2019-04-09 2020-03-25 Application permission management method and apparatus, and storage medium and electronic device

Country Status (2)

Country Link
CN (1) CN111797381A (en)
WO (1) WO2020207253A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113742703A (en) * 2021-08-20 2021-12-03 深圳Tcl新技术有限公司 Application program control method and device, electronic equipment and storage medium
CN116910707B (en) * 2023-09-12 2023-12-26 深圳市智能派科技有限公司 Model copyright management method and system based on equipment history record

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103108082A (en) * 2013-01-24 2013-05-15 北京航空航天大学 Smartphone multi-user mode permission management method and smartphone multi-user mode permission management system
CN103218552A (en) * 2012-01-19 2013-07-24 华为终端有限公司 Safety management method and device based on user behavior
CN103268451A (en) * 2013-06-08 2013-08-28 上海斐讯数据通信技术有限公司 Dynamic permission management system based on mobile terminal
CN108418878A (en) * 2018-02-24 2018-08-17 北京小米移动软件有限公司 Method for pushing and device, readable storage medium storing program for executing, the electronic equipment of notification message

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009187341A (en) * 2008-02-07 2009-08-20 Fuji Xerox Co Ltd Information processing program and information processor
CN107734617A (en) * 2017-10-31 2018-02-23 广东欧珀移动通信有限公司 Closing application program method, apparatus, storage medium and electronic equipment
CN108877793B (en) * 2018-05-30 2021-04-23 Oppo广东移动通信有限公司 Application control method and device, storage medium and electronic equipment
CN109325364A (en) * 2018-09-28 2019-02-12 联想(北京)有限公司 A kind of authority configuring method and electronic equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103218552A (en) * 2012-01-19 2013-07-24 华为终端有限公司 Safety management method and device based on user behavior
CN103108082A (en) * 2013-01-24 2013-05-15 北京航空航天大学 Smartphone multi-user mode permission management method and smartphone multi-user mode permission management system
CN103268451A (en) * 2013-06-08 2013-08-28 上海斐讯数据通信技术有限公司 Dynamic permission management system based on mobile terminal
CN108418878A (en) * 2018-02-24 2018-08-17 北京小米移动软件有限公司 Method for pushing and device, readable storage medium storing program for executing, the electronic equipment of notification message

Also Published As

Publication number Publication date
CN111797381A (en) 2020-10-20

Similar Documents

Publication Publication Date Title
CN104737101B (en) The computing device of the non-vision response triggered with power
US20170243578A1 (en) Voice processing method and device
CN112256425B (en) Load balancing method and system, computer cluster, information editing method and terminal
US20160321543A1 (en) Trusted predictive analytic execution middleware
US11789542B2 (en) Sensor agnostic gesture detection
WO2020207253A1 (en) Application permission management method and apparatus, and storage medium and electronic device
US10955904B2 (en) Method, apparatus and storage medium for processing application of mobile terminal and electronic device
WO2022100222A1 (en) Information retrieval method, apparatus and system, and storage medium
CN107548568A (en) The system and method that context for functions of the equipments is found
WO2020042769A1 (en) Image information transmission method and apparatus, and storage medium and electronic device
CN110942046B (en) Image retrieval method, device, equipment and storage medium
US20180060088A1 (en) Group Interactions
CN112162843A (en) Workflow execution method, device, equipment and storage medium
WO2022194190A1 (en) Method and apparatus for adjusting numerical range of recognition parameter of touch gesture
KR102616793B1 (en) Electronic device and method for providing scrren thereof
US11200305B2 (en) Variable access based on facial expression configuration
KR102299158B1 (en) Trusted predictive analytic execution middleware
CN114096946A (en) Method and apparatus for managing applications
US20200174573A1 (en) Computer system gesture-based graphical user interface control
CN113744736B (en) Command word recognition method and device, electronic equipment and storage medium
US20180060092A1 (en) Group Data and Priority in an Individual Desktop
CN112560612B (en) System, method, computer device and storage medium for determining business algorithm
US20180349131A1 (en) Windows support of a pluggable ecosystem for universal windows application stores
US10901520B1 (en) Content capture experiences driven by multi-modal user inputs
US20200389600A1 (en) Environment-driven user feedback for image capture

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20787092

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20787092

Country of ref document: EP

Kind code of ref document: A1