WO2023071990A1 - 一种隐私保护方法及系统 - Google Patents
一种隐私保护方法及系统 Download PDFInfo
- Publication number
- WO2023071990A1 WO2023071990A1 PCT/CN2022/127064 CN2022127064W WO2023071990A1 WO 2023071990 A1 WO2023071990 A1 WO 2023071990A1 CN 2022127064 W CN2022127064 W CN 2022127064W WO 2023071990 A1 WO2023071990 A1 WO 2023071990A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- password
- user
- input
- verification
- preset
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000012795 verification Methods 0.000 claims description 88
- 230000009191 jumping Effects 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 7
- 238000013523 data management Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000008676 import Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Definitions
- Embodiments of the present invention relate to the technical fields of privacy protection and data security, and in particular, to a privacy protection method and system.
- terminal devices such as mobile phones and computers
- users will generate a lot of private data or files, such as private photos, videos, notes, documents, browsing websites, etc. If the terminal devices are not properly kept, these personal private data will be destroyed. Facing the risk of being leaked, how to protect the private data on the terminal device has become an urgent problem to be solved by those skilled in the art.
- embodiments of the present invention provide a privacy protection method and system to solve the problem that private data on existing terminal devices such as mobile phones and computers are easily leaked.
- a privacy protection method comprising:
- storing and managing the private data information in the private space includes: importing the private data information from the non-private space on the terminal device into the private space and performing encryption processing.
- the method further includes: encrypting the import process.
- step of performing password verification on the information input by the user it also includes:
- step of receiving the user's input information it also includes:
- the secret security question verification interface displays a preset Set up a secret security question, a secret security question verification information input box, and a confirmation button for confirming the secret security question verification information;
- the electronic mailbox input interface displays an electronic mailbox address input box and a submit button for submitting the email address entered by the user;
- the secret security question verification interface also displays a forgotten secret security reminder button; after jumping to the secret security question verification interface, it also includes:
- step of receiving the user's input information it also includes:
- the password reset interface is used for the user to reset the preset password.
- the method further includes: performing password verification on the information input by the user, using a preset encryption algorithm to encrypt and calculate the information input by the user, and if the calculated value is consistent with the pre-stored password encryption value, then judging whether the input The password is correct and you have successfully entered the private space.
- the method further includes: after the import of the private data information is completed, deleting the corresponding source data file in the terminal device.
- the method further includes: storing the encrypted private data file imported into the private space into a hidden directory of the terminal device.
- the method further includes: after the user enters the private space, reads the private data file from the hidden directory, and decrypts the file using a key.
- the gadgets include a calculator and a dialer.
- a privacy protection system includes:
- the camouflage tool verification module is used to disguise the access entry page of the preset private space as a commonly used small tool. When the user enters the correct password through the small tool, the user enters the private space. When the password entered by the user is incorrect , it is only used as a gadget;
- the private data management module is used to store and manage private data information in the private space after entering the private space.
- a computer storage medium contains one or more program instructions, and when the one or more program instructions are executed by a processor, any of the above the method described.
- the access entry page of the privacy space is disguised as a commonly used gadget, such as a calculator, a dialer, etc., and the privacy will only be entered after the correct password is entered through the gadget. Space, if the password entered is incorrect, it will only be used as a normal gadget.
- the files in the private space are protected by high-strength encryption algorithms, which effectively protect the privacy of users and the security of data.
- FIG. 1 is a schematic flowchart of a privacy protection method provided by Embodiment 1 of the present invention.
- FIG. 2 is a schematic diagram of a specific implementation process of a privacy protection method provided in Embodiment 1 of the present invention.
- FIG. 3 is a schematic diagram of a password input interface of a privacy protection method provided in Embodiment 1 of the present invention.
- FIG. 4 is a schematic diagram of a privacy space interface of a privacy protection method provided in Embodiment 1 of the present invention.
- FIG. 5 is a schematic diagram of a password retrieval prompt pop-up window in a privacy protection method provided in Embodiment 1 of the present invention.
- FIG. 6 shows a secret verification prompt interface of a privacy protection method provided by Embodiment 1 of the present invention.
- FIG. 7 shows an email input interface of a privacy protection method provided in Embodiment 1 of the present invention.
- FIG. 8 shows a password reset interface of a privacy protection method provided in Embodiment 1 of the present invention.
- this embodiment proposes a privacy protection method, which implements encryption and hiding of files on the terminal device, and disguises it as a commonly used small tool with normal functions (such as a calculator, a dialer, etc.), Only after the user enters the correct password can he enter the private space. All photos, videos, notes, files, browsers, etc. in the private space are isolated from the host device, ensuring that only users who know the password can browse.
- the method specifically includes:
- the gadget not only needs to have complete and usable gadget functions, but also needs to be used as a password input panel for the private space. Therefore, in the selection of gadgets, simple and small applications suitable for inputting digital passwords should be selected first, so as to achieve A certain camouflage effect.
- the preset encryption algorithm may also adopt other undecipherable encryption algorithms, such as SHA1, CRC32, HMAC, etc., which is not limited in this application.
- Step S101 receiving user input information
- Step S102 judging whether the user clicks the preset button, if so, then execute step S103;
- Step S103 judging whether the format of the input information is consistent with the preset password format, if consistent, execute step S104; if not, execute step S105;
- Step S104 performing password verification on the user's input information
- Step S105 execute the basic functions of the widget.
- the password format includes a type and a number of digits.
- the type can include numbers, letters, symbols and other types of characters, and the number of digits is the number of characters that make up the password. Numbers, that is, any four-digit natural number composed of 0-9; correspondingly, when the user's input information is four pure numbers, the password verification process can be performed, and when the user's input information is not four or four digits When the number is four but contains both numbers and other types of symbols, the user is provided with the basic function of the gadget.
- the preset button since the preset button is the trigger button for password format verification, the preset button should preferentially exclude number buttons and other basic buttons that need to be used in the process of inputting information, and should instead Select a result-type button that will not change the entered character information and can trigger a result when the basic function of the gadget is used.
- the equal sign key can be selected as the default key; when the gadget is selected as a dialer, the call key can be selected as the default key.
- the OnButtonClick function is encapsulated in the widget, and this function represents the click event of pressing a preset button, and the function object of this function is the hidden password verification function of the backend.
- the system locally performs an irreversible encryption operation on the password set by the user and then stores the encrypted ciphertext instead of directly storing the user's plaintext password. Therefore, when checking whether the passwords are consistent, you need to After the same encryption operation is performed on the password entered by the user, it is compared with the encrypted ciphertext, so as to complete the password verification without storing the user's plaintext password, which greatly improves privacy and security.
- the user After entering the correct password, the user enters the private space. There are privacy and security entrances in this space, including private pictures, private videos, private files, private browsers, private notebooks and other modules. Corresponding resources can be accessed in each module. management.
- the jump function from the gadget interface to the private space interface can be realized through the jump function encapsulated in the system named startActivity.
- the private data files imported into the private space and encrypted are stored in the hidden directory of the terminal device.
- the private space is a hidden folder stored in the system, and shares the physical storage of the terminal device with the non-private space, so the amount of private data written in the private space will also be affected by the physical storage space of the system. limit.
- select the corresponding module choose to import resources, select the resources that you want to protect privacy from the host device, read the resources and perform AES encryption, and store them in the hidden directory of the device after the encryption is completed.
- any other decipherable encryption algorithm such as DES, IDEA, RSA, etc., may also be used, which is not limited in this application.
- the source data file in the terminal device is deleted. Specifically, after completing the encryption and storage in the previous step, modify the source file in the host device so that it cannot be parsed and displayed normally, and then delete the file before modification to ensure that the deleted file cannot be restored illegally. Keep private files safe.
- modifying the source file in the host device is to perform AES encryption on the source file, so that the source file cannot be normally parsed and displayed to the user.
- the user After entering the private space, the user reads the private data file from the hidden directory, and uses the key to decrypt the file. Specifically, after entering the privacy space, the invention will read the AES-encrypted files from the designated hidden directory, use the stored AES key to decrypt the files and display them in the corresponding module, and the user can choose to edit the files View, unhide, permanently delete and other operations.
- the recovery of private files is to release the hidden state of the files.
- the files can be unhidden.
- privacy Files deleted in the space will be stored in the recycle bin of the private space by default to save the preset time limit. Within the preset time limit, you can directly restore them, or directly operate permanent deletion, or automatically permanently after the preset time limit delete.
- step S104 carries out password check to the information of user input, also include:
- Step S1041 if it is judged that the input password is wrong, record the number of wrong password input;
- Step S1042 judging whether the number of wrong password input reaches the preset number of times within the preset time period; if so, execute step S1043;
- Step S1043 displaying a prompt pop-up window for retrieving the password; wherein, the prompt pop-up window for retrieving the password is used to prompt the user to input a password-retrieval command when the password is forgotten.
- steps S103 to S105 if and only if the format of the input information is consistent with the preset password format, it will be used as a password for verification. Therefore, when the format of the input information is consistent with the preset password format If they are inconsistent, they will be used as the input information to execute the basic function of the gadget, and will not be included in the number of incorrect password input.
- the judgment logic of step S1042 can be pre-set to judge whether the number of errors reaches 5 times within 10 minutes; in addition, the preset duration and preset times can also be configured as other values according to requirements, which are not limited in this application .
- the password retrieval prompt pop-up window is used to prompt the user to input a password retrieval command when the password is forgotten; for example, in this embodiment, the password retrieval command can be set to " 11223344".
- the widget interface of this application will not report an error immediately. Only when the number of incorrect passwords entered within the preset time reaches the preset number of times, the password retrieval pop-up window will be displayed. Therefore, the situation of exposing the private space when the gadget is normally used is avoided to a certain extent, and the security is improved.
- step S101 After receiving the user's input information in step S101, it also includes:
- Step S1011 responding to the trigger signal sent by the preset button and judging whether the input information is consistent with the password retrieval instruction; if they are consistent, then execute step S1012;
- the command to retrieve the password can be pre-set when the gadget is configured, and the format of the command to retrieve the password can also be set to consist of pure numbers with a certain number of digits, and is also verified by preset keys; for example, In this embodiment, the password retrieval command can be set as "11223344".
- Step S1012 jumping to the security question verification interface
- the secret security question verification interface displays a preset secret security question, a secret security question verification information input box and a confirmation button for confirming the input secret security question verification information;
- Step S1013 receiving the verification information of the security question input by the user
- Step S1014 responding to the trigger signal of the confirmation button, and judging whether the verification information of the secret security question is consistent with the corresponding preset verification answer, and if so, jumping to the email input interface;
- the email input interface displays an email address input box and a submit button for submitting the email address input by the user;
- Step S1015 receiving the email address input by the user, and sending a temporary reset verification code to the email address in response to the trigger signal sent by the submit button;
- the user can receive the temporary reset verification code by logging in the entered email address, and the temporary reset verification code is used for the user to directly enter the password reset interface to perform operations such as password reset and security question verification settings.
- FIG 6 it shows the secret security question verification interface.
- the preset secret security question is "where were you born"
- the secret security question verification information input box is the input under "Enter your answer” box, after the input is complete, click the confirm button below to start verifying the security question verification information entered in the input box.
- the email input interface is shown. The user enters the email address in the input box and clicks the submit button below the input box.
- the e-mail address entered by the user in this embodiment can be any e-mail address that can be used normally, that is, the step of entering the e-mail address is only for receiving the temporary reset verification code.
- both the security question and the corresponding preset verification password are pre-set by the user.
- the user forgets the password to enter the private space, he can enter the electronic mailbox input interface by verifying the security question, and pass the password entered by the user.
- the e-mail box receives a temporary reset verification code, which to a certain extent avoids the situation that the private space cannot be entered due to forgotten passwords, and improves the user experience.
- the secret security question verification interface also displays a forgotten secret security reminder button, as a further implementation of the privacy protection method, after jumping to the secret security question verification interface in step S1012, it also includes:
- Step S10121 responding to the trigger signal sent by forgetting the security reminder button, and sending a temporary reset verification code to the preset email address.
- the preset email address can be set together when the user sets the password and security question.
- the temporary reset verification code can be sent to the preset e-mail address through the forgotten password prompt button, and the user receives the temporary password through the preset e-mail address. Reset the verification code, and change the password security question verification into the verification code verification, so as to facilitate the situation of forgetting the password and the password security question verification information at the same time.
- step S101 after receiving the user's input information in step S101, it also includes:
- Step S201 responding to the trigger signal sent by the preset button, and judging whether the input information is consistent with the temporary reset verification code; if they are consistent, execute step S202;
- the temporary reset verification code is a verification code randomly generated by the server and only valid for a preset period of time.
- the gadget can update and obtain the temporary reset verification code in real time through a wireless communication connection with the server and verify it with the user's input information.
- the temporary reset verification code is also composed of multiple numbers, and is also verified by preset buttons;
- Step S202 jumping to the password reset interface; wherein, the password reset interface is used for the user to reset the preset password.
- the password reset interface is shown.
- a small tool product with normal functions such as a calculator
- the user will appear on the host device, and the user can use it to complete the calculation needs normally, and will enter a Private Space
- files in Private Space are protected by high-strength encryption algorithms, thus protecting the user's privacy and data security.
- this embodiment proposes a privacy protection system, and the system includes:
- the camouflage tool verification module is used to disguise the access entry page of the preset private space as a commonly used small tool. When the user enters the correct password through the small tool, the user successfully enters the private space. When the password entered by the user is not When correct, it is only used as a normal gadget;
- camouflage tool verification module also encapsulates a jump function named startActivity, and the jump object of the jump function is the interface where the privacy space is located.
- the private data management module is used to store and manage private data information in the private space after entering the private space.
- this embodiment proposes a computer storage medium, which contains one or more program instructions, and one or more program instructions are used to be executed by a privacy protection system as in Embodiment 1 Methods.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
一种隐私保护方法及系统,属于隐私保护、数据安全技术领域,方法包括:将隐私空间的访问入口页面伪装成常用小工具,如计算器、拨号器等,在通过小工具输入了正确的密码之后,才会进入隐私空间,若输入的密码不正确,则仅作为正常的小工具使用,隐私空间中的文件都是由高强度加密算法保护的,有效保护了用户的隐私和数据的安全。
Description
相关申请的交叉引用
本申请要求申请号为202111256682.9,申请日为2021.10.27,专利名称为“一种隐私保护方法及系统”的中国申请的优先权。上述专利申请的全部内容通过引用并入本文,并成为本说明书的一部分。
本发明实施例涉及隐私保护、数据安全技术领域,具体涉及一种隐私保护方法及系统。
用户在使用手机、电脑等终端设备的过程中,会产生很多私密数据或文件,如私密照片、视频、笔记、文件、浏览网站等等,如果终端设备未能妥善保管,这些个人隐私数据就会面临被泄露的风险,如何对终端设备上的隐私数据进行保护成为本领域技术人员亟待解决的问题。
发明内容
为此,本发明实施例提供一种隐私保护方法及系统,以解决现有的手机、电脑等终端设备上的隐私数据容易发生泄露的问题。
为了实现上述目的,本发明实施例提供如下技术方案:
根据本发明实施例的第一方面,提出了一种隐私保护方法,所述方法包括:
将预设隐私空间的访问入口页面伪装成小工具,当用户通过所述小工具输入正确的密码时,则进入所述隐私空间,当用户输入的密码不正确时,则仅作为小工具使用;
进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
进一步地,进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理,包括:将隐私数据信息由终端设备上的非隐私空间导入至隐私空间内并进行加密处理。
进一步地,所述方法还包括:对导入过程进行加密处理。
进一步地,在对用户输入的信息进行密码校验之前,还包括:
接收用户的输入信息;
判断用户是否点击预设按键,若是,则判断输入信息的格式是否与预设密码格式一致;若一致,则对所述输入信息进行密码校验;若不一致,则执行小工具的基础功能。
进一步地,在对用户输入的信息进行密码校验的步骤之后,还包括:
若判断输入的密码错误,则记录密码输入错误的次数;
判断在预设时长内密码输入错误的次数是否达到预设次数;
若是,则显示找回密码提示弹窗;其中,所述找回密码提示弹窗用于提示用户在忘记密码时输入找回密码指令。
进一步地,在接收用户的输入信息的步骤之后,还包括:
响应于预设按键发送的触发信号并判断所述输入信息是否与所述找回密码指令一致,若一致,则跳转至密保问题验证界面;其中,所述密保问题验证界面显示有预设密保问题、密保问题验证信息输入框以及用于对密保问题验证信息进行确认的确认按键;
接收用户输入的密保问题验证信息;
响应于所述确认按键的触发信号,并判断所述密保问题验证信息是否 与预设验证答案一致,若是,则跳转至电子邮箱输入界面;其中,电子邮箱输入界面显示有电子邮箱地址输入框以及用于对用户输入的电子邮箱地址进行提交的提交按键;
接收用户输入的电子邮箱地址,并响应于所述提交按键发送的触发信号向所述电子邮箱地址发送临时重置验证码;其中,所述临时重置验证码用于供用户进入密码重置界面。
进一步地,所述密保问题验证界面还显示有忘记密保提示按键;在跳转至密保问题验证界面之后,还包括:
响应于所述忘记密保提示按键发送的触发信号,并向预设的电子邮箱地址发送临时重置验证码。
进一步地,在接收用户的输入信息的步骤之后,还包括:
响应于预设按键发送的触发信号,并判断所述输入信息是否与所述临时重置验证码一致;
若一致,则跳转至密码重置界面;其中,所述密码重置界面用于供用户重新设置预设密码。
进一步地,所述方法还包括:对用户输入的信息进行密码校验,使用预设加密算法对用户输入的信息进行加密计算,若计算得的值与预先存储的密码加密值一致,则判断输入的密码正确,成功进入所述隐私空间。
进一步地,所述方法还包括:隐私数据信息导入完成后,删除终端设备中相应的源数据文件。
进一步地,所述方法还包括:将导入至隐私空间内并进行加密处理的隐私数据文件存储到终端设备的隐藏目录里。
进一步地,所述方法还包括:用户进入隐私空间后,从所述隐藏目录中读取隐私数据文件,并使用密钥对文件进行解密。
进一步地,所述小工具包括计算器、拨号器。
根据本发明实施例的第二方面,提出了一种隐私保护系统,所述系统包括:
伪装工具校验模块,用于将预设隐私空间的访问入口页面伪装成常用小工具,当用户通过所述小工具输入正确的密码时,则进入所述隐私空间,当用户输入的密码不正确时,则仅作为小工具使用;
隐私数据管理模块,用于进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
根据本发明实施例的第三方面,提出了一种计算机存储介质,所述计算机存储介质中包含一个或多个程序指令,所述一个或多个程序指令被处理器执行时实现如上任一项所述的方法。
本发明实施例具有如下优点:
本发明实施例提出的一种隐私保护方法及系统,将隐私空间的访问入口页面伪装成常用小工具,如计算器、拨号器等,在通过小工具输入了正确的密码之后,才会进入隐私空间,若输入的密码不正确,则仅作为正常的小工具使用,隐私空间中的文件都是由高强度加密算法保护的,有效保护了用户的隐私和数据的安全。
为了更清楚地说明本发明的实施方式或现有技术中的技术方案,下面将对实施方式或现有技术描述中所需要使用的附图作简单地介绍。显而易 见地,下面描述中的附图仅仅是示例性的,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图引伸获得其它的实施附图。
图1为本发明实施例1提供的一种隐私保护方法的流程示意图。
图2为本发明实施例1提供的一种隐私保护方法的具体实施过程示意图。
图3为本发明实施例1提供的一种隐私保护方法的密码输入界面示意图。
图4为本发明实施例1提供的一种隐私保护方法的隐私空间界面示意图。
图5所示为本发明实施例1提供的一种隐私保护方法的找回密码提示弹窗示意图。
图6所示为本发明实施例1提供的一种隐私保护方法的密保验证提示界面。
图7所示为本发明实施例1提供的一种隐私保护方法的电子邮箱输入界面。
图8所示为本发明实施例1提供的一种隐私保护方法的密码重置界面。
以下由特定的具体实施例说明本发明的实施方式,熟悉此技术的人士可由本说明书所揭露的内容轻易地了解本发明的其他优点及功效,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得 的所有其他实施例,都属于本发明保护的范围。
实施例1
如图1和图2所示,本实施例提出了一种隐私保护方法,在终端设备上实现文件的加密与隐藏,并伪装成功能正常的常用小工具(比如计算器、拨号器等),只有在用户输入正确的密码之后,才能进入隐私空间,隐私空间里的所有照片、视频、笔记、文件、浏览器等都是与宿主设备隔离的,确保只有知道密码的用户才能浏览。该方法具体包括:
S100、将预设隐私空间的访问入口页面伪装成常用小工具,当用户通过小工具输入正确的密码时,则成功进入隐私空间,当用户输入的密码不正确时,则仅作为正常的小工具使用。
需要说明的是,该小工具不仅需要具备完整可用的小工具功能,还需要作为隐私空间的密码输入面板,因此在小工具的选择上,应优先选择适合输入数字密码的简单小应用,从而达到一定的伪装效果。
具体的,创建一个隐私空间,设计一个功能正常的、带有输入(数字)界面的小工具,如计算器、拨号器,将小工具作为隐私空间的密码盘,如图3所示,在用户触发了正确的密码之后,应用会切换进入隐私空间状态界面,如图4所示。
1、密码校验
利用用户的输入信息,检测用户是在使用正常的工具功能还是在输入密码。对用户输入的信息进行密码校验,使用预设加密算法对用户输入的信息进行加密计算,若计算得的值与预先存储的密码加密值一致,则判断输入的密码正确,成功进入隐私空间。本实施例采用的加密算法为MD5。
进一步地,若计算得的值与预先存储的密码加密值一致,则判断输入的密码正确。
作为预设加密算法的一种实施方式,该预设加密算法也可采用其他不可解密的加密算法,例如:SHA1、CRC32和HMAC等等,本申请对此不做限定。
具体地,在对用户输入的信息进行密码校验之前,还包括:
步骤S101,接收用户的输入信息;
步骤S102,判断用户是否点击预设按键,若是,则执行步骤S103;
步骤S103,判断输入信息的格式是否与预设密码格式一致,若一致,则执行步骤S104;若不一致,则执行步骤S105;
步骤S104,对用户的输入信息进行密码校验;
步骤S105,执行小工具的基础功能。
可以理解的是,密码格式包括类型和位数,类型可以包括数字、字母、符号等多种字符的类型,位数即组成密码的字符的位数,例如预设密码格式可设置为四位纯数字,即由0-9组成的任意四位自然数;则相应地,当用户的输入信息为四位纯数字时,才能够进行密码校验过程,当用户的输入信息位数不为四或者位数为四但既包含数字又包含其他类型符号时,则按照小工具的基础功能为用户提供使用。
另外,关于预设按键的选择,由于该预设按键为密码格式校验的触发按键,因此,该预设按键应优先排除数字按键以及其他在输入信息过程中需要使用的基础性按键,而应选择在小工具的基础功能使用时不会改变已输入的字符信息且能够触发结果的结果型按键。例如,在选择小工具为计 算器时,作为一种优选的实施例,可选用等号键作为该预设按键;在选择小工具为拨号器时,则可选用呼叫键作为该预设按键。在本申请实施例中,小工具内封装有OnButtonClick函数,该函数即代表按下预设按键的点击事件,该函数的函数对象即为后端隐藏的进行密码校验的功能。
需要说明的是,为了安全起见,系统本地会对用户设置的密码进行不可逆的加密运算之后再存储加密后的密文,而不会直接储存用户的明文密码,因此在检验密码是否一致时,需要对用户输入的密码进行同样的加密运算后,再与加密后的密文进行对比,从而达到在不储存用户明文密码的情况下完成密码校验,大大提高了隐私安全性。
S200、进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
2、进入隐私空间
用户在输入正确的密码之后,进入隐私空间,此空间内放有隐私与安全的入口,包含隐私图片、隐私视频、隐私文件、隐私浏览器、隐私笔记本等模块,可以在各模块中进行相应资源的管理。
其中,在密码校验成功后,通过系统内封装的函数名为startActivity的跳转函数,即可实现小工具界面到隐私空间界面的跳转。
3、隐私文件的导入
将隐私数据信息由终端设备上的非隐私空间导入至隐私空间内并进行加密处理。还可以对导入过程进行加密处理(可选)。将导入至隐私空间内并进行加密处理的隐私数据文件存储到终端设备的隐藏目录里。
需要说明的是,该隐私空间是存储在系统里的一个隐藏文件夹,与非 隐私空间共享终端设备的物理存储,因此写入隐私空间内的隐私数据的数据量也会受到系统物理存储空间的限制。
具体的,进入隐私空间之后,选择相应模块,选择导入资源,从宿主设备中选取想要隐私保护的资源,把资源读取到之后进行AES加密,加密完成之后储存到设备的隐藏目录里。
作为对导入的资源文件进行加密的一种实施方式,也可以采用其他任何可解密的加密算法,例如DES、IDEA、RSA等等,本申请不做限定。
4、清除宿主中的隐私文件
隐私数据信息导入完成后,删除终端设备中相应的源数据文件。具体的,在完成上一步的加密与存储之后,修改宿主设备里的源文件,使其无法被正常解析与展示,然后删除此修改后的文件,确保被删除的文件无法被非法恢复,以此确保隐私文件的安全。
在另一个实施例中,隐私数据信息导入完成后,删除终端设备中的源数据文件。具体的,在完成上一步的加密与存储之后,修改宿主设备里的源文件,使其无法被正常解析与展示,然后删除此修改前的文件,确保被删除的文件无法被非法恢复,以此确保隐私文件的安全。
具体地,修改宿主设备里的源文件即对源文件进行AES加密,从而使得源文件无法被正常解析和展示给用户。
5、隐私文件的浏览与恢复
用户进入隐私空间后,从隐藏目录中读取隐私数据文件,并使用密钥对文件进行解密。具体的,在进入隐私空间之后,该发明会从指定的隐藏目录中读取有AES加密的文件,使用储存的AES密钥,对文件进行解密后 展示在相应的模块内,用户可以选择对文件进行查看、解除隐藏、永久删除等操作。
具体地,隐私文件的恢复即解除文件的隐藏状态,通过对隐私数据文件进行AES解密,解密后再导出至非隐私空间内,即可实现文件的解除隐藏;另外,对于隐私文件的删除,隐私空间内删除的文件都会默认存储在隐私空间的回收站内以保存预设的期限时间,在预设期限时间内可以直接操作恢复,也可以直接操作永久删除,或在超过预设期限时间后自动永久删除。
6、忘记密码
在步骤S104对用户输入的信息进行密码校验之后,还包括:
步骤S1041,若判断输入的密码错误,则记录密码输入错误的次数;
步骤S1042,判断在预设时长内密码输入错误的次数是否达到预设次数;若是,则执行步骤S1043;
步骤S1043,显示找回密码提示弹窗;其中,找回密码提示弹窗用于提示用户在忘记密码时输入找回密码指令。
可以理解的是,根据步骤S103到S105得知,当且仅当输入信息的格式与预设密码格式一致时,才会作为密码进行校验,因此,当输入的信息的格式与预设密码格式不一致时,则作为输入信息执行小工具的基础功能,不计入密码输入错误的次数中。
在本申请实施例中,步骤S1042的判断逻辑可预先设置为判断在10分钟内错误次数是否达到5次;另外,预设时长和预设次数也可根据需求配置为其他数值,本申请不作限定。
参照图5所示的找回密码提示弹窗,该找回密码提示弹窗用于提示用户在忘记密码时输入找回密码指令;例如,在本实施例中,找回密码指令可设置为“11223344”。
需要说明的是,当密码输入错误时,本申请的小工具界面并不会立即报错,仅当在预设时长内输入密码错误次数达到预设次数时,才会显示找回密码提示弹窗,从而一定程度地避免了在正常使用小工具时暴露隐私空间的情况发生,提高了安全性。
7、密保问题验证
在步骤S101接收用户的输入信息之后,还包括:
步骤S1011,响应于预设按键发送的触发信号并判断输入信息是否与找回密码指令一致;若一致,则执行步骤步骤S1012;
其中,找回密码指令可在小工具配置时预先进行设置,该找回密码指令的设置格式同样可设置为由一定位数的纯数字组成,且同样是通过预设按键进行校验;例如,在本实施例中,找回密码指令可设置为“11223344”。
步骤S1012,跳转至密保问题验证界面;
其中,密保问题验证界面显示有预先设置的密保问题、密保问题验证信息输入框以及用于对输入的密保问题验证信息进行确认的确认按键;
步骤S1013,接收用户输入的密保问题验证信息;
步骤S1014,响应于确认按键的触发信号,并判断密保问题验证信息是否与对应的预设验证答案一致,若是,则跳转至电子邮箱输入界面;
其中,电子邮箱输入界面显示有电子邮箱地址输入框以及用于对用户输入的电子邮箱地址进行提交的提交按键;
步骤S1015,接收用户输入的电子邮箱地址,并响应于提交按键发送的触发信号向电子邮箱地址发送临时重置验证码;
其中,用户通过登录输入的电子邮箱即可接收该临时重置验证码,该临时重置验证码用于供用户直接进入密码重置界面进行密码重置、密保问题验证设置等操作。
参照图6所示为密保问题验证界面,在本实施例中,预先设置的密保问题为“你在哪里出生”,密保问题验证信息输入框即在“输入您的答案”下方的输入框,在输入完成后,点击下方的确认按键即可开始对输入框内输入的密保问题验证信息进行验证。
参照图7所示为电子邮箱输入界面,用户通过在输入框内输入电子邮箱地址,并点击输入框下方的提交按键即可。
可以理解的是,本实施例中用户输入的电子邮箱地址可以为任意能够正常使用的电子邮箱,即输入该电子邮箱地址的步骤仅仅是为了供临时重置验证码的接收。
上述实施方式中,密保问题和对应的预设验证密码均为用户预先设置,当用户忘记进入隐私空间的密码时,则可通过验证密保问题的方式进入电子邮箱输入界面,通过用户输入的电子邮箱接收临时重置验证码,从而一定程度地避免了由于遗忘密码导致的隐私空间无法进入的情况,提高了用户体验感。
参照图6,密保问题验证界面还显示有忘记密保提示按键,作为隐私保护方法进一步的实施方式,在步骤S1012跳转至密保问题验证界面之后,还包括:
步骤S10121,响应于忘记密保提示按键发送的触发信号,并向预设的电子邮箱地址发送临时重置验证码。
可以理解的是,密保问题验证界面除了显示密保问题及密保问题验证信息输入框以外,还显示有忘记密保提示按键,以应对用户同时忘记密码和密保问题验证信息的情况;另外,预设的电子邮箱地址可在用户设置密码及密保问题时一同进行设置。
参照图6所示的密保问题验证界面,忘记密保提示按键即图6中确认按键下方的“登录遇到了麻烦”,点击后即可开始向预设的电子邮箱地址发送临时重置验证码。
上述实施方式中,当用户同时忘记密码和密保问题验证信息时,则可通过忘记密保提示按键发送临时重置验证码至预设的电子邮箱地址,用户通过预设的电子邮箱接收该临时重置验证码,将密保问题验证转变为验证码验证,从而便于应对同时忘记密码和密保问题验证信息的情况。
8.密码重置
作为隐私保护方法进一步的实施方式,在步骤S101接收用户的输入信息之后,还包括:
步骤S201,响应于预设按键发送的触发信号,并判断输入信息是否与临时重置验证码一致;若一致,则执行步骤S202;
其中,临时重置验证码为服务器随机生成的仅在预设时长内有效的验证码,小工具通过与服务器无线通信连接,能够实时更新获取该临时重置验证码并与用户的输入信息进行验证;另外,临时重置验证码同样由多个数字组成,且同样是通过预设按键进行校验;
步骤S202,跳转至密码重置界面;其中,密码重置界面用于供用户重新设置预设密码。
参照图8所示为密码重置界面,在本实施例中,预设密码设置为四位数字,因此,用户在输入四位数的密码后点击预设按键“=”即可完成预设密码的设置。
上述实施方式中,当用户在遗忘密码后可通过输入临时重置验证码跳转至密码重置界面并进行密码的重新设置,从而便于应对密码遗忘的情况,提高了适应性。
本实施例提出的一种隐私保护方法,在宿主设备上会出现一个正常功能的小工具产品,比如计算器,用户可以用它正常完成计算需求,在输入了正确的密码之后,才会进入一个隐私空间,隐私空间中的文件都是由高强度加密算法保护的,因此保护了用户的隐私和数据的安全。
实施例2
与上述实施例1相对应的,本实施例提出了一种隐私保护系统,所述系统包括:
伪装工具校验模块,用于将预设隐私空间的访问入口页面伪装成常用小工具,当用户通过所述小工具输入正确的密码时,则成功进入所述隐私空间,当用户输入的密码不正确时,则仅作为正常的小工具使用;
其中,伪装工具校验模块内还封装有函数名为startActivity的跳转函数,该跳转函数的跳转对象即为隐私空间所在界面。
隐私数据管理模块,用于进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
本发明实施例提供的一种隐私保护系统中各部件所执行的功能均已在上述实施例1中做了详细介绍,因此这里不做过多赘述。
实施例3
与上述实施例相对应的,本实施例提出了一种计算机存储介质,计算机存储介质中包含一个或多个程序指令,一个或多个程序指令用于被一种隐私保护系统执行如实施例1的方法。
虽然,上文中已经用一般性说明及具体实施例对本发明作了详尽的描述,但在本发明基础上,可以对之作一些修改或改进,这对本领域技术人员而言是显而易见的。因此,在不偏离本发明精神的基础上所做的这些修改或改进,均属于本发明要求保护的范围。
Claims (14)
- 一种隐私保护方法,其特征在于,所述方法包括:将预设隐私空间的访问入口页面伪装成小工具,当用户通过所述小工具输入正确的密码时,则进入所述隐私空间,当用户输入的密码不正确时,则仅作为小工具使用;进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
- 根据权利要求1所述的一种隐私保护方法,其特征在于:进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理,包括:将隐私数据信息由终端设备上的非隐私空间导入至隐私空间内并进行加密处理。
- 根据权利要求1所述的一种隐私保护方法,其特征在于,所述方法还包括:对用户输入的信息进行密码校验,使用预设加密算法对用户输入的信息进行加密计算,若计算得的值与预先存储的密码加密值一致,则判断输入的密码正确,进入所述隐私空间。
- 根据权利要求3所述的一种隐私保护方法,其特征在于:在对用户输入的信息进行密码校验之前,还包括:接收用户的输入信息;判断用户是否点击预设按键,若是,则判断输入信息的格式是否与预设密码格式一致;若一致,则对所述输入信息进行密码校验;若不一致,则执行小工具的基础功能。
- 根据权利要求3所述的一种隐私保护方法,其特征在于,在对用户输入的信息进行密码校验的步骤之后,还包括:若判断输入的密码错误,则记录密码输入错误的次数;判断在预设时长内密码输入错误的次数是否达到预设次数;若是,则显示找回密码提示弹窗;其中,所述找回密码提示弹窗用于提示用户在忘记密码时输入找回密码指令。
- 根据权利要求5所述的一种隐私保护方法,其特征在于,在接收用户的输入信息的步骤之后,还包括:响应于预设按键发送的触发信号并判断所述输入信息是否与所述找回密码指令一致,若一致,则跳转至密保问题验证界面;其中,密保问题验证界面显示有预设密保问题、密保问题验证信息输入框以及用于对密保问题验证信息输入框内输入的密保问题验证信息进行确认的确认按键;接收用户输入的密保问题验证信息;响应于所述确认按键的触发信号,并判断所述密保问题验证信息是否与预设验证答案一致,若是,则跳转至电子邮箱输入界面;其中,电子邮箱输入界面显示有电子邮箱地址输入框以及用于对用户输入的电子邮箱地址进行提交的提交按键;接收用户输入的电子邮箱地址,并响应于所述提交按键发送的触发信号向所述电子邮箱地址发送临时重置验证码;其中,所述临时重置验证码用于供用户进入密码重置界面。
- 根据权利要求6所述的一种隐私保护方法,其特征在于,所述密保问题验证界面还显示有忘记密保提示按键;在跳转至密保问题验证界面之后,还包括:响应于所述忘记密保提示按键发送的触发信号,并向预设的电子邮箱地址发送临时重置验证码。
- 根据权利要求6至7任一所述的一种隐私保护方法,其特征在于,在接收用户的输入信息的步骤之后,还包括:响应于预设按键发送的触发信号,并判断所述输入信息是否与所述临时重置验证码一致;若一致,则跳转至密码重置界面;其中,所述密码重置界面用于供用户重新设置预设密码。
- 根据权利要求2所述的一种隐私保护方法,其特征在于,所述方法还包括:隐私数据信息导入完成后,删除终端设备中相应的源数据文件。
- 根据权利要求2所述的一种隐私保护方法,其特征在于,所述方法还包括:将导入至隐私空间内并进行加密处理的隐私数据文件存储到终端设备的隐藏目录里。
- 根据权利要求10所述的一种隐私保护方法,其特征在于,所述方法还包括:用户进入隐私空间后,从所述隐藏目录中读取隐私数据文件,并使用密钥对文件进行解密。
- 根据权利要求1所述的一种隐私保护方法,其特征在于,所述小工具包括计算器、拨号器。
- 一种隐私保护系统,其特征在于:所述系统包括:伪装工具校验模块,用于将预设隐私空间的访问入口页面伪装成小工具,当用户通过所述小工具输入正确的密码时,则进入所述隐私空间,当用户输入的密码不正确时,则仅作为小工具使用;隐私数据管理模块,用于进入隐私空间后,在所述隐私空间内进行隐私数据信息的存储与管理。
- 一种计算机存储介质,其特征在于,所述计算机存储介质中包含一个或多个程序指令,所述一个或多个程序指令被处理器执行时实现权利要求1-12任一项所述的方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111256682.9 | 2021-10-27 | ||
CN202111256682.9A CN114003880A (zh) | 2021-10-27 | 2021-10-27 | 一种隐私保护方法及系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023071990A1 true WO2023071990A1 (zh) | 2023-05-04 |
Family
ID=79924269
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/127064 WO2023071990A1 (zh) | 2021-10-27 | 2022-10-24 | 一种隐私保护方法及系统 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN114003880A (zh) |
WO (1) | WO2023071990A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117251836A (zh) * | 2023-11-15 | 2023-12-19 | 苏州元脑智能科技有限公司 | 一种基板管理控制器登录方法、装置、设备和存储介质 |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114003880A (zh) * | 2021-10-27 | 2022-02-01 | 北京琥珀创想科技有限公司 | 一种隐私保护方法及系统 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006287514A (ja) * | 2005-03-31 | 2006-10-19 | Casio Comput Co Ltd | カメラ装置およびその制御プログラム |
CN103577761A (zh) * | 2013-10-25 | 2014-02-12 | 北京奇虎科技有限公司 | 一种在移动设备中处理隐私数据的方法和装置 |
CN103984885A (zh) * | 2014-05-30 | 2014-08-13 | 深圳市欧珀通信软件有限公司 | 一种应用于触屏终端的应用程序隐藏方法及触屏终端 |
CN106161742A (zh) * | 2015-04-02 | 2016-11-23 | 深圳市腾讯计算机系统有限公司 | 移动终端的鉴权方法及鉴权系统 |
CN108334755A (zh) * | 2018-03-30 | 2018-07-27 | 广东欧珀移动通信有限公司 | 隐私空间创建方法和装置、存储介质、电子设备 |
CN114003880A (zh) * | 2021-10-27 | 2022-02-01 | 北京琥珀创想科技有限公司 | 一种隐私保护方法及系统 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102880837B (zh) * | 2012-08-24 | 2016-05-04 | 腾讯科技(深圳)有限公司 | 提高移动终端安全性的方法和移动终端 |
CN104376011B (zh) * | 2013-08-14 | 2018-08-17 | 华为终端(东莞)有限公司 | 实现隐私保护方法及装置 |
CN106778348A (zh) * | 2016-12-23 | 2017-05-31 | 北京奇虎科技有限公司 | 一种隔离隐私数据的方法和装置 |
CN107180201A (zh) * | 2017-04-25 | 2017-09-19 | 上海与德科技有限公司 | 隐私空间的创建方法及装置 |
CN108616652B (zh) * | 2018-03-29 | 2020-09-11 | Oppo广东移动通信有限公司 | 数据保护方法和装置、终端、计算机可读存储介质 |
-
2021
- 2021-10-27 CN CN202111256682.9A patent/CN114003880A/zh active Pending
-
2022
- 2022-10-24 WO PCT/CN2022/127064 patent/WO2023071990A1/zh active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006287514A (ja) * | 2005-03-31 | 2006-10-19 | Casio Comput Co Ltd | カメラ装置およびその制御プログラム |
CN103577761A (zh) * | 2013-10-25 | 2014-02-12 | 北京奇虎科技有限公司 | 一种在移动设备中处理隐私数据的方法和装置 |
CN103984885A (zh) * | 2014-05-30 | 2014-08-13 | 深圳市欧珀通信软件有限公司 | 一种应用于触屏终端的应用程序隐藏方法及触屏终端 |
CN106161742A (zh) * | 2015-04-02 | 2016-11-23 | 深圳市腾讯计算机系统有限公司 | 移动终端的鉴权方法及鉴权系统 |
CN108334755A (zh) * | 2018-03-30 | 2018-07-27 | 广东欧珀移动通信有限公司 | 隐私空间创建方法和装置、存储介质、电子设备 |
CN114003880A (zh) * | 2021-10-27 | 2022-02-01 | 北京琥珀创想科技有限公司 | 一种隐私保护方法及系统 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117251836A (zh) * | 2023-11-15 | 2023-12-19 | 苏州元脑智能科技有限公司 | 一种基板管理控制器登录方法、装置、设备和存储介质 |
CN117251836B (zh) * | 2023-11-15 | 2024-02-20 | 苏州元脑智能科技有限公司 | 一种基板管理控制器登录方法、装置、设备和存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN114003880A (zh) | 2022-02-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2023071990A1 (zh) | 一种隐私保护方法及系统 | |
US10009173B2 (en) | System, device, and method of secure entry and handling of passwords | |
US20140006782A1 (en) | Document encryption and decryption | |
US9070112B2 (en) | Method and system for securing documents on a remote shared storage resource | |
US20180152296A1 (en) | Electronic data protection method and device and terminal device | |
CN100446024C (zh) | 一种电子文件保护方法及系统 | |
US20130254536A1 (en) | Secure server side encryption for online file sharing and collaboration | |
US20090222500A1 (en) | Information storage device and method capable of hiding confidential files | |
CN103390026A (zh) | 一种移动智能终端安全浏览器及其工作方法 | |
WO2011032378A1 (zh) | 一种保护移动通信终端数据安全的方法和装置 | |
CN110213051B (zh) | 一种目录细粒度的加解密方法和系统 | |
CN103336929A (zh) | 用于已加密文件访问的方法和系统 | |
JP5389401B2 (ja) | 暗号化装置、復号装置及び暗号システム | |
KR101625785B1 (ko) | 이동 단말 정보 보안 관리 방법, 장치 및 이동 단말 | |
CN101833625A (zh) | 一种基于动态口令的文件及文件夹安全保护方法及系统 | |
CN106100851B (zh) | 密码管理系统、智能腕表及其密码管理方法 | |
CN104067286A (zh) | 无效托管密钥的检测 | |
US10019590B2 (en) | Secure mobile phone document storage application | |
CN103425938B (zh) | 一种类Unix操作系统的文件夹加密方法和装置 | |
WO2019173774A1 (en) | Systems and methods for secure storage and retrieval of data objects | |
US8219826B2 (en) | Secure pin character retrieval and setting | |
US11310218B2 (en) | Password streaming | |
CN108540426A (zh) | 一种实现数据处理的方法、装置及服务器 | |
JP3867451B2 (ja) | 文書セキュリテイ管理装置および文書セキュリティ管理方法 | |
CN112231717A (zh) | 加密文件文件名的处理方法、装置、电子设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 202237072012 Country of ref document: IN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22885867 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |