CN111709054B

CN111709054B - Privacy space information access control method and device and computer equipment

Info

Publication number: CN111709054B
Application number: CN202010535477.5A
Authority: CN
Inventors: 刘惠明; 张向前
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2020-06-12
Filing date: 2020-06-12
Publication date: 2024-08-13
Anticipated expiration: 2040-06-12
Also published as: CN111709054A

Abstract

The application relates to a privacy space information access control method, a privacy space information access control device, computer equipment and a storage medium. The method comprises the following steps: displaying user debugging interface options of the privacy space on a developer option interface; acquiring an opening triggering operation of user debugging interface options of a privacy space; responding to an opening triggering operation, and collecting a password to be verified; when the password to be verified passes verification, opening a user debugging interface option of the privacy space; the user debugging interface of the privacy space is started, and the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space. According to the method, the user debugging interface of the privacy space can be opened only through password verification in the developer mode, so that the user debugging interface of the privacy space can be prevented from being called by other people in the developer mode, information of the multi-user space can be controlled easily, and information safety is guaranteed.

Description

Privacy space information access control method and device and computer equipment

Technical Field

The present application relates to the field of information security technologies, and in particular, to a method, an apparatus, a computer device, and a storage medium for controlling access to private space information.

Background

With the popularization of intelligent terminal equipment, the intelligent terminal equipment has become an indispensable tool for people's daily life. The intelligent terminal device records a large amount of information of the user. Some of the information is more private and needs to be protected by more secret measures.

Therefore, the terminal system provides a privacy space function, and the privacy space is protected by a password different from the main space, so that the effect of protecting the privacy of the user is achieved. The privacy space utilizes the multi-user function of the terminal system, and a new user is newly established for the use of the privacy space. When the privacy space is created, a password different from the main space needs to be input, so that the information security of the privacy space is protected through the password.

However, in practical applications, in the case of leakage of the master space password or leakage of the control right, information of the privacy space may be obtained by other abnormal means. This poses a threat to the information security of the privacy space.

Disclosure of Invention

In view of the foregoing, it is desirable to provide a privacy space information access control method, apparatus, computer device, and storage medium capable of improving information security.

A method of privacy space information access control, the method comprising:

Displaying user debugging interface options of the privacy space on a developer option interface;

Acquiring a password to be verified when acquiring an opening triggering operation of a user debugging interface option of a privacy space;

The password to be verified is transmitted into a physical safety space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space is compared with the physical safety space;

if the privacy space is consistent, opening a user debugging interface option of the privacy space;

And starting a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

A method of privacy space information access control, the method comprising:

acquiring an opening triggering operation of a user debugging interface option of the privacy space;

responding to the opening triggering operation, and collecting a password to be verified;

when the password to be verified passes verification, opening a user debugging interface option of the privacy space;

In one embodiment, the method further comprises:

when the password to be verified passes verification, setting a mark of a user debugging interface of the privacy space as open;

And when the password to be verified is verified to be wrong, setting the mark of the user debugging interface of the privacy space to be closed.

In one embodiment, the method further comprises:

acquiring a debugging command of a user debugging interface of the privacy space;

looking up a mark of a user debugging interface of the privacy space;

and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In one embodiment, after the user debug interface of the privacy space is marked as on, the method further comprises:

starting a first timer;

And when the timing time of the first timer arrives, setting the mark of the user debugging interface of the privacy space to be closed.

In one embodiment, after setting the flag of the user debug interface of the privacy space to be off, the method further includes:

Closing user debugging interface options of the privacy space;

closing the user debugging interface of the privacy space.

In one embodiment, the comparing whether the password to be verified is consistent with the password in the privacy space includes:

And transmitting the password to be verified into a physical safety space, and comparing whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space or not through the physical safety space.

In one embodiment, the method further comprises:

if the password verification error times reach the threshold value, starting a second timer;

And when the timing time of the second timer does not reach, setting the verification password acquisition prohibition.

A privacy space information access control apparatus, the apparatus comprising:

the interface display module is used for displaying user debugging interface options of the privacy space on the developer option interface;

An opening operation module, configured to obtain an opening trigger operation of a user debug interface option of the privacy space;

The password acquisition module is used for responding to the opening triggering operation and acquiring a password to be verified;

The verification module is used for acquiring a password to be verified through the password acquisition interface;

the option switch module is used for opening user debugging interface options of the privacy space when the password to be verified passes verification;

the control module is used for starting a user debugging interface of the privacy space, and the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

A computer device comprising a memory storing a computer program and a processor implementing the steps of the embodiments described above when the processor executes the computer program.

A computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above embodiments.

According to the privacy space information access control method, the device, the computer equipment and the storage medium, the user debugging interface options of the privacy space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the passwords to be verified are collected, and when the input passwords pass through verification, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through the password verification in the developer mode, other people can be prevented from calling the user debugging interface of the privacy space in the developer mode to easily control the information of the privacy space, and the information safety is guaranteed.

Drawings

FIG. 1 is a schematic diagram of an application scenario of a method for controlling access to private spatial information in one embodiment;

FIG. 2 is a flow diagram of a method for privacy space information access control in one embodiment;

FIG. 3 is a flow diagram of a request to open a privacy space in one embodiment;

FIG. 4 is a schematic interface diagram of developer options in one embodiment;

FIG. 5 is an interface diagram of a password acquisition interface in one embodiment;

FIG. 6 is a schematic diagram of the operation of a user debug interface option to open a privacy space in one embodiment;

FIG. 7 is a flow chart of a method for controlling access to information in a privacy space according to another embodiment;

FIG. 8 is a schematic diagram of the operation of a password modification in one embodiment;

FIG. 9 is a flow diagram of a user debug interface requesting that a privacy space be opened in one embodiment;

FIG. 10 is a flow chart of a method for controlling access to information in a privacy space according to another embodiment;

FIG. 11 is a block diagram of a privacy space information access control apparatus in one embodiment;

fig. 12 is an internal structural diagram of a computer device in one embodiment.

Detailed Description

The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.

The privacy space information access control method provided by the application can be applied to an application environment shown in figure 1. As shown in fig. 1, includes a commissioning device 102 and a terminal device 104, the commissioning device 102 being communicatively connected to the terminal device. Wherein, by inputting a debug command through the debug 102, the connected terminal device 104 can be debugged. The terminal equipment displays user debugging interface options of the privacy space on a developer option interface; acquiring an opening triggering operation of user debugging interface options of a privacy space; responding to an opening triggering operation, and collecting a password to be verified; when the password to be verified passes verification, opening a user debugging interface option of the privacy space; the user debugging interface of the privacy space is started, and the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space. The terminal device may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The debugging device may be, but is not limited to, a personal computer and a notebook computer.

In one embodiment, as shown in fig. 1, a method for controlling access to private space information is provided, and the method is applied to a terminal device for illustration, and includes the following steps:

Step 202, displaying user debugging interface options of the privacy space on a developer option interface.

The developer option is an option set by the terminal operating system for the developer, and is usually in a hidden state. The developer option is only visible after the developer mode is turned on.

The developer model is a functional option that the system provides to the system and software developer for development and test preparation. Generally, software developed based on a system needs to pass a test to be installed on a terminal device, and when the development of the software is completed, a developer sends the software to the terminal device to perform an entity test by using a developer mode. The general user can also set the terminal device using various functions within the developer mode, such as adjusting a zoom speed of a window animation, a transitional animation, limiting the number of background processes, forcing GPU rendering, and the like. The developer mode is a hidden mode, usually off state, requiring active triggering by the user to turn on.

Different brands of terminal devices have different methods of opening the developer mode. For example, a certain brand of terminal device may initiate a developer mode by opening the settings- > system- > for the terminal device- > clicking continuously on the version number. After the developer mode is started, the developer option appears on the setting- > system interface, and the developer option interface can be displayed by clicking.

In the developer option, a plurality of functions such as a 'display touch operation' function are provided, and a touch track can be explicitly shown in a screen after the developer option is started. As another example, a "USB debug function" is turned on to allow an external program, particularly a PC terminal program, to manage the terminal through an adb command. The developer option provides a large number of functions, and the developer option interface lists the functions provided by the developer option interface, and operates by opening the developer option interface to enable functions therein, such as a "USB debug function", "a" display touch function "and a" user debug interface function of a privacy space ".

The privacy space is one function provided by the system. After the privacy space function is started, the privacy space is independent of the main space, and private data can be stored. The privacy space can be provided with an independent password which is different from the main space, so that the privacy space can be switched from the lock screen interface and the setting. The password of the privacy space can be a character password, a graph password and a biological characteristic password. Biological passwords such as fingerprints. The essence of the privacy space is to use the multi-user function of the system to create a new user for the use of the privacy space.

The multi-user refers to that the terminal equipment supports adding a plurality of users on one terminal equipment by separating user account numbers and application data. Wherein the multi-user implementation utilizes a user management interface UserManager that the terminal system exposes to the user. The user management interface UserManager provides interfaces for user operations such as create/delete/erase users, user information retrieval, user handle retrieval, and the like. In the case of multiple users, the main space is allowed a degree of control over the new user space added, especially in developer mode. In particular, other user spaces can be controlled using multi-user commands of the debug interface under developer option. I.e. information of other user spaces under multiple users is available through the user debug interface of the privacy space. The private space can be regarded as a multi-user space relative to the main space, namely, the private space utilizes the multi-user function of the system, and the private space is one form of application of the multi-user function.

The operation flow diagram of the user on the privacy space is shown in fig. 3, and when the user a opens the privacy space on the terminal for the first time, the user is prompted to set an independent password of the privacy space. After the setting is successful, the terminal establishes a safe privacy space of the user A, and the user A enters the safe privacy space. The password of the security privacy space is stored in a trust zone (Trustzone) with high physical security level, a new user X is established, and a user A is used as a user X logging in the system under a multi-user mechanism of the terminal system. When the user switches to the main space, the user exits the privacy space and returns to the main space. For example, user a switches to the main space using the main space password in the lock screen state. User a may then enter the privacy space by entering an independent password for the privacy space.

If the private space is not opened for the first time, the user is prompted to input a private space password when the user requests to open the private space. The user enters a private space password. And comparing the password submitted by the user with the privacy space password stored in the trust zone. If the comparison is consistent, the user is used as the user X under the multi-user mechanism of the terminal system to log in the system, and normally enters the privacy space. If the comparison is wrong, the password is prompted to be wrong, and the privacy space is not allowed to be carried out. When the user switches to the main space, the user exits the privacy space and returns to the main space.

The user debug interface of the privacy space refers to a debug interface capable of accessing information in the privacy space. The privacy space is a multi-user function utilizing the terminal operating system, i.e., the privacy space is one of the encrypted user spaces in multiple users. The user debugging interface of the privacy space is the debugging interface of the user, namely the privacy space in multiple users. For example, the debugging commands of am, pm, content and the like support to directly acquire the information in other user spaces under multiple users through a user option, and when the user ID is the user ID of the privacy space, the debugging interface of the user ID is the user debugging interface of the privacy space. Thus, the user debug interface that invokes the privacy space is also able to obtain information of the privacy space.

The user debug interface option of the privacy space is an option switch that when triggered, the user debug interface of the privacy space is opened.

In the technical scheme of the application, in order to prevent other users from acquiring the information of the privacy space and the information of other spaces through calling the user debugging interface of the privacy space, the user debugging interface of the privacy space is closed by default. Since these interfaces are of value to the developer in developing applications, a switch is also provided that opens the user debug interface of the privacy space, which is set as the user debug interface option of the privacy space. The user can open the user debugging interface of the privacy space through active triggering of the user.

Specifically, the developer option interface provides a plurality of options that are positionable to the user debug interface option by a sliding operation when the developer option interface is opened. Specifically, as shown in fig. 4, a user debug interface option 401 that adds a privacy space to the developer option interface.

Step 204, obtaining an opening trigger operation of a user debugging interface option of the privacy space.

As shown in fig. 4, the user debug interface 401 for the privacy space is also provided with an option switch 402. Option switch 402 is used to control the opening and closing of user debug interface options for the privacy space. When the user debug interface option is turned on, the user debug interface of the privacy space is turned on, and information of the privacy space is accessible through the user debug interface of the privacy space.

In the developer mode, the initial state of the user debug interface option 401 of the privacy space is off, i.e. the user debug interface option 401 of the default privacy space is off. When a user needs to use the user debugging interface of the privacy space for debugging, or the user debugging interface of the privacy space is opened by an attack attempt to facilitate the attack, the option switch 402 of the user debugging interface option 401 of the privacy space is triggered to operate by opening the option interface of the developer in the main space, and the user debugging interface option of the privacy space is opened to be switched from the closed state to the open state. Wherein the open trigger operation is a click operation performed on an option switch of a user debug interface option of the privacy space in the closed state. When the user himself or herself or another person clicks the click operation performed on the option switch 402 of the user debug interface option of the privacy space in the closed state, an open request of the user debug interface of the privacy space is triggered.

And step 206, responding to the opening triggering operation, and collecting the password to be verified.

When the opening triggering operation of the user debugging interface of the privacy space is detected, responding to the opening triggering operation, and displaying the password acquisition interface. I.e. the user debug interface which needs to be verified before the privacy space can be opened. To avoid obtaining information of the privacy space through a user debug interface of the privacy space, the verification password may default to the password of the privacy space. Specifically, responding to an opening triggering operation, collecting a password to be verified, including: and responding to the opening triggering operation, displaying a password acquisition interface, and acquiring the password to be verified through the password acquisition interface.

In one embodiment, as shown in FIG. 4, a user in the privacy space debugs the interface option, opens the option with a text prompt, requiring entry of a password. In order to further prompt the password, the prompt information may be to open the option, and the password of the privacy space needs to be input. The verification password can be a character password, a graphic password and a biological characteristic password, and the biological password is a fingerprint. It should be noted that the password of the private space should be different from the main space, because, in the case that the main space has adopted a human face and voiceprint as the password, the password of the private space is not suitable for the human face, voiceprint, and the like having unique biometric passwords, and the fingerprint adopted may be a fingerprint different from the main space, for example, the password of the main space is a fingerprint of a right index finger, and the password of the private space may be a fingerprint of a right middle finger.

The password acquisition interface is used for interacting with a user to acquire a user interface of a password to be verified. The interaction mode is related to the password form, the password forms are different, the interaction mode is different, and the password acquisition interfaces are also different.

For example, if the verification password is a character password, the interaction mode is character password input, and the password acquisition interface comprises a password input box and a password input keyboard. The user inputs characters through the password input keyboard, and the terminal obtains the character password input by the user. If the verification password is a graphic password, the interaction mode is pattern input, and the password acquisition interface is a drawing interface. And drawing the user on a drawing interface, and obtaining a drawing graph of the user as a verification password by the terminal. If the verification password is a biological characteristic password, the interaction mode is that the relevant biological characteristics are aligned to the biological characteristic acquisition equipment of the terminal and adjusted according to the prompt and the feedback of the password acquisition interface, the password acquisition interface is a biological characteristic acquisition interface, and the terminal calls the biological characteristic acquisition equipment to acquire the biological characteristics (fingerprint) of the user as the verification password.

Taking a character password as an example, a schematic diagram of a password acquisition interface of an embodiment is shown in fig. 5, and includes a password input prompt 501, a password input box 502, and a submit button 503. The password input prompt 501 is used to prompt password information, such as displaying "please input password of the privacy space". When the password input box is triggered, a virtual keyboard is displayed, and after the user inputs a password through the virtual keyboard, the user clicks the submit button 503. And acquiring the password to be verified through a password acquisition interface. Specifically, a password input by a user through a password acquisition interface is used as a password to be verified.

Step 208, verifying the password to be verified. If the verification is passed, step 210 is performed.

The password to be verified is verified by comparing the password to be verified with a preset password. The preset verification password may be a password requesting an opened privacy space. Specifically, in order to secure the password, the preset password may be stored in a storage space having a high physical security level. A storage space with a high physical security level refers to a secure area, such as a trust zone (trust zone) or a physical Security Element (SE), in which the terminal device is physically isolated.

Trust zone is an instruction set level security solution that solves security issues, such as isolating environments, secure boot, secure upgrade, and preventing rollback attacks, from the lowest level from the earliest stage of chip design. The Secure Element (SE) is simply referred to as SE, and is typically provided in chip form. In order to prevent external malicious analysis attacks and protect data security, an encryption/decryption logic circuit is arranged in the chip.

And when verification is carried out, the password to be verified is transmitted into a physical safety space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space is compared in physical safety. If the verification is passed, step 210 is performed.

Step 210, open user debug interface options for the privacy space.

As shown in fig. 6, if the password to be verified passes verification, if the password input by the user is consistent with the password in the private space, the option switch of the user debugging interface option in the private space is switched from off to on.

Step 212, a user debug interface of the privacy space is opened, and the user debug interface of the privacy space is a debug interface capable of accessing information in the privacy space.

After the user debugging interface option of the privacy space is opened, the user debugging interface of the privacy space is opened, so that the user debugging interface is in an available state. Through the user debug interface of the privacy space, the debugging device can access information in the privacy space through debug commands.

As shown in fig. 6, when the developer option interface triggers an opening request for the multi-user interface option, a password acquisition interface is displayed in response to the opening request, and a password to be verified is obtained through the password acquisition interface. After the verification is passed, the user debugging interface option of the privacy space of the developer option interface is opened, and the background opens the user debugging interface of the privacy space.

According to the technical scheme, the option switch of the user debugging interface for opening the privacy space by using password verification is added to the developer option interface, so that the user debugging interface opening permission of the privacy space is managed, and the development requirement of a developer is met while the information safety is ensured.

As mentioned above, the technical solution of the present application defaults to closing the user debug interface of the privacy space. When the verification password passes the verification, the user debugging interface of the privacy space can be opened, and the user can process the user debugging interface of the privacy space. For example, information of the privacy space is processed through a user debug interface of the privacy space in a developer mode. The user debugging interface for opening the privacy space verifies the password of the privacy space, namely, the user has the operation authority for the privacy space, so that even if the verified user processes the information of the privacy space through the user debugging interface of the privacy space, the problem of disclosure of the privacy information is not caused.

According to the privacy space information access control method, the user debugging interface options of the privacy space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the passwords to be verified are collected, and when the input passwords pass through the verification, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through the verification of the passwords in the developer mode, other people can be prevented from calling the user debugging interface of the privacy space in the developer mode to easily control the information of the privacy space, and the information safety is guaranteed.

In another embodiment, when the password to be verified passes verification, opening the privacy space user debug interface option includes: if the password to be verified is consistent with the password of the privacy space, the verification is passed, and the user debugging interface option of the privacy space is opened.

That is, specifically, the password to be authenticated is compared with the password of the privacy space. The password of the privacy space is the password set during the establishment of the privacy space. According to the technical scheme, the purpose of the method is to prevent the user debugging interface of the privacy space from easily accessing information of the privacy space, the purpose of the method is consistent with the purpose of password setting of the privacy space, so that the step of setting the password opening password of the user debugging interface option of the privacy space and the password of the privacy space to be identical is not needed to be added for the user debugging interface option of the privacy space, because few users need to use the user debugging interface of the privacy space in use, the user debugging interface option of the privacy space is used for debugging operation of debugging equipment in use, the debugging process does not need to interact with terminal equipment, and an interaction interface for setting a verification password for the user debugging interface option of the privacy space is not needed to be used by the user independently, and if the verification password is additionally set to be quite abrupt, the password opening password of the user debugging interface option of the privacy space and the password of the privacy space are set to be identical, so that the user debugging interface option opening password of the privacy space and the password of the privacy space are the same, and the use habit and the use thinking of the user are met to the greatest extent.

In another embodiment, before the developer option interface displays the privacy space user debug interface option, further comprising: when a debug request with a debug device is detected in a developer mode, a developer options interface is presented.

Specifically, after the developer mode is triggered, when a debug connection with the debug device is detected, a developer option interface is presented. For the operating system, the terminal devices of different operating systems and the debugging device are different in debugging connection mode. Taking an operating system as an android operating system as an example, the terminal equipment is connected with the debugging equipment through an ADB (Android Debug Bridge ). Wherein an Android Debug Bridge (ADB) is a generic command line tool that allows a debug device to communicate with a simulator instance or connected Android device, ADB is a command line tool. It is used to bridge the communication between the emulator instance (Android device) and the background running daemon (server). Android debug bridges may facilitate various device operations, such as installing and debugging applications, and provide access to Unix shell (which may be used to run various commands on a simulator or connected devices).

After the ADB is installed on the debugging device, the Android device and the debugging device running the ADB are connected to the same local area network, such as the same WiFi, in a mode that the debugging device is connected with the terminal device through a USB. Specifically, in the Android device, an IP address is found from the setting > > wi-fi setting > > advanced > > IP address. Devices are connected through the ADB using the same IP address. For example: the network IP address is-148.100.1.17$adb devices additional device list 148.100.1.17:5555 devices. Thus, the final configuration is completed, and 'adb' is successfully configured through the wireless network.

Normally, the requirement for the terminal device to connect to the outside via USB may be to charge or access the main space. While as before, the developer mode is a hidden mode that needs to be triggered by clicking on the version number multiple times in succession at the setup interface. After the developer mode is started, the developer option also needs to call out the developer option interface through complicated operation, and the user debugging interface option in the privacy space is positioned.

However, in practical application, since the trigger operation of the developer mode is complicated and secret, the situation of misoperation triggering can be eliminated. When the developer mode is triggered, if the terminal device is connected with the debugging device, the user needs to debug the terminal device by the debugging device.

Thus, when a connection with a commissioning device is detected in the developer mode, such as through USB, or through WIFI, the developer option interface is presented. The debugging equipment is connected with the terminal equipment, so that the developer option interface can be popped up, the user is prevented from entering the setting option to call out the developer option interface through tedious operation, and the operation convenience is improved.

In one embodiment, when the password to be verified passes verification, the mark of the user debugging interface of the privacy space is set to be opened; when the password to be verified is verified to be wrong, the mark of the user debugging interface of the privacy space is set to be closed.

The tag of the user debug interface of the privacy space is used to represent the user debug interface state of the privacy space, and its tag attribute is related to the user debug interface state of the privacy space. The mark of the user debugging interface of the privacy space can facilitate the background program to read the state of the user debugging interface of the privacy space. The marking attribute of the user debugging interface of the privacy space has three states, namely no marking, open marking attribute and close marking attribute. By default, the markup attribute of the user debug interface of the privacy space is a no-markup state. In this embodiment, if the password to be verified passes verification, a flag (multiuserADB) of a user debug interface of the privacy space is set in the system to be open, that is, the user debug interface of the privacy space is normally opened. If the password to be verified is verified to be wrong, the mark of the user debugging interface of the privacy space is set to be closed, namely the user debugging interface of the privacy space is not opened.

The marking attribute of the user debugging interface of the privacy space is set according to the password verification result, so that the user debugging interface state of the privacy space can be obtained according to the marking attribute of the user debugging interface of the privacy space.

Further, in the actual use process, the privacy space information access control method further comprises the following steps:

Acquiring a debugging command of a user debugging interface of the privacy space; looking at the mark of the user debugging interface of the privacy space; and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In this embodiment, for each debug command received, the tag attribute of the user debug interface of the privacy space is checked, and only when the tag attribute of the user debug interface of the privacy space is open, the user debug interface of the privacy space can be invoked to execute the debug command, and the privacy space information is accessed. By adding the user debugging interface mark of the privacy space, when the inside of the privacy space is debugged, each command needs to verify the mark of the user debugging interface of the privacy space, so that the effectiveness of password protection in the protection of the safety privacy space can be ensured, and certain interfaces cannot be bypassed.

The user debug interface mark of the privacy space is used as a basis for judging the state of the user debug interface of the privacy space in the actual debugging process, so that the security of the user debug interface mark of the privacy space is very important, and the mark attribute of the user debug interface mark of the privacy space needs to be prevented from being updated randomly. Thus, in the present application, the signature of the user debug interface of the privacy space is saved in a physical security space, such as a trust zone (trust zone) or SE chip, to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, so that the security is greatly improved.

When a debugging command is obtained, checking the mark of the user debugging interface of the privacy space in the physical safety space, and if the mark attribute of the user debugging interface of the privacy space is closed, indicating that the password verification is wrong when the user debugging interface option of the privacy space is requested to be opened. Accordingly, if the received debug command is marked by the user debug interface of the privacy space when the physical security space is checked, if the marked attribute of the user debug interface of the privacy space is closed or unmarked, the debug command is not allowed to be executed.

In another embodiment, after the password to be verified passes verification, the tag attribute of the user debug interface of the privacy space is set to be open. The additional security module starts a timer and after the time (e.g. 2 hours) has elapsed, the user debug interface flag for the privacy space is set to off. To prevent a normal user from forgetting to close this interface. Specifically, a first timer is started; when the timing time of the first timer arrives, the marking attribute of the user debugging interface of the privacy space is set to be closed.

The timing duration of the first timer may be set empirically, e.g., according to user debugging habits and usage habits, to be the longest usage duration of one debugging. After the marking attribute of the user debugging interface of the privacy space is opened, the first timer starts to count, and when the timing time of the first timer arrives, the marking attribute of the user debugging interface of the privacy space is set to be closed. By adopting the timer, after the marking attribute of the user debugging interface is updated to be opened, only the fixed time length can be opened, after the fixed time length, even if a user does not close the user debugging interface option of the privacy space, the marking attribute of the user debugging interface of the privacy space is set to be closed, and because the marking attribute of the user debugging interface of the privacy space needs to be judged every time the debugging command is executed, even if the option of the user debugging interface is not closed, other people can still be prevented from accessing the information of the privacy space through the user debugging interface of the privacy space under the condition of not being verified.

In another embodiment, after setting the flag attribute of the user debug interface of the privacy space to off, further comprising: closing user debugging interface options of the privacy space; closing the user debug interface of the privacy space.

That is, when the timing duration of the first timer reaches, the user debugging interface option of the privacy space and the user debugging interface of the privacy space are further closed in addition to the setting of the marking attribute of the user debugging interface of the privacy space as closed. Therefore, when the user uses the privacy space next time, the user debugging interface option of the privacy space is in a closed state, and password verification still needs to be carried out again if the user needs to be opened.

In another embodiment, a method for controlling access to information in a privacy space further includes: displaying user debugging interface options of the opened privacy space on a developer option interface; acquiring a closing triggering operation of user debugging interface options of the privacy space; closing user debugging interface options of the privacy space; closing the user debug interface of the privacy space.

Specifically, after user debugging is completed, the developer option interface is opened, the user debugging interface option of the opened privacy space is operated, and the user debugging interface option of the closed privacy space and the user debugging interface of the closed privacy space are triggered to be closed. After closing the user debug interface option, the tag attribute of the user debug interface of the privacy space is set to no state, or closed.

Wherein the developer option interface may be presented when a disconnection from the commissioning device is detected and the user commissioning interface option of the opened privacy space may be displayed at the developer option interface. That is, when disconnection from the debugging device is detected, the debugging can be considered to be finished, so as to avoid the user forgetting to close the user debugging interface option of the privacy space, and after disconnection, a developer option interface is displayed to prompt the user to close the user debugging interface option of the privacy space in time. Meanwhile, the disconnection is usually the debugging end, after the disconnection, the developer option interface is automatically popped up to remind a user to close in time, so that the user can be prevented from calling out the interface for operation after fussy operation at the terminal, the operation convenience is improved, and the system safety is further protected.

In another embodiment, if the password to be verified is wrong, starting a second timer if the number of times of password verification errors reaches a threshold value; and when the timing time of the second timer does not reach, setting the verification password acquisition prohibition.

In this embodiment, in order to prevent the attack and explosion of others, if the number of password input errors exceeds the threshold, when the timing time of the second timer does not reach, the acquisition prohibition verification password is set, that is, the password acquisition time is limited through the second timer. And prohibiting password acquisition when the timing time of the second timer is not up. When the timing time of the second timer arrives, the permission to collect the authentication code is set.

Specifically, if the password to be verified is verified to be wrong, inputting again, if the number of times of password verification errors does not reach a first threshold (for example, 5 times), prompting to input again on a password acquisition interface; and returning to the step of acquiring the password to be verified through the password acquisition interface. If the number of password verification errors reaches a first threshold (for example, 5 times), starting a second timer; when the timing time (e.g., 1 minute) of the second timer does not arrive, the input of the authentication password is set to be prohibited. When the timing time of the second timer arrives (e.g., 1 minute), the permission to input the authentication password is set. That is, if the number of password errors entered by the user exceeds a threshold (e.g., 5 times), the time for password entry will be limited, e.g., 1 minute is required for the sixth time.

Further, if the number of password verification errors exceeds a second threshold (e.g. 20 times), starting a third timer, wherein the second threshold is larger than the first threshold; when the timing time (such as one week) of the third timer does not arrive, setting the verification password to be forbidden to be input; when the timing time (such as one week) of the third timer arrives, the authentication password is allowed to be input, and the timing time of the third timer is larger than the timing time of the second timer. That is, if the number of password errors entered by the user exceeds a threshold (e.g., 20 times), the time for password entry will be limited, e.g., 1 week after 21 st time.

When the password entry error is greater than a third threshold (e.g., 100 times), the flag of the multi-user interface is set to always off.

When the password error condition is larger than the threshold value, the embodiment limits the password verification, and can prevent others from attacking and blasting.

In another embodiment, as shown in fig. 7, a method for controlling access to information in a privacy space includes two stages, a first stage is a user debug interface option switch setting stage of the privacy space, and a second stage is a debug stage.

In the first stage, as shown in fig. 7, a developer option interface is displayed on the terminal device, the developer option interface displays a user debugging interface option of the privacy space, and when an opening trigger operation of the user debugging interface option of the privacy space is obtained, a user debugging interface of a user requesting to open the privacy space is obtained. At this time, a password acquisition interface is displayed on the equipment terminal, and the password to be verified acquired through the password acquisition interface is acquired.

The developer option interface can be automatically popped up when the connection with the debugging equipment is detected in the developer mode, so that the developer option interface can be called up by avoiding complex operation of a user, and the operation is more convenient and intelligent.

In the technical scheme of the application, in order to prevent other users from acquiring information of a multi-user space, such as information of the privacy space, through calling the user debugging interface of the privacy space, the user debugging interface of the privacy space is closed by default. Since these interfaces have some value for the developer to develop applications, the option of opening the user debug interface of the privacy space is also provided. The option of the user debugging interface of the privacy space corresponds to an interface switch, and when the option is started, the user debugging interface of the privacy space is opened.

And verifying the password to be verified. For users of terminal systems, the application aims to avoid disclosure of private space information by managing a user debugging interface of the private space. Based on this, the open password of the user interface option of the privacy space may be set to the privacy space password.

Specifically, the password authentication method comprises the following steps: and comparing whether the password to be verified is consistent with the password of the privacy space.

Specifically, in order to ensure the password security, after the user sets the password of the privacy space, the password is stored in the storage space with high physical security level in order to protect the password. Where the storage space with a high physical security level may be a trust zone (trust zone) or a physical security element. The method physically protects the security of the password. In one example, the password is stored to a trust zone (Trustzone), and in one embodiment the password is stored to a physical security element. And when verification is carried out, the password to be verified is transmitted into the physical safety space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space is compared. Specifically, as shown in fig. 7, the obtained password to be verified is transmitted into the physical security space, and is transmitted into the Driver layer interface through the interface of the system SYSTEM SERVER, and is transmitted into the physical security space through the Driver layer interface. The physical security space stores a password of the privacy space. And comparing the password to be verified with the password in the privacy space.

In other embodiments, for more convenient or easier compromise, the key-preserving mechanism of the main space may be used to encrypt the password, store the hash value of the password to the place where the system can only read by high authority, and protect the security of the password from software. Specifically, comparing whether the password to be verified is consistent with the password of the privacy space comprises: encrypting the password to be verified to obtain a hash value of the password to be verified; and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

In another embodiment, as shown in fig. 7, after opening the user debug interface of the privacy space, comprising: setting the mark of the user debugging interface of the privacy space as open, and when obtaining the debugging command of the user debugging interface needing to call the privacy space, if the mark of the user debugging interface of the privacy space is open, calling the user debugging interface of the privacy space to execute the debugging command.

Specifically, if the password to be verified passes verification, a mark (multiuserADB) of a user debugging interface of the privacy space is set as open in the system, namely the user debugging interface of the privacy space is normally opened. In particular, the markup of the user debug interface of the privacy space is kept in a physical security space, such as a trust zone (trust zone), to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, so that the security is greatly improved.

When a user uses the debug commands of the user debug interface of the privacy space for normal multi-user debugging, these commands check the flags of the user debug interface of the privacy space. If the user debug interface of the privacy space is marked as open, then the debug command is allowed to execute. Specifically, a Flag (Flag) of a user debug interface (multiuserADB) of a privacy space in a trusted zone (trust zone) is detected, and if it is open, a debug command is allowed to be executed.

As shown in fig. 7, when the password to be verified is verified to be wrong, the user debugging interface of the privacy space is set to be closed. Specifically, if the password to be verified passes verification, a mark (multiuserADB) of a user debugging interface of the privacy space is set to be closed in the system. In particular, the markup of the user debug interface of the privacy space is kept in a physical security space, such as a trust zone (trust zone), to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, so that the security is greatly improved.

As shown in fig. 7, after the password to be verified passes verification, the flag of the multi-user debug interface is set to be on. The additional security module starts a timer and after the time (e.g. 2 hours) has elapsed, the multi-user debug interface flag is set to off. To prevent a normal user from forgetting to close this interface. Specifically, a first timer is started; when the timing time of the first timer arrives, the mark of the multi-user debugging interface is set to be closed.

As shown in fig. 7, if the password to be verified is incorrect, inputting again, if the number of times of the password verification is incorrect does not reach a first threshold (for example, 5 times), prompting to input again in the password acquisition interface; and returning to the step of acquiring the password to be verified through the password acquisition interface. If the number of password verification errors reaches a first threshold (for example, 5 times), starting a second timer; when the timing time (e.g., 1 minute) of the second timer does not arrive, the input of the authentication password is set to be prohibited. When the timing time of the second timer arrives (e.g., 1 minute), the permission to input the authentication password is set. That is, if the number of password errors entered by the user exceeds a threshold (e.g., 5 times), the time for password entry will be limited, e.g., 1 minute is required for the sixth time.

Further, if the number of password verification errors exceeds a second threshold (e.g. 20 times), starting a third timer, wherein the second threshold is larger than the first threshold; when the timing time (such as one week) of the third timer does not arrive, setting the verification password to be forbidden to be input; when the timing time (such as one week) of the third timer arrives, the authentication password is allowed to be input, and the timing time of the third timer is larger than the timing time of the second timer. That is, if the number of password errors entered by the user exceeds a threshold (e.g., 20 times), the time for password entry will be limited, e.g., 1 week after 21 st time. When the password entry error is greater than a third threshold (e.g., 100 times), the flag of the multi-user interface is set to always off. When the password error condition is larger than the threshold value, the embodiment limits the password verification, and can prevent others from attacking and blasting.

The second phase is the debugging phase.

When obtaining the debug command of the user debug interface of the privacy space, such as am, pm, content and other commands, the user option of the user ID of the privacy space is specified, and whether the mark of the user debug interface of the privacy space is opened is judged.

In particular, the markup of the user debug interface of the privacy space is kept in a physical security space, such as a trust zone (trust zone), to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, so that the security is greatly improved.

When a debug command of a user debug interface which needs to call the privacy space is obtained, if the mark of the user debug interface of the privacy space is closed, the debug command is not allowed to be executed. Specifically, when a user performs normal multi-user debugging using the debug commands of the user debug interface of the privacy space, these commands check the flags of the user debug interface of the privacy space. If the user debug interface of the privacy space is marked off, then execution of the debug command is not allowed. Specifically, a Flag (Flag) of a user debug interface (multiuserADB) of a privacy space in a trusted zone (trust zone) is detected, and if it is closed, execution of a debug command is not allowed. This provides a good protection against aggressive behavior. To ensure the validity of password protection in protecting a secure privacy space, there cannot be some interface that can be bypassed, so each command needs to verify the signature of the user debug interface of the privacy space when debugging the inside of the privacy space. Only when the user debugging interface of the privacy space is marked as open, the corresponding interface can be called.

In another embodiment, the user is also able to modify the password of the user debug interface of the privacy space after verification is passed. Specifically, as shown in fig. 8, after the password to be verified passes verification, i.e. after the switch of the user debugging interface option of the privacy space is turned on, a password modification mark 801 is displayed on the user debugging interface option of the privacy space, and when a trigger operation on the password modification mark is detected, a password acquisition interface 802 is displayed, and a modified password is acquired through the password acquisition interface. Through the password modification function, the user can set independent passwords outside the multi-user space through user debugging interface options of the privacy space, and information security is further improved.

The process of user debugging interface for user personals and aggressors requesting opening of privacy space is shown in fig. 9. And when the user triggers an opening request of a user debugging interface of the privacy space through a developer option interface of the terminal in the main space, displaying a password acquisition interface. The user inputs the private space password through the password acquisition interface, verifies correct, opens the user debugging interface of the private space, sets the multi-user interface mark as open, and can normally use the multi-user interface for debugging.

And when an attacker triggers an opening request of a user debugging interface of the privacy space through a developer option interface of the terminal in the main space, displaying the password acquisition interface. An attacker tries to input a password through a password acquisition interface, the verified password is inconsistent with the private space password, verification errors are performed, when the verification error times are larger than a threshold value, the multi-user interface is set to be always closed, and as the attacker does not have an independent password of the private space, the user debugging interface option of the private space cannot be opened, the right password cannot be input in the main space to open a related interface, the multi-user ADB debugging interfaces cannot be forbidden to be accessed, further attack actions cannot be performed through the multi-user interface, information in the private space is obtained, and therefore information safety is protected.

In one embodiment, there is also provided a method for controlling access to information in a privacy space, as shown in fig. 10, including:

s1002, displaying user debugging interface options of the privacy space on a developer option interface.

S1004, when the operation is triggered by the opening of the user debugging interface option of the privacy space, the password to be verified is acquired.

S1006, the password to be verified is transmitted into a physical safety space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space is compared by the physical safety space. If so, step S1008 is performed.

The password of the privacy space is the password set during the establishment of the privacy space. Therefore, the password for opening the user debugging interface option of the privacy space and the password of the privacy space are set to be the same password, so that the user debugging interface option of the privacy space and the password of the privacy space accord with the use habit and use thinking of the user to the greatest extent.

Specifically, in order to secure the password, the preset password may be stored in a storage space having a high physical security level. A storage space with a high physical security level refers to a secure area, such as a trust zone (trust zone) or a physical Security Element (SE), in which the terminal device is physically isolated.

In one embodiment, when the password of the private space needs to be verified, the terminal program transmits the password to be verified into the physical security space, compares whether the password to be verified is consistent with the password of the private space stored in the physical security space, and transmits the comparison result out of the physical security space. When the result of the comparison is that the password to be verified is consistent with the password of the private space stored in the physical security space, the terminal program performs step S1008.

S1008, opening the user debugging interface options of the privacy space.

According to the privacy space information access control method, the user debugging interface options of the privacy space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the password to be verified is collected, and the password to be verified is compared with the password stored in the privacy space of the physical security space, so that the password security is ensured. When the input password passes verification, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened through password verification in a developer mode, other people can be prevented from calling the user debugging interface of the privacy space in the developer mode to easily control information of the privacy space, and information safety is guaranteed.

In another embodiment, when the password to be verified is compared with the password of the privacy space stored in the physical security space, setting the mark of the user debugging interface of the privacy space in the physical security space as open; and when the password to be verified is inconsistent with the password of the privacy space stored in the physical security space, setting the mark of the user debugging interface of the privacy space in the physical security space as closed.

In the application, the mark of the user debugging interface of the privacy space is stored in a physical security space, such as a trust zone (TrustZone) or an SE chip, so as to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, so that the security is greatly improved.

In another embodiment, a method for controlling access to information in a privacy space further includes: acquiring a debugging command of a user debugging interface of the privacy space; checking a mark of a user debugging interface of the privacy space in the physical safety space; and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In another embodiment, after the marking of the user debug interface of the physical security space setting privacy space is turned on, further comprising: starting a first timer; and when the timing time of the first timer arrives, setting a mark of a user debugging interface of the privacy space in the physical safety space as closed.

In another embodiment, after the physical security space sets the flag of the user debug interface of the privacy space to off, further comprising: closing user debugging interface options of the privacy space; closing the user debugging interface of the privacy space.

In another embodiment, a method for controlling access to information in a privacy space further includes: if the password verification error times reach the threshold value, starting a second timer; and when the timing time of the second timer does not reach, setting the verification password acquisition prohibition.

It should be understood that, although the steps in the flowcharts of fig. 2,3, 7, 9, and 10 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps of fig. 2,3, 7, 9, and 10 may include steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the steps or stages are performed necessarily occur sequentially, but may be performed alternately or alternately with other steps or at least a portion of the steps or stages in other steps.

In one embodiment, as shown in fig. 11, there is provided a privacy space information access control apparatus, which may employ a software module or a hardware module, or a combination of both, as a part of a computer device, and specifically includes: the device comprises an interface display module, an opening operation module, a password acquisition module, a verification module, an option switch module and a control module, wherein:

the interface display module 1002 is configured to display, on the developer option interface, user debug interface options of the privacy space.

An opening operation module 1004 is configured to obtain an opening trigger operation of a user debug interface option of the privacy space.

The password acquisition module 1006 is configured to acquire a password to be verified in response to an opening trigger operation.

And the verification module 1008 is used for acquiring the password to be verified through the password acquisition interface.

The option switch module 1010 is configured to open a user debug interface option of the privacy space when the password to be verified passes verification.

The control module 1012 is used for opening a user debugging interface of the privacy space, and the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

According to the privacy space information access control device, the user debugging interface options of the privacy space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the passwords to be verified are collected, and when the input passwords pass through the verification, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through the verification of the passwords in the developer mode, other people can be prevented from calling the user debugging interface of the privacy space in the developer mode to easily control the information of the privacy space, and the information safety is guaranteed.

In another embodiment, the verification module is configured to verify that the password to be verified is consistent with the password of the privacy space. And the option switch module is used for verifying that the password to be verified is consistent with the password of the privacy space in the verification module, and opening the user debugging interface option of the privacy space.

In another embodiment, the interface presentation module is further for presenting a developer option interface when a debug connection with the debug device is detected in a developer mode.

In another embodiment, the privacy space information access control apparatus further includes:

The setting module is used for setting the mark of the user debugging interface of the privacy space to be opened when the password to be verified passes verification, and setting the mark of the user debugging interface of the privacy space to be closed when the password to be verified passes verification error.

And the debugging command acquisition module is used for acquiring the debugging command of the user debugging interface of the privacy space.

And the viewing module is used for viewing the marks of the user debugging interface of the privacy space.

And the debugging module is used for calling the user debugging interface of the privacy space to execute the debugging command if the mark of the user debugging interface of the privacy space is opened.

a timer for starting the first timer;

The setting module is further used for setting the mark of the user debugging interface of the privacy space to be closed when the timing time of the first timer arrives.

In another embodiment, the control module is further configured to close a user debug interface option of the privacy space, and close a user debug interface of the privacy space.

In another embodiment, the interface presentation module is further configured to display the user debug interface option of the opened privacy space on the developer option interface.

The opening operation module is also used for acquiring closing trigger operation of user debugging interface options of the privacy space.

The control module is also used for closing user debugging interface options of the privacy space; closing the user debug interface of the privacy space.

In another embodiment, the interface presentation module is further configured to present a developer option interface when a disconnection from the debugging device is detected.

In another embodiment, the verification module is configured to transfer the password to be verified into the physical security space, and compare whether the password to be verified is consistent with the password stored in the privacy space of the physical security space.

In another embodiment, the verification module is configured to encrypt a password to be verified to obtain a hash value of the password to be verified; comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

In another embodiment, the verification module is further configured to start the second timer if the number of password verification errors reaches a threshold; and when the timing time of the second timer does not reach, setting the verification password acquisition prohibition.

In another embodiment, the interface setting apparatus further includes:

The password modification module is used for displaying a password modification mark after the password to be verified passes verification; the password acquisition module is also used for displaying a password acquisition interface and the password storage module is used for acquiring the modification password through the password acquisition interface when the triggering operation of the password modification mark is detected.

In one embodiment, there is also provided a privacy space information access control apparatus including:

and the interface display module is used for displaying user debugging interface options of the privacy space on the developer option interface.

And the password acquisition module acquires the password to be verified when the operation is triggered by the opening of the user debugging interface option of the privacy space.

And the verification module is used for transmitting the password to be verified into a physical safety space, and comparing whether the password to be verified is consistent with the password stored in the privacy space of the physical safety space or not through the physical safety space.

And the option switch module is used for opening the user debugging interface options of the privacy space when the verification module verifies consistency.

The specific limitation of the privacy space information access control apparatus may be referred to the limitation of the privacy space information access control method hereinabove, and will not be described herein. The above-described respective modules in the privacy space information access control apparatus may be implemented in whole or in part by software, hardware, or a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.

In one embodiment, a computer device is provided, which may be a terminal, and the internal structure thereof may be as shown in fig. 12. The computer device includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The computer program, when executed by a processor, implements a method of privacy space information access control. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.

It will be appreciated by those skilled in the art that the structure shown in FIG. 12 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.

In an embodiment, there is also provided a computer device comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.

In one embodiment, a computer-readable storage medium is provided, storing a computer program which, when executed by a processor, implements the steps of the method embodiments described above.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration, and not limitation, RAM can be in various forms such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), etc.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims

1. A method of privacy space information access control, the method comprising:

and starting a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space and is used for executing a debugging command for accessing the privacy space.

2. The method according to claim 1, wherein the method further comprises:

when the password to be verified is compared with the password of the privacy space stored in the physical safety space, setting the mark of the user debugging interface of the privacy space in the physical safety space as open;

and when the password to be verified is inconsistent with the password of the privacy space stored in the physical security space, setting the mark of the user debugging interface of the privacy space in the physical security space as closed.

3. The method according to claim 2, wherein the method further comprises:

checking a mark of a user debugging interface of the privacy space in the physical safety space;

4. The method of claim 2, further comprising, after the physically secure space sets the flag of the user debug interface of the privacy space to on:

starting a first timer;

And when the timing time of the first timer arrives, setting a mark of a user debugging interface of the privacy space in the physical safety space as closed.

5. The method of claim 4, further comprising, after the physical security space sets the flag of the user debug interface of the privacy space to off:

Closing user debugging interface options of the privacy space;

closing the user debugging interface of the privacy space.

6. The method according to claim 1, wherein the method further comprises:

7. A method of privacy space information access control, the method comprising:

8. The method of claim 7, wherein the step of opening the privacy space user debug interface option when the password to be authenticated passes comprises: and if the password to be verified is consistent with the password of the privacy space, the user is verified, and the user debugging interface option of the privacy space is opened.

9. The method of claim 7, further comprising, prior to displaying the user debug interface option of the privacy space at the developer option interface:

the developer option interface is presented when a debug connection with a debug device is detected in a developer mode.

10. The method of claim 7, wherein the method further comprises:

Displaying the user debugging interface options of the opened privacy space on a developer option interface;

acquiring a closing triggering operation of user debugging interface options of the privacy space;

Closing user debugging interface options of the privacy space;

closing the user debugging interface of the privacy space.

11. The method of claim 10, comprising, prior to the developer option interface displaying the user debug interface options of the privacy space that have been opened:

When disconnection from the debugging device is detected, the developer option interface is presented.

12. The method of claim 8, wherein comparing whether the password to be authenticated is consistent with the password of the privacy space comprises:

Encrypting the password to be verified to obtain a hash value of the password to be verified;

and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

13. A privacy space information access control apparatus, the apparatus comprising:

the control module is used for starting a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space and is used for executing a debugging command for accessing the privacy space.

14. The apparatus of claim 13, wherein the apparatus further comprises:

The setting module is used for setting the mark of the user debugging interface of the privacy space in the physical safety space to be opened when the password to be verified is consistent with the password of the privacy space stored in the physical safety space, and setting the mark of the user debugging interface of the privacy space in the physical safety space to be closed when the password to be verified is inconsistent with the password of the privacy space stored in the physical safety space.

15. The apparatus of claim 14, wherein the apparatus further comprises:

the debugging command acquisition module is used for acquiring a debugging command of a user debugging interface of the privacy space;

a viewing module for viewing indicia of a user debug interface of the privacy space in the physical security space;

16. The apparatus of claim 14, wherein the apparatus further comprises:

a timer for starting the first timer;

The setting module is further configured to set, in the physical security space, a flag of a user debug interface of the privacy space to be closed when a timing time of the first timer arrives.

17. The apparatus of claim 16, wherein the control module is further configured to close a user debug interface option of the privacy space, closing a user debug interface of the privacy space.

18. The apparatus of claim 13, wherein the authentication module is further configured to start a second timer if the number of password authentication errors reaches a threshold, and to set the acquisition prohibition of the authentication password when the timing time of the second timer does not reach.

19. A privacy space information access control apparatus, the apparatus comprising:

20. The apparatus of claim 19, wherein the option switch module is further configured to open the privacy space user debug interface option if the password to be verified matches a password of a privacy space.

21. The apparatus of claim 19, wherein the interface presentation module is further for presenting the developer option interface when a debug connection with a debugging device is detected in a developer mode.

22. The apparatus of claim 19, wherein the apparatus further comprises:

the interface display module is further used for displaying the user debugging interface options of the opened privacy space on a developer option interface;

the opening operation module is further used for acquiring closing trigger operation of user debugging interface options of the privacy space;

The control module is also used for closing the user debugging interface option of the privacy space and closing the user debugging interface of the privacy space.

23. The apparatus of claim 22, wherein the interface presentation module is further configured to present the developer option interface when a disconnection from a debugging device is detected.

24. The apparatus of claim 20, wherein the apparatus further comprises:

And the verification module is used for encrypting the password to be verified to obtain a hash value of the password to be verified, and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

25. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 12 when the computer program is executed.

26. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method of any one of claims 1 to 12.