CN105550591A - Security protection device and method for user data in mobile terminal - Google Patents
Security protection device and method for user data in mobile terminal Download PDFInfo
- Publication number
- CN105550591A CN105550591A CN201510907230.0A CN201510907230A CN105550591A CN 105550591 A CN105550591 A CN 105550591A CN 201510907230 A CN201510907230 A CN 201510907230A CN 105550591 A CN105550591 A CN 105550591A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- scene mode
- corresponding scene
- wireless lan
- positional information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Mathematical Physics (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a security protection device for user data in a mobile terminal, and a corresponding method. The device is arranged in the mobile terminal, and comprises a judgment module, an information acquisition module, a database module, a setting management module, and a security model management module, wherein the judgment module is used for judging whether the access of the mobile terminal to a Wireless Local Area Network (WLAN) is available or not; the information acquisition module is used for acquiring a network identity of the WLAN when the access of the mobile terminal to the WLAN is available, and acquiring the location information of the mobile terminal when the matching of a corresponding scene model fails to be achieved according to the network identity of the WLAN; the database module is used for the matching of the corresponding scene model in a security level list according to the acquired network identity of the WLAN or the acquired location information of the mobile terminal; the setting management module is used for setting the mobile terminal as a security level which is correlated to the scene model when the matching of the corresponding scene model is achieved according to the network identity of the WLAN or the location information; the security model management module is used for executing a data security or privacy protection model defined by the security level in the security level list.
Description
Technical field
The present invention relates to technical field of the computer network, especially the safety device of user data of mobile terminal and safety protecting method.
Background technology
Along with the develop rapidly of mobile communication, mobile terminal is means of communication, can be again user and the multiple application services such as banking and insurance business finance, information interchange storage are provided, therefore store the information such as a large amount of personal finances, privacy in mobile terminal, this just has higher requirement to mobile data safety prevention ability.At present, mobile terminal is generally by setting startup password, setting login password or realize the safeguard protection to personal information or secret to the protected mode of the password screen lockings such as important data setting access code to important application system.Although the modes such as password screen locking are effective, but bring unnecessary trouble to user in a lot of situation.
Therefore, need that one is more intelligent, security strategy easily, protect the information security of mobile terminal, improve Consumer's Experience.
Summary of the invention
For this reason, the invention provides safety device and the safety protecting method of user data of mobile terminal, to try hard to solve or at least alleviate at least one problem existed above.
According to an aspect of the present invention, provide the safety device of user data of mobile terminal, Plant arrangement in the terminal, comprising: judge module, is suitable for judging mobile terminal whether accessing WLAN; Data obtaining module, is suitable for obtaining this wireless lan network mark when mobile terminal accessing WLAN, and obtains the positional information of this mobile terminal when not matching corresponding scene mode according to wireless lan network mark; Database module, is suitable in level of security list, mating corresponding scene mode according to obtained wireless lan network mark or location information of mobile terminal; Administration module being set, being suitable for, when matching corresponding scene mode according to wireless lan network mark or positional information, mobile terminal being set to the safe class be associated with this scene mode; And safe mode administration module, be suitable for performing data security or the privacy protection mode of the definition of safe class described in level of security list.
Alternatively, in a device in accordance with the invention, data obtaining module is also suitable for obtaining positional information when the non-accessing WLAN of mobile terminal.
Alternatively, in a device in accordance with the invention, data obtaining module is also suitable for, when all not matching corresponding scene mode according to wireless lan network mark and positional information, obtaining the environmental information of this mobile terminal; Database module is also suitable in level of security list, mating corresponding scene mode according to described environmental information; Arrange administration module to be also suitable for, when matching corresponding scene mode according to described environmental information, mobile terminal being set to the safe class be associated with this scene mode.
Alternatively, in a device in accordance with the invention, database module is also suitable for when all not matching corresponding scene mode according to wireless lan network mark, positional information and environmental information, wireless lan network mark, positional information and environmental information is recorded, so that by the corresponding scene mode of User Defined in level of security list.
Alternatively, in a device in accordance with the invention, arrange administration module to be also suitable for obtaining corresponding scene mode according in predetermined amount of time to the statistics of wireless lan network mark and/or positional information and/or environmental information.
Alternatively, in a device in accordance with the invention, the data security of safe mode administration module definition or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.
Alternatively, in a device in accordance with the invention, database module is also suitable for the setting that stores in level of security list in advance wireless lan network mark, positional information, environmental information, scene mode, safe class.
Alternatively, in a device in accordance with the invention, scene mode comprises home mode, office mode, public place pattern; And database module is also suitable for association home mode and high safety grade, wherein high safety grade definition is exempt from the unlock mode of unblock, the Validation Mode of laissezpasser; Database module is also suitable for association office mode and middle safe class, and the unlock mode that wherein, safe class defines is unlock password, Validation Mode is password authentification; Database module is also suitable for association public place pattern and lower security grade, and wherein the unlock mode of lower security tier definition is that password combination unlocks, Validation Mode is secondary checking, desktop management pattern is the display of hidden parts icon.
Alternatively, in a device in accordance with the invention, positional information comprises GPS position information and base station position information.
According to a further aspect in the invention, provide the safety protecting method of user data of mobile terminal, method performs in the terminal, comprises step: judge mobile terminal whether accessing WLAN; If accessing WLAN, then obtain this wireless lan network mark; Be identified in level of security list according to wireless lan network and mate corresponding scene mode; If marking matched to corresponding scene mode according to wireless lan network, then mobile terminal is set to the safe class be associated with this scene mode; If not marking matched to corresponding scene mode according to wireless lan network, then obtain the positional information of this mobile terminal; In level of security list, corresponding scene mode is mated according to positional information; If match corresponding scene mode according to positional information, then mobile terminal is set to the safe class be associated with this scene mode; And perform data security or the privacy protection mode of safe class definition in level of security list.
Alternatively, in the method according to the invention, also comprise step: if the non-access of radio network of mobile terminal, then obtain the positional information of this mobile terminal, the positional information according to this mobile terminal mates corresponding scene mode in level of security list.
Alternatively, in the method according to the invention, also step is comprised: if all do not match corresponding scene mode according to wireless lan network mark and positional information, then obtain the environmental information of this mobile terminal; Environmentally information mates corresponding scene mode in level of security list; If environmentally information matches is to corresponding scene mode, then mobile terminal is set to the safe class be associated with this scene mode.
Alternatively, in the method according to the invention, also comprise step: if all do not match corresponding scene mode according to wireless lan network mark, positional information and environmental information, then in level of security list, record wireless lan network mark, positional information and environmental information so that by the corresponding scene mode of User Defined.
Alternatively, in the method according to the invention, also step is comprised: according in predetermined amount of time, corresponding scene mode is obtained to the statistics of wireless lan network mark and/or positional information and/or environmental information.
Alternatively, in the method according to the invention, data security or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.
Alternatively, in the method according to the invention, also step is comprised: in level of security list, store the setting to wireless lan network mark, positional information, environmental information, scene mode, safe class in advance.
Alternatively, in the method according to the invention, scene mode comprises home mode, office mode, public place pattern; And what to associate with home mode is high safety grade, high safety grade definition be exempt to unlock unlock mode, laissezpasser Validation Mode; What associate with office mode is middle safe class, and the unlock mode of middle safe class definition is unlock password, Validation Mode is password authentification; With public place pattern association be lower security grade, the unlock mode of lower security tier definition is that password combination unlocks, Validation Mode is secondary checking, desktop management pattern is the display of hidden parts icon.
Alternatively, in the method according to the invention, positional information comprises GPS position information and base station position information.
According to a further aspect in the invention, provide a kind of mobile terminal, there is the safety device of mobile terminal private data as above.
According to the security protection scheme of user data of mobile terminal of the present invention, can by obtaining the wireless lan network mark of the current access of mobile terminal, residing geographic position or environmental information etc. distinguish the scene mode of mobile terminal, such as family, public place, office ... and different scene modes is set there is different safe classes, mobile terminal can automatically switch to data security under corresponding safe class or privacy protection mode according to the scene mode calculated, such as can without password screen locking when safe class is high, when safe class is low, when user will carry out the sensitive operation such as paying, adopt the form of combination pin, and secondary checking etc.The information security of customer mobile terminal can be protected on the one hand, simultaneously again can not adding users operation easier, improve Consumer's Experience.
Accompanying drawing explanation
In order to realize above-mentioned and relevant object; combine description below and accompanying drawing herein to describe some illustrative aspect; these aspects indicate the various modes can putting into practice principle disclosed herein, and all aspects and equivalent aspect thereof are intended to fall in the scope of theme required for protection.Read detailed description below in conjunction with the drawings, above-mentioned and other object of the present disclosure, Characteristics and advantages will become more obvious.Throughout the disclosure, identical Reference numeral is often referred to for identical parts or element.
Fig. 1 shows the structure block diagram of the mobile terminal 100 according to an exemplary embodiment of the present invention;
Fig. 2 shows the schematic diagram of the safety device 200 of user data of mobile terminal according to an embodiment of the invention; And
Fig. 3 shows the process flow diagram of the safety protecting method 300 of user data of mobile terminal according to an embodiment of the invention.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Fig. 1 is mobile terminal 100 organigram according to an embodiment of the invention.With reference to Fig. 1, mobile terminal 100 comprises: memory interface 102, one or more data processor, image processor and/or CPU (central processing unit) 104, and peripheral interface 106.Memory interface 102, one or more processor 104 and/or peripheral interface 106 both can be discrete components, also can be integrated in one or more integrated circuit.In the mobile terminal 100, various element can be coupled by one or more communication bus or signal wire.Sensor, equipment and subsystem can be coupled to peripheral interface 106, to help to realize several functions.Such as, motion sensor 110, optical sensor 112 and range sensor 114 can be coupled to peripheral interface 106, to facilitate the functions such as orientation, illumination and range finding.Other sensors 116 can be connected with peripheral interface 106 equally, such as positioning system (such as GPS), temperature sensor, biometric sensor or other sensor devices, can help thus to implement relevant function.
Camera sub-system 120 and optical sensor 122 may be used for the realization of the camera function of convenient such as recording photograph and video clipping, and wherein said camera sub-system and optical sensor can be such as charge-coupled image sensor (CCD) or complementary metal oxide semiconductor (CMOS) (CMOS) optical sensor.Can help realize communication function by one or more radio communication subsystem 124, wherein radio communication subsystem can comprise radio-frequency transmitter and transmitter and/or light (such as infrared) Receiver And Transmitter.The particular design of radio communication subsystem 124 and embodiment can depend on one or more communication networks that mobile terminal 100 is supported.Such as, mobile terminal 100 can comprise the communication subsystem 124 being designed to support GSM network, GPRS network, EDGE network, Wi-Fi or WiMax network and BlueboothTM network.Audio subsystem 126 can be coupled with loudspeaker 128 and microphone 130, such as, to help the function of implementing to enable voice, speech recognition, speech reproduction, digital recording and telephony feature.
I/O subsystem 140 can comprise touch screen controller 142 and/or other input control devices 144 one or more.Touch screen controller 142 can be coupled to touch-screen 146.For example, what this touch-screen 146 and touch screen controller 142 can use any one in multiple touch-sensing technology to detect to carry out with it contact and movement or time-out, and wherein detection technology is including, but not limited to capacitive character, resistive, infrared and surface acoustic wave technique.Other input control devices 144 one or more can be coupled to other input/control devicess 148, the indication equipment of such as one or more button, rocker switch, thumb wheel, infrared port, USB port and/or stylus and so on.Described one or more button (not shown) can comprise the up/down button for control loudspeaker 128 and/or microphone 130 volume.
Memory interface 102 can be coupled with storer 150.This storer 150 can comprise high-speed random access memory and/or nonvolatile memory, such as one or more disk storage device, one or more optical storage apparatus, and/or flash memories (such as NAND, NOR).Storer 150 can store operating system 152, the operating system of such as Android, IOS or WindowsPhone and so on.This operating system 152 can comprise the instruction of the task of depending on hardware for the treatment of basic system services and execution.Storer 150 can also store application 154.When these are applied in operation, can be loaded into processor 104 from storer 150, and run on the operating system run by processor 104, and the function that the various user of the Interface realization utilizing operating system and bottom hardware to provide expects, as instant messaging, web page browsing, pictures management etc.Application can provide independent of operating system, also can be that operating system carries.
According to one embodiment of present invention, provide a kind of mobile terminal 100 with user data safeguard function, can by arranging that corresponding secure user data protective device 200 realizes above-mentioned functions in the mobile terminal 100.
Fig. 2 shows the schematic diagram of the safety device 200 of user data of mobile terminal according to an embodiment of the invention.This device 200 comprises: judge module 210, data obtaining module 220, database module 230, arrange administration module 240 and safe mode administration module 250.
Judge module 210 is suitable for judging mobile terminal 100 whether accessing WLAN.If this mobile terminal 100 is linked into WLAN (wireless local area network), then send instruction to the data obtaining module 220 coupled with it.
Data obtaining module 220 is suitable for obtaining this wireless lan network mark when mobile terminal 100 accessing WLAN, i.e. WiFiSSID.According to one embodiment of present invention, data obtaining module 220 is also suitable for the positional information obtaining this mobile terminal 100 when not matching corresponding scene mode according to wireless lan network mark.Then the described information obtained is sent to the database module 230 coupled with it.
Wherein, positional information comprises GPS position information and base station position information.
According to another embodiment of the present invention, data obtaining module 220 is also suitable for obtaining positional information when mobile terminal 100 non-accessing WLAN.
Below illustrate that data obtaining module 220 obtains the code of SSID and GPS position information, base station position information:
1. WiFiSSID is obtained
The authority needed:
2. current location is obtained by GPS
The authority needed:
In the examples described above, according to the distance of specifying or the time interval, LocationListener can receive update notification.After having notice, just can judge change in location and mate corresponding scene mode by database module 230.
3. base station information is obtained:
According to still another embodiment of the invention, data obtaining module 220 is also suitable for, when all not matching corresponding scene mode according to wireless lan network mark and positional information, obtaining the environmental information of this mobile terminal 100, the such as outside noise value of residing environment.Generally, when mobile terminal 100 is in public place (on such as bus, certain outdoor location etc.), the outside noise value of residing environment can higher than the noise figure in family or office space.
Database module 230 is suitable in level of security list, mating corresponding scene mode according to above-mentioned obtained wireless lan network mark, positional information, environmental information etc.Particularly, in database module 230, store level of security list, can the pre-recorded setting to wireless lan network mark, positional information, environmental information, scene mode, safe class.According to a kind of implementation, scene mode comprises home mode, office mode and public place pattern.The data such as wireless lan network mark, positional information, environmental information corresponding under recording often kind of scene mode respectively, scene mode is associated with level of security simultaneously, such as level of security is divided into high safety grade, middle safe class, lower security grade three grades, respectively with home mode, office mode, public place pattern one_to_one corresponding.
According to one embodiment of present invention, database module 230 is also suitable for when all not matching corresponding scene mode according to wireless lan network mark, positional information and environmental information, this wireless lan network mark, positional information and environmental information is recorded, so that by the corresponding scene mode of User Defined in level of security list.
When database module 230 matches corresponding scene mode, send message and administration module 240 is set to what couple with it.Arranging administration module 240 is suitable for when arriving corresponding scene mode according to wireless lan network is marking matched, mobile terminal 100 is set to the safe class (that is, high safety grade, middle safe class, lower security grade) be associated with this scene mode.
According to a kind of implementation, administration module 240 is set and is also suitable for obtaining corresponding scene mode according in predetermined amount of time to the statistics of wireless lan network mark and/or positional information and/or environmental information.
For GPS position information, the positional information of mobile terminal 100 in one week is obtained by GPS location, the situation of change of statistics positional information within this week, usually, on Monday to the daytime (thinking normal towards in the work hours in nine evenings five) of Friday, if GPS position information remains unchanged substantially, so just think that scene mode corresponding to this GPS position information is office mode.
Or statistics obtains within a period of time, from evening to second day daytime, WiFiSSID that mobile terminal 100 accesses keeps substantially constant, just thinks that scene mode corresponding to this WiFiSSID is home mode.
For another example, consider the positional information change of mobile terminal 100 on the vehicles such as motor-car greatly, or WIFISSID and base station signal also can change when going window-shopping, can certainly add and obtain extraneous noise figure and the consideration to the time period, determine that scene mode is now public place pattern.
Based on foregoing description, corresponding statistics is prestored in level of security list, so that data obtaining module 220 get wireless lan network mark and/or positional information and/or environmental information time, determine corresponding scene mode fast according to described information, and then switch mobile terminal 100 to the safe class associated with scene mode.
Safe mode administration module 250 is suitable for performing data security or the privacy protection mode of this safe class definition in level of security list.According to one embodiment of present invention, the data security of definition or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.Below provide the example of several data security or privacy protection mode.
Such as, definition unlock mode is applicable to unlocking screen, can comprise: exempt from the mode that unblock, unlock password, numeral and pattern password combination unlock.When using mobile terminal 100 in the home mode with high safety grade, user can unlock; In having safe class office mode under, user can use mobile terminal 100 by the mode of general unlock password, and unlock password herein can be numerical ciphers, can be also pattern password, depend on the setting of user; When the public place pattern that safe class is low, adopt the mode that numeral+pattern password combination unlocks, effectively to guarantee the information security of mobile terminal 100.
Definition Validation Mode is applicable to mobile terminal 100 when carrying out some sensitive operation, such as payment verification, login authentication, can comprise: the mode of laissezpasser, password authentification, secondary checking, wherein secondary verifies the mode that password authentification+fingerprint (face, vocal print, gesture) can be adopted again to identify.Equally, can adopt the mode of laissezpasser in the home mode that safe class is high, the office mode in safe class can adopt the mode of password authentification, and when the public place pattern that safe class is low, adopts the mode of secondary checking.With a point safety for scene protection user data.
Definition desktop management pattern is mainly used in the protection of some private datas, such as, when lower security grade, can select the display of the responsive icon of desktop management pattern hidden parts or data; Or when office mode, select the icon hiding some amusement classes.With a point privacy of user for scene protection mobile terminal 100.Again or, user also can utilize desktop management pattern point scene to change the wallpaper display of mobile terminal 100, the specific wallpaper of display is selected in specific scene mode, according to a kind of implementation, by the setBitmap () in WallpaperManager method or setResource () or the replacing that also can be realized desktop wallpaper by the setWallpaper () method provided in ContextWrapper class.
In addition, also can arrange application lock pattern as required, the difference according to safe class adds application lock to certain applications, such as, when mobile terminal is in lower security grade, arrange and need unblock can open some application (such as, payment software).
The setting of the present invention to data security or privacy protection mode is not limited thereto, and can need to arrange corresponding protected mode according to user.
In sum, according to the security protection scheme of user data of mobile terminal of the present invention, can by obtaining wireless lan network mark (i.e. WiFiSSID) of the current access of mobile terminal 100, residing geographic position or environmental information etc. distinguish the scene mode of mobile terminal 100, such as family, public place, office ... and different scene modes is set there is different safe classes, mobile terminal 100 can automatically switch to data security under corresponding safe class or privacy protection mode according to the scene mode calculated, such as can without password screen locking when safe class is high, when safe class is low, when user will carry out the sensitive operation such as paying, adopt the form of combination pin, and secondary checking etc.The information security of customer mobile terminal can be protected on the one hand, on the other hand again can not adding users operation easier, when safe class height, reduce the operation of user as far as possible, improve Consumer's Experience.
Fig. 3 shows the process flow diagram of the safety protecting method 300 of user data of mobile terminal according to an embodiment of the invention.The method starts from step S310, first judges mobile terminal 100 whether accessing WLAN.
Subsequently in step s 320, if accessing WLAN, then obtain this wireless lan network mark, i.e. WiFiSSID.
Subsequently in step S330, be identified in level of security list according to wireless lan network and mate corresponding scene mode.According to one embodiment of the present invention, scene mode comprises home mode, office mode, public place pattern.
Subsequently in step S340, if marking matched to corresponding scene mode according to wireless lan network, then mobile terminal 100 is set to the safe class be associated with this scene mode.Wherein, safe class is divided into high safety grade, middle safe class, lower security grade three kinds.
Subsequently in step S350, if not marking matched to corresponding scene mode according to wireless lan network, then obtain the positional information of this mobile terminal 100, here, positional information comprises GPS position information and base station position information.According to one embodiment of present invention, if the non-access of radio network of mobile terminal 100, the positional information of this mobile terminal 100 can so also directly be obtained.
About the obtain manner of wireless lan network mark, GPS position information and base station position information by the agency of in based on the description of Fig. 2, repeat no more herein.
Subsequently in step S360, in level of security list, corresponding scene mode is mated according to above-mentioned positional information, adopt and the same mode of step S330 herein, that is, the setting to wireless lan network mark, positional information (also comprising the environmental information mentioned below), scene mode, safe class is stored in advance, so that later stage inquiry in level of security list.
Further, according to one embodiment of the present invention, mobile terminal 100 can obtain corresponding scene mode according in predetermined amount of time to the statistics of wireless lan network mark and/or positional information and/or environmental information.Concrete accounting example was introduced above, repeated no more herein.
Subsequently in step S370, if match corresponding scene mode according to positional information, then mobile terminal 100 is set to the safe class be associated with this scene mode.
In addition, if all do not match corresponding scene mode according to above-mentioned wireless lan network mark and positional information, then the environmental information of this mobile terminal is obtained; Environmentally information mates corresponding scene mode in level of security list; If environmentally information matches is to corresponding scene mode, then mobile terminal 100 is set to the safe class be associated with this scene mode.
As mentioned above, prestore about the record with scene mode, safe class such as wireless lan network mark, positional information in the level of security list of mobile terminal 100, therefore when all not matching corresponding scene mode according to wireless lan network mark, positional information and environmental information, in this level of security list, then record this wireless lan network mark, positional information and environmental information, by the corresponding scene mode of User Defined.
Subsequently in step S380, perform data security or the privacy protection mode of this safe class definition in level of security list.Wherein data security or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.
According to one embodiment of present invention, can pre-set: what associate with home mode is high safety grade, what high safety grade defined is exempt from the unlock mode of unblock, the Validation Mode of laissezpasser; What associate with office mode is middle safe class, and the unlock mode of middle safe class definition is unlock password, Validation Mode is password authentification; With public place pattern association be lower security grade, the unlock mode of lower security tier definition is that password combination unlocks, Validation Mode is secondary checking, desktop management pattern is the display of hidden parts icon.It should be noted that the present embodiment just provides a kind of example associating scene mode, level of security and data security or privacy protection mode, be not limited to the plan of establishment above-mentioned.Be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires than the feature more multiple features clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are to be understood that the module of the equipment in example disclosed herein or unit or assembly can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned in one or more equipment different from the equipment in this example.Module in aforementioned exemplary can be combined as a module or can be divided into multiple submodule in addition.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
A6, device according to any one of A1-5, wherein, the data security of safe mode administration module definition or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.A7, device as described in A6, wherein, database module is also suitable for the setting stored in level of security list in advance wireless lan network mark, positional information, environmental information, scene mode, safe class.A8, device as described in A7, wherein scene mode comprises home mode, office mode, public place pattern; And database module is also suitable for association home mode and high safety grade, wherein high safety grade definition is exempt from the unlock mode of unblock, the Validation Mode of laissezpasser; Database module is also suitable for association office mode and middle safe class, and the unlock mode that wherein, safe class defines is unlock password, Validation Mode is password authentification; Database module is also suitable for association public place pattern and lower security grade, and wherein the unlock mode of lower security tier definition is that password combination unlocks, Validation Mode is secondary checking, desktop management pattern is the display of hidden parts icon.A9, device according to any one of A1-8, wherein positional information comprises GPS position information and base station position information.
B14, method according to any one of B10-13, also comprise step: obtain corresponding scene mode according in predetermined amount of time to the statistics of wireless lan network mark and/or positional information and/or environmental information.B15, method according to any one of B10-14, wherein data security or privacy protection mode comprise at least one in unlock mode, desktop management pattern and Validation Mode.B16, method as described in B15, also comprise step: in level of security list, store the setting to wireless lan network mark, positional information, environmental information, scene mode, safe class in advance.B17, method as described in B16, wherein, scene mode comprises home mode, office mode, public place pattern; And what to associate with home mode is high safety grade, high safety grade definition be exempt to unlock unlock mode, laissezpasser Validation Mode; What associate with office mode is middle safe class, and the unlock mode of middle safe class definition is unlock password, Validation Mode is password authentification; With public place pattern association be lower security grade, the unlock mode of lower security tier definition is that password combination unlocks, Validation Mode is secondary checking, desktop management pattern is the display of hidden parts icon.B18, method according to any one of B10-17, wherein, positional information comprises GPS position information and base station position information.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary array mode.
In addition, some in described embodiment are described as at this can by the processor of computer system or the method implemented by other device performing described function or the combination of method element.Therefore, there is the device of processor formation for implementing the method or method element of the necessary instruction for implementing described method or method element.In addition, the element described herein of device embodiment is the example as lower device: this device is for implementing the function performed by the element of the object in order to implement this invention.
As used in this, unless specifically stated so, use ordinal number " first ", " second ", " the 3rd " etc. to describe plain objects and only represent the different instances relating to similar object, and be not intended to imply the object be described like this must have the time upper, spatially, sequence aspect or in any other manner to definite sequence.
Although the embodiment according to limited quantity describes the present invention, benefit from description above, those skilled in the art understand, in the scope of the present invention described thus, it is contemplated that other embodiment.In addition, it should be noted that the language used in this instructions is mainly in order to object that is readable and instruction is selected, instead of select to explain or limiting theme of the present invention.Therefore, when not departing from the scope and spirit of appended claims, many modifications and changes are all apparent for those skilled in the art.For scope of the present invention, be illustrative to disclosing of doing of the present invention, and nonrestrictive, and scope of the present invention is defined by the appended claims.
Claims (10)
1. the safety device of user data of mobile terminal, described Plant arrangement in the terminal, comprising:
Judge module, is suitable for judging described mobile terminal whether accessing WLAN;
Data obtaining module, is suitable for obtaining this wireless lan network mark when mobile terminal accessing WLAN, and obtains the positional information of this mobile terminal when not matching corresponding scene mode according to described wireless lan network mark;
Database module, is suitable in level of security list, mating corresponding scene mode according to obtained wireless lan network mark or location information of mobile terminal;
Administration module being set, being suitable for, when matching corresponding scene mode according to wireless lan network mark or positional information, mobile terminal being set to the safe class be associated with this scene mode; And
Safe mode administration module, is suitable for performing data security or the privacy protection mode of the definition of safe class described in level of security list.
2. device as claimed in claim 1, wherein,
Data obtaining module is also suitable for obtaining positional information when the non-accessing WLAN of mobile terminal.
3. device as claimed in claim 1 or 2, wherein,
Described data obtaining module is also suitable for, when all not matching corresponding scene mode according to wireless lan network mark and positional information, obtaining the environmental information of this mobile terminal;
Described database module is also suitable in level of security list, mating corresponding scene mode according to described environmental information;
The described administration module that arranges also is suitable for, when matching corresponding scene mode according to described environmental information, mobile terminal being set to the safe class be associated with this scene mode.
4. device as claimed in claim 3, wherein,
Described database module is also suitable for when all not matching corresponding scene mode according to wireless lan network mark, positional information and environmental information, described wireless lan network mark, positional information and environmental information is recorded, so that by the corresponding scene mode of User Defined in level of security list.
5. the device according to any one of claim 1-4, wherein,
The described administration module that arranges also is suitable for obtaining corresponding scene mode according in predetermined amount of time to the statistics of wireless lan network mark and/or positional information and/or environmental information.
6. the safety protecting method of user data of mobile terminal, described method performs in the terminal, comprises step:
Judge described mobile terminal whether accessing WLAN;
If accessing WLAN, then obtain this wireless lan network mark;
Be identified in level of security list according to described wireless lan network and mate corresponding scene mode;
If marking matched to corresponding scene mode according to described wireless lan network, then mobile terminal is set to the safe class be associated with this scene mode;
If not marking matched to corresponding scene mode according to described wireless lan network, then obtain the positional information of this mobile terminal;
In level of security list, corresponding scene mode is mated according to described positional information;
If match corresponding scene mode according to positional information, then mobile terminal is set to the safe class be associated with this scene mode; And
Perform data security or the privacy protection mode of the definition of safe class described in level of security list.
7. method as claimed in claim 6, also comprises step:
If the non-access of radio network of described mobile terminal, then obtain the positional information of this mobile terminal, the positional information according to this mobile terminal mates corresponding scene mode in level of security list.
8. method as claimed in claims 6 or 7, also comprises step:
If all do not match corresponding scene mode according to wireless lan network mark and positional information, then obtain the environmental information of this mobile terminal;
Environmentally information mates corresponding scene mode in level of security list;
If match corresponding scene mode according to described environmental information, then mobile terminal is set to the safe class be associated with this scene mode.
9. method as claimed in claim 8, also comprises step:
If all do not match corresponding scene mode according to wireless lan network mark, positional information and environmental information, then in level of security list, record described wireless lan network mark, positional information and environmental information so that by the corresponding scene mode of User Defined.
10. a mobile terminal, has the safety device of the user data according to any one of claim 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510907230.0A CN105550591B (en) | 2015-12-10 | 2015-12-10 | The safety device and method of user data of mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510907230.0A CN105550591B (en) | 2015-12-10 | 2015-12-10 | The safety device and method of user data of mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105550591A true CN105550591A (en) | 2016-05-04 |
| CN105550591B CN105550591B (en) | 2018-11-23 |
Family
ID=55829778
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510907230.0A Active CN105550591B (en) | 2015-12-10 | 2015-12-10 | The safety device and method of user data of mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105550591B (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105873062A (en) * | 2016-06-27 | 2016-08-17 | 联想(北京)有限公司 | Method and device to be networked with wireless communication network, and terminal equipment |
| CN106126010A (en) * | 2016-06-16 | 2016-11-16 | 捷开通讯(深圳)有限公司 | A kind of mobile terminal and application icon aligning method thereof |
| CN106127035A (en) * | 2016-06-16 | 2016-11-16 | 捷开通讯(深圳)有限公司 | A kind of mobile terminal and application program method for limiting thereof |
| CN106211222A (en) * | 2016-07-14 | 2016-12-07 | 深圳市金立通信设备有限公司 | A kind of network access management method and terminal |
| CN106211103A (en) * | 2016-09-29 | 2016-12-07 | 深圳市金立通信设备有限公司 | A kind of wireless network connection prompting method and terminal |
| CN106250773A (en) * | 2016-08-15 | 2016-12-21 | 捷开通讯(深圳)有限公司 | The operational approach of a kind of terminal, system and terminal |
| CN106656756A (en) * | 2016-12-15 | 2017-05-10 | 北京容联光辉科技有限公司 | Operation method and device of instant messaging software |
| CN106997761A (en) * | 2017-04-20 | 2017-08-01 | 滁州职业技术学院 | The method and mobile terminal of a kind of secret protection |
| CN107404740A (en) * | 2017-08-07 | 2017-11-28 | 广东欧珀移动通信有限公司 | Method for switching network, device and the terminal device of safety |
| CN107484168A (en) * | 2017-07-29 | 2017-12-15 | 广东欧珀移动通信有限公司 | Bio-identification unlocking method and Related product |
| CN107516208A (en) * | 2017-08-23 | 2017-12-26 | 上海与德科技有限公司 | A kind of method of payment and device |
| CN107820237A (en) * | 2016-09-12 | 2018-03-20 | 中兴通讯股份有限公司 | Data transmission method and device under a kind of WIFI networks |
| CN107820289A (en) * | 2017-11-20 | 2018-03-20 | 珠海市魅族科技有限公司 | A kind of WIFI network switching method, device, terminal and medium |
| CN107872433A (en) * | 2016-09-27 | 2018-04-03 | 腾讯科技(深圳)有限公司 | A kind of auth method and its equipment |
| CN108551524A (en) * | 2018-04-10 | 2018-09-18 | Oppo广东移动通信有限公司 | Message informing method and device, terminal between polygonal color in terminal |
| CN108765636A (en) * | 2018-03-28 | 2018-11-06 | 上海科世达-华阳汽车电器有限公司 | A kind of arrangements for automotive doors unlocker device and system |
| CN108846272A (en) * | 2018-07-13 | 2018-11-20 | 厦门美图移动科技有限公司 | Application security management method and device and electronic equipment |
| CN111949957A (en) * | 2020-08-11 | 2020-11-17 | 深圳传音控股股份有限公司 | Privacy protection method, device and storage medium |
| CN114025347A (en) * | 2021-11-03 | 2022-02-08 | 苏州欧清电子有限公司 | Encryption method, device, equipment and storage medium for Bluetooth equipment |
| CN115408673A (en) * | 2022-11-02 | 2022-11-29 | 深圳市诚王创硕科技有限公司 | Software validity period access control management system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103235684A (en) * | 2013-03-27 | 2013-08-07 | 广东欧珀移动通信有限公司 | Method and device for conducting dynamic switching to screen locking mode of mobile terminal |
| CN104092821A (en) * | 2014-07-01 | 2014-10-08 | 惠州Tcl移动通信有限公司 | Icon hiding method and system of mobile terminal |
| CN104301117A (en) * | 2014-10-22 | 2015-01-21 | 中国联合网络通信集团有限公司 | Identity verification method and device |
| CN104933351A (en) * | 2015-05-26 | 2015-09-23 | 小米科技有限责任公司 | Information security processing method and information security processing device |
-
2015
- 2015-12-10 CN CN201510907230.0A patent/CN105550591B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103235684A (en) * | 2013-03-27 | 2013-08-07 | 广东欧珀移动通信有限公司 | Method and device for conducting dynamic switching to screen locking mode of mobile terminal |
| CN104092821A (en) * | 2014-07-01 | 2014-10-08 | 惠州Tcl移动通信有限公司 | Icon hiding method and system of mobile terminal |
| CN104301117A (en) * | 2014-10-22 | 2015-01-21 | 中国联合网络通信集团有限公司 | Identity verification method and device |
| CN104933351A (en) * | 2015-05-26 | 2015-09-23 | 小米科技有限责任公司 | Information security processing method and information security processing device |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106126010A (en) * | 2016-06-16 | 2016-11-16 | 捷开通讯(深圳)有限公司 | A kind of mobile terminal and application icon aligning method thereof |
| CN106127035A (en) * | 2016-06-16 | 2016-11-16 | 捷开通讯(深圳)有限公司 | A kind of mobile terminal and application program method for limiting thereof |
| CN106126010B (en) * | 2016-06-16 | 2019-07-02 | 捷开通讯(深圳)有限公司 | A kind of mobile terminal and its application icon aligning method |
| CN105873062A (en) * | 2016-06-27 | 2016-08-17 | 联想(北京)有限公司 | Method and device to be networked with wireless communication network, and terminal equipment |
| CN106211222A (en) * | 2016-07-14 | 2016-12-07 | 深圳市金立通信设备有限公司 | A kind of network access management method and terminal |
| CN106250773A (en) * | 2016-08-15 | 2016-12-21 | 捷开通讯(深圳)有限公司 | The operational approach of a kind of terminal, system and terminal |
| CN107820237A (en) * | 2016-09-12 | 2018-03-20 | 中兴通讯股份有限公司 | Data transmission method and device under a kind of WIFI networks |
| CN107820237B (en) * | 2016-09-12 | 2020-11-20 | 中兴通讯股份有限公司 | Data transmission method and device under WIFI network |
| CN107872433A (en) * | 2016-09-27 | 2018-04-03 | 腾讯科技(深圳)有限公司 | A kind of auth method and its equipment |
| CN106211103A (en) * | 2016-09-29 | 2016-12-07 | 深圳市金立通信设备有限公司 | A kind of wireless network connection prompting method and terminal |
| CN106656756B (en) * | 2016-12-15 | 2019-09-13 | 北京容联光辉科技有限公司 | The operation method and device of instant message applications |
| CN106656756A (en) * | 2016-12-15 | 2017-05-10 | 北京容联光辉科技有限公司 | Operation method and device of instant messaging software |
| CN106997761A (en) * | 2017-04-20 | 2017-08-01 | 滁州职业技术学院 | The method and mobile terminal of a kind of secret protection |
| CN107484168B (en) * | 2017-07-29 | 2020-07-24 | Oppo广东移动通信有限公司 | Biometric unlocking method and related product |
| CN107484168A (en) * | 2017-07-29 | 2017-12-15 | 广东欧珀移动通信有限公司 | Bio-identification unlocking method and Related product |
| CN107404740B (en) * | 2017-08-07 | 2019-04-12 | Oppo广东移动通信有限公司 | Method for switching network, device and the terminal device of safety |
| CN107404740A (en) * | 2017-08-07 | 2017-11-28 | 广东欧珀移动通信有限公司 | Method for switching network, device and the terminal device of safety |
| CN107516208A (en) * | 2017-08-23 | 2017-12-26 | 上海与德科技有限公司 | A kind of method of payment and device |
| CN107820289A (en) * | 2017-11-20 | 2018-03-20 | 珠海市魅族科技有限公司 | A kind of WIFI network switching method, device, terminal and medium |
| CN107820289B (en) * | 2017-11-20 | 2020-09-25 | 珠海市魅族科技有限公司 | WIFI network switching method, device, terminal and medium |
| CN108765636A (en) * | 2018-03-28 | 2018-11-06 | 上海科世达-华阳汽车电器有限公司 | A kind of arrangements for automotive doors unlocker device and system |
| CN108551524A (en) * | 2018-04-10 | 2018-09-18 | Oppo广东移动通信有限公司 | Message informing method and device, terminal between polygonal color in terminal |
| CN108846272B (en) * | 2018-07-13 | 2020-09-25 | 厦门美图移动科技有限公司 | Application security management method and device and electronic equipment |
| CN108846272A (en) * | 2018-07-13 | 2018-11-20 | 厦门美图移动科技有限公司 | Application security management method and device and electronic equipment |
| CN111949957A (en) * | 2020-08-11 | 2020-11-17 | 深圳传音控股股份有限公司 | Privacy protection method, device and storage medium |
| CN114025347A (en) * | 2021-11-03 | 2022-02-08 | 苏州欧清电子有限公司 | Encryption method, device, equipment and storage medium for Bluetooth equipment |
| CN114025347B (en) * | 2021-11-03 | 2023-12-01 | 苏州欧清电子有限公司 | Encryption method, device and equipment of Bluetooth equipment and storage medium |
| CN115408673A (en) * | 2022-11-02 | 2022-11-29 | 深圳市诚王创硕科技有限公司 | Software validity period access control management system and method |
| CN115408673B (en) * | 2022-11-02 | 2023-10-27 | 杭州优百顺科技有限公司 | Software validity period access control management system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105550591B (en) | 2018-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105550591A (en) | Security protection device and method for user data in mobile terminal | |
| US10447839B2 (en) | Device locator disable authentication | |
| US11394555B2 (en) | Mobile terminal privacy protection method and protection apparatus, and mobile terminal | |
| US10505983B2 (en) | Enforcing enterprise requirements for devices registered with a registration service | |
| KR101705472B1 (en) | Pluggable authentication mechanism for mobile device applications | |
| US9104840B1 (en) | Trusted security zone watermark | |
| CN107622203B (en) | Sensitive information protection method and device, storage medium and electronic equipment | |
| US8903359B2 (en) | Mobile device and NFC service protection method of the mobile device | |
| CN105519038B (en) | User input data protection method and system | |
| EP3777082B1 (en) | Trusted platform module-based prepaid access token for commercial iot online services | |
| US20190260777A1 (en) | Systems and methods for detecting and thwarting attacks on an it environment | |
| US20210192022A1 (en) | Permission management system, permission management method, and electronic device | |
| CN105279449A (en) | Context based data access control | |
| EP3507734B1 (en) | Method and electronic device for providing multi-level security | |
| US9455985B2 (en) | Method for secure key injection with biometric sensors | |
| CN105701420B (en) | A kind of management method and terminal of user data | |
| US9800577B2 (en) | Method and apparatus for controlling communications terminal and corresponding communications terminal | |
| US20160191697A1 (en) | Mobile terminal and method for switching unlocking modes | |
| TW201248447A (en) | Method and apparatus for dynamic modification of authentication requirements of a processing system | |
| KR20140007303A (en) | Pairing digital system for smart security and providing method thereof | |
| TW201339990A (en) | Data protecting system and protecting method | |
| CN106599115B (en) | Data protection method, device and terminal | |
| TWI779230B (en) | Method, system, device and device for enabling biometric application function | |
| CN102354353A (en) | Method for acquiring data and terminal | |
| JP6938579B2 (en) | Mobile device privacy protection methods and devices, as well as mobile devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220606 Address after: 524000 room 1304, block A1, commercial and residential building, zone a, international trade Xintiandi, No. 50 and 52, Renmin Avenue South, Xiashan District, Zhanjiang City, Guangdong Province Patentee after: Zhanjiang Rongsen Information Technology Co.,Ltd. Address before: 361009 112a, Pioneer Building, Pioneer Park, torch hi tech Zone, Xiamen City, Fujian Province Patentee before: Xiamen Meitu Mobile Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right |