Summary of the invention
For defect of the prior art, the object of this invention is to provide a kind of mobile terminal personal data enciphering back-up, recovery, synchronisation control means, particularly, at least one storage device being provided with personal user's security information is connected with described mobile terminal by OTG connected mode, it is characterized in that, comprise the steps:
A. verify for the personal user's security information in described storage device, and be verified rear execution step b;
B. the data of the personal user be associated with described personal user's security information in described mobile terminal are read;
C. write after described mobile terminal personal data correlation personal user security information in described storage device.
Preferably, described mobile terminal personal data enciphering back-up, recovery, synchronisation control means also comprise the steps:
I. verify for the personal user's security information in described storage device, and be verified rear execution step I i;
Ii. the data of the personal user be associated with described personal user's security information in described storage device are read;
Iii. described storage device personal data are write in described mobile terminal.
Preferably, described mobile terminal personal data enciphering back-up, recovery, synchronisation control means also comprise synchronizing step:
Iv. carry out synchronous to described mobile terminal and storage device personal data and write in described mobile terminal and storage device after associating personal user's security information.
Preferably, user can select to perform the step in described step c, step I ii, step I v or a few step.
Before execution step a or step I, perform following steps: set up personal user's security information at described storage device.
Control method according to claim 3, is characterized in that, described synchronizing step comprises the steps:
-set up new individual data acquisition system S;
-all for described storage device personal data unit and all personal data unit of described mobile terminal are contrasted;
-personal data unit different from described mobile terminal personal data in described storage device is write new individual data acquisition system S, and delete personal data unit different described in former storage device;
-personal data unit different from described storage device personal data in described mobile terminal is write new individual data acquisition system S, and delete personal data unit different described in former mobile terminal;
-write described mobile terminal and storage device by after described new individual data acquisition system S association personal user security information.
Preferably, also comprised the steps: before described step c
-judge whether there is the target data corresponding with described mobile terminal personal data in described storage device;
There is described target data in-Ruo, then performs described step c after deleting described target data.Preferably, also comprised the steps: before described step I ii
-judge whether there is the target data corresponding with described storage device personal data in described mobile terminal;
There is described target data in-Ruo, then performs described step I ii after deleting described target data.
Preferably, the step that described personal user's security information is verified is comprised the steps:
-receive user to input secure authentication information;
-secure authentication information of described input and described personal user's security information are verified;
The secure authentication information inputted described in-Ruo is consistent with described personal user's security information, be then verified described in determining.
Preferably, described personal user's security information at least comprises one or more of following information: the encrypted message that user is arranged, the MSI SDN information of described mobile terminal IMEI information and mobile subscriber.
Preferably, described storage device comprises multiple independently physical memory space, and described multiple independently physical memory space is respectively arranged with personal user's security information of multiple user and multiple correspondence.
Preferably, the determination methods that whether described secure authentication information is consistent with described personal user's security information is:
The secure authentication information of-described input is consistent with any one information in the MSI SDN information of the IMEI information of the encrypted message that described user is arranged, described mobile terminal, described mobile subscriber;
Any two information in the MSI SDN information of the secure authentication information of-described input and the encrypted message that described user is arranged, described mobile terminal IMEI information and mobile subscriber are consistent;
The MSI SDN information of the secure authentication information of-described input and the encrypted message that described user is arranged, described mobile terminal IMEI information and mobile subscriber is all consistent.
According to another aspect of the present invention, a kind of mobile terminal personal data enciphering back-up, recovery, Synchronizing Control Devices are provided, comprise:
Storage device, it is for storing personal data and being provided with personal user's security information;
Mobile terminal, wherein said mobile terminal at least comprises secure verification module, subscriber interface module, user management module, encryption/decryption module, data control block, described mobile terminal is used for verifying the personal user's security information in described storage device, and carries out personal data encrypted backup, recovery, synchronous with described storage device.
The present invention arranges personal user's security information by the data in storage device, mobile terminal, storage device and the data on mobile terminal, and carrying out backing up, recover, synchronous before, need first to perform personal user's security information verification step, ensure backup, recovery, synchronous fail safe.Simultaneously, by arrange storage device and mobile terminal carry out with the use of, achieve the backup between different operating system, different brands, different user, recovery, synchronous working, and also make mobile terminal back up, recover, synchronous working is simple and easy to use more, solve mobile terminal backup, recover, the safety issue of synchronous working and the problem such as operating procedure is complicated.
Embodiment
Fig. 1 shows the first embodiment of the present invention, a kind of mobile terminal personal data enciphering back-up, recovery, synchronisation control means, at least one storage device being provided with personal user's security information is connected with described mobile terminal by OTG connected mode, comprises the steps: particularly
First, perform step S101, checking storage device personal user security information.Those skilled in the art understand, described step S101 is the step ensureing personal data backup, recovery, synchronous safety, preferably by arranging secure verification module at described mobile terminal and installing corresponding APP application program to realize this step, first will perform step S1010 by described mobile terminal needs described storage device to be connected with described mobile terminal.Connected mode has multiple choices, and preferably, described storage device and described mobile terminal are provided with USB interface, and are connected by OTG connected mode.It will be appreciated by those skilled in the art that OTG is the abbreviation of On-The-Go, is the technology that developed recently gets up, and is mainly used in the connection between various different equipment or mobile device, carries out exchanges data.
As one change, described storage device also can be connected by bluetooth with described mobile terminal.Those skilled in the art understand, Bluetooth technology is the open global specifications of a kind of wireless data and voice communication, it is based on the near radio of low cost connects, and set up one with mobile device communication environment be connected especially for fixing, it is by arranging miniature Bluetooth chip to realize.
As another kind change, described storage device and described mobile terminal also can pass through near-field communication technology (being commonly referred to NFC) and be connected.Those skilled in the art understand, near-field communication (Near Field Communication, NFC) be a kind of radiotechnics of short distance high frequency, run in 20 cm distance in 13.56MHz frequency, transfer of data is realized by arranging NFC chip, transmission speed has 106 Kbit/ seconds, 212 Kbit/ seconds or 424 Kbit/ seconds three kinds, and have mode card and ad hoc mode two kinds at present, the present invention preferably adopts point-to-point pattern.
Further, after described storage device is connected with described mobile terminal, the secure verification module of described mobile terminal can read personal user's security information from described storage device, and described personal user's security information is verified, the mode of checking has multiple, such as, can pre-set secure authentication information database in described secure verification module, if corresponding personal user's security information can be found in described secure authentication information database, be then verified.Again such as, manually can also input secure authentication information in real time by user, and personal user's security information of secure authentication information and storage device be compared, comparison success is then verified.
Further, on the basis performing step S101, perform step S102, read the data that mobile terminal associates with personal user's security information.Those skilled in the art understand, step S101 is actually the step of identifying user identity, when by described personal user's security information verification user identity and after passing through, namely user achieves corresponding operating right, under corresponding operating right, user can carry out backing up, recover, synchronous data are data be associated with personal user's security information in step S102, after the data be associated, performs read step described in determining.Further, those skilled in the art understand, if only there is a user, the data be associated described in all data then in described mobile terminal are, if there is multiple user, then by described personal user's security information, multiple user is distinguished, namely determine user by the personal user's security information after checking, then the data be associated described in determining according to the user after determining.Last described mobile terminal is also provided with data processing module, for performing reading, the write of data, after determining the data be associated with personal user's security information, performs read step.
Next, perform step S103, write after described mobile terminal personal data correlation personal user security information in described storage device.Those skilled in the art understand, in order to improve data backup, recovery, synchronous fail safe, preferably be encrypted data when performing backup-step, in fact the step of described association personal user security information is encrypting step, and in fact step S103 is the step of encrypted backup.Preferably this step is realized by described mobile terminal, described mobile terminal is provided with encryption/decryption module, cryptographic algorithm is performed by described encryption/decryption module, data are encrypted, those skilled in the art understand, cryptographic algorithm conventional at present has des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, and these cryptographic algorithm all belong to prior art, do not repeat them here.Further, after being encrypted data, by the data after encryption by described data processing module write storage device.
Preferably, Fig. 2 shows the second embodiment of the present invention, the flow chart of a kind of mobile terminal personal data enciphering back-up, recovery, synchronisation control means.It will be appreciated by those skilled in the art that the step S201 shown in Fig. 2, S202, S203 are identical with the step S101 in embodiment one, S102, S103 in fact, do not repeat them here.
The difference of embodiment two is, after execution step S203, continue to perform step S201 again, personal user's security information of storage device is verified, after again performing step S201, perform step S205 again, read the data that mobile terminal is associated with personal user's security information, those skilled in the art understand, step S205 and step S202 is similar to, just need the source of the data read different, described step S202 reads from storage device, and step S205 reads from mobile terminal, in addition, described step S205 is identical with other parts of step S202, do not repeat them here.
After execution step S205, perform step S206, described storage device personal data are write in described mobile terminal, those skilled in the art understand, described step S206 is similar to step S203, just the object terminal of described personal data write is different, step S203 is written in storage device, and step S206 is written in mobile terminal, what step S206 performed in fact is the step recovered, namely be in described mobile terminal by the date restoring that backups to before in storage device, it should be noted that, step S206 does not need described personal data association personal user security information, namely the step performing encryption is not more needed, because when carrying out the backup-step of step S203, personal data are encrypted, do not need to carry out repeating encryption in step S206.
Further, after execution step S206, perform step S207, carry out synchronously to described mobile terminal and storage device personal data, those skilled in the art understand, realize step S207 to carry out preferably by the data processing module of described mobile terminal, the method of synchronization has multiple, such as with the personal data of mobile terminal for benchmark carries out synchronously, personal data in mobile terminal are all deleted, again personal data in storage device are synchronized in described mobile terminal, again such as with the personal data of storage device for benchmark carries out synchronously, personal data in storage device are all deleted, again the personal data in described mobile terminal are synchronized in described storage device, which kind of method of synchronization is adopted to be determined as the case may be by user, but the method for synchronization is not limited to above-mentioned two kinds, do not repeat them here.
Preferably, also there is multiple other different change case in above-described embodiment one, embodiment two, such as, wherein in a change case, can only perform step S103 or step S203, namely only perform backup-step; Again such as, in another change case, after execution step S201, step S202 and step S205 can perform simultaneously, then performs step S203, S206 again, the step namely performing backup simultaneously and recover; Again such as, in another change case, after execution step S201, can start to perform step S202, S205, S207 simultaneously, then perform step S203, S206, S208 again, namely perform backup, recovery, synchronous step simultaneously.Those skilled in the art understand, by adjusting the operational capability of the data processing module of mobile terminal, above change case all can realize, and multiple change case of embodiment one, embodiment two are not limited to above three change case enumerated, step S103, S206, S208 can be random an execution step wherein or a few step, can perform simultaneously also can perform in order successively, not repeat them here.
Preferably, as another change case of the present invention, before execution step S101 or S201, first set up personal user's security information at described storage device, namely described storage device is encrypted.It will be appreciated by those skilled in the art that more being applied to of this step arranges initial personal user's security information to described storage device, namely namely described storage device is previously provided with personal user's security information before initial use.As one change, this step also can be used for the situation that user needs to change personal user's security information, does not repeat them here.Realize this step and preferably safety chip is set at described storage device, for arranging personal user's security information.The mode arranging personal user's security information has multiple, and such as described storage device arranges personal user's security information by manufacturer before product export; Such as described storage device is connected with PC terminal again, by PC terminal, personal user's security information is arranged to described storage device.Again such as, described storage device is provided with numeric keypad, arranges personal user's security information by described numeric keypad.Again such as, personal user's security information can also be set by mobile terminal.Which kind of no matter adopting, the mode of personal user's security information is set, needs to ensure that user uses initial personal user's security information that can obtain described storage device during described storage device first.
Preferably, Fig. 3 shows an embodiment of synchronizing step, it will be appreciated by those skilled in the art that described synchronizing step realizes preferably by the data processing module of mobile terminal, specifically comprises the steps:
Perform step S301, set up new individual data acquisition system S, described new individual data acquisition system S is used for the data cell of mobile terminal and storage device to gather, and it will be appreciated by those skilled in the art that the final new individual data acquisition system S formed is packet to be synchronized.
Perform step S302, all for storage device personal data unit and all personal data unit of mobile terminal are contrasted.Those skilled in the art understand, when performing this step, described data processing module can distinguish the data cell of read storage device and mobile terminal, and these data cells are contrasted one by one, comparing result has two kinds, be after contrast, show that the data cell that storage device is different with mobile terminal, another kind draw the data cell that storage device is identical with mobile terminal after contrast, described different data cell can temporarily be stored in data processing module.
On the basis performing step S302, perform step S303 and S304, for the described different data cell be temporarily stored in data processing module, described different data cell can be write new personal data S set by described data processing module, and data cells different in original storage device and mobile terminal is deleted.For described identical data cell, described data processing module does not then do any process, is still retained in described storage device and mobile terminal.
Finally perform step S305, write storage device and mobile terminal respectively by after new personal data S set association personal user security information, this step is similar to abovementioned steps S203 and S206, does not repeat them here.
Further, as another change case of above-described embodiment one, before execution step S103, also perform following two steps:
First; judge whether there is the target data corresponding with described mobile terminal personal data in described storage device; what this step was more be applied to described storage device is used repeatedly the situation repeatedly; due to backup repeatedly before, recovery, synchronizing step; user, when using described storage device, often there will be the situation of Data duplication.It will be appreciated by those skilled in the art that namely the object of this step is, before execution backup-step, first to judge whether stored the target data identical with data to be backed up in described storage device.
Secondly, if there is described target data, then perform described step 103 after deleting described target data, if namely there is identical target data, in order to avoid repeating backup, at execution backup-step S103 after described target data being deleted.
It will be appreciated by those skilled in the art that two steps that this change case increases realize preferably by the data processing module of described mobile terminal, do not repeat them here.
Further, Fig. 4 shows an embodiment of step S101, is the personal user's security information being verified described storage device by described mobile terminal in the present embodiment, specifically comprises the steps:
Perform step S401, receive the secure authentication information of user's input.Those skilled in the art understand, preferably described mobile terminal is provided with subscriber interface module and secure verification module, described subscriber interface module is for inputting secure authentication information, described secure verification module receives the secure authentication information of described input, further, described secure authentication information can input in real time when needing execution verification step at every turn; Change as one, user also can pre-enter secure authentication information and be kept at described secure verification module, those skilled in the art understand, in this change case, multiple different use can pre-enter secure authentication information per family, in described secure verification module, namely form a secure authentication information database like this, this does not affect the realization of this step, does not repeat them here.
Perform step S402, secure authentication information and personal user's security information are compared.Those skilled in the art understand, this step is the core of verification step, it is realized by secure verification module, after described storage device is connected with described mobile terminal, described secure verification module can read personal user's security information of described storage device, further, received the secure authentication information of user's input by performing secure verification module described in step S401, the secure authentication information that described personal user's security information and user input can contrast by described secure verification module.Similarly, in various embodiments, described contrast step is also different, and such as user inputs secure authentication information in real time, then described secure verification module the secure authentication information of input and personal user's security information of storage device can carry out man-to-man contrast step in real time.In another change case, if described user pre-enters secure authentication information and is kept in secure verification module, and pre-enter secure authentication information due to multiple user and defined secure authentication information database, then described secure verification module is after the personal user's security information reading described storage device, described personal user's security information can be mated with the secure authentication information in the secure authentication information database prestored, this step is in fact also the one of contrast step, does not repeat them here.
Further, on the basis performing step S402, perform step S403, namely judge whether checking is passed through, if namely personal user's security information is consistent with secure authentication information, then decision verification passes through according to comparing result, if inconsistent, then decision verification does not pass through.It will be appreciated by those skilled in the art that the information whether described checking is passed through may be displayed on described subscriber interface module.
Preferably, as the third embodiment of the present invention, described personal user's security information at least comprises one or more of following information: the MSI SDN information of the encrypted message that user is arranged, described mobile terminal IMEI information and mobile subscriber.It will be appreciated by those skilled in the art that namely described encrypted message is the personal key that user is arranged; Namely the IMEI information of described mobile terminal be the international identification code of mobile device, each mobile phone all will be endowed a globally unique sets of numbers after finishing assembly, this number is delivered for use all by institute of the manufacturer of manufactured production record from producing to, and stores in a mobile device; In fact namely the MSI SDN information of described mobile subscriber be usually described " phone number ", for distinguishing different mobile subscribers.Preferably above-mentioned three kinds of information are all stored in the safety chip of described storage device, above-mentioned three kinds of information can pre-set when producing described storage device, also after described storage device can being connected with described mobile terminal, arranged by described mobile terminal, these modes all can realize, and do not repeat them here.
It will be appreciated by those skilled in the art that corresponding with above-described embodiment three, in the embodiment shown in Fig. 4, the described secure authentication information determination methods whether consistent with described personal user's security information is:
The secure authentication information of-described input is consistent with any one information in the MSI SDN information of the IMEI information of the encrypted message that described user is arranged, described mobile terminal, described mobile subscriber;
Any two information in the MSI SDN information of the secure authentication information of-described input and the encrypted message that described user is arranged, described mobile terminal IMEI information and mobile subscriber are consistent;
The MSI SDN information of the secure authentication information of-described input and the encrypted message that described user is arranged, described mobile terminal IMEI information and mobile subscriber is all consistent.
Those skilled in the art understand, the method of above-mentioned different judgement embodies different safe classes, namely in order to meet the privacy requirements of different user, when carrying out safety verification, progressively can improve validation difficulty, described validation difficulty can be difficult to degree realize by the secure authentication information of described input and described personal user's security information matches, particularly, is the interpretation method that described in the present embodiment three kinds are different.
Preferably, as the fourth embodiment of the present invention, described storage device comprises multiple independently physical memory space, and described multiple independently physical memory space is respectively arranged with personal user's security information of multiple user and multiple correspondence.Those skilled in the art understand, the object of the present embodiment is the versatility improving described storage device, multiple independently physical memory space is set and can be used for different user storage data, corresponding arranges multiple personal user's security information for verifying the identity of different user, in the use procedure of reality, different users is when using same storage device, need first to input secure authentication information and carry out contrast verification with described multiple personal user's security information, when described secure authentication information and the success of one of them personal user's security information matches, then judge that this user rs authentication is passed through, and then this user can carry out the backup of data in the independently physical memory space of its correspondence, recover, synchronous working, those skilled in the art understand, now this user can not obtain the access right in the physical memory space of other users, to ensure the fail safe of different user data.In another change case, in order to realize the object of the present embodiment, also can arrange multiple storage device for different users, coordinate different mobile terminals, its principle is identical with the present embodiment, does not repeat them here simultaneously.
Preferably, as the fifth embodiment of the present invention, a kind of mobile terminal personal data enciphering back-up, recovery, Synchronizing Control Devices are provided, comprise:
Storage device, it, for storing personal data and being provided with personal user's security information, it will be appreciated by those skilled in the art that described storage device is identical with the storage device in above-described embodiment one to four, does not repeat them here.
Further, also comprise a mobile terminal, as shown in Figure 5, described mobile terminal at least comprises secure verification module, subscriber interface module, user management module, encryption/decryption module, data control block, and the working method of each module is by a specific embodiment explanation below:
Step one, user inputs secure authentication information by subscriber interface module, and the secure authentication information of input is transferred to secure verification module;
Step 2, after described storage device is connected with described mobile terminal, described secure verification module reads personal user's security information of described storage device, and as one change, personal user's security information also can be transferred to described secure verification module by described storage device;
Step 3, the secure authentication information of described secure verification module to described input is verified, namely judges that whether described secure authentication information is consistent with described personal user's security information, if consistent, decision verification passes through, otherwise then judges not pass through;
On the basis performing step 3, perform step 4, if the verification passes, then enter described user management module, it will be appreciated by those skilled in the art that described user management module is the user management module corresponding with the described personal user's security information be verified, after entering described user management module, namely user obtains corresponding operating right, namely can carry out the backup of data, recovery, the work such as synchronous.
Step 5, the backup of described data, recovery, the work such as synchronous are realized by described data processing module.Those skilled in the art understand, described data processing module directly carries out exchanges data with described storage device, namely the data of described mobile terminal are stored in described data processing module, carrying out backing up, recover, synchronous working time, described data processing module directly processes the data of the data in mobile terminal and storage device, and then completes the backup of data, recovery, synchronous.
Further, carrying out backing up, recover, synchronous time, as shown in Figure 5, need the step pending data being encrypted or being deciphered by encryption/decryption module, to improve data backup, recovery or synchronous fail safe further.More specifically, have in the embodiment of the present invention one, embodiment two and describe, it will be appreciated by those skilled in the art that described step S102, S103, S202, S203, S205, S108 all need encryption/decryption module to realize.
Above specific embodiments of the invention are described.It is to be appreciated that the present invention is not limited to above-mentioned particular implementation, those skilled in the art can make various distortion or amendment within the scope of the claims, and this does not affect flesh and blood of the present invention.