WO2020258961A1 - Permission processing method and terminal device - Google Patents

Permission processing method and terminal device Download PDF

Info

Publication number
WO2020258961A1
WO2020258961A1 PCT/CN2020/082082 CN2020082082W WO2020258961A1 WO 2020258961 A1 WO2020258961 A1 WO 2020258961A1 CN 2020082082 W CN2020082082 W CN 2020082082W WO 2020258961 A1 WO2020258961 A1 WO 2020258961A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
terminal device
permission
user
authority
Prior art date
Application number
PCT/CN2020/082082
Other languages
French (fr)
Chinese (zh)
Inventor
康新龙
Original Assignee
维沃移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 维沃移动通信有限公司 filed Critical 维沃移动通信有限公司
Publication of WO2020258961A1 publication Critical patent/WO2020258961A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Definitions

  • the embodiments of the present disclosure relate to the field of communication technologies, and in particular, to a permission processing method and terminal equipment.
  • an application program installed in a terminal device can obtain various permissions in the terminal device. For example, taking application A, application B, application C, and application D installed in the terminal device as examples, application A can obtain the SMS permission in the terminal device, and application B can obtain the contact permission in the terminal device , The application C can obtain the recording permission in the terminal device, and the application D can obtain the camera permission in the terminal device.
  • the embodiment of the present disclosure provides a permission processing method to solve the problem of the leakage of the user's private information after the same-source application obtains different permissions of the terminal device.
  • the embodiments of the present disclosure provide a permission processing method, which is applied to a terminal device, and the method includes: in the case that the target condition is met, in the N applications installed on the terminal device, determining the An application belongs to the second application of the same source application, and processes the first permission in the first way.
  • the first permission is the permission configured by the terminal device for the second application
  • the first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission
  • the target condition is at least one of the following :
  • the terminal device downloads the first application program, the terminal device runs the first application program, and N is a positive integer.
  • embodiments of the present disclosure provide a terminal device, which includes a determining module and a processing module.
  • the determining module is used to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met, and the target condition is at least the following One item: the terminal device downloads the first application program, the terminal device runs the first application program; the processing module is used to process the first permission according to the first method, and the first permission is the second application configuration determined by the terminal device for the determining module
  • the first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission, and N is a positive integer.
  • the embodiments of the present disclosure provide a terminal device.
  • the terminal device includes a processor, a memory, and a computer program that is stored in the memory and can run on the processor.
  • the steps of the permission processing method in one aspect.
  • the embodiments of the present disclosure provide a computer-readable storage medium storing a computer program on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the permission processing method in the first aspect are implemented.
  • the target condition is met (the target condition is at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program), the N( N is a positive integer) among the application programs, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: a method of closing permissions, encryption and The information corresponding to the authority is processed by the first authority (the first authority is the authority configured by the terminal device for the second application).
  • the terminal device when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
  • FIG. 1 is a schematic diagram of the architecture of an Android operating system provided by an embodiment of the disclosure
  • FIG. 3 is a second schematic diagram of a permission processing method provided by an embodiment of the disclosure.
  • FIG. 4 is the third schematic diagram of a permission processing method provided by an embodiment of the disclosure.
  • FIG. 5 is one of the schematic diagrams of an application interface of a permission processing method provided by an embodiment of the present disclosure
  • FIG. 6 is a fourth schematic diagram of a permission processing method provided by an embodiment of the disclosure.
  • FIG. 7 is a second schematic diagram of an interface of a permission processing method application provided by an embodiment of the disclosure.
  • FIG. 8 is a fifth schematic diagram of a permission processing method provided by an embodiment of the disclosure.
  • FIG. 9 is a third schematic diagram of an interface of a permission processing method application provided by an embodiment of the disclosure.
  • FIG. 10 is one of schematic structural diagrams of a terminal device provided by an embodiment of the disclosure.
  • FIG. 11 is a second structural diagram of a terminal device provided by an embodiment of the disclosure.
  • FIG. 12 is a schematic diagram of hardware of a terminal device provided by an embodiment of the disclosure.
  • first and second in this document are used to distinguish different objects, rather than describing a specific order of objects.
  • first application program and the second application program are used to distinguish different applications, rather than to describe a specific order of the applications.
  • words such as “exemplary” or “for example” are used as examples, illustrations, or illustrations. Any embodiment or design solution described as “exemplary” or “for example” in the embodiments of the present disclosure should not be construed as being more preferable or advantageous than other embodiments or design solutions. To be precise, words such as “exemplary” or “for example” are used to present related concepts in a specific manner.
  • plural means two or more than two, for example, a plurality of elements means two or more elements, and so on.
  • Same-origin applications applications developed by the same developer or applications operated by the same operator.
  • the embodiments of the present disclosure provide a permission processing method and terminal device, and the permission processing method can be applied to the terminal device.
  • the terminal device can meet the target condition (the target condition is at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program), the terminal device has installed N (N is A positive integer) application programs, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: a method of closing permissions, encryption and permission correspondence ⁇ ) Process the first permission (the first permission is the permission configured by the terminal device for the second application).
  • the target condition is at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program), the terminal device has installed N (N is A positive integer) application programs, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: a method of closing permissions, encryption and
  • the terminal device when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
  • the terminal device in the embodiment of the present disclosure may be a terminal device with an operating system.
  • the operating system may be an Android operating system, an ios operating system, or other possible operating systems, which are not specifically limited in the embodiment of the present disclosure.
  • the following uses the Android operating system as an example to introduce the software environment to which the permission processing method provided in the embodiments of the present disclosure is applied.
  • FIG. 1 it is a schematic structural diagram of a possible Android operating system provided by an embodiment of the present disclosure.
  • the architecture of the Android operating system includes 4 layers, namely: application layer, application framework layer, system runtime library layer, and kernel layer (specifically, it may be the Linux kernel layer).
  • the application layer includes various applications (including system applications and third-party applications) in the Android operating system.
  • the application framework layer is the framework of the application. Developers can develop some applications based on the application framework layer while complying with the development principles of the application framework.
  • the system runtime layer includes a library (also called a system library) and an Android operating system runtime environment.
  • the library mainly provides various resources needed by the Android operating system.
  • the Android operating system operating environment is used to provide a software environment for the Android operating system.
  • the kernel layer is the operating system layer of the Android operating system and belongs to the lowest level of the Android operating system software level.
  • the kernel layer is based on the Linux kernel to provide core system services and hardware-related drivers for the Android operating system.
  • developers can develop software programs that implement the permission processing method provided in the embodiments of the present disclosure based on the system architecture of the Android operating system as shown in FIG.
  • the processing method can be run based on the Android operating system as shown in FIG. 1. That is, the processor or the terminal device can implement the permission processing method provided by the embodiment of the present disclosure by running the software program in the Android operating system.
  • the terminal device in the embodiment of the present disclosure may be a mobile terminal or a non-mobile terminal.
  • the mobile terminal may be a mobile phone, a tablet computer, a notebook computer, a palmtop computer, a vehicle-mounted terminal, a wearable device, an ultra-mobile personal computer (UMPC), a netbook, or a personal digital assistant (personal digital assistant
  • the non-mobile terminal may be a personal computer (PC), a television (television, TV), a teller machine or a self-service machine, etc., which are not specifically limited in the embodiment of the present disclosure.
  • the execution subject of the permission processing method provided in the embodiments of the present disclosure may be the above-mentioned terminal device, or may be a functional module and/or functional entity in the terminal device that can implement the permission processing method.
  • the specifics can be determined according to actual usage requirements.
  • the embodiments of the present disclosure are not limited.
  • the following takes a terminal device as an example to illustrate the permission processing method provided in the embodiment of the present disclosure.
  • the terminal device when installing or running an application program, can configure permissions for the application program according to the user's use requirements. For example, when a communication application is installed, the terminal device can configure contact permissions, camera permissions, and SMS permissions for the communication application according to user needs. In this way, after the terminal device installs multiple applications belonging to the same source application, since each of the multiple applications may obtain one or some permissions in the terminal device, the multiple applications The program may obtain various permissions in the terminal device.
  • application A and application B can obtain the contact permission and SMS permission in the terminal device
  • application B can obtain the recording permission in the terminal device
  • camera permissions then application A and application B can obtain contact permissions, SMS permissions, recording permissions, and camera permissions in the terminal device. Therefore, developers or operators of application A and application B can obtain data corresponding to different permissions, and the developer or operator may superimpose and process these data to obtain detailed information of the user, which may lead to user privacy Information leakage.
  • the embodiments of the present disclosure provide a permission processing method.
  • the terminal device When a terminal device downloads or runs an application, the terminal device can close the terminal device as another application (the other application and the one application belong to the same source).
  • Developers or operators can superimpose and process the data obtained by these same-source applications according to different permissions to obtain detailed user information, which can prevent the leakage of users' private information and ensure the security of users' private information.
  • an embodiment of the present disclosure provides a permission processing method, and the method may include the following S201-S202.
  • the terminal device determines a second application that belongs to the same source application as the first application among the N applications installed on the terminal device.
  • the above-mentioned target condition may be at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program, and N is a positive integer. That is, the terminal device may execute S201 when downloading the first application, or execute S201 when the first application is running, and it may also execute both when downloading the first application and running the first application. Execution of S201 can be specifically determined according to actual usage requirements, which is not limited in the embodiment of the present disclosure.
  • the terminal device when the terminal device downloads or runs the first application, the terminal device can search for applications that are of the same source as the first application in the applications installed on the terminal device.
  • the first application belongs to the second application of the same source application
  • the terminal device can first process the permissions configured by the terminal device for the second application (for example, close or encrypt the information corresponding to the permissions), and then download or run The first application program to prevent these same-source applications from simultaneously acquiring multiple different permissions in the terminal device; if the terminal device does not find an application that belongs to the same-source application as the first application program, the terminal device can follow the traditional process Download or run the first application normally.
  • the foregoing first application program when the foregoing target condition is that the terminal device downloads the first application program, the foregoing first application program may be an application program that the terminal device needs to download.
  • the foregoing target condition is that the terminal device runs the first application program
  • the foregoing first application program may be an application program installed in the terminal device.
  • the N applications installed on the terminal device may be non-system applications installed on the terminal device.
  • the N application programs may include any possible application programs such as a taxi application program, a shopping application program, a communication application program, and a video application program, which may be specifically determined according to actual use requirements, and the embodiments of the present disclosure are not limited.
  • the foregoing second application program may be an application program among N applications.
  • the second application program may be a taxi application program, a shopping application program, a communication application program, or a video application program.
  • first application and the second application may be applications of the same application type, or may be applications of different application types, which can be determined according to actual usage requirements.
  • the embodiment is not limited.
  • the terminal device processes the first permission in the first manner.
  • the first permission may be a permission configured by the terminal device for the second application.
  • the above-mentioned first manner may include at least one of the following: a manner of closing permissions, and a manner of encrypting information corresponding to the permissions.
  • the first permission that is, the permission configured by the terminal device for the second application program may be: the terminal device configures the permission for the second application program to use functions provided by other applications.
  • the second application program can use these functions.
  • the second application is a shopping application
  • the terminal device can configure contact permissions and SMS permissions for the shopping application
  • the contact permissions and SMS permissions configured by the terminal device for the shopping application can be: the terminal device is shopping
  • the shopping application can use the "Contact” function and SMS in the phone application
  • the "SMS” function in the application that is, the shopping application can read the contact information in the phone application and the text message content in the SMS application.
  • the above-mentioned first permission that is, the permission configured by the terminal device for the second application program
  • the non-fixed permission of the second application program may be referred to as the non-fixed permission of the second application program.
  • the second application program may also have fixed permissions.
  • the fixed authority of the second application program is the authority that the second application program must have to realize its basic functions.
  • the terminal device in the case where the above-mentioned first method includes the method of closing the authority, the terminal device can close the above-mentioned first authority; after the terminal device closes the first authority, the above-mentioned second application does not have the first authority, that is, In this case, the second application cannot access the information corresponding to the first permission.
  • the terminal device may encrypt the information corresponding to the first authority; after the terminal device encrypts the information corresponding to the first authority, the above-mentioned second application can only Access to encrypted information corresponding to the first permission, that is, in this case, although the second application still has the first permission, the information obtained by the second application according to the first permission is all encrypted information.
  • the processing method of the terminal device can be referred to the respective descriptions of the two methods above, which will not be repeated here.
  • the terminal device can close the permissions configured by the terminal device for other applications (the other application and the one application belong to the same source application), or encrypt the permissions configured by the terminal device for the other applications Corresponding information, it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from superimposing and processing the data obtained by these same-source applications according to different permissions
  • the user's private information can be prevented from leaking, and the user's private information can be secured.
  • the terminal device after the terminal device closes the first permission or encrypts the information corresponding to the first permission, if the terminal device runs a second application, the terminal device can open the first permission or decrypt and Information corresponding to the first permission.
  • the permission processing method provided by the embodiment of the present disclosure may further include the following S203.
  • the terminal device processes the first permission in a second manner corresponding to the first manner.
  • the above-mentioned second method may include at least one of the following: a method of opening the permission (also referred to as opening the permission), and a method of decrypting information corresponding to the permission.
  • the above-mentioned first method corresponds to the above-mentioned second method means that when the above-mentioned first method is a method of closing permissions, the above-mentioned second method is a method of opening permissions; or, in the above-mentioned first method, encryption and In the case of the method of information corresponding to the authority, the second method described above is a method of decrypting the information corresponding to the authority.
  • the terminal device in the case where the above-mentioned second method includes the method of opening the permission, the terminal device can open the above-mentioned first permission; after the terminal device opens the first permission, the above-mentioned second application has the first permission, that is, this In this case, the second application can access the information corresponding to the first permission.
  • the terminal device in the case where the above second method includes a method of decrypting information corresponding to the authority, the terminal device can decrypt the information corresponding to the first authority; after the terminal device decrypts the information corresponding to the first authority, the second application can access Information corresponding to the first permission.
  • the processing method of the terminal device can refer to the relevant description of the two methods above, and details are not repeated here.
  • the terminal device when the terminal device is running the above-mentioned second application, the terminal device can also process the authority configured by the terminal device for the first application in the above-mentioned first manner (hereinafter referred to as the second application). Permissions). Specifically, when the terminal device runs the above-mentioned second application program, the terminal device may also close the second permission or encrypt information corresponding to the second permission. Wherein, when the terminal device is running the above-mentioned second application, the terminal device may first close the second permission, and then open the first permission; or, the terminal device may first encrypt the information corresponding to the second permission, and then decrypt the information corresponding to the second permission. Information corresponding to the first permission.
  • the terminal device after the terminal device closes the permission configured by the terminal device for a certain application, or encrypts the information corresponding to the permission, since the terminal device is running the application, the terminal device can open the permission, or decrypt The information corresponding to the permission can therefore ensure that the application program can have the functions required by the user when it is running, thereby improving user experience and human-computer interaction performance.
  • the terminal device can automatically record the number of permissions acquired by the same-source application in the terminal device, and when the number of permissions is greater than a certain value, remind the user that there may be a risk of information leakage.
  • the permission processing method provided by the embodiment of the present disclosure further includes the following S204.
  • the above-mentioned first prompt information may be used to prompt the user that the number of permissions acquired by the same-source application (specifically, the total number of permissions acquired by the same-source application) has exceeded a preset threshold.
  • the foregoing target number is the sum of the number of first permissions and the number of second permissions (that is, the permissions configured by the terminal device for the first application program).
  • the terminal device can automatically record the total number of permissions acquired by the same-source application in the terminal device.
  • the terminal device can prompt the user by displaying the first prompt message The total number of permissions obtained by these same-origin applications has exceeded the preset threshold, and there is a risk of information leakage.
  • the second permission that is, the permission configured by the terminal device for the first application program may be: the terminal device configured for the first application program to use functions provided by other applications.
  • the first application program can use these functions.
  • the terminal device is a shopping application
  • the terminal device can configure contact permissions and SMS permissions for the shopping application
  • the contact permissions and SMS permissions configured by the terminal device for the shopping application can be: the terminal device is shopping
  • the shopping application can use the "Contact” function and SMS in the phone application
  • the "SMS” function in the application that is, the shopping application can read the contact information in the phone application and the text message content in the SMS application.
  • the foregoing second permission that is, the permission configured by the terminal device for the first application program
  • the non-fixed permission of the first application program may be referred to as the non-fixed permission of the first application program.
  • the first application program may also have fixed permissions.
  • the fixed authority of the first application program is the authority that the first application program must have to realize its basic functions.
  • the number of targets described above may be the sum of the numbers of different permissions in the first permission and the second permission.
  • the first permission is recording permission and contact permission
  • the second permission is SMS permission, contact permission, and camera permission
  • the different permissions in the first permission and the second permission are: recording permission, contact permission Person permission, SMS permission and camera permission, that is, the number of targets mentioned above is 4.
  • the foregoing preset threshold may be a critical value for whether the user's private information is leaked, which may be specifically calculated by the manufacturer of the terminal device based on big data, and is not limited in the embodiment of the present disclosure.
  • the embodiment of the present disclosure may not limit the execution timing of the foregoing S204, that is, the terminal device may execute the foregoing S204 at any time.
  • the above-mentioned FIG. 4 is an example that the above-mentioned S204 is executed after S202, which does not set any limitation on the execution timing of the above-mentioned S204. Specifically, it can be determined according to actual usage requirements, and the embodiment of the present disclosure does not limit it.
  • the same source application includes the above-mentioned first application and the above-mentioned second application
  • the first application is a communication application
  • the second application is a taxi application
  • the terminal device is configured for the first application
  • the above second permissions are SMS permissions, contact permissions, and camera permissions
  • the terminal device is configured for the second application.
  • the above first permissions are recording permissions, contact permissions, sports permissions, location permissions, and camera permissions. Permissions.
  • the terminal device when the terminal device detects that the total number of permissions acquired by the communication application and the taxi application is greater than or equal to the preset threshold, the terminal device can display The prompt message (that is, the first prompt message above) "The number of permissions acquired by the communication application is 3, the number of permissions acquired by the taxi application is 5, and there is a risk of information leakage" to remind the user that the number of permissions acquired by the same source application has exceeded With preset thresholds, there is a risk of information leakage.
  • the prompt message that is, the first prompt message above
  • the terminal device when the terminal device detects that the total number of permissions acquired by the communication application and the taxi application is greater than or equal to the preset threshold, the terminal device can display a prompt The message (i.e. the above first prompt message) "The total number of permissions acquired by communication applications and taxi applications is too large, and there is a risk of information leakage" to remind the user that the number of permissions acquired by the same source application has exceeded the preset threshold, and there is information Risk of leakage.
  • the message i.e. the above first prompt message
  • the foregoing S204 may also be performed separately, that is, S204 may not be performed in combination with the method shown in FIG. 2.
  • S204 may not be performed in combination with the method shown in FIG. 2.
  • the terminal device may display the first prompt message to remind the user that the total number of permissions acquired by the same-source application is too large .
  • the terminal device may also prompt the user whether to install the first application before the terminal device processes the first permission in the foregoing first manner.
  • the permission processing method provided by the embodiment of the present disclosure may further include the following S205-S206.
  • S202 can be specifically implemented by the following S202a.
  • S205 The terminal device displays second prompt information.
  • the above-mentioned second prompt information may be used to prompt the user whether to install the first application program.
  • the terminal device may display the second display information to prompt the user whether to install the first application.
  • the terminal device may remind the user whether to install the first application.
  • the above-mentioned second prompt information may include the first prompt content and the first prompt option.
  • the first prompt content is used to prompt the user whether to install the first application.
  • the first prompt option may include a first option and a second option. The first option may be used to determine whether to install the first application, and the second option may be used to determine whether to install the first application. Install the first application.
  • the first prompt content may be "Do you want to install the first application?" (as shown by 70 in FIG. 7), and the first option may be the "Yes” option (as shown in FIG. 7), the above-mentioned second option may be a "no” option (as shown by 72 in FIG. 7).
  • the user can trigger the terminal device to perform different actions through different inputs to the second prompt information.
  • the user can trigger the terminal device to process the first permission and install the first application in the first manner through the first input of the second prompt information; that is, the user can use the first input of the second prompt information
  • the terminal device is triggered to execute the following S202a.
  • the user can trigger the terminal device not to install the first application through the second input of the second prompt information, and to download and install the same type of application as the first application and not belonging to the same source application as the second application
  • the third application program of the program that is, the user can trigger the terminal device to execute the following S206 through the second input of the second prompt information.
  • S202a In the case of receiving the user's first input of the second prompt information, the terminal device processes the first permission in the first manner, and installs the first application.
  • the above-mentioned first input can be used to determine to install the first application.
  • the foregoing first input may be the user's input to the foregoing "Yes" option as shown in 71 in FIG. 7.
  • the embodiment of the present disclosure may not limit the above-mentioned first input input form, and may be specifically determined according to actual usage requirements, which is not limited in the embodiment of the present disclosure.
  • the terminal device displays the second prompt information
  • the user can trigger the terminal device to process the first permission in the first way by first inputting the second prompt information , And install the first application.
  • the user can trigger the terminal device not to install the first application by performing a second input to the second prompt message, and to download and install the same type of application as the first application and A third application that does not belong to the same source application as the second application.
  • it is possible to prevent multiple homologous applications from acquiring multiple permissions in the terminal device at the same time, thereby preventing the leakage of the user's private information.
  • the terminal device may display third prompt information to prompt the user whether to install the third application program.
  • the foregoing S206 may be specifically implemented by the following S206a and S206b.
  • the permission processing method provided by the embodiment of the present disclosure may further include the following S206c.
  • the terminal device In the case of receiving the second input of the second prompt information from the user, the terminal device displays the third prompt information.
  • the third prompt information is used to prompt the user whether to install the third application.
  • the terminal device may display the above-mentioned third display information to prompt the user whether to install the above-mentioned third application.
  • the aforementioned third prompt information may include second prompt content and second prompt options.
  • the second prompt content can be used to prompt the user whether to install the third application
  • the second prompt option can include the third option and the fourth option
  • the third option can be used to determine the installation of the third application
  • the fourth option can be used to determine Do not install the third application.
  • the second prompt content may be "Do you want to install the third application?" (as shown by 90 in FIG. 9), and the third option may be the "Yes" option (as shown in FIG. 9), the above fourth option may be a "no” option (as shown by 92 in Figure 9).
  • the third input is used to determine to install the third application.
  • the foregoing third input may be the user's input to the foregoing "Yes" option as shown in 91 in FIG. 9.
  • the embodiment of the present disclosure may not limit the above-mentioned third input input form, which may be specifically determined according to actual use requirements, and the embodiment of the present disclosure does not limit it.
  • the fourth input is used to determine not to install the third application.
  • the foregoing fourth input may be the user's input to the foregoing “No” option as shown in 92 in FIG. 9.
  • the embodiment of the present disclosure may not limit the above-mentioned fourth input input form, which may be specifically determined according to actual use requirements, and the embodiment of the present disclosure does not limit it.
  • the terminal device may display a download interface before the terminal device executes the above S201, and the download interface may be used for the terminal device to download the application program. In this way, after the terminal device receives the user's fourth input of the third prompt information, the terminal device can exit the download interface.
  • the terminal device displays the third prompt information
  • the user can trigger the terminal device to install the third application program by third inputting the third prompt information; if the user determines If the third application program is not installed, the user can trigger the terminal device not to install the third application program and exit the currently displayed download interface by performing a fourth input to the third prompt message.
  • the terminal device can install or not install the third application according to the user's needs, thereby improving user experience and improving human-computer interaction performance.
  • the permission processing methods shown in the drawings of the above methods are all exemplified in conjunction with a drawing in the embodiments of the present disclosure.
  • the permission processing methods shown in the drawings of the above methods can also be implemented in combination with any other drawings illustrated in the above embodiments that can be combined, and details are not described herein again.
  • the terminal device 400 may include a determining module 401 and a processing module 402.
  • the determining module 401 is configured to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met, and the target condition is as follows At least one item: the terminal device downloads the first application program, and the terminal device runs the first application program; the processing module 402 is configured to process the first permission in the first manner, and the first permission is the second permission determined by the terminal device for the determining module 401
  • the first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission, and N is a positive integer.
  • the above-mentioned processing module 402 is further configured to process the first permission according to a second method corresponding to the first method when the terminal device is running the second application program, and the second method includes at least one of the following: The way of authority, the way of decrypting information corresponding to authority.
  • the terminal device provided by the embodiment of the present disclosure may further include a display module 403.
  • the display module 403 is configured to display first prompt information when the number of targets is greater than or equal to a preset threshold, and the first prompt information is used to prompt the user that the number of permissions obtained by the same-source application has exceeded the preset threshold.
  • the target quantity is the sum of the quantity of the first authority and the quantity of the second authority, and the second authority is the authority configured by the terminal device for the first application.
  • the terminal device provided in the embodiment of the present disclosure may further include a display module 403.
  • the above-mentioned display module 403 is configured to display the second prompt message after the determining module 401 determines that the second application belongs to the same source application as the first application, and before the processing module 402 processes the first permission in the first manner.
  • the second prompt information is used to prompt the user whether to install the first application program;
  • the above processing module 402 is specifically used to process the first permission in the first manner when the user's first input of the second prompt information is received, and The first application is installed, and the first input is used to determine to install the first application.
  • the above-mentioned processing module 402 is further configured to download and install a third application after receiving the second input of the second prompt information from the user after the display module 403 displays the second prompt information.
  • the third application is an application of the same application type as the first application, and the third application and the first application do not belong to the same source application, and the second input is used to determine not to install the first application.
  • the above-mentioned display module 403 is also used for third prompt information, which is used to prompt the user whether to install the third application program; the above-mentioned processing module 402 is also used for receiving the third prompt information from the user In the case of the third input of, download and install the third application, and the third input is used to determine to install the third application.
  • the above-mentioned processing module 402 is further configured to exit the download interface after the third prompt information is displayed by the display module 403 and in the case of receiving the fourth input of the third prompt information from the user. application.
  • first input, second input, third input, and fourth input may be received by the receiving module in the terminal device.
  • the terminal device provided by the embodiment of the present disclosure can implement the various processes implemented by the terminal device in the foregoing method embodiment. In order to avoid repetition, details are not described herein again.
  • the embodiment of the present disclosure provides a terminal device, which can perform the operation in the terminal when the target condition is satisfied (the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program).
  • the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program.
  • the N is a positive integer
  • the first method includes at least one of the following: Close The way of authority, the way of encrypting information corresponding to the authority) handle the first authority (the first authority is the authority configured by the terminal device for the second application).
  • the terminal device when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
  • FIG. 12 is a schematic diagram of the hardware structure of a terminal device that implements various embodiments of the present disclosure.
  • the terminal device 100 includes but is not limited to: a radio frequency unit 101, a network module 102, an audio output unit 103, an input unit 104, a sensor 105, a display unit 106, a user input unit 107, an interface unit 108, and a memory 109 , The processor 110, and the power supply 111 and other components.
  • the structure of the terminal device shown in FIG. 12 does not constitute a limitation on the terminal device, and the terminal device may include more or fewer components than shown in the figure, or a combination of certain components, or different components Layout.
  • terminal devices include, but are not limited to, mobile phones, tablet computers, notebook computers, palmtop computers, vehicle-mounted terminals, wearable devices, and pedometers.
  • the processor 110 is configured to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met; and according to the first method Process the first authority.
  • the target condition may be at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program; the first method may include at least one of the following: a method of closing permissions, a method of encrypting information corresponding to permissions , The first permission is the permission configured by the terminal device for the second application.
  • the aforementioned first input, second input, third input, and fourth input may be received by the aforementioned user input unit 107.
  • the determination module 401 and the processing module 402 in the above-mentioned structural schematic diagram of the terminal device may be implemented by the above-mentioned processor 110.
  • the display module 403 in the above-mentioned structural schematic diagram of the terminal device may be implemented by the above-mentioned display unit 106.
  • the embodiment of the present disclosure provides a terminal device, which can perform the operation in the terminal when the target condition is satisfied (the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program).
  • the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program.
  • the N is a positive integer
  • the first method includes at least one of the following: Close The way of authority, the way of encrypting information corresponding to the authority) handle the first authority (the first authority is the authority configured by the terminal device for the second application).
  • the terminal device when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
  • the radio frequency unit 101 can be used for receiving and sending signals in the process of sending and receiving information or talking. Specifically, the downlink data from the base station is received and processed by the processor 110; Uplink data is sent to the base station.
  • the radio frequency unit 101 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like.
  • the radio frequency unit 101 can also communicate with the network and other devices through a wireless communication system.
  • the terminal device provides users with wireless broadband Internet access through the network module 102, such as helping users to send and receive emails, browse web pages, and access streaming media.
  • the audio output unit 103 can convert the audio data received by the radio frequency unit 101 or the network module 102 or stored in the memory 109 into audio signals and output them as sounds. Moreover, the audio output unit 103 may also provide audio output related to a specific function performed by the terminal device 100 (for example, call signal reception sound, message reception sound, etc.).
  • the audio output unit 103 includes a speaker, a buzzer, a receiver, and the like.
  • the input unit 104 is used to receive audio or video signals.
  • the input unit 104 may include a graphics processing unit (GPU) 1041 and a microphone 1042.
  • the graphics processing unit 1041 is used to capture still pictures or video images obtained by an image capture device (such as a camera) in a video capture mode or an image capture mode. Data is processed.
  • the processed image frame can be displayed on the display unit 106.
  • the image frame processed by the graphics processor 1041 may be stored in the memory 109 (or other storage medium) or sent via the radio frequency unit 101 or the network module 102.
  • the microphone 1042 can receive sound, and can process such sound into audio data.
  • the processed audio data can be converted into a format that can be sent to a mobile communication base station via the radio frequency unit 101 for output in the case of a telephone call mode.
  • the terminal device 100 also includes at least one sensor 105, such as a light sensor, a motion sensor, and other sensors.
  • the light sensor includes an ambient light sensor and a proximity sensor.
  • the ambient light sensor can adjust the brightness of the display panel 1061 according to the brightness of the ambient light.
  • the proximity sensor can close the display panel 1061 and the display panel 1061 when the terminal device 100 is moved to the ear. / Or backlight.
  • the accelerometer sensor can detect the magnitude of acceleration in various directions (usually three-axis), and can detect the magnitude and direction of gravity when it is stationary, and can be used to identify the posture of the terminal device (such as horizontal and vertical screen switching, related games) , Magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tap), etc.; sensor 105 can also include fingerprint sensors, pressure sensors, iris sensors, molecular sensors, gyroscopes, barometers, hygrometers, thermometers, Infrared sensors, etc., will not be repeated here.
  • the display unit 106 is used to display information input by the user or information provided to the user.
  • the display unit 106 may include a display panel 1061, and the display panel 1061 may be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), etc.
  • LCD liquid crystal display
  • OLED organic light-emitting diode
  • the user input unit 107 may be used to receive inputted numeric or character information, and generate key signal input related to user settings and function control of the terminal device.
  • the user input unit 107 includes a touch panel 1071 and other input devices 1072.
  • the touch panel 1071 also called a touch screen, can collect user touch operations on or near it (for example, the user uses any suitable objects or accessories such as fingers, stylus, etc.) on the touch panel 1071 or near the touch panel 1071. operating).
  • the touch panel 1071 may include two parts: a touch detection device and a touch controller.
  • the touch detection device detects the user's touch position, detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and then sends it To the processor 110, the command sent by the processor 110 is received and executed.
  • the touch panel 1071 can be realized by various types such as resistive, capacitive, infrared, and surface acoustic wave.
  • the user input unit 107 may also include other input devices 1072.
  • other input devices 1072 may include, but are not limited to, a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackball, mouse, and joystick, which will not be repeated here.
  • the touch panel 1071 can be overlaid on the display panel 1061.
  • the touch panel 1071 detects a touch operation on or near it, it is transmitted to the processor 110 to determine the type of the touch event.
  • the type of event provides corresponding visual output on the display panel 1061.
  • the touch panel 1071 and the display panel 1061 are used as two independent components to realize the input and output functions of the terminal device, in some embodiments, the touch panel 1071 and the display panel 1061 can be integrated
  • the implementation of the input and output functions of the terminal device is not specifically limited here.
  • the interface unit 108 is an interface for connecting an external device with the terminal device 100.
  • the external device may include a wired or wireless headset port, an external power source (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device with an identification module, audio input/output (I/O) port, video I/O port, headphone port, etc.
  • the interface unit 108 can be used to receive input (for example, data information, power, etc.) from an external device and transmit the received input to one or more elements in the terminal device 100 or can be used to connect to the terminal device 100 and external Transfer data between devices.
  • the memory 109 can be used to store software programs and various data.
  • the memory 109 may mainly include a program storage area and a data storage area.
  • the program storage area may store an operating system, an application program required by at least one function (such as a sound playback function, an image playback function, etc.), etc.; Data (such as audio data, phone book, etc.) created by the use of mobile phones.
  • the memory 109 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.
  • the processor 110 is the control center of the terminal device. It uses various interfaces and lines to connect the various parts of the entire terminal device, runs or executes the software programs and/or modules stored in the memory 109, and calls data stored in the memory 109 , Perform various functions of the terminal equipment and process data, so as to monitor the terminal equipment as a whole.
  • the processor 110 may include one or more processing units; optionally, the processor 110 may integrate an application processor and a modem processor, where the application processor mainly processes the operating system, user interface, and application programs, etc.
  • the adjustment processor mainly deals with wireless communication. It can be understood that the foregoing modem processor may not be integrated into the processor 110.
  • the terminal device 100 may also include a power source 111 (such as a battery) for supplying power to various components.
  • a power source 111 such as a battery
  • the power source 111 may be logically connected to the processor 110 through a power management system, so as to manage charging, discharging, and power consumption through the power management system. Management and other functions.
  • the terminal device 100 includes some functional modules not shown, which will not be repeated here.
  • an embodiment of the present disclosure also provides a terminal device, which may include a processor 110 as shown in FIG. 12, a memory 109, a computer program stored in the memory 109 and running on the processor 110, When the computer program is executed by the processor 110, each process of the foregoing method embodiment is realized, and the same technical effect can be achieved. To avoid repetition, details are not described herein again.
  • the embodiments of the present disclosure also provide a computer-readable storage medium on which a computer program is stored.
  • the computer program is executed by a processor, each process of the foregoing method embodiment is implemented, and the same technical effect can be achieved. To avoid repetition, I won’t repeat them here.
  • the computer-readable storage medium may include read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk, etc.

Abstract

A permission processing method and a terminal device. Said method comprises: when a target condition is satisfied, determining, among N application programs installed on a terminal device, a second application program that has the same source as a first application program (S201), the target condition including at least one of the following: the terminal device downloading the first application program, and the terminal device running the first application program; and processing a first permission in a first mode (S202), the first permission being a permission configured by the terminal device for the second application program, and the first mode including at least one of the following: a permission closing mode, and a mode for encrypting information corresponding to the permission, N being a positive integer.

Description

权限处理方法及终端设备Authority processing method and terminal equipment
相关申请的交叉引用Cross references to related applications
本申请主张在2019年06月24日提交国家知识产权局,申请号为:201910551473.3,申请名称为“一种权限处理方法及终端设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the State Intellectual Property Office on June 24, 2019. The application number is: 201910551473.3, and the application title is "A method of rights processing and terminal equipment". The entire content is incorporated by reference. In this application.
技术领域Technical field
本公开实施例涉及通信技术领域,尤其涉及一种权限处理方法及终端设备。The embodiments of the present disclosure relate to the field of communication technologies, and in particular, to a permission processing method and terminal equipment.
背景技术Background technique
随着通信技术的不断发展,终端设备中可以安装的应用程序越来越多。With the continuous development of communication technology, more and more applications can be installed in terminal devices.
通常,终端设备中安装的应用程序可以获取终端设备中的各种权限。例如,以终端设备中安装的应用程序A、应用程序B、应用程序C和应用程序D为例,应用程序A可以获取终端设备中的短信权限,应用程序B可以获取终端设备中的联系人权限,应用程序C可以获取终端设备中的录音权限,应用程序D可以获取终端设备中的相机权限。Generally, an application program installed in a terminal device can obtain various permissions in the terminal device. For example, taking application A, application B, application C, and application D installed in the terminal device as examples, application A can obtain the SMS permission in the terminal device, and application B can obtain the contact permission in the terminal device , The application C can obtain the recording permission in the terminal device, and the application D can obtain the camera permission in the terminal device.
然而,当上述应用程序A、应用程序B、应用程序C和应用程序D属于同源应用程序(即同一开发商开发或同一运营商运营的应用程序)时,由于这些同源应用程序可能获取终端设备中的不同权限,因此提供这些同源应用程序的开发商或运营商可以得到不同权限对应的数据,从而开发商或运营商可能会将这些数据叠加、处理等获得用户的详细信息,进而可能导致用户的隐私信息泄露。However, when the above-mentioned application A, application B, application C, and application D belong to the same source application (that is, the application developed by the same developer or operated by the same operator), these same source applications may obtain the terminal There are different permissions in the device, so developers or operators that provide these same-source applications can get data corresponding to different permissions. Therefore, developers or operators may superimpose and process these data to obtain user detailed information, which may Lead to the disclosure of users' private information.
发明内容Summary of the invention
本公开实施例提供一种权限处理方法,以解决在同源应用程序获取终端设备的不同权限之后,用户的隐私信息泄露的问题。The embodiment of the present disclosure provides a permission processing method to solve the problem of the leakage of the user's private information after the same-source application obtains different permissions of the terminal device.
为了解决上述技术问题,本申请是这样实现的:In order to solve the above technical problems, this application is implemented as follows:
第一方面,本公开实施例提供了一种权限处理方法,该方法应用于终端设备,该方法包括:在满足目标条件的情况下,在终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序,并按照第一方式处理第一权限。其中,该第一权限为终端设备为第二应用程序配置的权限,该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式,该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序,N为正整数。In the first aspect, the embodiments of the present disclosure provide a permission processing method, which is applied to a terminal device, and the method includes: in the case that the target condition is met, in the N applications installed on the terminal device, determining the An application belongs to the second application of the same source application, and processes the first permission in the first way. Wherein, the first permission is the permission configured by the terminal device for the second application, and the first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission, and the target condition is at least one of the following : The terminal device downloads the first application program, the terminal device runs the first application program, and N is a positive integer.
第二方面,本公开实施例提供了一种终端设备,该终端设备包括确定模块和处理模块。其中,确定模块,用于在满足目标条件的情况下,在终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序,该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序;处理模块,用于按照第一方式处理第一权限,该第一权限为终端设备为确定模块确定的第二应用程序配置的权限,该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式,N为正整数。In a second aspect, embodiments of the present disclosure provide a terminal device, which includes a determining module and a processing module. Wherein, the determining module is used to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met, and the target condition is at least the following One item: the terminal device downloads the first application program, the terminal device runs the first application program; the processing module is used to process the first permission according to the first method, and the first permission is the second application configuration determined by the terminal device for the determining module The first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission, and N is a positive integer.
第三方面,本公开实施例提供一种终端设备,该终端设备包括处理器、存储器及存储在存储器上并可在处理器上运行的计算机程序,该计算机程序被处理器执行时实现如上述第一方面中的权限处理方法的步骤。In a third aspect, the embodiments of the present disclosure provide a terminal device. The terminal device includes a processor, a memory, and a computer program that is stored in the memory and can run on the processor. The steps of the permission processing method in one aspect.
第四方面,本公开实施例提供一种计算机可读存储介质,该计算机可读存储介质上存储 计算机程序,该计算机程序被处理器执行时实现如上述第一方面中的权限处理方法的步骤。In a fourth aspect, the embodiments of the present disclosure provide a computer-readable storage medium storing a computer program on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the permission processing method in the first aspect are implemented.
在本公开实施例中,可以在满足目标条件(该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序)的情况下,在终端设备已安装的N(N为正整数)个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序;并按照第一方式(该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式)处理第一权限(该第一权限为终端设备为第二应用程序配置的权限)。通过该方案,当终端设备下载一个应用程序和/或运行一个应用程序时,由于终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,因此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。In the embodiment of the present disclosure, when the target condition is met (the target condition is at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program), the N( N is a positive integer) among the application programs, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: a method of closing permissions, encryption and The information corresponding to the authority is processed by the first authority (the first authority is the authority configured by the terminal device for the second application). Through this solution, when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
附图说明Description of the drawings
图1为本公开实施例提供的一种安卓操作系统的架构示意图;FIG. 1 is a schematic diagram of the architecture of an Android operating system provided by an embodiment of the disclosure;
图2为本公开实施例提供的一种权限处理方法的示意图之一;2 is one of the schematic diagrams of a permission processing method provided by an embodiment of the disclosure;
图3为本公开实施例提供的一种权限处理方法的示意图之二;FIG. 3 is a second schematic diagram of a permission processing method provided by an embodiment of the disclosure;
图4为本公开实施例提供的一种权限处理方法的示意图之三;4 is the third schematic diagram of a permission processing method provided by an embodiment of the disclosure;
图5为本公开实施例提供的一种权限处理方法应用的界面的示意图之一;5 is one of the schematic diagrams of an application interface of a permission processing method provided by an embodiment of the present disclosure;
图6为本公开实施例提供的一种权限处理方法的示意图之四;6 is a fourth schematic diagram of a permission processing method provided by an embodiment of the disclosure;
图7为本公开实施例提供的一种权限处理方法应用的界面的示意图之二;FIG. 7 is a second schematic diagram of an interface of a permission processing method application provided by an embodiment of the disclosure;
图8为本公开实施例提供的一种权限处理方法的示意图之五;FIG. 8 is a fifth schematic diagram of a permission processing method provided by an embodiment of the disclosure;
图9为本公开实施例提供的一种权限处理方法应用的界面的示意图之三;9 is a third schematic diagram of an interface of a permission processing method application provided by an embodiment of the disclosure;
图10为本公开实施例提供的终端设备的结构示意图之一;FIG. 10 is one of schematic structural diagrams of a terminal device provided by an embodiment of the disclosure;
图11为本公开实施例提供的终端设备的结构示意图之二;FIG. 11 is a second structural diagram of a terminal device provided by an embodiment of the disclosure;
图12为本公开实施例提供的终端设备的硬件示意图。FIG. 12 is a schematic diagram of hardware of a terminal device provided by an embodiment of the disclosure.
具体实施方式Detailed ways
下面将结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本公开一部分实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present disclosure will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present disclosure. Obviously, the described embodiments are part of the embodiments of the present disclosure, rather than all of the embodiments. Based on the embodiments in the present disclosure, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of this application.
本文中的术语“和/或”,是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。本文中符号“/”表示关联对象是或者的关系,例如A/B表示A或者B。The term "and/or" in this article refers to an association relationship that describes associated objects, which means that there can be three kinds of relationships, for example, A and/or B, which can mean: A alone exists, A and B exist at the same time, exist alone B these three situations. The symbol "/" in this document represents the relationship that the associated object is or, for example, A/B represents A or B.
本文中的术语“第一”和“第二”等是用于区别不同的对象,而不是用于描述对象的特定顺序。例如,第一应用程序和第二应用程序等是用于区别不同的应用程序,而不是用于描述应用程序的特定顺序。The terms "first" and "second" in this document are used to distinguish different objects, rather than describing a specific order of objects. For example, the first application program and the second application program are used to distinguish different applications, rather than to describe a specific order of the applications.
在本公开实施例中,“示例性地”或者“例如”等词用于表示作例子、例证或说明。本公开实施例中被描述为“示例性地”或者“例如”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。确切而言,使用“示例性地”或者“例如”等词旨在以具体方式呈现相关概念。In the embodiments of the present disclosure, words such as "exemplary" or "for example" are used as examples, illustrations, or illustrations. Any embodiment or design solution described as "exemplary" or "for example" in the embodiments of the present disclosure should not be construed as being more preferable or advantageous than other embodiments or design solutions. To be precise, words such as "exemplary" or "for example" are used to present related concepts in a specific manner.
在本公开实施例的描述中,除非另有说明,“多个”的含义是指两个或者两个以上,例 如,多个元件是指两个或者两个以上的元件等。In the description of the embodiments of the present disclosure, unless otherwise specified, the meaning of "plurality" means two or more than two, for example, a plurality of elements means two or more elements, and so on.
下面首先对本文中涉及的名词和/或术语进行解释说明。The following first explains the terms and/or terms involved in this article.
同源应用程序:同一开发商开发的应用程序或者同一运营商运营的应用程序。Same-origin applications: applications developed by the same developer or applications operated by the same operator.
本公开实施例提供一种权限处理方法及终端设备,该权限处理方法可以应用于终端设备。具体地,终端设备可以在满足目标条件(该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序)的情况下,在终端设备已安装的N(N为正整数)个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序;并按照第一方式(该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式)处理第一权限(该第一权限为终端设备为第二应用程序配置的权限)。通过该方案,当终端设备下载一个应用程序和/或运行一个应用程序时,由于终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,因此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。The embodiments of the present disclosure provide a permission processing method and terminal device, and the permission processing method can be applied to the terminal device. Specifically, the terminal device can meet the target condition (the target condition is at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program), the terminal device has installed N (N is A positive integer) application programs, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: a method of closing permissions, encryption and permission correspondence的信息) Process the first permission (the first permission is the permission configured by the terminal device for the second application). Through this solution, when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
本公开实施例中的终端设备可以为具有操作系统的终端设备。该操作系统可以为安卓(Android)操作系统,可以为ios操作系统,还可以为其他可能的操作系统,本公开实施例不作具体限定。The terminal device in the embodiment of the present disclosure may be a terminal device with an operating system. The operating system may be an Android operating system, an ios operating system, or other possible operating systems, which are not specifically limited in the embodiment of the present disclosure.
下面以安卓操作系统为例,介绍一下本公开实施例提供的权限处理方法所应用的软件环境。The following uses the Android operating system as an example to introduce the software environment to which the permission processing method provided in the embodiments of the present disclosure is applied.
如图1所示,为本公开实施例提供的一种可能的安卓操作系统的架构示意图。在图1中,安卓操作系统的架构包括4层,分别为:应用程序层、应用程序框架层、系统运行库层和内核层(具体可以为Linux内核层)。As shown in FIG. 1, it is a schematic structural diagram of a possible Android operating system provided by an embodiment of the present disclosure. In Figure 1, the architecture of the Android operating system includes 4 layers, namely: application layer, application framework layer, system runtime library layer, and kernel layer (specifically, it may be the Linux kernel layer).
其中,应用程序层包括安卓操作系统中的各个应用程序(包括系统应用程序和第三方应用程序)。Among them, the application layer includes various applications (including system applications and third-party applications) in the Android operating system.
应用程序框架层是应用程序的框架,开发人员可以在遵守应用程序的框架的开发原则的情况下,基于应用程序框架层开发一些应用程序。The application framework layer is the framework of the application. Developers can develop some applications based on the application framework layer while complying with the development principles of the application framework.
系统运行库层包括库(也称为系统库)和安卓操作系统运行环境。库主要为安卓操作系统提供其所需的各类资源。安卓操作系统运行环境用于为安卓操作系统提供软件环境。The system runtime layer includes a library (also called a system library) and an Android operating system runtime environment. The library mainly provides various resources needed by the Android operating system. The Android operating system operating environment is used to provide a software environment for the Android operating system.
内核层是安卓操作系统的操作系统层,属于安卓操作系统软件层次的最底层。内核层基于Linux内核为安卓操作系统提供核心系统服务和与硬件相关的驱动程序。The kernel layer is the operating system layer of the Android operating system and belongs to the lowest level of the Android operating system software level. The kernel layer is based on the Linux kernel to provide core system services and hardware-related drivers for the Android operating system.
以安卓操作系统为例,本公开实施例中,开发人员可以基于上述如图1所示的安卓操作系统的系统架构,开发实现本公开实施例提供的权限处理方法的软件程序,从而使得该权限处理方法可以基于如图1所示的安卓操作系统运行。即处理器或者终端设备可以通过在安卓操作系统中运行该软件程序实现本公开实施例提供的权限处理方法。Taking the Android operating system as an example, in the embodiments of the present disclosure, developers can develop software programs that implement the permission processing method provided in the embodiments of the present disclosure based on the system architecture of the Android operating system as shown in FIG. The processing method can be run based on the Android operating system as shown in FIG. 1. That is, the processor or the terminal device can implement the permission processing method provided by the embodiment of the present disclosure by running the software program in the Android operating system.
本公开实施例中的终端设备可以为移动终端,也可以为非移动终端。示例性地,移动终端可以为手机、平板电脑、笔记本电脑、掌上电脑、车载终端、可穿戴设备、超级移动个人计算机(ultra-mobile personal computer,UMPC)、上网本或者个人数字助理(personal digital assistant,PDA)等,非移动终端可以为个人计算机(personal computer,PC)、电视机(television,TV)、柜员机或者自助机等,本公开实施例不作具体限定。The terminal device in the embodiment of the present disclosure may be a mobile terminal or a non-mobile terminal. Exemplarily, the mobile terminal may be a mobile phone, a tablet computer, a notebook computer, a palmtop computer, a vehicle-mounted terminal, a wearable device, an ultra-mobile personal computer (UMPC), a netbook, or a personal digital assistant (personal digital assistant, The non-mobile terminal may be a personal computer (PC), a television (television, TV), a teller machine or a self-service machine, etc., which are not specifically limited in the embodiment of the present disclosure.
本公开实施例提供的权限处理方法的执行主体可以为上述的终端设备,也可以为该终端 设备中能够实现该权限处理方法的功能模块和/或功能实体,具体的可以根据实际使用需求确定,本公开实施例不作限定。下面以终端设备为例,对本公开实施例提供的权限处理方法进行示例性地说明。The execution subject of the permission processing method provided in the embodiments of the present disclosure may be the above-mentioned terminal device, or may be a functional module and/or functional entity in the terminal device that can implement the permission processing method. The specifics can be determined according to actual usage requirements. The embodiments of the present disclosure are not limited. The following takes a terminal device as an example to illustrate the permission processing method provided in the embodiment of the present disclosure.
本公开实施例中,在安装或运行某个应用程序时,终端设备可以根据用户的使用需求为该应用程序配置权限。例如,在安装通讯应用程序时,终端设备可以根据用户的使用需求为该通讯应用程序配置联系人权限、相机权限,以及短信权限等。如此,当终端设备安装属于同源应用程序的多个应用程序之后,由于该多个应用程序中的每个应用程序可能均会获取终端设备中的某个或某些权限,因此该多个应用程序可能会获取终端设备中的各种权限。示例性地,假设属于同源应用程序的应用程序为应用程序A和应用程序B,且应用程序A可以获取终端设备中的联系人权限和短信权限,应用程序B可以获取终端设备中的录音权限和相机权限,那么应用程序A和应用程序B可以获取终端设备中的联系人权限、短信权限、录音权限和相机权限。从而,应用程序A和应用程序B的开发商或运营商可以得到不同权限对应的数据,从而开发商或运营商可能会将这些数据叠加、处理等获得用户的详细信息,进而可能导致用户的隐私信息泄露。In the embodiments of the present disclosure, when installing or running an application program, the terminal device can configure permissions for the application program according to the user's use requirements. For example, when a communication application is installed, the terminal device can configure contact permissions, camera permissions, and SMS permissions for the communication application according to user needs. In this way, after the terminal device installs multiple applications belonging to the same source application, since each of the multiple applications may obtain one or some permissions in the terminal device, the multiple applications The program may obtain various permissions in the terminal device. Exemplarily, suppose that the applications belonging to the same source application are application A and application B, and application A can obtain the contact permission and SMS permission in the terminal device, and application B can obtain the recording permission in the terminal device And camera permissions, then application A and application B can obtain contact permissions, SMS permissions, recording permissions, and camera permissions in the terminal device. Therefore, developers or operators of application A and application B can obtain data corresponding to different permissions, and the developer or operator may superimpose and process these data to obtain detailed information of the user, which may lead to user privacy Information leakage.
为了解决上述问题,本公开实施例提供一种权限处理方法,当终端设备下载或运行一个应用程序时,终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,如此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。In order to solve the above problems, the embodiments of the present disclosure provide a permission processing method. When a terminal device downloads or runs an application, the terminal device can close the terminal device as another application (the other application and the one application belong to the same source). Application) configuration permissions, or encrypt the information corresponding to the permissions configured by the terminal device for the other application, so that these same-source applications can be prevented from simultaneously acquiring different permissions in the terminal device, thereby avoiding these same-origin applications Developers or operators can superimpose and process the data obtained by these same-source applications according to different permissions to obtain detailed user information, which can prevent the leakage of users' private information and ensure the security of users' private information.
下面具体结合各个附图对本公开实施例提供的权限处理方法进行示例性地说明。The permission processing method provided by the embodiments of the present disclosure will be exemplarily described below in detail with reference to the respective drawings.
如图2所示,本公开实施例提供一种权限处理方法,该方法可以包括下述的S201-S202。As shown in FIG. 2, an embodiment of the present disclosure provides a permission processing method, and the method may include the following S201-S202.
S201、在满足目标条件的情况下,终端设备在终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序。S201. In the case that the target condition is met, the terminal device determines a second application that belongs to the same source application as the first application among the N applications installed on the terminal device.
其中,上述目标条件可以为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序,N为正整数。即终端设备可以在下载第一应用程序的情况下执行上述S201,也可以在运行第一应用程序的情况下执行上述S201,还可以在下载第一应用程序和运行第一应用程序的情况下均执行S201,具体可以根据实际使用需求确定,本公开实施例不作限定。The above-mentioned target condition may be at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program, and N is a positive integer. That is, the terminal device may execute S201 when downloading the first application, or execute S201 when the first application is running, and it may also execute both when downloading the first application and running the first application. Execution of S201 can be specifically determined according to actual usage requirements, which is not limited in the embodiment of the present disclosure.
本公开实施例中,在终端设备下载或运行第一应用程序时,终端设备可以在终端设备已安装的应用程序查找与第一应用程序属于同源应用程序的应用程序,若终端设备查找到与第一应用程序属于同源应用程序的第二应用程序,则终端设备可以先对终端设备为第二应用程序配置的权限进行处理(例如关闭或加密与权限对应的信息),然后再下载或运行第一应用程序,以防止这些同源应用程序同时获取终端设备中的多个不同权限;若终端设备未查找到与第一应用程序属于同源应用程序的应用程序,则终端设备可以按照传统流程正常下载或运行第一应用程序。In the embodiment of the present disclosure, when the terminal device downloads or runs the first application, the terminal device can search for applications that are of the same source as the first application in the applications installed on the terminal device. The first application belongs to the second application of the same source application, the terminal device can first process the permissions configured by the terminal device for the second application (for example, close or encrypt the information corresponding to the permissions), and then download or run The first application program to prevent these same-source applications from simultaneously acquiring multiple different permissions in the terminal device; if the terminal device does not find an application that belongs to the same-source application as the first application program, the terminal device can follow the traditional process Download or run the first application normally.
可以理解,本公开实施例中,当上述目标条件为终端设备下载第一应用程序时,上述第一应用程序可以为终端设备需要下载的应用程序。当上述目标条件为终端设备运行第一应用程序时,上述第一应用程序可以为终端设备中已安装的应用程序。It can be understood that, in the embodiments of the present disclosure, when the foregoing target condition is that the terminal device downloads the first application program, the foregoing first application program may be an application program that the terminal device needs to download. When the foregoing target condition is that the terminal device runs the first application program, the foregoing first application program may be an application program installed in the terminal device.
可选地,本公开实施例中,上述终端设备已安装的N个应用程序可以为终端设备已安装的非系统应用程序。示例性地,N个应用程序可以包括打车应用程序、购物应用程序、通讯 应用程序,以及视频应用程序等任意可能的应用程序,具体可以根据实际使用需求确定,本公开实施例不作限定。Optionally, in the embodiment of the present disclosure, the N applications installed on the terminal device may be non-system applications installed on the terminal device. Exemplarily, the N application programs may include any possible application programs such as a taxi application program, a shopping application program, a communication application program, and a video application program, which may be specifically determined according to actual use requirements, and the embodiments of the present disclosure are not limited.
可以理解,上述第二应用程序可以为N个应用程序中的应用程序。示例性地,第二应用程序可以为打车应用程序、购物应用程序、通讯应用程序或者视频应用程序等。It can be understood that the foregoing second application program may be an application program among N applications. Exemplarily, the second application program may be a taxi application program, a shopping application program, a communication application program, or a video application program.
需要说明的是,本公开实施例中,上述第一应用程序和第二应用程序可以为相同应用类型的应用程序,也可以为不同应用类型的应用程序,具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that in the embodiments of the present disclosure, the above-mentioned first application and the second application may be applications of the same application type, or may be applications of different application types, which can be determined according to actual usage requirements. The embodiment is not limited.
S202、终端设备按照第一方式处理第一权限。S202. The terminal device processes the first permission in the first manner.
其中,上述第一权限可以为终端设备为上述第二应用程序配置的权限。上述第一方式可以包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式。Wherein, the first permission may be a permission configured by the terminal device for the second application. The above-mentioned first manner may include at least one of the following: a manner of closing permissions, and a manner of encrypting information corresponding to the permissions.
需要说明的是,上述第一权限,即上述终端设备为上述第二应用程序配置的权限可以为:终端设备为第二应用程序配置的使用其他应用程序提供的功能的权限。在终端设备为第二应用程序配置使用其他应用程序提供的功能的权限之后,第二应用程序可以使用这些功能。例如,假设第二应用程序为购物应用程序,且终端设备可以为购物应用程序配置联系人权限和短信权限,那么终端设备为购物应用程序配置的联系人权限和短信权限可以为:终端设备为购物应用程序配置的使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能的权限。在终端设备为购物应用程序配置使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能的权限之后,购物应用程序可以使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能;即购物应用程序可以读取电话应用程序中的联系人信息和短信应用程序中的短信内容。It should be noted that the first permission, that is, the permission configured by the terminal device for the second application program may be: the terminal device configures the permission for the second application program to use functions provided by other applications. After the terminal device configures the second application program with the permission to use functions provided by other applications, the second application program can use these functions. For example, suppose that the second application is a shopping application, and the terminal device can configure contact permissions and SMS permissions for the shopping application, then the contact permissions and SMS permissions configured by the terminal device for the shopping application can be: the terminal device is shopping The permissions configured by the application to use the "Contacts" function in the phone application and the "SMS" function in the SMS application. After the terminal device configures the shopping application with the permission to use the "Contact" function in the phone application and the "SMS" function in the SMS application, the shopping application can use the "Contact" function and SMS in the phone application The "SMS" function in the application; that is, the shopping application can read the contact information in the phone application and the text message content in the SMS application.
本公开实施例中,可以理解,上述第一权限,即终端设备为第二应用程序配置的权限可以称为第二应用程序的非固定权限。In the embodiments of the present disclosure, it can be understood that the above-mentioned first permission, that is, the permission configured by the terminal device for the second application program, may be referred to as the non-fixed permission of the second application program.
当然,第二应用程序还可以具有固定权限。第二应用程序的固定权限为第二应用程序实现其基本功能所必须具有的权限。Of course, the second application program may also have fixed permissions. The fixed authority of the second application program is the authority that the second application program must have to realize its basic functions.
本公开实施例中,在上述第一方式包括关闭权限的方式的情况下,终端设备可以关闭上述第一权限;在终端设备关闭第一权限之后,上述第二应用程序不具有第一权限,即这种情况下,第二应用程序无法访问第一权限对应的信息。在上述第一方式包括加密与权限对应的信息的方式的情况下,终端设备可以加密与第一权限对应的信息;在终端设备加密与第一权限对应的信息之后,上述第二应用程序只能访问与第一权限对应的信息加密后的信息,即这种情况下,虽然第二应用程序仍然具有第一权限,但是第二应用程序根据第一权限获取的信息均为加密后的信息。当上述第一方式包括关闭权限的方式和加密与权限对应的信息的方式的情况下,终端设备的处理方式可以参见上述分别对两种方式的相关描述,此处不再赘述。In the embodiment of the present disclosure, in the case where the above-mentioned first method includes the method of closing the authority, the terminal device can close the above-mentioned first authority; after the terminal device closes the first authority, the above-mentioned second application does not have the first authority, that is, In this case, the second application cannot access the information corresponding to the first permission. In the case where the above-mentioned first method includes a method of encrypting information corresponding to the authority, the terminal device may encrypt the information corresponding to the first authority; after the terminal device encrypts the information corresponding to the first authority, the above-mentioned second application can only Access to encrypted information corresponding to the first permission, that is, in this case, although the second application still has the first permission, the information obtained by the second application according to the first permission is all encrypted information. In the case where the above-mentioned first method includes a method of closing the permission and a method of encrypting information corresponding to the permission, the processing method of the terminal device can be referred to the respective descriptions of the two methods above, which will not be repeated here.
本公开实施例中,由于终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,因此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。In the embodiment of the present disclosure, since the terminal device can close the permissions configured by the terminal device for other applications (the other application and the one application belong to the same source application), or encrypt the permissions configured by the terminal device for the other applications Corresponding information, it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from superimposing and processing the data obtained by these same-source applications according to different permissions After waiting to obtain the user's detailed information, the user's private information can be prevented from leaking, and the user's private information can be secured.
可选地,本公开实施例中,在终端设备关闭上述第一权限或加密与上述第一权限对应的信息之后,如果终端设备运行第二应用程序,那么终端设备可以打开第一权限或解密与第一权限对应的信息。Optionally, in the embodiment of the present disclosure, after the terminal device closes the first permission or encrypts the information corresponding to the first permission, if the terminal device runs a second application, the terminal device can open the first permission or decrypt and Information corresponding to the first permission.
示例性地,结合上述图2,如图3所示,在上述S202之后,本公开实施例提供的权限处理方法还可以包括下述的S203。Exemplarily, in conjunction with the foregoing FIG. 2, as shown in FIG. 3, after the foregoing S202, the permission processing method provided by the embodiment of the present disclosure may further include the following S203.
S203、在终端设备运行第二应用程序的情况下,终端设备按照与第一方式对应的第二方式处理第一权限。S203. In a case where the terminal device runs the second application program, the terminal device processes the first permission in a second manner corresponding to the first manner.
其中,上述第二方式可以包括以下至少一项:打开权限的方式(也可以称为开启权限)、解密与权限对应的信息的方式。Wherein, the above-mentioned second method may include at least one of the following: a method of opening the permission (also referred to as opening the permission), and a method of decrypting information corresponding to the permission.
可以理解,上述第一方式与上述第二方式对应是指:在上述第一方式为关闭权限的方式的情况下,上述第二方式为打开权限的方式;或者,在上述第一方式为加密与权限对应的信息的方式的情况下,上述第二方式为解密与权限对应的信息的方式。It can be understood that the above-mentioned first method corresponds to the above-mentioned second method means that when the above-mentioned first method is a method of closing permissions, the above-mentioned second method is a method of opening permissions; or, in the above-mentioned first method, encryption and In the case of the method of information corresponding to the authority, the second method described above is a method of decrypting the information corresponding to the authority.
本公开实施例中,在上述第二方式包括打开权限的方式的情况下,终端设备可以打开上述第一权限;在终端设备打开第一权限之后,上述第二应用程序具有第一权限,即这种情况下,第二应用程序可以访问第一权限对应的信息。在上述第二方式包括解密与权限对应的信息的方式的情况下,终端设备可以解密与第一权限对应的信息;在终端设备解密与第一权限对应的信息之后,上述第二应用程序可以访问第一权限对应的信息。当上述第二方式包括打开权限的方式和解密与权限对应的信息的方式的情况下,终端设备的处理方式可以参见上述分别对两种方式的相关描述,此处不再赘述。In the embodiment of the present disclosure, in the case where the above-mentioned second method includes the method of opening the permission, the terminal device can open the above-mentioned first permission; after the terminal device opens the first permission, the above-mentioned second application has the first permission, that is, this In this case, the second application can access the information corresponding to the first permission. In the case where the above second method includes a method of decrypting information corresponding to the authority, the terminal device can decrypt the information corresponding to the first authority; after the terminal device decrypts the information corresponding to the first authority, the second application can access Information corresponding to the first permission. In the case where the foregoing second method includes a method of opening the permission and a method of decrypting the information corresponding to the permission, the processing method of the terminal device can refer to the relevant description of the two methods above, and details are not repeated here.
需要说明的是,本公开实施例中,在终端设备运行上述第二应用程序的情况下,终端设备还可以按照上述第一方式处理终端设备为第一应用程序配置的权限(以下称为第二权限)。具体的,在终端设备运行上述第二应用程序的情况下,终端设备还可以关闭第二权限或加密与第二权限对应的信息。其中,在终端设备运行上述第二应用程序的情况下,终端设备可以先关闭第二权限,然后再打开第一权限;或者,终端设备可以先加密与第二权限对应的信息,然后再解密与第一权限对应的信息。It should be noted that in the embodiment of the present disclosure, when the terminal device is running the above-mentioned second application, the terminal device can also process the authority configured by the terminal device for the first application in the above-mentioned first manner (hereinafter referred to as the second application). Permissions). Specifically, when the terminal device runs the above-mentioned second application program, the terminal device may also close the second permission or encrypt information corresponding to the second permission. Wherein, when the terminal device is running the above-mentioned second application, the terminal device may first close the second permission, and then open the first permission; or, the terminal device may first encrypt the information corresponding to the second permission, and then decrypt the information corresponding to the second permission. Information corresponding to the first permission.
本公开实施例中,在终端设备关闭终端设备为某个应用程序配置的权限,或加密与该权限对应的信息之后,由于终端设备在运行该应用程序时,终端设备可以打开该权限,或解密与该权限对应的信息,因此可以保证该应用程序在运行时能够具有用户需求的功能,从而能够提升用户体验,提高人机交互性能。In the embodiments of the present disclosure, after the terminal device closes the permission configured by the terminal device for a certain application, or encrypts the information corresponding to the permission, since the terminal device is running the application, the terminal device can open the permission, or decrypt The information corresponding to the permission can therefore ensure that the application program can have the functions required by the user when it is running, thereby improving user experience and human-computer interaction performance.
可选地,本公开实施例中,终端设备可以自动记录终端设备中的同源应用程序获取的权限数量,并在该权限数量大于某一数值时,提醒用户可能存在信息泄露的风险。Optionally, in the embodiment of the present disclosure, the terminal device can automatically record the number of permissions acquired by the same-source application in the terminal device, and when the number of permissions is greater than a certain value, remind the user that there may be a risk of information leakage.
示例性地,结合上述图2,如图4所示,本公开实施例提供的权限处理方法还包括下述的S204。Exemplarily, in conjunction with the foregoing FIG. 2, as shown in FIG. 4, the permission processing method provided by the embodiment of the present disclosure further includes the following S204.
S204、在目标数量大于或等于预设阈值的情况下,终端设备显示第一提示信息。S204: In a case where the number of targets is greater than or equal to a preset threshold, the terminal device displays first prompt information.
其中,上述第一提示信息可以用于提示用户,同源应用获取的权限数量(具体可以为同源应用程序获取的权限总数量)已超过预设阈值。上述目标数量为第一权限的数量和第二权限(即终端设备为第一应用程序配置的权限)的数量之和。The above-mentioned first prompt information may be used to prompt the user that the number of permissions acquired by the same-source application (specifically, the total number of permissions acquired by the same-source application) has exceeded a preset threshold. The foregoing target number is the sum of the number of first permissions and the number of second permissions (that is, the permissions configured by the terminal device for the first application program).
本公开实施例中,终端设备可以自动记录终端设备中的同源应用程序获取的权限总数量,当该权限总数量大于或等于某个数值后,终端设备可以通过显示第一提示信息,提示用户这些同源应用程序获取的权限总数量已超过预设阈值,存在信息泄露的风险。In the embodiment of the present disclosure, the terminal device can automatically record the total number of permissions acquired by the same-source application in the terminal device. When the total number of permissions is greater than or equal to a certain value, the terminal device can prompt the user by displaying the first prompt message The total number of permissions obtained by these same-origin applications has exceeded the preset threshold, and there is a risk of information leakage.
需要说明的是,上述第二权限,即上述终端设备为上述第一应用程序配置的权限可以为:终端设备为第一应用程序配置的使用其他应用程序提供的功能的权限。在终端设备为第一应用程序配置使用其他应用程序提供的功能的权限之后,第一应用程序可以使用这些功能。例如,假设第一应用程序为购物应用程序,且终端设备可以为购物应用程序配置联系人权限和 短信权限,那么终端设备为购物应用程序配置的联系人权限和短信权限可以为:终端设备为购物应用程序配置的使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能的权限。在终端设备为购物应用程序配置使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能的权限之后,购物应用程序可以使用电话应用程序中的“联系人”功能和短信应用程序中的“短信”功能;即购物应用程序可以读取电话应用程序中的联系人信息和短信应用程序中的短信内容。It should be noted that the second permission, that is, the permission configured by the terminal device for the first application program may be: the terminal device configured for the first application program to use functions provided by other applications. After the terminal device configures the first application program with the permission to use functions provided by other applications, the first application program can use these functions. For example, assuming that the first application is a shopping application, and the terminal device can configure contact permissions and SMS permissions for the shopping application, the contact permissions and SMS permissions configured by the terminal device for the shopping application can be: the terminal device is shopping The permissions configured by the application to use the "Contacts" function in the phone application and the "SMS" function in the SMS application. After the terminal device configures the shopping application with the permission to use the "Contact" function in the phone application and the "SMS" function in the SMS application, the shopping application can use the "Contact" function and SMS in the phone application The "SMS" function in the application; that is, the shopping application can read the contact information in the phone application and the text message content in the SMS application.
本公开实施例中,可以理解,上述第二权限,即终端设备为第一应用程序配置的权限可以称为第一应用程序的非固定权限。In the embodiments of the present disclosure, it can be understood that the foregoing second permission, that is, the permission configured by the terminal device for the first application program, may be referred to as the non-fixed permission of the first application program.
当然,第一应用程序还可以具有固定权限。第一应用程序的固定权限为第一应用程序实现其基本功能所必须具有的权限。Of course, the first application program may also have fixed permissions. The fixed authority of the first application program is the authority that the first application program must have to realize its basic functions.
可选地,本公开实施例中,上述目标数量可以为上述第一权限和第二权限中不同权限的数量之和。示例性地,假设上述第一权限为录音权限和联系人权限,上述第二权限为短信权限、联系人权限和相机权限,那么第一权限和第二权限中的不同权限为:录音权限、联系人权限、短信权限和相机权限,即上述目标数量为4。Optionally, in the embodiment of the present disclosure, the number of targets described above may be the sum of the numbers of different permissions in the first permission and the second permission. Illustratively, assuming that the first permission is recording permission and contact permission, and the second permission is SMS permission, contact permission, and camera permission, then the different permissions in the first permission and the second permission are: recording permission, contact permission Person permission, SMS permission and camera permission, that is, the number of targets mentioned above is 4.
本公开实施例中,上述预设阈值可以为用户的隐私信息是否泄漏的临界值,其具体可以由终端设备的厂商根据大数据计算得到,本公开实施例不作限定。In the embodiments of the present disclosure, the foregoing preset threshold may be a critical value for whether the user's private information is leaked, which may be specifically calculated by the manufacturer of the terminal device based on big data, and is not limited in the embodiment of the present disclosure.
需要说明的是,本公开实施例可以不限定上述S204的执行时机,即终端设备在任意时候都可以执行上述S204。上述图4是以上述S204在S202之后执行为例示意的,其并不对上述S204的执行时机造成任何限定。具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that the embodiment of the present disclosure may not limit the execution timing of the foregoing S204, that is, the terminal device may execute the foregoing S204 at any time. The above-mentioned FIG. 4 is an example that the above-mentioned S204 is executed after S202, which does not set any limitation on the execution timing of the above-mentioned S204. Specifically, it can be determined according to actual usage requirements, and the embodiment of the present disclosure does not limit it.
下面再结合图5对上述S204所示的方法进行进一步示例性地描述。The method shown in S204 will be further exemplarily described below in conjunction with FIG. 5.
示例性地,假设同源应用程序包括上述第一应用程序和上述第二应用程序,且第一应用程序为通讯应用程序,第二应用程序为打车应用程序,以及终端设备为第一应用程序配置的权限,即上述第二权限为短信权限、联系人权限和相机权限,终端设备为第二应用程序配置的权限,即上述第一权限为录音权限、联系人权限、运动权限、位置权限和相机权限。那么,一种可能的实现方式中,如图5中的(a)所示,当终端设备检测到通讯应用程序和打车应用程序获取的权限总数量大于或等于预设阈值时,终端设备可以显示提示信息(即上述第一提示信息)“通讯应用程序获取的权限数量为3,打车应用程序获取的权限数量为5,存在信息泄露的风险”,以提示用户同源应用获取的权限数量已超过预设阈值,存在信息泄露的风险。另一种可能的实现方式中,如图5中的(b)所示,当终端设备检测到通讯应用程序和打车应用程序获取的权限总数量大于或等于预设阈值时,终端设备可以显示提示信息(即上述第一提示信息)“通讯应用程序和打车应用程序获取的权限总数量过大,存在信息泄露的风险”,以提示用户同源应用获取的权限数量已超过预设阈值,存在信息泄露的风险。Exemplarily, it is assumed that the same source application includes the above-mentioned first application and the above-mentioned second application, and the first application is a communication application, the second application is a taxi application, and the terminal device is configured for the first application , That is, the above second permissions are SMS permissions, contact permissions, and camera permissions, and the terminal device is configured for the second application. That is, the above first permissions are recording permissions, contact permissions, sports permissions, location permissions, and camera permissions. Permissions. Then, in a possible implementation, as shown in Figure 5(a), when the terminal device detects that the total number of permissions acquired by the communication application and the taxi application is greater than or equal to the preset threshold, the terminal device can display The prompt message (that is, the first prompt message above) "The number of permissions acquired by the communication application is 3, the number of permissions acquired by the taxi application is 5, and there is a risk of information leakage" to remind the user that the number of permissions acquired by the same source application has exceeded With preset thresholds, there is a risk of information leakage. In another possible implementation, as shown in Figure 5 (b), when the terminal device detects that the total number of permissions acquired by the communication application and the taxi application is greater than or equal to the preset threshold, the terminal device can display a prompt The message (i.e. the above first prompt message) "The total number of permissions acquired by communication applications and taxi applications is too large, and there is a risk of information leakage" to remind the user that the number of permissions acquired by the same source application has exceeded the preset threshold, and there is information Risk of leakage.
可选地,本公开实施例中,上述S204也可以单独执行,即S204可以不结合如图2所示的方法执行。具体可以参见上述实施例中对如图4所示的方法的相关描述,此处不再赘述。Optionally, in the embodiment of the present disclosure, the foregoing S204 may also be performed separately, that is, S204 may not be performed in combination with the method shown in FIG. 2. For details, reference may be made to the related description of the method shown in FIG. 4 in the foregoing embodiment, which is not repeated here.
本公开实施例中,在同源应用程序获取的权限总数量大于或等于预设阈值的情况下,终端设备可以通过显示第一提示信息,提示用户由于同源应用程序获取的权限总数量过大,可能存在信息泄露风险,从而使得用户可以及时获知用户的隐私信息的安全性,进而提升用户体验,提高人机交互性能。In the embodiment of the present disclosure, when the total number of permissions acquired by the same-source application is greater than or equal to the preset threshold, the terminal device may display the first prompt message to remind the user that the total number of permissions acquired by the same-source application is too large , There may be a risk of information leakage, so that the user can learn the security of the user’s private information in time, thereby enhancing the user experience and improving the performance of human-computer interaction.
可选地,本公开实施例中,若上述目标条件为终端设备下载第一应用程序,即终端设备在下载第一应用程序的情况下执行本公开实施例提供的权限处理方法,则在终端设备确定与第一应用程序属于同源应用程序的第二应用程序之后,在终端设备按照上述第一方式处理上 述第一权限之前,终端设备还可以提示用户是否安装第一应用程序。Optionally, in the embodiment of the present disclosure, if the above target condition is that the terminal device downloads the first application program, that is, the terminal device executes the permission processing method provided in the embodiment of the present disclosure while downloading the first application program, then the terminal device After determining that the second application belongs to the same source application as the first application, the terminal device may also prompt the user whether to install the first application before the terminal device processes the first permission in the foregoing first manner.
示例性地,结合上述图2,如图6所示,在上述S201之后,上述S202之前,本公开实施例提供的权限处理方法还可以包括下述的S205-S206。并且S202具体可以通过下述的S202a实现。Exemplarily, in conjunction with the foregoing FIG. 2, as shown in FIG. 6, after the foregoing S201 and before the foregoing S202, the permission processing method provided by the embodiment of the present disclosure may further include the following S205-S206. And S202 can be specifically implemented by the following S202a.
S205、终端设备显示第二提示信息。S205: The terminal device displays second prompt information.
其中,上述第二提示信息可以用于提示用户是否安装第一应用程序。The above-mentioned second prompt information may be used to prompt the user whether to install the first application program.
本公开实施例中,在终端设备确定与上述第一应用程序属于同源应用程序的第二应用程序之后,终端设备可以显示上述第二显示信息,以提示用户是否安装上述第一应用程序。In the embodiment of the present disclosure, after the terminal device determines that the second application belongs to the same source application as the first application, the terminal device may display the second display information to prompt the user whether to install the first application.
可以理解,当终端设备中有与上述第一应用程序属于同源应用程序的应用程序时,为了防止用户的隐私信息泄露,终端设备可以提醒用户是否安装第一应用程序。It can be understood that when there is an application that belongs to the same source application as the first application in the terminal device, in order to prevent the leakage of the user's privacy information, the terminal device may remind the user whether to install the first application.
可选地,本公开实施例中,上述第二提示信息可以包括第一提示内容和第一提示选项。第一提示内容用于提示用户是否安装第一应用程序,第一提示选项可以包括第一选项和第二选项,第一选项可以用于确定安装第一应用程序,第二选项可以用于确定不安装第一应用程序。Optionally, in the embodiment of the present disclosure, the above-mentioned second prompt information may include the first prompt content and the first prompt option. The first prompt content is used to prompt the user whether to install the first application. The first prompt option may include a first option and a second option. The first option may be used to determine whether to install the first application, and the second option may be used to determine whether to install the first application. Install the first application.
示例性地,如图7所示,上述第一提示内容可以为“是否安装第一应用程序?”(如图7中的70所示),上述第一选项可以为“是”选项(如图7中的71所示),上述第二选项可以为“否”选项(如图7中的72所示)。Exemplarily, as shown in FIG. 7, the first prompt content may be "Do you want to install the first application?" (as shown by 70 in FIG. 7), and the first option may be the "Yes" option (as shown in FIG. 7), the above-mentioned second option may be a "no" option (as shown by 72 in FIG. 7).
本公开实施例中,在终端设备显示第二提示信息之后,用户可以通过对第二提示信息的不同输入,触发终端设备执行不同的动作。具体的,用户可以通过对第二提示信息的第一输入,触发终端设备按照上述第一方式处理上述第一权限,并安装第一应用程序;即用户可以通过对第二提示信息的第一输入触发终端设备执行下述的S202a。或者,用户可以通过对第二提示信息的第二输入,触发终端设备不安装第一应用程序,以及下载并安装与第一应用程序的应用类型相同、且与第二应用程序不属于同源应用程序的第三应用程序;即用户可以通过对第二提示信息的第二输入触发终端设备执行下述的S206。In the embodiment of the present disclosure, after the terminal device displays the second prompt information, the user can trigger the terminal device to perform different actions through different inputs to the second prompt information. Specifically, the user can trigger the terminal device to process the first permission and install the first application in the first manner through the first input of the second prompt information; that is, the user can use the first input of the second prompt information The terminal device is triggered to execute the following S202a. Alternatively, the user can trigger the terminal device not to install the first application through the second input of the second prompt information, and to download and install the same type of application as the first application and not belonging to the same source application as the second application The third application program of the program; that is, the user can trigger the terminal device to execute the following S206 through the second input of the second prompt information.
S202a、在接收到用户对第二提示信息的第一输入的情况下,终端设备按照第一方式处理第一权限,并安装第一应用程序。S202a: In the case of receiving the user's first input of the second prompt information, the terminal device processes the first permission in the first manner, and installs the first application.
其中,上述第一输入可以用于确定安装第一应用程序。示例性地,上述第一输入可以为用户对上述如图7中的71所示的“是”选项的输入。Wherein, the above-mentioned first input can be used to determine to install the first application. Exemplarily, the foregoing first input may be the user's input to the foregoing "Yes" option as shown in 71 in FIG. 7.
需要说明的是,本公开实施例可以不限定上述第一输入的输入形式,具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that the embodiment of the present disclosure may not limit the above-mentioned first input input form, and may be specifically determined according to actual usage requirements, which is not limited in the embodiment of the present disclosure.
S206、在接收到用户对第二提示信息的第二输入的情况下,终端设备下载并安装第三应用程序。S206: In the case of receiving the second input of the second prompt information from the user, the terminal device downloads and installs the third application.
其中,上述第二输入用于确定不安装第一应用程序。示例性地,上述第二输入可以为用户对上述如图7中的72所示的“否”选项的输入。Wherein, the foregoing second input is used to determine not to install the first application. Exemplarily, the foregoing second input may be the user's input to the foregoing “No” option as shown in 72 in FIG. 7.
需要说明的是,本公开实施例可以不限定上述第二输入的输入形式,具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that the embodiment of the present disclosure may not limit the above-mentioned input form of the second input, and may be specifically determined according to actual usage requirements, which is not limited in the embodiment of the present disclosure.
其中,上述第三应用程序为与上述第一应用程序的应用类型相同的应用程序,且上述第三应用程序与上述第二应用程序不属于同源应用程序。示例性地,假设上述第一应用程序为购物应用程序1,上述第二应用程序为打车应用程序,则上述第三应用程序可以为与打车应用程序1不属于同源应用程序的购物类应用程序,例如第三应用程序可以为购物应用程序2。Wherein, the third application program is an application program of the same application type as the first application program, and the third application program and the second application program are not homologous applications. Illustratively, assuming that the first application is shopping application 1, and the second application is a taxi application, the third application may be a shopping application that does not belong to the same source application as taxi application 1. For example, the third application can be shopping application 2.
可选地,本公开实施例中,终端设备可以根据历史信息下载并安装上述第三应用程序。 该历史信息可以为服务器收集的大多数终端设备下载的与上述第一应用程序的应用类型相同、且与上述第二应用程序不属于同源应用程序的应用程序历史下载信息。Optionally, in the embodiment of the present disclosure, the terminal device may download and install the foregoing third application program according to historical information. The historical information may be historical download information of applications that are of the same application type as the first application and that are not of the same source as the second application and downloaded by most terminal devices collected by the server.
本公开实施例中,终端设备显示第二提示信息后,若用户确定安装第一应用程序,则用户可以通过对第二提示信息进行第一输入,以触发终端设备按照第一方式处理第一权限,并安装第一应用程序。若用户确定不安装第一应用程序,则用户可以通过对第二提示信息进行第二输入,以触发终端设备不安装第一应用程序,以及下载并安装与第一应用程序的应用类型相同、且与第二应用程序不属于同源应用程序的第三应用程序。如此,可以在保证正常安装某个应用类型的应用程序的基础上,防止多个同源应用程序同时获取终端设备中的多个权限,从而防止用户的隐私信息泄露。In the embodiment of the present disclosure, after the terminal device displays the second prompt information, if the user determines to install the first application, the user can trigger the terminal device to process the first permission in the first way by first inputting the second prompt information , And install the first application. If the user determines not to install the first application, the user can trigger the terminal device not to install the first application by performing a second input to the second prompt message, and to download and install the same type of application as the first application and A third application that does not belong to the same source application as the second application. In this way, on the basis of ensuring the normal installation of an application of a certain application type, it is possible to prevent multiple homologous applications from acquiring multiple permissions in the terminal device at the same time, thereby preventing the leakage of the user's private information.
可选地,本公开实施例中,在终端设备下载并安装第三应用程序之前,终端设备可以显示第三提示信息,以提示用户是否安装第三应用程序。Optionally, in the embodiment of the present disclosure, before the terminal device downloads and installs the third application program, the terminal device may display third prompt information to prompt the user whether to install the third application program.
示例性地,结合上述图6,如图8所示,本公开实施例提供的权限处理方法中,上述S206具体可以通过下述的S206a和S206b实现。并且,在S206a之后,本公开实施例提供的权限处理方法还可以包括下述的S206c。Exemplarily, in conjunction with the foregoing FIG. 6, as shown in FIG. 8, in the permission processing method provided by the embodiment of the present disclosure, the foregoing S206 may be specifically implemented by the following S206a and S206b. Moreover, after S206a, the permission processing method provided by the embodiment of the present disclosure may further include the following S206c.
S206a、在接收到用户对第二提示信息的第二输入的情况下,终端设备显示第三提示信息。S206a. In the case of receiving the second input of the second prompt information from the user, the terminal device displays the third prompt information.
其中,该第三提示信息用于提示用户是否安装第三应用程序。Wherein, the third prompt information is used to prompt the user whether to install the third application.
本公开实施例中,在接收到用户对第二提示信息的第二输入的情况下,终端设备可以显示上述第三显示信息,以提示用户是否安装上述第三应用程序。In the embodiment of the present disclosure, in the case of receiving the user's second input of the second prompt information, the terminal device may display the above-mentioned third display information to prompt the user whether to install the above-mentioned third application.
可选地,本公开实施例中,上述第三提示信息可以包括第二提示内容和第二提示选项。第二提示内容用于可以提示用户是否安装第三应用程序,第二提示选项可以包括第三选项和第四选项,第三选项可以用于确定安装第三应用程序,第四选项可以用于确定不安装第三应用程序。Optionally, in the embodiment of the present disclosure, the aforementioned third prompt information may include second prompt content and second prompt options. The second prompt content can be used to prompt the user whether to install the third application, the second prompt option can include the third option and the fourth option, the third option can be used to determine the installation of the third application, and the fourth option can be used to determine Do not install the third application.
示例性地,如图9所示,上述第二提示内容可以为“是否安装第三应用程序?”(如图9中的90所示),上述第三选项可以为“是”选项(如图9中的91所示),上述第四选项可以为“否”选项(如图9中的92所示)。Exemplarily, as shown in FIG. 9, the second prompt content may be "Do you want to install the third application?" (as shown by 90 in FIG. 9), and the third option may be the "Yes" option (as shown in FIG. 9), the above fourth option may be a "no" option (as shown by 92 in Figure 9).
S206b、在接收到用户对第三提示信息的第三输入的情况下,终端设备下载并安装第三应用程序。S206b: In the case of receiving the third input of the third prompt information from the user, the terminal device downloads and installs the third application.
其中,上述第三输入用于确定安装上述第三应用程序。示例性地,上述第三输入可以为用户对上述如图9中的91所示的“是”选项的输入。Wherein, the third input is used to determine to install the third application. Exemplarily, the foregoing third input may be the user's input to the foregoing "Yes" option as shown in 91 in FIG. 9.
需要说明的是,本公开实施例可以不限定上述第三输入的输入形式,具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that the embodiment of the present disclosure may not limit the above-mentioned third input input form, which may be specifically determined according to actual use requirements, and the embodiment of the present disclosure does not limit it.
S206c、在接收到用户对第三提示信息的第四输入的情况下,终端设备退出下载界面。S206c. In the case of receiving the user's fourth input of the third prompt information, the terminal device exits the download interface.
其中,上述第四输入用于确定不安装上述第三应用程序。示例性地,上述第四输入可以为用户对上述如图9中的92所示的“否”选项的输入。Wherein, the fourth input is used to determine not to install the third application. Exemplarily, the foregoing fourth input may be the user's input to the foregoing “No” option as shown in 92 in FIG. 9.
需要说明的是,本公开实施例可以不限定上述第四输入的输入形式,具体可以根据实际使用需求确定,本公开实施例不作限定。It should be noted that the embodiment of the present disclosure may not limit the above-mentioned fourth input input form, which may be specifically determined according to actual use requirements, and the embodiment of the present disclosure does not limit it.
需要说明的是,在上述目标条件为终端设备下载第一应用程序的情况下,终端设备执行上述S201之前,终端设备可以显示下载界面,该下载界面可以用于终端设备下载应用程序。如此,在终端设备接收到用户对第三提示信息的第四输入之后,终端设备可以退出该下载界面。It should be noted that, in the case where the above target condition is that the terminal device downloads the first application program, the terminal device may display a download interface before the terminal device executes the above S201, and the download interface may be used for the terminal device to download the application program. In this way, after the terminal device receives the user's fourth input of the third prompt information, the terminal device can exit the download interface.
本公开实施例中,终端设备显示第三提示信息后,若用户确定安装第三应用程序,则用 户可以通过对第三提示信息进行第三输入,触发终端设备安装第三应用程序;若用户确定不安装第三应用程序,则用户可以通过对第三提示信息进行第四输入,触发终端设备不安装第三应用程序,并退出当前显示的下载界面。如此,终端设备可以根据用户的需求安装或不安装第三应用程序,从而可以提升用户体验,提高人机交互性能。In the embodiment of the present disclosure, after the terminal device displays the third prompt information, if the user determines to install the third application program, the user can trigger the terminal device to install the third application program by third inputting the third prompt information; if the user determines If the third application program is not installed, the user can trigger the terminal device not to install the third application program and exit the currently displayed download interface by performing a fourth input to the third prompt message. In this way, the terminal device can install or not install the third application according to the user's needs, thereby improving user experience and improving human-computer interaction performance.
需要说明的是,本公开实施例中,上述各个方法附图所示的权限处理方法均是以结合本公开实施例中的一个附图为例示例性地说明的。具体实现时,上述各个方法附图所示的权限处理方法还可以结合上述实施例中示意的其它可以结合的任意附图实现,此处不再赘述。It should be noted that, in the embodiments of the present disclosure, the permission processing methods shown in the drawings of the above methods are all exemplified in conjunction with a drawing in the embodiments of the present disclosure. In specific implementation, the permission processing methods shown in the drawings of the above methods can also be implemented in combination with any other drawings illustrated in the above embodiments that can be combined, and details are not described herein again.
如图10所示,本公开实施例提供一种终端设备400,该终端设备400可以包括确定模块401和处理模块402。其中,确定模块401,用于在满足目标条件的情况下,在终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序,该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序;处理模块402,用于按照第一方式处理第一权限,该第一权限为终端设备为确定模块401确定的第二应用程序配置的权限,该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式,N为正整数。As shown in FIG. 10, an embodiment of the present disclosure provides a terminal device 400. The terminal device 400 may include a determining module 401 and a processing module 402. The determining module 401 is configured to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met, and the target condition is as follows At least one item: the terminal device downloads the first application program, and the terminal device runs the first application program; the processing module 402 is configured to process the first permission in the first manner, and the first permission is the second permission determined by the terminal device for the determining module 401 For the permission configured by the application, the first method includes at least one of the following: a method of closing the permission, a method of encrypting information corresponding to the permission, and N is a positive integer.
可选地,上述处理模块402,还用于在终端设备运行第二应用程序的情况下,按照与第一方式对应的第二方式处理第一权限,该第二方式包括以下至少一项:打开权限的方式、解密与权限对应的信息的方式。Optionally, the above-mentioned processing module 402 is further configured to process the first permission according to a second method corresponding to the first method when the terminal device is running the second application program, and the second method includes at least one of the following: The way of authority, the way of decrypting information corresponding to authority.
可选地,结合上述图10,如图11所示,本公开实施例提供的终端设备还可以包括显示模块403。其中,显示模块403,用于在目标数量大于或等于预设阈值的情况下,显示第一提示信息,该第一提示信息用于提示用户同源应用获取的权限数量已超过预设阈值,该目标数量为第一权限的数量和第二权限的数量之和,该第二权限为终端设备为第一应用程序配置的权限。Optionally, in conjunction with FIG. 10, as shown in FIG. 11, the terminal device provided by the embodiment of the present disclosure may further include a display module 403. Wherein, the display module 403 is configured to display first prompt information when the number of targets is greater than or equal to a preset threshold, and the first prompt information is used to prompt the user that the number of permissions obtained by the same-source application has exceeded the preset threshold. The target quantity is the sum of the quantity of the first authority and the quantity of the second authority, and the second authority is the authority configured by the terminal device for the first application.
可选地,在上述目标条件为终端设备下载第一应用程序的情况下,结合上述图10,如图11所示,本公开实施例提供的终端设备还可以包括显示模块403。上述显示模块403,用于在确定模块401确定与第一应用程序属于同源应用程序的第二应用程序之后,在处理模块402按照第一方式处理第一权限之前,显示第二提示信息,该第二提示信息用于提示用户是否安装第一应用程序;上述处理模块402,具体用于在接收到用户对第二提示信息的第一输入的情况下,按照第一方式处理第一权限,并安装第一应用程序,该第一输入用于确定安装第一应用程序。Optionally, in the case where the foregoing target condition is that the terminal device downloads the first application program, in conjunction with the foregoing FIG. 10, as shown in FIG. 11, the terminal device provided in the embodiment of the present disclosure may further include a display module 403. The above-mentioned display module 403 is configured to display the second prompt message after the determining module 401 determines that the second application belongs to the same source application as the first application, and before the processing module 402 processes the first permission in the first manner. The second prompt information is used to prompt the user whether to install the first application program; the above processing module 402 is specifically used to process the first permission in the first manner when the user's first input of the second prompt information is received, and The first application is installed, and the first input is used to determine to install the first application.
可选地,上述处理模块402,还用于在显示模块403显示第二提示信息之后,在接收到用户对第二提示信息的第二输入的情况下,下载并安装第三应用程序,该第三应用程序为与第一应用程序的应用类型相同的应用程序,且第三应用程序与第一应用程序不属于同源应用程序,该第二输入用于确定不安装第一应用程序。Optionally, the above-mentioned processing module 402 is further configured to download and install a third application after receiving the second input of the second prompt information from the user after the display module 403 displays the second prompt information. The third application is an application of the same application type as the first application, and the third application and the first application do not belong to the same source application, and the second input is used to determine not to install the first application.
可选地,上述显示模块403,还用于第三提示信息,该第三提示信息用于提示用户是否安装第三应用程序;上述处理模块402,还用于在接收到用户对第三提示信息的第三输入的情况下,下载并安装第三应用程序,该第三输入用于确定安装第三应用程序。Optionally, the above-mentioned display module 403 is also used for third prompt information, which is used to prompt the user whether to install the third application program; the above-mentioned processing module 402 is also used for receiving the third prompt information from the user In the case of the third input of, download and install the third application, and the third input is used to determine to install the third application.
可选地,上述处理模块402,还用于在显示模块403显示第三提示信息之后,在接收到用户对第三提示信息的第四输入的情况下,退出下载界面,该下载界面用于下载应用程序。Optionally, the above-mentioned processing module 402 is further configured to exit the download interface after the third prompt information is displayed by the display module 403 and in the case of receiving the fourth input of the third prompt information from the user. application.
本公开实施例中,上述第一输入、第二输入、第三输入和第四输入可以为终端设备中的接收模块接收的。In the embodiment of the present disclosure, the above-mentioned first input, second input, third input, and fourth input may be received by the receiving module in the terminal device.
本公开实施例提供的终端设备能够实现上述方法实施例中终端设备实现的各个过程,为 避免重复,这里不再赘述。The terminal device provided by the embodiment of the present disclosure can implement the various processes implemented by the terminal device in the foregoing method embodiment. In order to avoid repetition, details are not described herein again.
本公开实施例提供一种终端设备,该终端设备可以在满足目标条件(该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序)的情况下,在终端设备已安装的N(N为正整数)个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序;并按照第一方式(该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式)处理第一权限(该第一权限为终端设备为第二应用程序配置的权限)。通过该方案,当终端设备下载一个应用程序和/或运行一个应用程序时,由于终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,因此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。The embodiment of the present disclosure provides a terminal device, which can perform the operation in the terminal when the target condition is satisfied (the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program). Among the N (N is a positive integer) application programs installed on the device, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: Close The way of authority, the way of encrypting information corresponding to the authority) handle the first authority (the first authority is the authority configured by the terminal device for the second application). Through this solution, when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
图12为实现本公开各个实施例的一种终端设备的硬件结构示意图。如图12所示,该终端设备100包括但不限于:射频单元101、网络模块102、音频输出单元103、输入单元104、传感器105、显示单元106、用户输入单元107、接口单元108、存储器109、处理器110、以及电源111等部件。本领域技术人员可以理解,图12中示出的终端设备结构并不构成对终端设备的限定,终端设备可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。在本公开实施例中,终端设备包括但不限于手机、平板电脑、笔记本电脑、掌上电脑、车载终端、可穿戴设备、以及计步器等。FIG. 12 is a schematic diagram of the hardware structure of a terminal device that implements various embodiments of the present disclosure. As shown in FIG. 12, the terminal device 100 includes but is not limited to: a radio frequency unit 101, a network module 102, an audio output unit 103, an input unit 104, a sensor 105, a display unit 106, a user input unit 107, an interface unit 108, and a memory 109 , The processor 110, and the power supply 111 and other components. Those skilled in the art can understand that the structure of the terminal device shown in FIG. 12 does not constitute a limitation on the terminal device, and the terminal device may include more or fewer components than shown in the figure, or a combination of certain components, or different components Layout. In the embodiments of the present disclosure, terminal devices include, but are not limited to, mobile phones, tablet computers, notebook computers, palmtop computers, vehicle-mounted terminals, wearable devices, and pedometers.
其中,处理器110,用于在满足目标条件的情况下,在终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序;并按照第一方式处理第一权限。其中,目标条件可以为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序;第一方式可以包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式,第一权限为终端设备为第二应用程序配置的权限。The processor 110 is configured to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met; and according to the first method Process the first authority. Wherein, the target condition may be at least one of the following: the terminal device downloads the first application program, the terminal device runs the first application program; the first method may include at least one of the following: a method of closing permissions, a method of encrypting information corresponding to permissions , The first permission is the permission configured by the terminal device for the second application.
本公开实施例中,上述第一输入、第二输入、第三输入和第四输入可以为上述用户输入单元107接收的。In the embodiment of the present disclosure, the aforementioned first input, second input, third input, and fourth input may be received by the aforementioned user input unit 107.
可以理解,本公开实施例中,上述终端设备的结构示意图(例如上述图10和图11)中的确定模块401和处理模块402可以通过上述处理器110实现。上述终端设备的结构示意图(例如上述图11)中的显示模块403可以通过上述显示单元106实现。It can be understood that, in the embodiment of the present disclosure, the determination module 401 and the processing module 402 in the above-mentioned structural schematic diagram of the terminal device (for example, the above-mentioned FIG. 10 and FIG. 11) may be implemented by the above-mentioned processor 110. The display module 403 in the above-mentioned structural schematic diagram of the terminal device (for example, the above-mentioned FIG. 11) may be implemented by the above-mentioned display unit 106.
本公开实施例提供一种终端设备,该终端设备可以在满足目标条件(该目标条件为以下至少一项:终端设备下载第一应用程序、终端设备运行第一应用程序)的情况下,在终端设备已安装的N(N为正整数)个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序;并按照第一方式(该第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式)处理第一权限(该第一权限为终端设备为第二应用程序配置的权限)。通过该方案,当终端设备下载一个应用程序和/或运行一个应用程序时,由于终端设备可以关闭终端设备为其他应用程序(该其他应用程序与该一个应用程序属于同源应用程序)配置的权限,或加密与终端设备为该其他应用程序配置的权限对应的信息,因此可以防止这些同源应用程序同时获取终端设备中的不同权限,从而可以避免这些同源应用程序的开发商或运营商将这些同源应用程序根据不同权限获取的数据叠加、处理等后获得用户的详细信息,进而可以防止用户的隐私信息泄露,保证用户的隐私信息安全。The embodiment of the present disclosure provides a terminal device, which can perform the operation in the terminal when the target condition is satisfied (the target condition is at least one of the following: the terminal device downloads a first application program, and the terminal device runs the first application program). Among the N (N is a positive integer) application programs installed on the device, determine the second application program that belongs to the same source application program as the first application program; and according to the first method (the first method includes at least one of the following: Close The way of authority, the way of encrypting information corresponding to the authority) handle the first authority (the first authority is the authority configured by the terminal device for the second application). Through this solution, when a terminal device downloads an application and/or runs an application, the terminal device can close the permissions configured for other applications (the other application and the one application belong to the same source) , Or encrypt the information corresponding to the permissions configured by the terminal device for this other application, so it can prevent these same-source applications from acquiring different permissions in the terminal device at the same time, thus avoiding the developers or operators of these same-source applications from These same-origin applications can obtain detailed user information after superimposing and processing the data obtained according to different permissions, thereby preventing the leakage of the user's private information and ensuring the security of the user's private information.
应理解的是,本公开实施例中,射频单元101可用于收发信息或通话过程中,信号的接 收和发送,具体的,将来自基站的下行数据接收后,给处理器110处理;另外,将上行的数据发送给基站。通常,射频单元101包括但不限于天线、至少一个放大器、收发信机、耦合器、低噪声放大器、双工器等。此外,射频单元101还可以通过无线通信系统与网络和其他设备通信。It should be understood that, in the embodiment of the present disclosure, the radio frequency unit 101 can be used for receiving and sending signals in the process of sending and receiving information or talking. Specifically, the downlink data from the base station is received and processed by the processor 110; Uplink data is sent to the base station. Generally, the radio frequency unit 101 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 101 can also communicate with the network and other devices through a wireless communication system.
终端设备通过网络模块102为用户提供了无线的宽带互联网访问,如帮助用户收发电子邮件、浏览网页和访问流式媒体等。The terminal device provides users with wireless broadband Internet access through the network module 102, such as helping users to send and receive emails, browse web pages, and access streaming media.
音频输出单元103可以将射频单元101或网络模块102接收的或者在存储器109中存储的音频数据转换成音频信号并且输出为声音。而且,音频输出单元103还可以提供与终端设备100执行的特定功能相关的音频输出(例如,呼叫信号接收声音、消息接收声音等等)。音频输出单元103包括扬声器、蜂鸣器以及受话器等。The audio output unit 103 can convert the audio data received by the radio frequency unit 101 or the network module 102 or stored in the memory 109 into audio signals and output them as sounds. Moreover, the audio output unit 103 may also provide audio output related to a specific function performed by the terminal device 100 (for example, call signal reception sound, message reception sound, etc.). The audio output unit 103 includes a speaker, a buzzer, a receiver, and the like.
输入单元104用于接收音频或视频信号。输入单元104可以包括图形处理器(graphics processing unit,GPU)1041和麦克风1042,图形处理器1041对在视频捕获模式或图像捕获模式中由图像捕获装置(如摄像头)获得的静态图片或视频的图像数据进行处理。处理后的图像帧可以显示在显示单元106上。经图形处理器1041处理后的图像帧可以存储在存储器109(或其它存储介质)中或者经由射频单元101或网络模块102进行发送。麦克风1042可以接收声音,并且能够将这样的声音处理为音频数据。处理后的音频数据可以在电话通话模式的情况下转换为可经由射频单元101发送到移动通信基站的格式输出。The input unit 104 is used to receive audio or video signals. The input unit 104 may include a graphics processing unit (GPU) 1041 and a microphone 1042. The graphics processing unit 1041 is used to capture still pictures or video images obtained by an image capture device (such as a camera) in a video capture mode or an image capture mode. Data is processed. The processed image frame can be displayed on the display unit 106. The image frame processed by the graphics processor 1041 may be stored in the memory 109 (or other storage medium) or sent via the radio frequency unit 101 or the network module 102. The microphone 1042 can receive sound, and can process such sound into audio data. The processed audio data can be converted into a format that can be sent to a mobile communication base station via the radio frequency unit 101 for output in the case of a telephone call mode.
终端设备100还包括至少一种传感器105,比如光传感器、运动传感器以及其他传感器。具体地,光传感器包括环境光传感器及接近传感器,其中,环境光传感器可根据环境光线的明暗来调节显示面板1061的亮度,接近传感器可在终端设备100移动到耳边时,关闭显示面板1061和/或背光。作为运动传感器的一种,加速计传感器可检测各个方向上(一般为三轴)加速度的大小,静止时可检测出重力的大小及方向,可用于识别终端设备姿态(比如横竖屏切换、相关游戏、磁力计姿态校准)、振动识别相关功能(比如计步器、敲击)等;传感器105还可以包括指纹传感器、压力传感器、虹膜传感器、分子传感器、陀螺仪、气压计、湿度计、温度计、红外线传感器等,在此不再赘述。The terminal device 100 also includes at least one sensor 105, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor and a proximity sensor. The ambient light sensor can adjust the brightness of the display panel 1061 according to the brightness of the ambient light. The proximity sensor can close the display panel 1061 and the display panel 1061 when the terminal device 100 is moved to the ear. / Or backlight. As a kind of motion sensor, the accelerometer sensor can detect the magnitude of acceleration in various directions (usually three-axis), and can detect the magnitude and direction of gravity when it is stationary, and can be used to identify the posture of the terminal device (such as horizontal and vertical screen switching, related games) , Magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tap), etc.; sensor 105 can also include fingerprint sensors, pressure sensors, iris sensors, molecular sensors, gyroscopes, barometers, hygrometers, thermometers, Infrared sensors, etc., will not be repeated here.
显示单元106用于显示由用户输入的信息或提供给用户的信息。显示单元106可包括显示面板1061,可以采用液晶显示器(liquid crystal display,LCD)、有机发光二极管(organic light-emitting diode,OLED)等形式来配置显示面板1061。The display unit 106 is used to display information input by the user or information provided to the user. The display unit 106 may include a display panel 1061, and the display panel 1061 may be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), etc.
用户输入单元107可用于接收输入的数字或字符信息,以及产生与终端设备的用户设置以及功能控制有关的键信号输入。具体地,用户输入单元107包括触控面板1071以及其他输入设备1072。触控面板1071,也称为触摸屏,可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触控面板1071上或在触控面板1071附近的操作)。触控面板1071可包括触摸检测装置和触摸控制器两个部分。其中,触摸检测装置检测用户的触摸方位,并检测触摸操作带来的信号,将信号传送给触摸控制器;触摸控制器从触摸检测装置上接收触摸信息,并将它转换成触点坐标,再送给处理器110,接收处理器110发来的命令并加以执行。此外,可以采用电阻式、电容式、红外线以及表面声波等多种类型实现触控面板1071。除了触控面板1071,用户输入单元107还可以包括其他输入设备1072。具体地,其他输入设备1072可以包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆,在此不再赘述。The user input unit 107 may be used to receive inputted numeric or character information, and generate key signal input related to user settings and function control of the terminal device. Specifically, the user input unit 107 includes a touch panel 1071 and other input devices 1072. The touch panel 1071, also called a touch screen, can collect user touch operations on or near it (for example, the user uses any suitable objects or accessories such as fingers, stylus, etc.) on the touch panel 1071 or near the touch panel 1071. operating). The touch panel 1071 may include two parts: a touch detection device and a touch controller. Among them, the touch detection device detects the user's touch position, detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and then sends it To the processor 110, the command sent by the processor 110 is received and executed. In addition, the touch panel 1071 can be realized by various types such as resistive, capacitive, infrared, and surface acoustic wave. In addition to the touch panel 1071, the user input unit 107 may also include other input devices 1072. Specifically, other input devices 1072 may include, but are not limited to, a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackball, mouse, and joystick, which will not be repeated here.
进一步的,触控面板1071可覆盖在显示面板1061上,当触控面板1071检测到在其上或附近的触摸操作后,传送给处理器110以确定触摸事件的类型,随后处理器110根据触摸事 件的类型在显示面板1061上提供相应的视觉输出。虽然在图12中,触控面板1071与显示面板1061是作为两个独立的部件来实现终端设备的输入和输出功能,但是在某些实施例中,可以将触控面板1071与显示面板1061集成而实现终端设备的输入和输出功能,具体此处不做限定。Further, the touch panel 1071 can be overlaid on the display panel 1061. When the touch panel 1071 detects a touch operation on or near it, it is transmitted to the processor 110 to determine the type of the touch event. The type of event provides corresponding visual output on the display panel 1061. Although in FIG. 12, the touch panel 1071 and the display panel 1061 are used as two independent components to realize the input and output functions of the terminal device, in some embodiments, the touch panel 1071 and the display panel 1061 can be integrated The implementation of the input and output functions of the terminal device is not specifically limited here.
接口单元108为外部装置与终端设备100连接的接口。例如,外部装置可以包括有线或无线头戴式耳机端口、外部电源(或电池充电器)端口、有线或无线数据端口、存储卡端口、用于连接具有识别模块的装置的端口、音频输入/输出(I/O)端口、视频I/O端口、耳机端口等等。接口单元108可以用于接收来自外部装置的输入(例如,数据信息、电力等等)并且将接收到的输入传输到终端设备100内的一个或多个元件或者可以用于在终端设备100和外部装置之间传输数据。The interface unit 108 is an interface for connecting an external device with the terminal device 100. For example, the external device may include a wired or wireless headset port, an external power source (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device with an identification module, audio input/output (I/O) port, video I/O port, headphone port, etc. The interface unit 108 can be used to receive input (for example, data information, power, etc.) from an external device and transmit the received input to one or more elements in the terminal device 100 or can be used to connect to the terminal device 100 and external Transfer data between devices.
存储器109可用于存储软件程序以及各种数据。存储器109可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据手机的使用所创建的数据(比如音频数据、电话本等)等。此外,存储器109可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The memory 109 can be used to store software programs and various data. The memory 109 may mainly include a program storage area and a data storage area. The program storage area may store an operating system, an application program required by at least one function (such as a sound playback function, an image playback function, etc.), etc.; Data (such as audio data, phone book, etc.) created by the use of mobile phones. In addition, the memory 109 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.
处理器110是终端设备的控制中心,利用各种接口和线路连接整个终端设备的各个部分,通过运行或执行存储在存储器109内的软件程序和/或模块,以及调用存储在存储器109内的数据,执行终端设备的各种功能和处理数据,从而对终端设备进行整体监控。处理器110可包括一个或多个处理单元;可选地,处理器110可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器110中。The processor 110 is the control center of the terminal device. It uses various interfaces and lines to connect the various parts of the entire terminal device, runs or executes the software programs and/or modules stored in the memory 109, and calls data stored in the memory 109 , Perform various functions of the terminal equipment and process data, so as to monitor the terminal equipment as a whole. The processor 110 may include one or more processing units; optionally, the processor 110 may integrate an application processor and a modem processor, where the application processor mainly processes the operating system, user interface, and application programs, etc. The adjustment processor mainly deals with wireless communication. It can be understood that the foregoing modem processor may not be integrated into the processor 110.
终端设备100还可以包括给各个部件供电的电源111(比如电池),可选地,电源111可以通过电源管理系统与处理器110逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。The terminal device 100 may also include a power source 111 (such as a battery) for supplying power to various components. Optionally, the power source 111 may be logically connected to the processor 110 through a power management system, so as to manage charging, discharging, and power consumption through the power management system. Management and other functions.
另外,终端设备100包括一些未示出的功能模块,在此不再赘述。In addition, the terminal device 100 includes some functional modules not shown, which will not be repeated here.
可选地,本公开实施例还提供一种终端设备,该终端设备可以包括如图12所示的处理器110,存储器109,存储在存储器109上并可在处理器110上运行的计算机程序,该计算机程序被处理器110执行时实现上述方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。Optionally, an embodiment of the present disclosure also provides a terminal device, which may include a processor 110 as shown in FIG. 12, a memory 109, a computer program stored in the memory 109 and running on the processor 110, When the computer program is executed by the processor 110, each process of the foregoing method embodiment is realized, and the same technical effect can be achieved. To avoid repetition, details are not described herein again.
本公开实施例还提供一种计算机可读存储介质,计算机可读存储介质上存储有计算机程序,该计算机程序被处理器执行时实现上述方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。其中,该计算机可读存储介质可以包括只读存储器(read-only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等。The embodiments of the present disclosure also provide a computer-readable storage medium on which a computer program is stored. When the computer program is executed by a processor, each process of the foregoing method embodiment is implemented, and the same technical effect can be achieved. To avoid repetition, I won’t repeat them here. Wherein, the computer-readable storage medium may include read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk, etc.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that in this article, the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device including a series of elements not only includes those elements, It also includes other elements not explicitly listed, or elements inherent to the process, method, article, or device. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, article or device that includes the element.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更 佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对相关技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better.的实施方式。 Based on this understanding, the technical solution of this application essentially or the part that contributes to the related technology can be embodied in the form of a software product, the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) ) Includes several instructions to make a terminal device (which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the method described in each embodiment of the present application.
上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。The embodiments of the present application are described above with reference to the accompanying drawings, but the present application is not limited to the above-mentioned specific embodiments. The above-mentioned specific embodiments are only illustrative and not restrictive. Those of ordinary skill in the art are Under the enlightenment of this application, without departing from the purpose of this application and the scope of protection of the claims, many forms can be made, all of which fall within the protection of this application.

Claims (12)

  1. 一种权限处理方法,应用于终端设备,所述方法包括:A permission processing method, applied to a terminal device, the method including:
    在满足目标条件的情况下,在所述终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序,N为正整数,所述目标条件为以下至少一项:所述终端设备下载所述第一应用程序、所述终端设备运行所述第一应用程序;In the case that the target condition is met, among the N applications installed on the terminal device, it is determined that the second application that belongs to the same source application as the first application, N is a positive integer, and the target condition is as follows At least one item: the terminal device downloads the first application program, and the terminal device runs the first application program;
    按照第一方式处理第一权限,所述第一权限为所述终端设备为所述第二应用程序配置的权限,所述第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式。The first permission is processed according to the first method, the first permission is the permission configured by the terminal device for the second application, and the first method includes at least one of the following: a method of closing the permission, encryption and permission correspondence Way of information.
  2. 根据权利要求1所述的方法,其中,所述按照第一方式处理第一权限之后,所述方法还包括:The method according to claim 1, wherein, after the first permission is processed in the first manner, the method further comprises:
    在所述终端设备运行所述第二应用程序的情况下,按照与所述第一方式对应的第二方式处理所述第一权限,所述第二方式包括以下至少一项:打开权限的方式、解密与权限对应的信息的方式。When the terminal device runs the second application, the first permission is processed in a second manner corresponding to the first method, and the second method includes at least one of the following: , The way to decrypt the information corresponding to the authority.
  3. 根据权利要求1或2所述的方法,其中,所述方法还包括:The method according to claim 1 or 2, wherein the method further comprises:
    在目标数量大于或等于预设阈值的情况下,显示第一提示信息,所述第一提示信息用于提示用户同源应用获取的权限数量已超过预设阈值,所述目标数量为所述第一权限的数量和第二权限的数量之和,所述第二权限为所述终端设备为所述第一应用程序配置的权限。In the case that the number of targets is greater than or equal to the preset threshold, first prompt information is displayed, where the first prompt information is used to prompt the user that the number of permissions obtained by the same-source application has exceeded the preset threshold, and the target number is the first The sum of the number of a permission and the number of a second permission, where the second permission is a permission configured by the terminal device for the first application.
  4. 根据权利要求1所述的方法,其中,所述目标条件为所述终端设备下载所述第一应用程序;The method according to claim 1, wherein the target condition is that the terminal device downloads the first application;
    所述确定与第一应用程序属于同源应用程序的第二应用程序之后,所述按照第一方式处理第一权限之前,所述方法还包括:After the determining that the second application belongs to the same source application as the first application, and before the processing the first permission in the first manner, the method further includes:
    显示第二提示信息,所述第二提示信息用于提示用户是否安装所述第一应用程序;Displaying second prompt information, where the second prompt information is used to prompt the user whether to install the first application;
    所述按照第一方式处理第一权限,包括:The processing of the first permission in the first manner includes:
    在接收到用户对所述第二提示信息的第一输入的情况下,按照所述第一方式处理所述第一权限,并安装所述第一应用程序,所述第一输入用于确定安装所述第一应用程序。In the case of receiving the user's first input of the second prompt information, the first permission is processed in the first manner, and the first application is installed, and the first input is used to determine the installation The first application.
  5. 根据权利要求4所述的方法,其中,所述显示第二提示信息之后,所述方法还包括:The method according to claim 4, wherein after the displaying the second prompt information, the method further comprises:
    在接收到用户对所述第二提示信息的第二输入的情况下,下载并安装第三应用程序,所述第三应用程序为与所述第一应用程序的应用类型相同的应用程序,且所述第三应用程序与所述第二应用程序不属于同源应用程序,所述第二输入用于确定不安装所述第一应用程序。In the case of receiving the user's second input of the second prompt information, download and install a third application, the third application being an application of the same application type as the first application, and The third application and the second application do not belong to the same source application, and the second input is used to determine not to install the first application.
  6. 一种终端设备,所述终端设备包括确定模块和处理模块;A terminal device, the terminal device including a determining module and a processing module;
    所述确定模块,用于在满足目标条件的情况下,在所述终端设备已安装的N个应用程序中,确定与第一应用程序属于同源应用程序的第二应用程序,N为正整数,所述目标条件为以下至少一项:所述终端设备下载所述第一应用程序、所述终端设备运行所述第一应用程序;The determining module is configured to determine a second application that belongs to the same source application as the first application among the N applications installed on the terminal device when the target condition is met, and N is a positive integer The target condition is at least one of the following: the terminal device downloads the first application program, and the terminal device runs the first application program;
    所述处理模块,用于按照第一方式处理第一权限,所述第一权限为所述终端设备为所述确定模块确定的所述第二应用程序配置的权限,所述第一方式包括以下至少一项:关闭权限的方式、加密与权限对应的信息的方式。The processing module is configured to process a first permission in a first manner, where the first permission is a permission configured by the terminal device for the second application determined by the determining module, and the first method includes the following At least one item: the way to close the authority, the way to encrypt the information corresponding to the authority.
  7. 根据权利要求6所述的终端设备,其中,The terminal device according to claim 6, wherein:
    所述处理模块,还用于在所述终端设备运行所述第二应用程序的情况下,按照与所述第一方式对应的第二方式处理所述第一权限,所述第二方式包括以下至少一项:打开权限的方式、解密与权限对应的信息的方式。The processing module is further configured to process the first permission according to a second method corresponding to the first method when the terminal device is running the second application program, and the second method includes the following At least one item: the way to open the authority, and the way to decrypt the information corresponding to the authority.
  8. 根据权利要求6或7所述的终端设备,其中,所述终端设备还包括显示模块;The terminal device according to claim 6 or 7, wherein the terminal device further comprises a display module;
    所述显示模块,用于在目标数量大于或等于预设阈值的情况下,显示第一提示信息,所 述第一提示信息用于提示用户同源应用获取的权限数量已超过预设阈值,所述目标数量为所述第一权限的数量和第二权限的数量之和,所述第二权限为所述终端设备为所述第一应用程序配置的权限。The display module is configured to display first prompt information when the number of targets is greater than or equal to a preset threshold, and the first prompt information is used to prompt the user that the number of permissions acquired by the same-source application has exceeded the preset threshold, so The target quantity is the sum of the quantity of the first authority and the quantity of the second authority, and the second authority is the authority configured by the terminal device for the first application.
  9. 根据权利要求6所述的终端设备,其中,所述目标条件为所述终端设备下载所述第一应用程序,所述终端设备还包括显示模块;The terminal device according to claim 6, wherein the target condition is that the terminal device downloads the first application program, and the terminal device further comprises a display module;
    所述显示模块,用于在所述确定模块确定与所述第一应用程序属于同源应用程序的所述第二应用程序之后,在所述处理模块按照所述第一方式处理所述第一权限之前,显示第二提示信息,所述第二提示信息用于提示用户是否安装所述第一应用程序;The display module is configured to process the first application in the first manner after the determining module determines that the second application belongs to the same source application as the first application. Before authorization, display a second prompt message, where the second prompt message is used to prompt the user whether to install the first application;
    所述处理模块,具体用于在接收到用户对所述显示模块显示的所述第二提示信息的第一输入的情况下,按照所述第一方式处理所述第一权限,并安装所述第一应用程序,所述第一输入用于确定安装所述第一应用程序。The processing module is specifically configured to process the first authority according to the first method in the case of receiving the user's first input of the second prompt information displayed by the display module, and install the The first application, the first input is used to determine to install the first application.
  10. 根据权利要求9所述的终端设备,其中,The terminal device according to claim 9, wherein:
    所述处理模块,还用于在所述显示模块显示所述第二提示信息之后,在接收到用户对所述第二提示信息的第二输入的情况下,下载并安装第三应用程序,所述第三应用程序为与所述第一应用程序的应用类型相同的应用程序,且所述第三应用程序与所述第二应用程序不属于同源应用程序,所述第二输入用于确定不安装所述第一应用程序。The processing module is further configured to download and install a third application program after the second prompt information is displayed by the display module, in the case of receiving a second input of the second prompt information from the user, The third application is an application of the same application type as the first application, and the third application and the second application are not homologous applications, and the second input is used to determine The first application is not installed.
  11. 一种终端设备,包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述计算机程序被所述处理器执行时实现如权利要求1至5中任一项所述的权限处理方法的步骤。A terminal device comprising a processor, a memory, and a computer program stored on the memory and capable of running on the processor. The computer program is executed by the processor to implement any of claims 1 to 5 One of the steps of the permission processing method.
  12. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质上存储计算机程序,所述计算机程序被处理器执行时实现如权利要求1至5中任一项所述的权限处理方法的步骤。A computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the authority processing method according to any one of claims 1 to 5 is implemented A step of.
PCT/CN2020/082082 2019-06-24 2020-03-30 Permission processing method and terminal device WO2020258961A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910551473.3 2019-06-24
CN201910551473.3A CN110443030B (en) 2019-06-24 2019-06-24 Permission processing method and terminal device

Publications (1)

Publication Number Publication Date
WO2020258961A1 true WO2020258961A1 (en) 2020-12-30

Family

ID=68428257

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/082082 WO2020258961A1 (en) 2019-06-24 2020-03-30 Permission processing method and terminal device

Country Status (2)

Country Link
CN (1) CN110443030B (en)
WO (1) WO2020258961A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110443030B (en) * 2019-06-24 2021-04-27 维沃移动通信有限公司 Permission processing method and terminal device
CN111125680A (en) * 2019-11-29 2020-05-08 维沃移动通信有限公司 Permission setting method and terminal equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160232344A1 (en) * 2015-02-11 2016-08-11 Electronics And Telecommunications Research Institute Method for re-adjusting application permission and user terminal for performing the same method
CN106569832A (en) * 2016-11-10 2017-04-19 北京金山安全软件有限公司 Application program management method and device and terminal
CN109063467A (en) * 2013-05-27 2018-12-21 华为终端(东莞)有限公司 The method, apparatus and terminal of system function call
CN109343900A (en) * 2018-08-30 2019-02-15 维沃移动通信有限公司 A kind of authority configuring method and terminal
CN110443030A (en) * 2019-06-24 2019-11-12 维沃移动通信有限公司 A kind of permission processing method and terminal device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999026123A1 (en) * 1997-11-18 1999-05-27 Christopher Benjamin Wakely Improvements relating to software protection systems
US7076804B2 (en) * 2001-05-11 2006-07-11 International Business Machines Corporation Automated program resource identification and association
KR101285394B1 (en) * 2011-08-24 2013-08-23 주식회사 팬택 Apparatus and Method for Controlling Permission in Mobile Terminal
CN106372491B (en) * 2015-12-15 2021-03-02 北京智谷睿拓技术服务有限公司 Sensor access right management method and device
CN108681427B (en) * 2018-05-28 2020-06-30 维沃移动通信有限公司 Access right control method and terminal equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109063467A (en) * 2013-05-27 2018-12-21 华为终端(东莞)有限公司 The method, apparatus and terminal of system function call
US20160232344A1 (en) * 2015-02-11 2016-08-11 Electronics And Telecommunications Research Institute Method for re-adjusting application permission and user terminal for performing the same method
CN106569832A (en) * 2016-11-10 2017-04-19 北京金山安全软件有限公司 Application program management method and device and terminal
CN109343900A (en) * 2018-08-30 2019-02-15 维沃移动通信有限公司 A kind of authority configuring method and terminal
CN110443030A (en) * 2019-06-24 2019-11-12 维沃移动通信有限公司 A kind of permission processing method and terminal device

Also Published As

Publication number Publication date
CN110443030B (en) 2021-04-27
CN110443030A (en) 2019-11-12

Similar Documents

Publication Publication Date Title
WO2021098678A1 (en) Screencast control method and electronic device
WO2021197263A1 (en) Content sharing method and electronic device
WO2021077927A1 (en) Display control method and electronic device
CN109542282B (en) Interface display method and terminal equipment
WO2020186945A1 (en) Interface display method and terminal device
WO2020215932A1 (en) Method for displaying unread message and terminal device
WO2020186964A1 (en) Audio signal outputting method and terminal device
CN111027030B (en) Permission setting method and terminal device
CN110908557B (en) Information display method and terminal equipment
WO2021121265A1 (en) Camera starting method and electronic device
WO2021004327A1 (en) Method for setting application permission, and terminal device
WO2020151525A1 (en) Message sending method, and terminal device
CN108681664B (en) Encryption method and device
WO2021110053A1 (en) File sending method and terminal device
WO2020199783A1 (en) Interface display method and terminal device
WO2021136138A1 (en) Information prompting method and electronic device
WO2021083058A1 (en) Image processing method, server, and terminal device
WO2020181954A1 (en) Application program control method and terminal device
WO2020233218A1 (en) Information encryption method, information decryption method, and terminal
WO2021057290A1 (en) Information control method and electronic device
WO2021109959A1 (en) Application sharing method and electronic device
WO2020258952A1 (en) Permission configuration method and terminal device
WO2021093766A1 (en) Message display method, and electronic apparatus
WO2021057224A1 (en) Message prompting method and terminal device
WO2021121225A1 (en) Method for installing application program, and electronic apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20832960

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20832960

Country of ref document: EP

Kind code of ref document: A1