CN107391977B - Permission control, automatic switching method, device and equipment - Google Patents
Permission control, automatic switching method, device and equipment Download PDFInfo
- Publication number
- CN107391977B CN107391977B CN201710537185.3A CN201710537185A CN107391977B CN 107391977 B CN107391977 B CN 107391977B CN 201710537185 A CN201710537185 A CN 201710537185A CN 107391977 B CN107391977 B CN 107391977B
- Authority
- CN
- China
- Prior art keywords
- access control
- control policy
- access
- predetermined
- generated based
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
- Lock And Its Accessories (AREA)
Abstract
本说明书实施例提供一种权限的控制、自动切换方法、装置及设备,决定权限的至少一条访问控制策略,由设备的预定环境信息生成,在权限的实际控制或自动切换过程中,可以通过获取设备的环境信息确定设备的访问控制策略,进而实现权限的控制或自动切换。
The embodiments of this specification provide a method, device, and device for controlling and automatically switching permissions. At least one access control policy for determining permissions is generated from predetermined environment information of the device. During the actual control or automatic switching process of permissions, it can be obtained by obtaining The environmental information of the device determines the access control policy of the device, thereby realizing the control or automatic switching of permissions.
Description
技术领域technical field
本说明书实施例涉及计算机技术领域,尤其涉及权限的控制、自动切换方法、装置及设备。The embodiments of the present specification relate to the field of computer technology, and in particular, to a method, apparatus, and device for control and automatic switching of authority.
背景技术Background technique
随着社会的发展,智能设备越来越普及,尤其是移动设备(例如手机)已经逐渐成为人们必不可少的私人物品。很多智能设备的所有者在某些特定场合(如办公场合),不希望自己设备上的一些内容被他人看到,这些内容如相册、交易记录、通话记录、短信息、朋友圈等。With the development of society, smart devices are becoming more and more popular, especially mobile devices (such as mobile phones) have gradually become indispensable personal items for people. Many owners of smart devices do not want others to see some content on their devices in certain specific occasions (such as office), such as photo albums, transaction records, call records, short messages, circle of friends, etc.
为了满足设备所有者在不同场合保护设备上内容的需求,需要提供一种对设备上的内容进行访问控制的方案。In order to meet the requirements of the device owner to protect the content on the device in different occasions, it is necessary to provide a solution for accessing the content on the device.
发明内容SUMMARY OF THE INVENTION
有鉴于此,本说明书实施例提供一种自动切换权限的控制、自动切换方法、装置及设备。In view of this, the embodiments of this specification provide a control, an automatic switching method, an apparatus, and a device for automatically switching authority.
根据本说明书实施例的第一方面,提供一种权限的控制方法,包括步骤:According to a first aspect of the embodiments of the present specification, a method for controlling authority is provided, comprising the steps of:
获取设备的上下文信息,所述上下文信息携带有设备的环境信息;Acquire context information of the device, where the context information carries the environment information of the device;
获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;Acquire an access control policy corresponding to the acquired environmental information, wherein at least one access control policy is generated based on predetermined environmental information;
基于所获取的访问控制策略确定允许访问的目标对象。Based on the obtained access control policy, the target object that is allowed to be accessed is determined.
根据本说明书实施例的第二方面,提供一种权限的自动切换方法,包括步骤:According to a second aspect of the embodiments of the present specification, an automatic switching method for authority is provided, comprising the steps of:
获取设备的上下文信息,所述上下文信息携带有设备的环境信息;Acquire context information of the device, where the context information carries the environment information of the device;
当检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;After detecting that the environment information is updated, obtain an access control policy corresponding to the updated environment information, wherein at least one access control policy is generated based on predetermined environment information;
基于所获取的访问控制策略确定允许访问的目标对象。Based on the obtained access control policy, the target object that is allowed to be accessed is determined.
根据本说明书实施例的第三方面,提供一种权限的控制装置,包括:According to a third aspect of the embodiments of the present specification, an apparatus for controlling authority is provided, including:
上下文获取模块,用于获取设备的上下文信息,所述上下文信息携带有设备的环境信息;a context acquisition module, configured to acquire context information of the device, where the context information carries the environment information of the device;
控制策略获取模块,用于获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;a control policy acquisition module, configured to acquire an access control policy corresponding to the acquired environmental information, wherein at least one access control policy is generated based on predetermined environmental information;
目标对象确定模块,用于基于所获取的访问控制策略确定允许访问的目标对象。The target object determination module is configured to determine the target object that is allowed to be accessed based on the obtained access control policy.
根据本说明书实施例的第四方面,提供一种权限的自动切换装置,包括:According to a fourth aspect of the embodiments of this specification, there is provided an automatic switching device for authority, including:
上下文获取模块,用于获取设备的上下文信息,所述上下文信息携带有设备的环境信息;a context acquisition module, configured to acquire context information of the device, where the context information carries the environment information of the device;
控制策略切换模块,用于在检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;a control policy switching module, configured to acquire an access control policy corresponding to the updated environment information after detecting that the environment information is updated, wherein at least one access control policy is generated based on predetermined environment information;
目标对象确定模块,用于基于所获取的访问控制策略确定允许访问的目标对象。The target object determination module is configured to determine the target object that is allowed to be accessed based on the obtained access control policy.
根据本说明书实施例的第五方面,提供一种电子设备,包括:According to a fifth aspect of the embodiments of the present specification, an electronic device is provided, including:
处理器;processor;
存储处理器可执行指令的存储器;a memory that stores processor-executable instructions;
其中,所述处理器耦合于所述存储器,用于读取所述存储器存储的程序指令,并作为响应,执行如下操作:The processor is coupled to the memory for reading program instructions stored in the memory, and in response, performs the following operations:
获取设备的上下文信息,所述上下文信息携带有设备的环境信息;Acquire context information of the device, where the context information carries the environment information of the device;
获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;Acquire an access control policy corresponding to the acquired environmental information, wherein at least one access control policy is generated based on predetermined environmental information;
基于所获取的访问控制策略确定允许访问的目标对象。Based on the obtained access control policy, the target object that is allowed to be accessed is determined.
根据本说明书实施例的第六方面,提供一种电子设备,包括:According to a sixth aspect of the embodiments of the present specification, an electronic device is provided, including:
处理器;processor;
存储处理器可执行指令的存储器;a memory that stores processor-executable instructions;
其中,所述处理器耦合于所述存储器,用于读取所述存储器存储的程序指令,并作为响应,执行如下操作:The processor is coupled to the memory for reading program instructions stored in the memory, and in response, performs the following operations:
获取设备的上下文信息,所述上下文信息携带有设备的环境信息;Acquire context information of the device, where the context information carries the environment information of the device;
当检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;After detecting that the environment information is updated, obtain an access control policy corresponding to the updated environment information, wherein at least one access control policy is generated based on predetermined environment information;
基于所获取的访问控制策略确定允许访问的目标对象。Based on the obtained access control policy, the target object that is allowed to be accessed is determined.
实施本说明书提供的实施例,可以提前由设备的预定环境信息,生成能决定针对设备或设备内应用的权限的至少一条访问控制策略,在设备的实际使用设备的过程中,便可以通过获取设备的环境信息确定设备的访问控制策略,进而基于所获取的访问控制策略确定允许访问的目标对象,实现对权限进行控制,使得设备呈现给设备使用者的内容,既能满足设备所有者在不同场合保护隐私的需求,又不影响他人借用或观摩该设备。By implementing the embodiments provided in this specification, at least one access control policy that can determine permissions for the device or applications in the device can be generated from the predetermined environment information of the device in advance. The environmental information of the device determines the access control policy of the device, and then determines the target objects that are allowed to access based on the obtained access control policy, so as to control the permissions, so that the content presented by the device to the device user can meet the requirements of the device owner in different occasions. The need to protect privacy without affecting others borrowing or viewing the device.
此外,本方案既能自动检测到环境信息的更新,然后随着环境信息的更新自动切换访问控制策略,然后基于切换的访问控制策略确定允许访问的目标对象,因此,无需设备使用者手动输入手势、指纹之类的解锁信息,即可方便、灵活地自动切换不同的权限,能进一步提高设备的访问安全性。In addition, this solution can automatically detect the update of the environmental information, and then automatically switch the access control policy with the update of the environmental information, and then determine the target objects that are allowed to be accessed based on the switched access control policy. Therefore, there is no need for the device user to manually input gestures , fingerprint and other unlocking information, you can easily and flexibly switch different permissions automatically, which can further improve the access security of the device.
附图说明Description of drawings
图1是本说明书一示例性实施例示出的权限的控制方法的流程图;FIG. 1 is a flowchart of a method for controlling authority shown in an exemplary embodiment of the present specification;
图2是本说明书另一示例性实施例示出的权限的控制方法的流程图;FIG. 2 is a flowchart of a method for controlling authority shown in another exemplary embodiment of this specification;
图3是本说明书一示例性实施例示出的权限的自动切换方法的流程图;FIG. 3 is a flowchart of a method for automatically switching permissions according to an exemplary embodiment of the present specification;
图4是本说明书另一示例性实施例示出的权限的自动切换方法的流程图;FIG. 4 is a flowchart of a method for automatically switching permissions according to another exemplary embodiment of this specification;
图5是本说明书一示例性实施例示出的权限的控制装置的框图;FIG. 5 is a block diagram of an apparatus for controlling authority shown in an exemplary embodiment of the present specification;
图6是本说明书一示例性实施例示出的权限的自动切换装置的框图;FIG. 6 is a block diagram of an apparatus for automatic switching of authority shown in an exemplary embodiment of the present specification;
图7是本说明书一示例性实施例示出的电子设备的硬件结构图。FIG. 7 is a hardware structure diagram of an electronic device shown in an exemplary embodiment of this specification.
具体实施方式Detailed ways
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本说明书实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书实施例的一些方面相一致的装置和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. Where the following description refers to the drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with the embodiments of this specification. Rather, they are merely examples of apparatus and methods consistent with some aspects of the embodiments of the present specification as recited in the appended claims.
在本说明书实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书实施例。在本说明书实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in the embodiments of the present specification are only for the purpose of describing specific embodiments, and are not intended to limit the embodiments of the present specification. As used in the embodiments of this specification and the appended claims, the singular forms "a," "the," and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It will also be understood that the term "and/or" as used herein refers to and includes any and all possible combinations of one or more of the associated listed items.
应当理解,尽管在本说明书实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used in the embodiments of the present specification to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of the embodiments of the present specification, the first information may also be referred to as the second information, and similarly, the second information may also be referred to as the first information. Depending on the context, the word "if" as used herein can be interpreted as "at the time of" or "when" or "in response to determining."
请参阅图1,图1是本申请一示例性实施例示出的权限的控制方法的流程图,该实施例能应用于需要控制权限的各种设备上,可以包括以下步骤S101-S103:Please refer to FIG. 1. FIG. 1 is a flowchart of a method for controlling permissions according to an exemplary embodiment of the present application. This embodiment can be applied to various devices that need to control permissions, and may include the following steps S101-S103:
步骤S101、获取设备的上下文信息,所述上下文信息携带有设备的环境信息。Step S101: Acquire context information of the device, where the context information carries the environment information of the device.
步骤S102、获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。Step S102: Acquire an access control policy corresponding to the acquired environment information, wherein at least one access control policy is generated based on predetermined environment information.
步骤S103、基于所获取的访问控制策略确定允许访问的目标对象。Step S103: Determine the target object that is allowed to be accessed based on the acquired access control policy.
本说明书的实施例所应用的设备,可以是个人计算机、膝上型计算机、平板计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件收发设备、游戏控制台、可穿戴设备等等需要控制权限的设备,这些设备的上下文信息指可能影响设备或设备上的内容的权限的因素,考虑到该上下文信息需要满足设备所有者在不同场合后隐私的需求,上下文信息可以包括设备的环境信息。The devices to which the embodiments of this specification apply may be personal computers, laptop computers, tablet computers, cellular phones, camera phones, smart phones, personal digital assistants, media players, navigation devices, e-mailing devices, game controls Devices that need to control permissions, such as consoles, wearable devices, etc., the context information of these devices refers to factors that may affect the permissions of the device or the content on the device. Considering that the context information needs to meet the device owner's privacy needs after different occasions, The contextual information may include contextual information of the device.
而环境信息可以指设备所处环境的地理位置信息,还可以指在设备所处环境中可能接触的信息,如磁场指纹、WIFI指纹、环境音频等信息中的至少一项,这些信息可以区分出不同的环境。The environmental information can refer to the geographical location information of the environment where the device is located, and can also refer to the information that may be contacted in the environment where the device is located, such as at least one of magnetic field fingerprints, WIFI fingerprints, ambient audio and other information, which can be distinguished. different environments.
针对不同的环境信息,为满足设备所有者保护隐私的需求,本方案的设计人员,可以提供预定环境信息,针对不同的预定环境信息生成对应的访问控制策略的功能,设备所有者通过该功能可以根据自身的隐私保护需求,可以生成不同预定环境信息对应的访问控制策略,不同访问控制策略描述的权限可以不同,对应的安全等级也可以不同。这里提到的访问控制策略,既可以描述设备使用者(用户,指设备所有者或其他人员)对设备的权限(如访问、更改等权限),可以描述设备使用者对设备内某些应用的权限,还可以描述设备使用者对应用内某些功能模块的权限,本说明书实施例对此不做限制。For different environmental information, in order to meet the requirements of device owners to protect privacy, the designer of this solution can provide predetermined environmental information, and generate corresponding access control policies for different predetermined environmental information. Through this function, the device owner can According to its own privacy protection requirements, access control policies corresponding to different predetermined environmental information can be generated. Different access control policies can describe different permissions and corresponding security levels. The access control policy mentioned here can not only describe the permissions (such as access, change, etc.) of the device user (user, referring to the device owner or other personnel) to the device, but also describe the device user's access to certain applications in the device. Authority can also describe the authority of the device user to some functional modules in the application, which is not limited in the embodiment of this specification.
以下针对不同的预定环境信息,说明下设备所有者如何生成访问控制策略:The following describes how the device owner generates the access control policy for different predetermined environment information:
一:预定环境信息为地理位置信息,地理位置信息可以指电子设备所处场所的经纬度场所、场所名称、或者设备所有者为区分不同的场所自定义的位置标识。例如,设备所有者将其居场所定义为“家”,将其办公场所定义为“公司”,将其在外就餐的场所定义为“餐馆”,将其在外健身锻炼的场所定义为“运动处”等等。不过,场所名称可以与场所的经纬度标识对应,通过检测经纬度便可以确定出对应的场所名称或自定位的位置标识。One: The predetermined environment information is geographic location information. The geographic location information may refer to the latitude and longitude of the location where the electronic device is located, the location name, or the location identifier customized by the device owner to distinguish different locations. For example, equipment owners define their place of residence as a "home", their office as a "company", a place where they eat out as a "restaurant", and a place where they work out as a "sports place" and many more. However, the name of the place may correspond to the latitude and longitude identifier of the place, and by detecting the latitude and longitude, the corresponding place name or the location identifier of the self-positioning can be determined.
实际应用中,生成访问控制策略需要考虑多种状况,如:设备所有者不同,设备所处场所不同,场所内的人员不同,或者场所对设备所有者的要求不同等,在不同状况下为满足设备所有者保护隐私的需求,设备所有者根据自身的隐私保护需求,所预定的地理位置信息、访问控制策略以及地理位置信息与访问控制策略的对应关系,也可能会有所不同,以下列举几种状况:In practical applications, generating access control policies needs to consider a variety of conditions, such as: different equipment owners, different equipment locations, different personnel in the sites, or different sites have different requirements for equipment owners. The privacy protection requirements of the device owner. The device owner may also have different geographical location information, access control policies, and the corresponding relationship between geographical location information and access control policies according to their own privacy protection requirements. The following lists a few kind of situation:
状况1,设备所有者在居住场所接触的大都是家人,无需向家人隐藏隐私;在办公场所接触的大都是领导或同事,设备所有者可能不想领导了解到其日常生活中内容,如经常玩的游戏、网上购买的物品、与家人或朋友的聊天内容等等;在就餐的场所或健身锻炼的场所接触的人员比较复杂,可能既有相互熟悉的友人,也有陌生人,设备所有者可能既不想让陌生人了解到其日常生活中内容,也不想让陌生人了解到其工作中的内容。Situation 1. Most of the contacts of the device owner in the living place are family members, and there is no need to hide their privacy from the family; most of the contacts in the office are leaders or colleagues. Games, items purchased online, chats with family members or friends, etc.; the people who are in contact at a place to eat or exercise are complex, and there may be friends and strangers who are familiar with each other, and the owner of the device may neither want Let strangers know about their daily life, and don't let strangers know about their work.
针对设备所有者的上述隐私保护需求,设备所有者可以基于其居住场所的地理位置信息,生成描述设备使用者对设备的权限的访问控制策略,如管理者策略和禁止访问策略,管理者策略对应的地理位置信息为“家”、“家”的场所名称或者“家”的经纬度,该策略可以允许设备使用者访问设备内的所有内容,更改设备的所有设置;禁止访问策略对应地理位置信息,不是“家”、“家”的场所名称或者“家”的经纬度,该策略禁止设备使用者访问设备。In response to the above privacy protection requirements of the device owner, the device owner can generate an access control policy that describes the device user's rights to the device based on the geographic location information of the device owner, such as the manager policy and the access prohibition policy. The manager policy corresponds to The geographic location information is "home", the place name of "home" or the latitude and longitude of "home". This policy can allow device users to access all content in the device and change all settings of the device; prohibit access to the geographic location information corresponding to the policy. Not "home", the name of the place of "home", or the latitude and longitude of "home", this policy prohibits device users from accessing the device.
再者,设备所有者还可以基于其居住场所的地理位置信息,生成描述设备使用者对设备内容的权限的访问控制策略,如管理者策略和临时访问策略或初始内容访问策略,这里提到的设备内容可以指设备内的系统软件或应用软件,系统软件如操作系统、数据库管理系统等,应用软件如即时通讯软件、电子商务软件等等,也可以指应用软件内的功能模块,如电子商务软件内的交易记录、即时通讯软件内的历史通讯记录等。Furthermore, the device owner can also generate an access control policy that describes the device user's rights to the device content based on the geographic location information of the device owner, such as an administrator policy and a temporary access policy or an initial content access policy, mentioned here. Device content can refer to system software or application software in the device, system software such as operating system, database management system, etc., application software such as instant messaging software, e-commerce software, etc., or it can refer to functional modules in application software, such as e-commerce Transaction records in the software, historical communication records in instant messaging software, etc.
其中,管理者策略对应的地理位置信息为“家”、“家”的场所名称或者“家”的经纬度,该策略可以允许设备使用者访问设备内的所有内容,更改设备的所有设置;临时访问策略或初始内容访问策略对应地理位置信息,不是“家”、“家”的场所名称或者“家”的经纬度,临时访问策略可以允许设备使用者访问与隐私内容不相关的内容,隐私内容由设备所有者预先预定,可以是图库内的相册、电子商务软件内的交易记录、即时通讯软件内的历史通讯记录等;初始内容策略,允许设备使用者访问设备不加载任何内容的初始状态。在其他例子中,不同的访问控制策略,还可以描述不允许设备使用者访问的内容,本说明书实施例对此不做限制。Among them, the geographic location information corresponding to the manager's policy is "home", the place name of "home", or the latitude and longitude of "home". This policy can allow device users to access all content in the device and change all settings of the device; temporary access The policy or initial content access policy corresponds to geographic location information, not the name of "home", the place name of "home", or the latitude and longitude of "home". The temporary access policy can allow device users to access content that is not related to private content, which is controlled by the device The owner pre-books, which can be photo albums in the gallery, transaction records in e-commerce software, historical communication records in instant messaging software, etc.; the initial content policy allows device users to access the initial state of the device without loading any content. In other examples, different access control policies may also describe content that the device user is not allowed to access, which is not limited in this embodiment of the present specification.
此外,设备所有者还可以基于不同场所的地理位置信息,生成不同的访问控制策略,如管理者访问策略、办公访问策略、公共访问策略,访问控制策略不同时,允许设备使用访问的设备内容可以不同。In addition, the device owner can also generate different access control policies based on the geographic location information of different places, such as administrator access policies, office access policies, and public access policies. different.
其中,管理者策略对应的地理位置信息为“家”、“家”的场所名称或者“家”的经纬度等,该策略可以允许设备使用者访问设备内的所有内容,更改设备的所有设置。The geographic location information corresponding to the administrator policy is "home", the place name of "home", or the latitude and longitude of "home", etc. The policy can allow device users to access all content in the device and change all settings of the device.
办公访问策略对应的地理位置信息为“公司”、“公司”的场所名称或者“公司”的经纬度等,该策略可以允许设备使用者访问设备内与工作相关的内容。The geographic location information corresponding to the office access policy is "company", the place name of the "company", or the latitude and longitude of the "company", etc. This policy can allow device users to access work-related content in the device.
公共访问策略对应的地理位置信息为“餐馆”与“运动处”、“餐馆”与“运动处”的场所名称、或者“餐馆”与“运动处”的经纬度等,该策略可以允许设备使用者访问与私人生活和工作不相关的内容。The geographic location information corresponding to the public access policy is "restaurant" and "sports place", the place names of "restaurant" and "sports place", or the latitude and longitude of "restaurant" and "sports place", etc. This policy can allow device users Access content not related to personal life and work.
状况2,与状况1的不同之处在于:公司要求员工对工作内容进行保密,生成访问控制策略时,如果地理位置信息为“家”、“家”的场所名称或者“家”的经纬度,地理位置信息所对应的策略可以为私人访问策略,该策略可以允许设备使用者访问设备内与工作不相关的内容,更改与工作内容不相关的设置。Situation 2 is different from Situation 1 in that the company requires employees to keep their work confidential, and when generating an access control policy, if the geographic location information is "home", the name of the place of "home" or the latitude and longitude of "home", the geographic The policy corresponding to the location information may be a private access policy, and the policy may allow the device user to access the content unrelated to the work in the device, and to change the settings unrelated to the work content.
在其他实施例中,针对不同的状况,设备所有者还可以预定不同于以上状况的地理位置信息、访问控制策略以及地理位置信息与访问控制策略的对应关系,本说明书实施例对此不做限制。In other embodiments, for different conditions, the device owner may also pre-determine geographic location information, access control policies, and the corresponding relationship between geographic location information and access control policies that are different from the above conditions, which are not limited in the embodiments of this specification. .
二:预定环境信息为WIFI指纹,可以指设备所处环境的无线局域网的信号强度,例如:居住场所的WIFI为W1,办公场所的WIFI为W2,就餐的场所的WIFI为W3,健身锻炼的场所的WIFI为W4。设备所有者在居住场所时,WIFI为W1,信号强度为Q1,而W2、W3和W4的信号强度均为0;设备所有者在办公场所时,WIFI为W2,信号强度为Q2,而W1、W3和W4的信号强度均为0;设备所有者在就餐的场所时,WIFI为W3,信号强度为Q3,而W1、W2和W4的信号强度均为0;设备所有者在健身锻炼的场所时,WIFI为W4,信号强度为Q4,而W1、W2和W3的信号强度均为0。2: The predetermined environment information is the WIFI fingerprint, which can refer to the signal strength of the wireless local area network where the device is located. For example, the WIFI of the living place is W1, the WIFI of the office place is W2, the WIFI of the dining place is W3, the place of fitness exercise WIFI is W4. When the device owner is in the residence, the WIFI is W1 and the signal strength is Q1, while the signal strengths of W2, W3 and W4 are all 0; when the device owner is in the office, the WIFI is W2 and the signal strength is Q2, while W1, The signal strengths of W3 and W4 are both 0; when the device owner is in the dining place, the WIFI is W3 and the signal strength is Q3, while the signal strengths of W1, W2 and W4 are all 0; when the device owner is in a fitness exercise place , WIFI is W4, the signal strength is Q4, and the signal strength of W1, W2 and W3 are all 0.
实际应用中,生成访问控制策略需要考虑多种状况,如:设备所有者不同,设备所处场所的WIFI指纹不同,场所内的人员不同,或者场所对设备所有者的要求不同等,在不同状况下为满足设备所有者保护隐私的需求,设备所有者根据自身的隐私保护需求,所预定的WIFI指纹、访问控制策略以及WIFI指纹与访问控制策略的对应关系,也可能会有所不同,具体可参见上述状况1和状况2,不同之处在于,用各场所的WIFI指纹替换各场所的地理位置信息。In practical applications, the generation of access control policies needs to consider a variety of conditions, such as: different device owners, different WIFI fingerprints in the place where the device is located, different personnel in the place, or different places have different requirements for the device owner, etc. In order to meet the privacy protection requirements of device owners, the device owners may have different WIFI fingerprints, access control policies, and the corresponding relationship between WIFI fingerprints and access control policies according to their own privacy protection requirements. Referring to the above situation 1 and situation 2, the difference is that the geographic location information of each location is replaced with the WIFI fingerprint of each location.
除以上状况1和状况2外,本说明书的其他实施例中,针对不同的状况,设备所有者还可以预定不同于以上状况的WIFI指纹、访问控制策略以及WIFI指纹与访问控制策略的对应关系,本说明书实施例对此不做限制。In addition to the above conditions 1 and 2, in other embodiments of this specification, for different conditions, the device owner can also pre-determine WIFI fingerprints, access control policies and the corresponding relationship between WIFI fingerprints and access control policies that are different from the above conditions, The embodiments of the present specification do not limit this.
三:预定环境信息为磁场指纹,可以指设备所处环境中,部分位置点的磁场数据,类似于RSSI指纹,代表部分位置点的磁场强度等信息。可以由内置于设备的磁力计采集所得。Three: The predetermined environmental information is the magnetic field fingerprint, which can refer to the magnetic field data of some locations in the environment where the device is located, similar to RSSI fingerprints, which represent information such as the magnetic field strength of some locations. It can be acquired by a magnetometer built into the device.
例如:居住场所的磁场为C1,办公场所的磁场为C2,就餐的场所的磁场为C3,健身锻炼的场所的磁场为C4。设备所有者在居住场所时,磁场为C1,信号强度为T1,而C2、C3和C4的信号强度均为0;设备所有者在办公场所时,磁场为C2,信号强度为T2,而C1、C3和C4的信号强度均为0;设备所有者在就餐的场所时,磁场为C3,信号强度为T3,而C1、C2和C4的信号强度均为0;设备所有者在健身锻炼的场所时,磁场为C4,信号强度为Q4,而W1、W2和W3的信号强度均为0。For example, the magnetic field of the living place is C1, the magnetic field of the office place is C2, the magnetic field of the dining place is C3, and the magnetic field of the fitness exercise place is C4. When the device owner is in the residence, the magnetic field is C1, the signal strength is T1, and the signal strengths of C2, C3, and C4 are all 0; when the device owner is in the office, the magnetic field is C2, the signal strength is T2, and C1, C3, and C4 have a signal strength of 0. The signal strengths of C3 and C4 are both 0; when the device owner is in a dining place, the magnetic field is C3 and the signal strength is T3, while the signal strengths of C1, C2 and C4 are all 0; when the device owner is in a fitness exercise place , the magnetic field is C4, the signal strength is Q4, and the signal strengths of W1, W2, and W3 are all 0.
实际应用中,生成访问控制策略需要考虑多种状况,如:设备所有者不同,设备所处场所的磁场指纹不同,场所内的人员不同,或者场所对设备所有者的要求不同等,在不同状况下为满足设备所有者保护隐私的需求,设备所有者根据自身的隐私保护需求,所预定的磁场指纹、访问控制策略以及磁场指纹与访问控制策略的对应关系,也可能会有所不同,具体可参见上述状况1和状况2,不同之处在于,用各场所的磁场指纹替换各场所的地理位置信息。In practical applications, the generation of access control policies needs to consider a variety of conditions, such as: different device owners, different magnetic field fingerprints in the place where the device is located, different personnel in the place, or different places have different requirements for the device owner, etc. In order to meet the privacy protection requirements of the device owner, the predetermined magnetic fingerprint, access control strategy, and the corresponding relationship between the magnetic fingerprint and the access control strategy may be different for the device owner according to their own privacy protection requirements. Refer to Situation 1 and Situation 2 above, except that the geographic location information of each location is replaced with the magnetic field fingerprint of each location.
除以上状况1和状况2外,本说明书的其他实施例中,针对不同的状况,设备所有者还可以预定不同于以上状况的磁场指纹、访问控制策略以及磁场指纹与访问控制策略的对应关系,本说明书实施例对此不做限制。In addition to the above conditions 1 and 2, in other embodiments of this specification, for different conditions, the device owner can also pre-determine magnetic field fingerprints, access control policies and the corresponding relationship between magnetic field fingerprints and access control policies that are different from the above conditions, The embodiments of the present specification do not limit this.
四:预定环境信息为环境音频,环境音频可以为环境内经常发生的声音的音频(音的高低),这里的声音可以指说话声、歌声、乐器声、或者机器设备发出的噪声等。Four: The predetermined environmental information is the environmental audio, and the environmental audio can be the audio of the sounds that often occur in the environment (the level of the sound).
例如,居住场所经常发生人说话的声音,音频为Y1,办公场所经常发生人敲击计算机设备的声音,音频为Y2,聚餐的场所经常发生餐具碰撞的声音,音频为Y3,健身锻炼的场所经常发生噪音,音频为Y4。For example, the sound of people talking often occurs in residential places, the audio is Y1, the sound of people tapping computer equipment often occurs in the office, the audio is Y2, the sound of tableware collision often occurs in the dining place, the audio is Y3, and the fitness exercise place often occurs. Noise occurs, audio is Y4.
实际应用中,生成访问控制策略需要考虑多种状况,如:设备所有者不同,设备所处场所的环境音频不同,场所内的人员不同,或者场所对设备所有者的要求不同等,在不同状况下为满足设备所有者保护隐私的需求,设备所有者根据自身的隐私保护需求,所预定的环境音频、访问控制策略以及环境音频与访问控制策略的对应关系,也可能会有所不同,具体可参见上述状况1和状况2,不同之处在于,用各场所的环境音频替换各场所的地理位置信息。In practical applications, generating access control policies needs to consider a variety of situations, such as: different device owners, different ambient audio in the place where the device is located, different personnel in the place, or different places have different requirements for the device owner, etc. In order to meet the privacy protection requirements of the device owner, the predetermined ambient audio, access control policies, and the corresponding relationship between ambient audio and access control policies may be different according to their own privacy protection requirements. See Case 1 and Case 2 above, except that the location information for each location is replaced with the location's ambient audio.
除以上状况1和状况2外,本说明书的其他实施例中,针对不同的状况,设备所有者还可以预定不同于以上状况的环境音频、访问控制策略以及环境音频与访问控制策略的对应关系,本说明书实施例对此不做限制。In addition to the above conditions 1 and 2, in other embodiments of this specification, for different conditions, the device owner can also pre-determine ambient audio, access control policies and the corresponding relationship between ambient audio and access control policies that are different from the above conditions, The embodiments of the present specification do not limit this.
某些状况下,设备所有者为了进一步增强对隐私的保护,还可以在上下文信息中添加其他控制权限的因素,如解锁密码,可以用于解锁设备,也可以用于解锁设备内的系统软件或软件应用,还可以用于解锁软件应用内的功能模块,本说明书实施例对此不做限制。In some cases, in order to further enhance the protection of privacy, the device owner can also add other control factors to the context information, such as an unlock password, which can be used to unlock the device, and can also be used to unlock the system software or system software in the device. The software application can also be used to unlock the functional modules in the software application, which is not limited in the embodiment of this specification.
实际应用中,为进一步加强对设备所有者的隐私保护,设备所有者除可以基于不同的预定环境信息生成对应的访问控制策略外,还可以单独基于预定密码生成对应的访问控制策略,其中,预定密码可以有两个以上,基于不同的预定密码生成的访问控制策略可以不同,这里提到的预定密码可以用于匹配解锁指令。In practical applications, in order to further strengthen the privacy protection of device owners, in addition to generating corresponding access control policies based on different predetermined environmental information, device owners can also generate corresponding access control policies based on predetermined passwords alone. There can be more than two passwords, and the access control policies generated based on different predetermined passwords can be different, and the predetermined password mentioned here can be used to match the unlocking instruction.
而单独基于预定密码所生成的访问控制策略,可以包含在基于某些预定环境信息所生成的访问策略内,是对基于某些预定环境信息所生成的访问控制策略的进一步细分;也可以与预定环境信息所生成的访问控制策略完全不同的策略。The access control policy generated based on the predetermined password alone can be included in the access policy generated based on some predetermined environmental information, which is a further subdivision of the access control policy generated based on some predetermined environmental information; The access control policies generated by the predetermined environment information are completely different policies.
此外,设备所有者还可以同时基于预定密码和预定环境信息生成访问控制策略。但,无论是单独基于预定环境信息或预定密码生成访问控制策略,还是同时基于预定环境信息和预定密码生成访问控制策略,如果获取的上下文信息中携带有环境信息,则需要获取与所获取的环境信息对应的访问控制策略,并基于所获取的访问控制策略确定允许访问的目标对象。这里的目标对象可以指设备本身,也可以指设备内的软件或软件内的功能模块。In addition, device owners can generate access control policies based on predetermined passwords and predetermined contextual information at the same time. However, whether the access control policy is generated based on the predetermined environment information or the predetermined password alone, or the access control policy is generated based on the predetermined environment information and the predetermined password at the same time, if the acquired context information carries the environmental information, it is necessary to obtain the The access control policy corresponding to the information, and based on the obtained access control policy, the target object that is allowed to be accessed is determined. The target object here may refer to the device itself, or may refer to software in the device or functional modules in the software.
实际应用中,上下文信息不同时,获取上下文信息的方式可以有所不同,上下文信息为地理位置信息时,可以通过GPS定位获取;上下文信息为解锁密码时,可以通过用户指令获取解锁密码,解锁密码的具体形式不同时,用户指令也可以不同,如:解锁密码为字符或手势时,可以通过触摸指令获取到解锁密码,解锁密码为用户指纹时,可以通过接触式指纹指令获取到解锁密码;解锁密码为音频时,可以通过音频指令获取到解锁密码,其他例子中,解锁密码还可以是人脸等其他实行的密码,本说明书实施例对此不做限制。In practical applications, when the context information is different, the way to obtain the context information can be different. When the context information is geographic location information, it can be obtained through GPS positioning; when the context information is the unlock password, the unlock password can be obtained through user instructions. When the specific form is different, the user instructions can also be different, such as: when the unlock password is a character or gesture, the unlock password can be obtained through the touch command; when the unlock password is a user fingerprint, the unlock password can be obtained through the touch fingerprint command; When the password is audio, the unlocking password may be obtained through an audio command. In other examples, the unlocking password may also be other passwords implemented such as face, which is not limited in the embodiment of this specification.
在获取对应的访问控制策略时,如果上下文信息中仅携带有环境信息,直接将所获取的环境信息与预定环境信息匹配,如果匹配成功(如两者相同或近似相同),则对应的环境信息为基于所匹配的预定环境信息生成的访问控制策略,如果匹配不成功,则对应的环境信息为默认的访问控制策略,或基于预定环境信息生成的访问控制策略之外的其他访问控制策略。When acquiring the corresponding access control policy, if the context information only carries environmental information, the acquired environmental information is directly matched with the predetermined environmental information. If the matching is successful (for example, the two are the same or approximately the same), the corresponding environmental information For the access control policy generated based on the matched predetermined environment information, if the matching is unsuccessful, the corresponding environment information is the default access control policy, or an access control policy other than the access control policy generated based on the predetermined environment information.
如果上下文信息中携带有环境信息和解锁密码,可以按环境信息和解锁密码的获取顺序,按序获取相应的上下文信息(环境信息或解锁密码)对应的预定信息(预定环境信息或预定密码),并按序确定对应的访问控制策略和允许访问的目标对象。某例子中,先获取到环境信息,后获取到解锁密码,则先获取与环境信息匹配的预定环境信息,并按序确定对应的访问控制策略和允许访问的目标对象,然后获取与解锁密码匹配的预定密码,并按序查找对应的访问控制策略和确定允许访问的目标对象。在后查找到的访问控制策略可以属于在先确定的访问控制策略,是对在先确定的访问控制策略的进一步细化,也可以与在先确定的访问策略完全不同,两者的具体关系与前述的生成访问控制策略的过程相关。If the context information carries the environment information and the unlocking password, the predetermined information (the predetermined environment information or the predetermined password) corresponding to the corresponding context information (the environment information or the unlocking password) can be obtained in sequence according to the order of obtaining the environment information and the unlocking password, And determine the corresponding access control policy and the target objects that are allowed to be accessed in sequence. In a certain example, the environment information is obtained first, and then the unlock password is obtained, the predetermined environment information that matches the environment information is obtained first, and the corresponding access control policy and the target objects that are allowed to be accessed are determined in sequence, and then the match with the unlock password is obtained. The predetermined password is searched for the corresponding access control policy in order and the target objects that are allowed to be accessed are determined. The access control policy found later may belong to the previously determined access control policy, which is a further refinement of the previously determined access control policy, or it may be completely different from the previously determined access policy. The aforementioned process of generating an access control policy is related.
其他例子中,如果同时获取到环境信息和解锁密码,可以优先获取与环境信息匹配的预定环境信息,并按序确定对应的访问控制策略和允许访问的目标对象,然后获取与解锁密码匹配的预定密码,并按序查找对应的访问控制策略和确定允许访问的目标对象。In other examples, if the environmental information and the unlocking password are obtained at the same time, the predetermined environmental information that matches the environmental information can be obtained preferentially, and the corresponding access control policy and the target objects allowed to be accessed can be determined in sequence, and then the predetermined environmental information matching the unlocking password can be obtained. password, and search for the corresponding access control policy in order and determine the target objects that are allowed to access.
在确定好允许访问的目标对象后,本说明书实施例可以在设备的界面上显示所有目标对象的入口标识,在接收到用户(设备使用者)通过所显示的入口标识发出的访问请求,且请求访问的目标对象为不允许访问的目标对象时,则拒绝所述访问请求。如果请求访问的目标对象为访问控制策略允许访问的目标对象,则执行访问该目标对象的操作。After the target objects that are allowed to be accessed are determined, the embodiment of this specification may display the entry identifiers of all the target objects on the interface of the device, and after receiving the access request sent by the user (device user) through the displayed entry identifier, and the request When the accessed target object is a target object that is not allowed to be accessed, the access request is rejected. If the target object requested to be accessed is the target object permitted to be accessed by the access control policy, the operation of accessing the target object is performed.
为了不让设备使用者知道设备上有不允许其访问的内容,本说明书实施例,可以在确定好允许访问的目标对象后,在设备的界面上隐藏不允许访问的目标对象的入口标识,这样设备使用者看不到设备所有者需要保护的隐私内容,可以进一步提高隐私的安全程度。In order to prevent the device user from knowing that there is content on the device that the device is not allowed to access, in the embodiment of this specification, after the target object that is allowed to be accessed is determined, the entry identifier of the target object that is not allowed to be accessed can be hidden on the interface of the device, so that The device user cannot see the private content that the device owner needs to protect, which can further improve the security of privacy.
某些场景下,设备所处的环境为办公场所,预先基于办公场所生成的访问控制策略为办公访问策略,该策略不允许设备使用者访问设备内与日常生活相关的内容。但是,设备所有者由于需要向公司的活动组织人员提供其生活照,需要访问设备内与日常生活相关的内容,本方案针对这种状况,可以针对日常生活相关的内容发起强制访问,具体实现过程可以参见图2,图2是本说明书另一示例性实施例示出的权限的控制方法的流程图,该实施例可以包括以下步骤S201-S204:In some scenarios, the environment where the device is located is an office, and the pre-generated access control policy based on the office is an office access policy, which does not allow device users to access content related to daily life in the device. However, because the device owner needs to provide his life photos to the company's event organizers, he needs to access the content related to daily life in the device. In response to this situation, this solution can initiate compulsory access to the content related to daily life. The specific implementation process Referring to FIG. 2 , FIG. 2 is a flowchart of a method for controlling authority shown in another exemplary embodiment of this specification, and this embodiment may include the following steps S201-S204:
步骤S201、获取设备的上下文信息,所述上下文信息携带有设备的环境信息。Step S201: Acquire context information of the device, where the context information carries the environment information of the device.
步骤S202、获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。Step S202: Acquire an access control policy corresponding to the acquired environment information, wherein at least one access control policy is generated based on predetermined environment information.
步骤S203、基于所获取的访问控制策略确定允许访问的目标对象。Step S203: Determine the target object that is allowed to be accessed based on the acquired access control policy.
步骤S204、当接收到用户对不允许访问的目标对象的强制访问请求时,基于所述强制访问请求中携带的认证信息确定是否允许访问该目标对象。Step S204: When receiving a mandatory access request from a user to a target object that is not allowed to be accessed, determine whether to allow access to the target object based on the authentication information carried in the mandatory access request.
本实施例中的步骤S201至步骤S203与图1所涉及的实施例中的步骤S101至S103相应,在此不再赘述。Steps S201 to S203 in this embodiment correspond to steps S101 to S103 in the embodiment involved in FIG. 1 , and details are not repeated here.
对于步骤S204,所述强制访问请求,可以由用户通过设备界面显示的不允许访问的目标对象的访问接口发出,也可以由用户通过设备内预定的强制访问接口发出,发出的强制访问请求可以携带有强制解锁密码、提示问题答案等用于确定是否允许访问目标对象的认证信息,强制解锁密码可以是手势、数字、字母等字符串,也可以是指纹、人脸等,提示问题答案可以是预定的图片、人名、手机号码等身份认证信息,还可以是其他用于确定是否允许强制访问目标对象的信息,本说明书实施例对此不做限制。For step S204, the mandatory access request may be sent by the user through the access interface of the target object that is not allowed to be accessed displayed on the device interface, or may be sent by the user through a predetermined mandatory access interface in the device, and the sent mandatory access request may include There are authentication information such as mandatory unlock password and prompt question answer to determine whether to allow access to the target object. The mandatory unlock password can be a string of gestures, numbers, letters, etc., or a fingerprint, face, etc., and the prompt question answer can be predetermined The identity authentication information such as the picture, the person's name, the mobile phone number, etc., may also be other information used to determine whether to allow compulsory access to the target object, which is not limited in the embodiment of this specification.
综上可知,在设备的实际使用设备的过程中,可以通过获取设备的环境信息确定设备的访问控制策略,进而基于所获取的访问控制策略确定允许访问的目标对象,实现对权限的控制,使得设备呈现给设备使用者的内容,既能满足设备所有者在不同场合保护隐私的需求,又不影响他人借用或观摩该设备。To sum up, in the process of actually using the device, the access control policy of the device can be determined by obtaining the environmental information of the device, and then the target objects allowed to be accessed can be determined based on the obtained access control policy, so as to realize the control of the permissions, so that the The content presented by the device to the device user can not only meet the device owner's need to protect privacy in different occasions, but also does not affect others' borrowing or viewing the device.
此外,在设备所处的环境发生变化后,例如从居住场所变换到办公场所,本方案还能随着环境的变化自动切换访问控制策略,具体可以参见图3,图3是本说明书一示例性实施例示出的权限的自动切换方法的流程图,该实施例可以包括以下步骤S301-S303:In addition, after the environment where the device is located changes, for example, from a residential place to an office place, this solution can automatically switch the access control strategy with the change of the environment. For details, please refer to FIG. 3, which is an example of this specification. The flowchart of the method for automatic switching of permissions shown in the embodiment may include the following steps S301-S303:
步骤S301、获取设备的上下文信息,所述上下文信息携带有设备的环境信息。Step S301: Acquire context information of the device, where the context information carries the environment information of the device.
步骤S302、当检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。Step S302: After detecting that the environment information is updated, obtain an access control policy corresponding to the updated environment information, wherein at least one access control policy is generated based on predetermined environment information.
步骤S303,基于所获取的访问控制策略确定允许访问的目标对象。Step S303: Determine the target object that is allowed to be accessed based on the acquired access control policy.
本申请实施例中涉及的技术特征与图1涉及的技术特征相应,在此不再赘述,不同之处在于,获取到设备的上下文信息后,需要比较当前获取到的环境信息与之前获取到的环境信息是否匹配(相同或近似相同),如果匹配,则确定未检测到所述环境信息的更新,如果不匹配,则确定检测到环境信息的匹配。The technical features involved in the embodiments of the present application correspond to the technical features involved in FIG. 1 , which will not be repeated here. The difference is that after obtaining the context information of the device, it is necessary to compare the currently obtained environment information with the previously obtained environment information. Whether the environmental information matches (same or approximately the same), if it matches, it is determined that the update of the environmental information is not detected, and if it does not match, it is determined that the matching of the environmental information is detected.
例如,当前获取到的环境信息为办公场所的经纬度,之前获取到的环境信息为居住场所的经纬度,那么两者不匹配,确定环境信息发生更新,则基于更新后的环境信息(当前获取到的办公场所的经纬度)获取与更新后的环境信息所对应的访问控制策略。For example, if the currently obtained environmental information is the latitude and longitude of the office, and the previously obtained environmental information is the latitude and longitude of the residential place, then the two do not match, and it is determined that the environmental information is updated, based on the updated environmental information (the currently obtained latitude and longitude of the office) to obtain the access control policy corresponding to the updated environment information.
一些例子中,环境信息包括以下至少一种:In some examples, the environmental information includes at least one of the following:
地理位置信息,磁场指纹,WIFI指纹,环境音频。Geolocation information, magnetic field fingerprint, WIFI fingerprint, ambient audio.
另一些例子中,如果所获取的上下文信息中携带有解锁密码,本说明书实施例的权限的自动切换方法还可以包括以下步骤:In other examples, if the acquired context information carries an unlock password, the method for automatically switching permissions in the embodiment of this specification may further include the following steps:
查找与所述解锁密码所对应的访问控制策略,所述解锁密码用于解锁设备或解锁应用;Find the access control policy corresponding to the unlocking password, where the unlocking password is used to unlock the device or unlock the application;
基于所查找的访问控制策略确定允许访问的目标对象。The target objects that are allowed access are determined based on the access control policy that is looked up.
作为例子,所述访问控制策略还包括:As an example, the access control policy further includes:
基于预定密码生成的访问控制策略,所述预定密码用于匹配解锁指令;an access control policy generated based on a predetermined password, where the predetermined password is used to match the unlocking instruction;
和/或,and / or,
基于预定密码和预定环境信息生成的访问控制策略。An access control policy is generated based on a predetermined password and predetermined context information.
作为例子,当预定密码不止一个时,基于不同预定密码所生成的访问控制策略不同。As an example, when there is more than one predetermined password, the access control policies generated based on different predetermined passwords are different.
作为例子,所述解锁密码通过以下任一种用户指令获取:As an example, the unlocking password is obtained through any of the following user instructions:
触摸指令、接触式指纹指令、音频指令。Touch command, touch fingerprint command, audio command.
另一些例子中,本说明书实施例的权限的自动切换方法还可以包括以下步骤:In other examples, the method for automatically switching permissions in the embodiments of this specification may further include the following steps:
在设备的界面上隐藏不允许访问的目标对象的入口标识;或Hide the entry identification of the target object that does not allow access on the interface of the device; or
在设备的界面上显示所有目标对象的入口标识;Display the entry identifiers of all target objects on the interface of the device;
接收到用户通过所显示的入口标识发出的访问请求时,如果请求访问的目标对象为不允许访问的目标对象,则拒绝所述访问请求。When receiving an access request sent by the user through the displayed entry identifier, if the target object requested for access is a target object that is not allowed to be accessed, the access request is rejected.
某些场景下,设备所处的环境切换为办公场所,预先基于办公场所生成的访问控制策略为办公访问策略,该策略不允许设备使用者访问设备内与日常生活相关的内容。但是,设备所有者由于需要向公司的活动组织人员提供其生活照,需要访问设备内与日常生活相关的内容,本方案针对这种状况,可以针对日常生活相关的内容发起强制访问,具体实现过程可以参见图4,图4是本说明书另一示例性实施例示出的权限的自动切换方法的流程图,该实施例可以包括以下步骤S401-S404:In some scenarios, the environment where the device is located is switched to an office, and the access control policy generated in advance based on the office is an office access policy, which does not allow device users to access content related to daily life in the device. However, because the device owner needs to provide his life photos to the company's event organizers, he needs to access the content related to daily life in the device. In response to this situation, this solution can initiate compulsory access to the content related to daily life. The specific implementation process Referring to FIG. 4 , FIG. 4 is a flowchart of a method for automatically switching permissions according to another exemplary embodiment of this specification. This embodiment may include the following steps S401-S404:
步骤S401、获取设备的上下文信息,所述上下文信息携带有设备的环境信息。Step S401: Acquire context information of the device, where the context information carries the environment information of the device.
步骤S402、获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。Step S402: Acquire an access control policy corresponding to the acquired environment information, wherein at least one access control policy is generated based on predetermined environment information.
步骤S403、当检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。Step S403: After detecting that the environment information is updated, obtain an access control policy corresponding to the updated environment information, wherein at least one access control policy is generated based on predetermined environment information.
步骤S404、当接收到用户对不允许访问的目标对象的强制访问请求时,基于所述强制访问请求中携带的认证信息确定是否允许访问该目标对象。Step S404: When a mandatory access request from a user to a target object that is not allowed to be accessed is received, determine whether to allow access to the target object based on the authentication information carried in the mandatory access request.
本实施例中的步骤S401至步骤S404与图2所涉及的实施例中的步骤S201至S203相应,在此不再赘述。不同之处在于,获取到设备的上下文信息后,需要比较当前获取到的环境信息与之前获取到的环境信息是否匹配(相同或近似相同),如果匹配,则确定未检测到所述环境信息的更新,如果不匹配,则确定检测到环境信息的匹配。Steps S401 to S404 in this embodiment correspond to steps S201 to S203 in the embodiment involved in FIG. 2 , and details are not repeated here. The difference is that after acquiring the context information of the device, it is necessary to compare whether the currently acquired environmental information matches (same or approximately the same) the previously acquired environmental information. Update, if there is no match, determine that a match for the context information was detected.
作为例子,所述认证信息包括以下任一:As an example, the authentication information includes any of the following:
强制解锁密码、提示问题答案。Force unlock password, prompt question answer.
与前述方法的实施例相对应,本申请还提供了装置的实施例。Corresponding to the foregoing method embodiments, the present application also provides device embodiments.
参见图5,图5是本申请一示例性实施例示出的权限的控制装置的框图,该装置可以包括:上下文获取模块510、控制策略获取模块520和目标对象确定模块530。Referring to FIG. 5 , FIG. 5 is a block diagram of an apparatus for controlling permissions according to an exemplary embodiment of the present application. The apparatus may include: a
其中,上下文获取模块510,用于获取设备的上下文信息,所述上下文信息携带有设备的环境信息。The
控制策略获取模块520,用于获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。The control
目标对象确定模块530,用于基于所获取的访问控制策略确定允许访问的目标对象。The target
一些例子中,所述环境信息包括以下至少一种:In some examples, the environmental information includes at least one of the following:
地理位置信息,磁场指纹,WIFI指纹,环境音频。Geolocation information, magnetic field fingerprint, WIFI fingerprint, ambient audio.
另一些例子中,本说明书实施例的权限的控制装置还可以包括:In other examples, the apparatus for controlling the authority of the embodiments of this specification may further include:
控制策略查找模块,用于在所获取的上下文信息中还携带有解锁密码时,查找与所述解锁密码所对应的访问控制策略,所述解锁密码用于解锁设备或解锁应用。The control policy search module is configured to search for an access control policy corresponding to the unlock password when the acquired context information also carries an unlock password, and the unlock password is used to unlock the device or unlock the application.
访问对象确定模块,用于基于所查找的访问控制策略确定允许访问的目标对象。The access object determination module is used for determining the target object that is allowed to be accessed based on the searched access control policy.
作为例子,所述访问控制策略还包括:As an example, the access control policy further includes:
基于预定密码生成的访问控制策略,所述预定密码用于匹配解锁指令。An access control policy is generated based on a predetermined password, which is used to match the unlocking instruction.
和/或,and / or,
基于预定密码和预定环境信息生成的访问控制策略。An access control policy is generated based on a predetermined password and predetermined context information.
作为例子,当预定密码不止一个时,基于不同预定密码所生成的访问控制策略不同。As an example, when there is more than one predetermined password, the access control policies generated based on different predetermined passwords are different.
作为例子,所述解锁密码通过以下任一种用户指令获取:As an example, the unlocking password is obtained through any of the following user instructions:
触摸指令、接触式指纹指令、音频指令。Touch command, touch fingerprint command, audio command.
另一些例子中,本说明书实施例的权限的控制装置还可以包括:In other examples, the apparatus for controlling the authority of the embodiments of this specification may further include:
对象隐藏模块,用于在设备的界面上隐藏不允许访问的目标对象的入口标识。或,The object hiding module is used to hide the entry identifier of the target object that is not allowed to be accessed on the interface of the device. or,
对象显示模块,用于在设备的界面上显示所有目标对象的入口标识。The object display module is used to display the entry identifiers of all target objects on the interface of the device.
拒绝访问模块,用于在接收到用户通过所显示的入口标识发出访问请求,且请求访问的目标对象为不允许访问的目标对象时,拒绝所述访问请求。The access denial module is configured to deny the access request when an access request is received from the user through the displayed entry identifier, and the target object requested for access is a target object that is not allowed to be accessed.
另一些例子中,本说明书实施例的权限的控制装置还可以包括:In other examples, the apparatus for controlling the authority of the embodiments of this specification may further include:
强制访问模块,用于在接收到用户对不允许访问的目标对象的强制访问请求时,基于所述强制访问请求中携带的认证信息确定是否允许访问该目标对象。The mandatory access module is configured to determine whether to allow access to the target object based on the authentication information carried in the mandatory access request when receiving a mandatory access request from a user for a target object that is not allowed to be accessed.
作为例子,所述认证信息包括以下任一:As an example, the authentication information includes any of the following:
强制解锁密码、提示问题答案。Force unlock password, prompt question answer.
参见图6,图6是本申请一示例性实施例示出的权限的自动切换装置的框图,该装置可以包括:上下文获取模块610、控制策略切换模块620和目标对象确定模块630。Referring to FIG. 6 , FIG. 6 is a block diagram of an apparatus for automatically switching permissions according to an exemplary embodiment of the present application. The apparatus may include: a
其中,上下文获取模块610,用于获取设备的上下文信息,所述上下文信息携带有设备的环境信息.Wherein, the
控制策略切换模块620,用于在检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成。The control
目标对象确定模块630,用于基于所获取的访问控制策略确定允许访问的目标对象。The target
一些例子中,所述环境信息包括以下至少一种:In some examples, the environmental information includes at least one of the following:
地理位置信息,磁场指纹,WIFI指纹,环境音频。Geolocation information, magnetic field fingerprint, WIFI fingerprint, ambient audio.
另一些例子中,本说明书实施例的权限的自动切换装置还可以包括:In other examples, the apparatus for automatically switching permissions in the embodiments of this specification may further include:
控制策略查找模块,用于在所获取的上下文信息中还携带有解锁密码时,查找与所述解锁密码所对应的访问控制策略,所述解锁密码用于解锁设备或解锁应用。The control policy search module is configured to search for an access control policy corresponding to the unlock password when the acquired context information also carries an unlock password, and the unlock password is used to unlock the device or unlock the application.
访问对象确定模块,用于基于所查找的访问控制策略确定允许访问的目标对象。The access object determination module is used for determining the target object that is allowed to be accessed based on the searched access control policy.
作为例子,所述访问控制策略还包括:As an example, the access control policy further includes:
基于预定密码生成的访问控制策略,所述预定密码用于匹配解锁指令。An access control policy is generated based on a predetermined password, which is used to match the unlocking instruction.
和/或,and / or,
基于预定密码和预定环境信息生成的访问控制策略。An access control policy is generated based on a predetermined password and predetermined context information.
作为例子,当预定密码不止一个时,基于不同预定密码所生成的访问控制策略不同。As an example, when there is more than one predetermined password, the access control policies generated based on different predetermined passwords are different.
作为例子,所述解锁密码通过以下任一种用户指令获取:As an example, the unlocking password is obtained through any of the following user instructions:
触摸指令、接触式指纹指令、音频指令。Touch command, touch fingerprint command, audio command.
另一些例子中,本说明书实施例的权限的自动切换装置还可以包括:In other examples, the apparatus for automatically switching permissions in the embodiments of this specification may further include:
对象隐藏模块,用于在设备的界面上隐藏不允许访问的目标对象的入口标识。或,The object hiding module is used to hide the entry identifier of the target object that is not allowed to be accessed on the interface of the device. or,
对象显示模块,用于在设备的界面上显示所有目标对象的入口标识。The object display module is used to display the entry identifiers of all target objects on the interface of the device.
拒绝访问模块,用于在接收到用户通过所显示的入口标识发出访问请求,且请求访问的目标对象为不允许访问的目标对象时,拒绝所述访问请求。The access denial module is configured to deny the access request when an access request is received from the user through the displayed entry identifier, and the target object requested for access is a target object that is not allowed to be accessed.
另一些例子中,本说明书实施例的权限的自动切换装置还可以包括:In other examples, the apparatus for automatically switching permissions in the embodiments of this specification may further include:
强制访问模块,用于在接收到用户对不允许访问的目标对象的强制访问请求时,基于所述强制访问请求中携带的认证信息确定是否允许访问该目标对象。The mandatory access module is configured to determine whether to allow access to the target object based on the authentication information carried in the mandatory access request when receiving a mandatory access request from a user for a target object that is not allowed to be accessed.
作为例子,所述认证信息包括以下任一:As an example, the authentication information includes any of the following:
强制解锁密码、提示问题答案。Force unlock password, prompt question answer.
上述装置中各个单元(或模块)的功能和作用的实现过程具体详见上述方法中对应步骤的实现过程,在此不再赘述。For details of the implementation process of the functions and functions of each unit (or module) in the above-mentioned apparatus, please refer to the implementation process of the corresponding steps in the above-mentioned method, which will not be repeated here.
对于装设的实施例而言,由于其基本对应于方法实施例,所以相关之处参见方法实施例的部分说明即可。以上所描述的邮件客户端实施例仅仅是示意性的,其中所述作为分离部件说明的单元或模块可以是或者也可以不是物理上分开的,作为单元或模块显示的部件可以是或者也可以不是物理单元或模块,即可以位于一个地方,或者也可以分布到多个网络单元或模块上。可以根据实际的需要选择其中的部分或者全部模块来实现本说明书实施例方案的目的。本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。As for the installation embodiment, since it basically corresponds to the method embodiment, it is sufficient to refer to the partial description of the method embodiment for related parts. The embodiments of the mail client described above are only illustrative, wherein the units or modules described as separate components may or may not be physically separated, and the components displayed as units or modules may or may not be A physical unit or module can be located in one place, or it can be distributed over multiple network units or modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solutions of the embodiments of this specification. Those of ordinary skill in the art can understand and implement it without creative effort.
本说明书实施例的权限的控制装置/权限的自动切换装置可以应用在电子设备上。具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现中,电子设备为计算机,计算机的具体形式可以是个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件收发设备、游戏控制台、平板计算机、可穿戴设备、互联网电视、智能机车、无人驾驶汽车、智能冰箱、其他智能家居设备或者这些设备中的任意几种设备的组合。The authority control apparatus/authority automatic switching apparatus of the embodiments of this specification can be applied to electronic equipment. Specifically, it can be implemented by a computer chip or an entity, or by a product with a certain function. In a typical implementation, the electronic device is a computer, which may be in the form of a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email sending and receiving device , game consoles, tablets, wearables, Internet TVs, smart locomotives, driverless cars, smart refrigerators, other smart home devices, or a combination of any of these devices.
装置实施例可以通过软件实现,也可以通过硬件或者软硬件结合的方式实现。以软件实现为例,作为一个逻辑意义上的客户端,是通过其所在电子设备的处理器将非易失性存储器等可读介质中对应的计算机程序指令读取到内存中运行形成的。从硬件层面而言,如图7所示,为本说明书实施例权限的控制或自动切换装置所在电子设备的一种硬件结构图,除了图7所示的处理器、内存、网络接口、以及非易失性存储器之外,实施例中电子设备通常根据该电子设备的实际功能,还可以包括其他硬件,对此不再赘述。The apparatus embodiment may be implemented by software, or may be implemented by hardware or a combination of software and hardware. Taking software implementation as an example, a client in a logical sense is formed by reading the corresponding computer program instructions in a readable medium such as a non-volatile memory into the memory through the processor of the electronic device where it is located. From the perspective of hardware, as shown in FIG. 7 , it is a hardware structure diagram of the electronic equipment where the authority control or automatic switching device according to the embodiment of this specification is located, except for the processor, memory, network interface, and non- In addition to the volatile memory, the electronic device in the embodiment may also include other hardware generally according to the actual function of the electronic device, which will not be repeated here.
一些例子中,电子设备的存储器可以存储处理器可执行程序指令;处理器可以耦合存储器,用于读取所述存储器存储的程序指令,并作为响应,执行如下操作:获取设备的上下文信息,所述上下文信息携带有设备的环境信息;获取与所获取的环境信息对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;基于所获取的访问控制策略确定允许访问的目标对象。In some examples, the memory of the electronic device may store processor-executable program instructions; the processor may be coupled to the memory for reading the program instructions stored in the memory, and in response, perform the following operations: obtain context information of the device, so The context information carries the environment information of the device; obtains an access control policy corresponding to the obtained environment information, wherein at least one access control policy is generated based on predetermined environment information; determines the target object that is allowed to be accessed based on the obtained access control policy .
另一些例子中,电子设备的存储器可以存储处理器可执行程序指令;处理器可以耦合存储器,用于读取所述存储器存储的程序指令,并作为响应,执行如下操作:获取设备的上下文信息,所述上下文信息携带有设备的环境信息;当检测到所述环境信息更新后,获取与更新后的环境信息所对应的访问控制策略,其中,至少一条访问控制策略是基于预定环境信息生成;基于所获取的访问控制策略确定允许访问的目标对象。In other examples, the memory of the electronic device may store program instructions executable by the processor; the processor may be coupled to the memory for reading the program instructions stored in the memory, and in response, perform the following operations: obtaining context information of the device, The context information carries the environment information of the device; when it is detected that the environment information is updated, an access control policy corresponding to the updated environment information is obtained, wherein at least one access control policy is generated based on predetermined environment information; The obtained access control policy determines the target objects to which access is permitted.
在其他实施例中,处理器所执行的操作可以参考上文方法实施例中相关的描述,在此不予赘述。In other embodiments, for the operations performed by the processor, reference may be made to the relevant descriptions in the foregoing method embodiments, which are not repeated here.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of the present specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that in the embodiments and still achieve desirable results. Additionally, the processes depicted in the figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
以上所述仅为本说明书实施例的较佳实施例而已,并不用以限制本说明书实施例,凡在本说明书实施例的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书实施例保护的范围之内。The above descriptions are only preferred embodiments of the embodiments of the present specification, and are not intended to limit the embodiments of the present specification. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the embodiments of the present specification, All should be included within the protection scope of the embodiments of this specification.
Claims (38)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710537185.3A CN107391977B (en) | 2017-07-04 | 2017-07-04 | Permission control, automatic switching method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710537185.3A CN107391977B (en) | 2017-07-04 | 2017-07-04 | Permission control, automatic switching method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107391977A CN107391977A (en) | 2017-11-24 |
| CN107391977B true CN107391977B (en) | 2020-11-24 |
Family
ID=60335097
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710537185.3A Active CN107391977B (en) | 2017-07-04 | 2017-07-04 | Permission control, automatic switching method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107391977B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109766700A (en) * | 2018-05-04 | 2019-05-17 | 360企业安全技术(珠海)有限公司 | Access control method and device, the storage medium, electronic device of file |
| CN110457879A (en) * | 2019-06-26 | 2019-11-15 | 维沃移动通信有限公司 | Object display method and terminal device |
| CN110990812A (en) * | 2019-11-29 | 2020-04-10 | 维沃移动通信有限公司 | Device access setting method, device access setting control method, device access control device, electronic device, and medium |
| CN113923001B (en) * | 2020-04-22 | 2024-06-11 | 支付宝(杭州)信息技术有限公司 | An identity verification method, system, device and equipment |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101854581B (en) * | 2009-03-31 | 2013-10-02 | 联想(北京)有限公司 | Method for setting security level of mobile terminal on basis of position information and mobile terminal |
| CN102510426A (en) * | 2011-11-29 | 2012-06-20 | 安徽科大讯飞信息科技股份有限公司 | Personal assistant application access method and system |
| CN102917346B (en) * | 2012-10-17 | 2015-01-07 | 浙江大学城市学院 | Security policy management system and method for Android-based application program during operation |
| CN103957520A (en) * | 2014-03-29 | 2014-07-30 | 华为技术有限公司 | Device and method for controlling position accuracy |
| CN105323294A (en) * | 2014-08-20 | 2016-02-10 | 广东小天才科技有限公司 | Authority control method and device of intelligent terminal |
| CN104318170B (en) * | 2014-09-29 | 2018-02-16 | 广东欧珀移动通信有限公司 | A kind of method and device based on multi-mobile-terminal protection data safety |
| CN105847223A (en) * | 2015-01-15 | 2016-08-10 | 杭州华三通信技术有限公司 | Authentication method and device of terminal device |
| CN105138874B (en) * | 2015-08-24 | 2018-05-08 | 努比亚技术有限公司 | Unlocking screen control device and method |
| CN106055951A (en) * | 2016-05-27 | 2016-10-26 | 广东欧珀移动通信有限公司 | Fingerprint unlocking control method and terminal equipment |
-
2017
- 2017-07-04 CN CN201710537185.3A patent/CN107391977B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN107391977A (en) | 2017-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11706584B2 (en) | Location service management | |
| US11394555B2 (en) | Mobile terminal privacy protection method and protection apparatus, and mobile terminal | |
| CN104756122B (en) | The equipment lock locking/unlocking of context | |
| JP6510610B2 (en) | System and method for remotely initiating lost mode on a computing device | |
| CN113158198B (en) | Access control method, device, terminal device and storage medium | |
| JP4386865B2 (en) | Proximity-based authorization | |
| CN103324893B (en) | The method and apparatus of secret protection | |
| CN103313343B (en) | A kind of method and apparatus for realizing user access control | |
| CN108536783B (en) | Data processing method and apparatus, terminal, and computer-readable storage medium | |
| CN109155750B (en) | A communication method and device | |
| AU2017203166B2 (en) | Systems and methods for secure location-based document viewing | |
| CN109076087A (en) | It is shared to the outside based on group of electronic data | |
| CN105117101B (en) | The display methods and device of application program | |
| CN107391977B (en) | Permission control, automatic switching method, device and equipment | |
| US11562051B2 (en) | Varying computing device behavior for different authenticators | |
| WO2018133678A1 (en) | Device configuration method, apparatus and system | |
| WO2018214748A1 (en) | Method and apparatus for displaying application interface, terminal and storage medium | |
| JP7278345B2 (en) | Mobile terminal privacy protection method and protection device, and mobile terminal | |
| CN108595977A (en) | User mode controlling method and device, readable storage medium storing program for executing, terminal | |
| CN106341379B (en) | Information processing method, device and system | |
| US20140047536A1 (en) | Electronic device and method for performing user authentication using access point and peripheral device | |
| CN107526960A (en) | System and method for protecting mobile associated person information | |
| US10038778B1 (en) | Locally securing sensitive data stored on a mobile phone | |
| CN107180174A (en) | passcode for computing device | |
| JP5542183B2 (en) | Information sharing system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200925 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200925 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |