CN104506561A - Terminal data access control method and device - Google Patents

Terminal data access control method and device Download PDF

Info

Publication number
CN104506561A
CN104506561A CN201510016675.XA CN201510016675A CN104506561A CN 104506561 A CN104506561 A CN 104506561A CN 201510016675 A CN201510016675 A CN 201510016675A CN 104506561 A CN104506561 A CN 104506561A
Authority
CN
China
Prior art keywords
access
data
hotspot
terminal
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510016675.XA
Other languages
Chinese (zh)
Other versions
CN104506561B (en
Inventor
杜国伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nubia Technology Co Ltd
Original Assignee
Shenzhen ZTE Mobile Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen ZTE Mobile Telecom Co Ltd filed Critical Shenzhen ZTE Mobile Telecom Co Ltd
Priority to CN201510016675.XA priority Critical patent/CN104506561B/en
Publication of CN104506561A publication Critical patent/CN104506561A/en
Application granted granted Critical
Publication of CN104506561B publication Critical patent/CN104506561B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a terminal data access control method which includes the following steps: judging whether an accessed WiFi hotspot is safe or not when a terminal is accessed into the WiFi hotspot; automatically converting the terminal into a data safe accessing mode when the accessed WiFi hotspot is not safe; sending a data access prompting message when the terminal receives a data access request. The invention further discloses a terminal data access control device. The terminal data access control method and device ensure that private data are not subject to WiFi fishing and user data are not actively attacked by unsafe protocols, enable private data not to be leaked, and improve data safety.

Description

Terminal profile access control method and device
Technical field
The present invention relates to data security technical field, particularly relate to terminal profile access control method and device.
Background technology
Along with improving constantly and the development of network technology of people's living standard, at any time all to carry out data by network and the external world mutual in any place for increasing people's custom.Along with people are for the demand of network, provide free WiFi (wireless) service in megastore or some public places, people serve enjoying these WiFi, and under WiFi environment, access data or the network data of mobile phone.
But, under aforesaid way, businessman by building free WiFi, by the WiFi title that SSID is disguised oneself as popular, such as, well-known dining room, coffee shop etc.And do not arrange password to connect to gain user by cheating.User data is when mutual by this WiFi, and monitored and analysis, during the secret data such as input account number cipher, will directly be stolen.Therefore, people, when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily causes private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data being revealed, the poor stability of data.
Foregoing, only for auxiliary understanding technical scheme of the present invention, does not represent and admits that foregoing is prior art.
Summary of the invention
Main purpose of the present invention is to provide a kind of terminal profile access control method and device, be intended to solve people when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily cause private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the problem of the poor stability of data.
For achieving the above object, the invention provides a kind of terminal profile access control method, comprise the following steps:
Terminal, when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
When accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module;
Described terminal, when receiving data access request, sends data access information.
Preferably, whether the Wi-Fi hotspot that accesses of described judgement is that the step of dangerous Wi-Fi hotspot comprises:
Whether the Wi-Fi hotspot that described terminal judges accesses is the Wi-Fi hotspot of the security protocol of certification or is dangerous access environment;
Described terminal accessed Wi-Fi hotspot be unverified security protocol Wi-Fi hotspot or for dangerous access environment time, judge that the Wi-Fi hotspot that accesses is dangerous Wi-Fi hotspot.
Preferably, the step that described terminal automatically switches to data security access module comprises:
Obtain the also program of analysis request data access or the fail safe of process and obtain Security analysis result;
According to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.
Preferably, described terminal send data access prompting step comprise:
Described terminal, when receiving data access request, determines the safe class of described data access request initiator;
Described terminal, according to the safe class of described data access request initiator, sends data access information;
Described terminal receives accesses the response message of information as the first response message based on described data, when described first response message is for allowing to access, controls the described data of permission access.
Preferably, the safe class of described data access request initiator, the step sending data access information comprises:
Whether the determined data of described terminal judges is the authentication data for secure access;
Described terminal, when determined data is the authentication data for secure access, sends authentication information.
In addition, for achieving the above object, the present invention also provides a kind of terminal profile access control apparatus further, comprising:
Judge module, for when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
Handover module, for when accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, automatically switches to data security access module;
Reminding module, for when receiving data access request, sends data access information.
Preferably, described judge module, also for judge accessed Wi-Fi hotspot be whether the security protocol of certification Wi-Fi hotspot or as dangerous access environment; Also in accessed Wi-Fi hotspot be unverified security protocol Wi-Fi hotspot or for dangerous access environment time, judge that the Wi-Fi hotspot that accesses is dangerous Wi-Fi hotspot
Preferably, described handover module comprises acquiring unit and switch unit,
Described acquiring unit, obtains Security analysis result for obtaining the also program of analysis request data access or the fail safe of process;
Described switch unit, for according to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.
Preferably, described reminding module comprises determining unit, Tip element, sending and receiving unit and control unit,
Described determining unit, for when receiving data access request, determines the safe class of described data access request initiator;
Described Tip element, for the safe class according to described data access request initiator, sends data access information;
Described sending and receiving unit, accesses the response message of information as the first response message for receiving based on described data;
Described control unit, for when described first response message is for allowing to access, controls to allow the described data of access.
Preferably, described judge module, also for judging that whether determined data is the authentication data for secure access;
Described Tip element, time also for being the authentication data for secure access in determined data, sends authentication information.
The present invention, by when terminal accesses Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot, and when for dangerous Wi-Fi hotspot, terminal automatically switches to data security access module, carries out prompting access to access profile.When the Wi-Fi hotspot accessed is unsafe Wi-Fi hotspot, the data of terminal is conducted interviews restriction, effectively avoid people when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily cause private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the problem of the poor stability of data.Ensure that private data is not gone fishing by WiFi and utilizes insecure protocol active attack subscriber data, private data is not revealed, improves the fail safe of data.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the first embodiment of terminal profile access control method of the present invention;
Fig. 2 judges that whether accessed Wi-Fi hotspot is the schematic flow sheet of dangerous Wi-Fi hotspot one embodiment for the present invention;
Fig. 3 judges that whether accessed Wi-Fi hotspot is the schematic flow sheet of dangerous another embodiment of Wi-Fi hotspot for the present invention;
Fig. 4 is the refinement schematic flow sheet of step S20 mono-embodiment in Fig. 1;
Fig. 5 is the schematic flow sheet of the second embodiment of terminal profile access control method of the present invention;
Fig. 6 is the schematic flow sheet of the 3rd embodiment of terminal profile access control method of the present invention;
Fig. 7 is the schematic flow sheet of the 4th embodiment of terminal profile access control method of the present invention;
Fig. 8 is the schematic flow sheet of the 5th embodiment of terminal profile access control method of the present invention;
Fig. 9 is the high-level schematic functional block diagram of the preferred embodiment of terminal profile access control apparatus of the present invention;
Figure 10 is the refinement high-level schematic functional block diagram of handover module one embodiment in Fig. 9;
Figure 11 is the refinement high-level schematic functional block diagram of reminding module one embodiment in Fig. 9.
The realization of the object of the invention, functional characteristics and advantage will in conjunction with the embodiments, are described further with reference to accompanying drawing.
Embodiment
Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
The primary solutions of the embodiment of the present invention is: terminal, when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot; When accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module; Described terminal, when receiving data access request, sends data access information.When the Wi-Fi hotspot accessed is dangerous, the data of access is limited, effectively avoid people when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily cause private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the problem of the poor stability of data.Ensure that private data is not gone fishing by WiFi and utilizes insecure protocol active attack subscriber data, private data is not revealed, improves the fail safe of data.
Due under existing mode, people, when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily causes private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the poor stability of data.
Based on the problems referred to above, the invention provides a kind of terminal profile access control method.
With reference to the schematic flow sheet that Fig. 1, Fig. 1 are the first embodiment of terminal profile access control method of the present invention.
In one embodiment, described terminal profile access control method comprises:
Step S10, terminal, when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
The main body performing terminal profile access control method of the present invention be electric terminal (such as, mobile phone, pad etc.), be the terminal profile access control application (such as, terminal profile access control software etc.) of electric terminal loading further.Implement described executive agent at this and be preferably mobile phone.
The situation of described terminal access Wi-Fi hotspot comprises: terminal opens WiFi switch, access WiFI focus, or switches to other focuses from current accessed focus, i.e. WiFi network handoff procedure, accesses new Wi-Fi hotspot.When terminal access Wi-Fi hotspot, judge whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot.Described unsafe Wifi focus comprises, such as, businessman selects not arrange password or arrange password to adopt WEP certification, the data of this Internet Transmission are transparent substantially, the data of user's transmission are easy to be monitored by the hacker of same network steal, for domestic consumer, be difficult to judge whether the Wi-Fi hotspot accessed is encryption type, namely whether be safe WiFi network, when using WiFI in public places, avoid the interactive operation of private data as far as possible, or enter data security access module, stop background application to the access of private data.
Concrete, with reference to figure 2, whether the Wi-Fi hotspot that described judgement accesses is that the process of dangerous Wi-Fi hotspot can comprise:
Step S11, whether the Wi-Fi hotspot of the current access of described terminal judges is the Wi-Fi hotspot of the security protocol of certification;
When the current access Wi-Fi hotspot of terminal, obtain the Wi-Fi hotspot data of current access, described Wi-Fi hotspot data comprises authenticated data, WiFi title, connection status, turn-on time, access environment etc.Described authenticated data comprises the data of whether certified security protocol, whether the security protocol of the Wi-Fi hotspot namely accessed is by the checking of terminal, or whether the Wi-Fi hotspot of access is set to secure network, or is provided with secure network mark etc.
After getting the Wi-Fi hotspot data of current access, judge that whether the Wi-Fi hotspot of current access is the Wi-Fi hotspot of the security protocol of certification, if not, then perform step S12, if so, then perform step S13.
Step S12, the Wi-Fi hotspot that described terminal judges accesses is dangerous Wi-Fi hotspot;
After getting the Wi-Fi hotspot data of current access, judge that whether the Wi-Fi hotspot of current access is by the security protocol of certification, namely the security protocol whether authenticated, such as, whether carry certified mark, whether be set to secure network, or whether be provided with secure network mark etc., when not carrying certified mark, or when not being set to secure network, or when not being provided with secure network mark, judge that the Wi-Fi hotspot of current access is the Wi-Fi hotspot of unverified security protocol, judge that the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot.
Step S13, the Wi-Fi hotspot that described terminal judges accesses is safe Wi-Fi hotspot.
When carrying certified mark, or when being set to secure network, or when being provided with secure network mark, judge that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.
Concrete, with reference to figure 3, whether the Wi-Fi hotspot that described judgement accesses is that the process of dangerous Wi-Fi hotspot can also comprise:
Step S14, whether the access environment of the Wi-Fi hotspot that described terminal judges accesses is dangerous access environment; If so, then perform step S15, if not, then perform step S16.
When accessing Wi-Fi hotspot, determine the access environment of the Wi-Fi hotspot of current access.Described access environment comprises: the environment often using network, the network of predeterminated position, roaming environments or this province environment etc.Described predeterminated position can be the position that family, company or relative family etc. often stay.
After the access environment of Wi-Fi hotspot determining current access, judge whether described access environment is dangerous access environment, such as, determines whether the environment infrequently using network, be not whether the network of predeterminated position, or whether be roaming environments etc.
Be the environment often using network at access environment, for predeterminated position network or be this province environment time, judge that described access environment is as normally accessing environment, the Wi-Fi hotspot that accesses of judgement is normal Wi-Fi hotspot; Be the environment infrequently using network at access environment, be predeterminated position network or for roaming environments time, judge that described access environment is dangerous access environment, judge that the Wi-Fi hotspot that accesses is dangerous WiFi access focus.In other embodiments of the present invention, also can be that at least two Rule of judgment in above-mentioned are combined, when a Rule of judgment is no wherein, judge that described access environment is dangerous access environment, such as, being the environment infrequently using network at access environment, is not the network of predeterminated position; All Rule of judgment be time, judging that described access environment is as normally accessing environment, such as, is the environment often using network at access environment, and when being the network of predeterminated position.
Step S15, the Wi-Fi hotspot that described terminal judges accesses is dangerous Wi-Fi hotspot;
Step S16, the Wi-Fi hotspot that described terminal judges accesses is safe Wi-Fi hotspot.
Be understandable that, the Rule of judgment of dangerous Wi-Fi hotspot that whether also can be the Wi-Fi hotspot that described judgement accessed be combines, a Rule of judgment wherein, such as, when access environment is unsafe conditions, or when for unverified Wi-Fi hotspot, judge that the Wi-Fi hotspot of described access is dangerous Wi-Fi hotspot; When all meeting, such as, be secure accessing environment at described access environment, and when accessed Wi-Fi hotspot is the Wi-Fi hotspot of the security protocol of certification, judge that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.Improve the accuracy that Wi-Fi hotspot fail safe judges, and then improve the fail safe of data access.
Step S20, when accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module;
Under described data security access module, limit the access to terminal profile, data that splitting limit of delegating power allows access, does not allow access to the data of open authority, or allows instruction rear may have access to receiving.In the present embodiment, the data of described data security access module limiting access is preferably the private data of end side user, such as, the data of individual privacy is set for the authentication data (user name and user cipher, fingerprint data, voiceprint data, pupil data etc.), contact data, note, multimedia message, message registration etc. of safety verification.When accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module.Namely the pattern of data limiting access is entered.
Concrete, with reference to figure 4, the process that described terminal automatically switches to data security access module can comprise:
Step S21, described terminal obtains and the program of analysis request data access or the fail safe of process obtain Security analysis result;
Step S22, described terminal is according to described Security analysis result, and automatic decision also performs data security access strategy, to automatically switch to data security access module.
Arrange the data security access strategy under data security access module in advance, such as, limiting access contact data, limiting access are used for the authentication data etc. of safety verification.Described secure access strategy is corresponding with the program of secure access or the Security analysis result of process.Described terminal obtains and the program of analysis request data access or the fail safe of process obtain Security analysis result; According to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.And different data security access strategies is set according to the process of accessing or application program difference.
When accessed Wi-Fi hotspot is safe Wi-Fi hotspot, process ends, controls the data of normal access terminal, does not namely limit the access to the data in terminal, does not namely perform data security access strategy.
Step S30, described terminal, when receiving data access request, sends data access prompting.
Described terminal is when automatically switching under data security access module, and the access of limiting terminal data, when receiving data access request, send data access prompting, whether prompting user allows data to access.Equally also can be, when automatically switching to data security access module, and when receiving data access instruction, directly refuse the access of terminal profile, and information is accessed unsuccessfully.Described data access request comprises the data access request that user manually inputs, and the data access request that system triggers automatically.Data corresponding to described data access request accesses the situation of being accessed by background application for data.In other embodiments of the present invention, also can also be judge whether the Wi-Fi hotspot of current access is safe Wi-Fi hotspot, when current Wi-Fi hotspot is dangerous Wi-Fi hotspot when receiving data access request, enter data security access module, send data access prompting.
The present embodiment, by when terminal accesses Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot, and when for dangerous Wi-Fi hotspot, terminal automatically switches to data security access module, carries out prompting access to access profile.When the Wi-Fi hotspot accessed is unsafe Wi-Fi hotspot, the data of terminal is conducted interviews restriction, effectively avoid people when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily cause private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the problem of the poor stability of data.Ensure that private data is not gone fishing by WiFi and utilizes insecure protocol active attack subscriber data, private data is not revealed, improves the fail safe of data.
With reference to the schematic flow sheet that Fig. 5, Fig. 5 are the second embodiment of terminal profile access control method of the present invention.Based on the first embodiment of above-mentioned terminal profile access control method, described step S30 can comprise:
Step S31, described terminal, when receiving data access request, determines the safe class of described data access request initiator;
Step S32, described terminal, according to the safe class of described data access request initiator, sends data access information;
Step S33, described terminal receives accesses the response message of information as the first response message based on described data, when described first response message is for allowing to access, controls the described data of permission access.
After entering data security access module, when receiving data access request, determine the safe class of described data access request initiator.Described terminal is according to the safe class of described data access request initiator, send data access information, namely described terminal arranges the safe class of each data access in advance, when safe class height, need to send data access information, when safe class is low, do not need to send data access information.Such as, when described data access request needs access associated person information, because the safe class of associated person information is high, therefore need to send contact data access information.Described data access information comprises the data of described data access request needs access, and the response message received based on described data access information, using the response message of reception as the first response message, when certain hour (1 minute, 30s) does not receive described first response message, refuse the access of the corresponding data of described data access request.When receiving described first response message, judging that described first response message allows access profile or denied access data, when described first response message is for permission access profile, controlling the data allowing the described data access request of access corresponding; When described first response message is denied access data, then send the information that data access is failed, and point out contact data corresponding to described access request to restricted access, complete described data access process again after informing the corresponding authority of transmitting terminal application of described access request.
In order to improve the fail safe of data access further, obtain the data that described access request is corresponding, and determine the application message that obtained data is corresponding, and show described application message, with which application of prompt terminal side user just accessed, and make priority assignation based on accessed application message, so that the application of some secrets or the application that relates to privacy are set to limiting access, the fail safe of further raising data access.
In other embodiments of the present invention, can also be: when receiving data access request determine the data that described data access request is corresponding; Judge whether determined data is restriction access profile; When determined data is for restriction access profile, prompting data is accessed unsuccessfully.Namely under data security access module, when the data of request access is for restriction access profile, denied access.
The present embodiment by entering data security access module, and when receiving data access request, sends data access information, and receives the response message based on described data access information, allows or the access of refusal data according to response message.Making when entering data security access module, effectively can stop the leakage of data, further increasing the fail safe of contact data.
With reference to the schematic flow sheet that Fig. 6, Fig. 6 are the 3rd embodiment of terminal profile access control method of the present invention.Based on the second embodiment of above-mentioned terminal profile access control method, described step S32 can comprise:
Step S321, whether the determined data of described terminal judges is the authentication data for secure access;
When receiving data access request, determine the access profile that described data access request is corresponding, and judge that whether described access profile is the authentication data for safety verification.Described authentication data comprises user name for logging in and user cipher, fingerprint data, voiceprint data, pupil data etc.
Step S322, described terminal, when determined data is the authentication data for secure access, sends authentication information.
When described access profile is the authentication data for safety verification, send authentication prompting data, namely under data security pattern, the authentication data for safety verification is needed to force prompting, and need when receiving the confirmation permission access, could be accessed.Described access information comprises: allow the information of accessing and not allowing to access.The present embodiment under data security pattern, access be used for the authentication data of safety verification time, forcing prompting whether to allow accessed, when allowing accessed, controlling to be allowed for the access of the whether authenticated data of safety verification; When not allowing access, controlling to stop the access of the whether authenticated data being used for safety verification and sending the failed information of access.Effectively ensure that the fail safe of the authentication data for safety verification by the way, and then improve the fail safe of secret data.
With reference to the schematic flow sheet that Fig. 7, Fig. 7 are the 4th embodiment of terminal profile access control method of the present invention.Based on the 3rd embodiment of above-mentioned terminal profile access control method, described step S322 can comprise:
Whether step S3221, when described access profile is the authentication data for safety verification, judge described consistent with the authentication data that standard agreement specifies for the authentication data of safety verification;
The authentication data that described standard agreement specifies is safe access mode, and the authentication data that namely default standard agreement specifies is safe data access, and described standard agreement comprises WiFi agreement etc.
When accessing the authentication data being used for safety verification, judge that whether described access profile is consistent with the authentication data that standard agreement specifies.
Step S3222, when the described authentication data specified for authentication data and the standard agreement of safety verification is inconsistent, sends authentication data access information;
Step S3223, receives response message based on described access information as the second response message, when described second response data is for allowing access, controls to allow the described authentication data for safety verification of access.
Described access authentication data and standard agreement specify inconsistent time, force the information sending authentication data, after receiving and allowing access instruction, control to allow the described authentication data for safety verification of access; Allow access instruction if do not receive or receive prevention access instruction, then controlling to stop the described access for the authentication data of safety verification, and send the failed information of access.
The present embodiment is under data security pattern, when accessing the authentication data being used for safety verification, and when the authentication data for safety verification that the described authentication data for safety verification and standard agreement specify is inconsistent, prompting is forced whether to allow accessed, when allowing accessed, control the access being allowed for the authentication data of safety verification; When not allowing access, controlling to stop the access of the authentication data being used for safety verification and sending the failed information of access.While effectively ensure that the fail safe for the authentication data of safety verification by the way, improve the accuracy of the authentication data access security for safety verification.
With reference to the schematic flow sheet that Fig. 8, Fig. 8 are the 5th embodiment of terminal profile access control method of the present invention.Based on the 4th embodiment of above-mentioned terminal profile access control method, after described step S321, can also comprise:
Step S323, when described access profile is not the authentication data for safety verification, judges whether described access profile restricted access;
Step S324, when described access profile restricted access, sends the information that data access is failed.
When described access profile is not for authentication data, judge whether described access profile restricted access, namely judge that described access profile is the need of pressure prompting.When described access profile restricted access, send the information that data access is failed; When described access profile does not restricted access, control the access allowing described access profile.The described part restricted access can be contact data, note, multimedia message etc. except for other data except the authentication of safety certification.
In other embodiments of the present invention, also can also be, when there is the part restricted access in described access profile, the access of the part restricted access described in restriction, allow the part do not restricted access in described access profile, and the accessed part of prompting restriction is prevented from access.Described information can be word, voice, picture etc.
The present embodiment, by when described access profile is not the authentication data for safety verification, judges whether described access profile restricted access, if restricted access, then stops the described access profile of access; If there is part limiting access in described access profile, then limit the access of described part information.Effective guarantee except the fail safe for other data except the authentication data of safety verification, and then improves the fail safe of data access.
Corresponding, the present invention also provides a kind of terminal profile access control apparatus further.
With reference to the high-level schematic functional block diagram that Fig. 9, Fig. 9 are the first embodiment of terminal profile access control apparatus of the present invention.
In one embodiment, described terminal profile access control apparatus comprises: judge module 10, handover module 20 and reminding module 30.
Described judge module 10, for when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
The situation of terminal access Wi-Fi hotspot comprises: terminal opens WiFi switch, access WiFI focus, or switches to other focuses from current accessed focus, i.e. WiFi network handoff procedure, accesses new Wi-Fi hotspot.When terminal access Wi-Fi hotspot, judge whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot.Described unsafe Wifi focus comprises, such as, businessman selects not arrange password or arrange password to adopt WEP certification, the data of this Internet Transmission are transparent substantially, the data of user's transmission are easy to be monitored by the hacker of same network steal, for domestic consumer, be difficult to judge whether the Wi-Fi hotspot accessed is encryption type, namely whether be safe WiFi network, when using WiFI in public places, avoid the interactive operation of private data as far as possible, or enter data security access module, stop background application to the access of private data.
Concrete, described judge module 10, also for judging that whether the Wi-Fi hotspot of current access is the Wi-Fi hotspot of the security protocol of certification;
When the current access Wi-Fi hotspot of terminal, obtain the Wi-Fi hotspot data of current access, described Wi-Fi hotspot data comprises authenticated data, WiFi title, connection status, turn-on time, access environment etc.Described authenticated data comprises the data of whether certified security protocol, whether the security protocol of the Wi-Fi hotspot namely accessed is by the checking of terminal, or whether the Wi-Fi hotspot of access is set to secure network, or is provided with secure network mark etc.
After getting the Wi-Fi hotspot data of current access, judge that whether the Wi-Fi hotspot of current access is the Wi-Fi hotspot of the security protocol of certification.
Described judge module 10, also for when the Wi-Fi hotspot of current access is not the Wi-Fi hotspot of security protocol of certification, judges that the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
After getting the Wi-Fi hotspot data of current access, judge that whether the Wi-Fi hotspot of current access is by the security protocol of certification, namely the security protocol whether authenticated, such as, whether carry certified mark, whether be set to secure network, or whether be provided with secure network mark etc., when not carrying certified mark, or when not being set to secure network, or when not being provided with secure network mark, judge that the Wi-Fi hotspot of current access is the Wi-Fi hotspot of unverified security protocol, judge that the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot.
Described judge module 10, also for when the Wi-Fi hotspot of current access is the Wi-Fi hotspot of the security protocol of certification, judges that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.
When carrying certified mark, or when being set to secure network, or when being provided with secure network mark, judge that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.
Concrete, described judge module 10, also for judging whether the access environment of accessed Wi-Fi hotspot is dangerous access environment.
When accessing Wi-Fi hotspot, determine the access environment of the Wi-Fi hotspot of current access.Described access environment comprises: the environment often using network, the network of predeterminated position, roaming environments or this province environment etc.Described predeterminated position can be the position that family, company or relative family etc. often stay.
After the access environment of Wi-Fi hotspot determining current access, judge whether described access environment is dangerous access environment, such as, determines whether the environment infrequently using network, be not whether the network of predeterminated position, or whether be roaming environments etc.
Be the environment often using network at access environment, for predeterminated position network or be this province environment time, judge that described access environment is as normally accessing environment, the Wi-Fi hotspot that accesses of judgement is normal Wi-Fi hotspot; Be the environment infrequently using network at access environment, be predeterminated position network or for roaming environments time, judge that described access environment is dangerous access environment, judge that the Wi-Fi hotspot that accesses is dangerous WiFi access focus.In other embodiments of the present invention, also can be that at least two Rule of judgment in above-mentioned are combined, when a Rule of judgment is no wherein, judge that described access environment is dangerous access environment, such as, being the environment infrequently using network at access environment, is not the network of predeterminated position; All Rule of judgment be time, judging that described access environment is as normally accessing environment, such as, is the environment often using network at access environment, and when being the network of predeterminated position.
Described judge module 10, also for when the access environment of accessed Wi-Fi hotspot is dangerous access environment, judges that the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
Described judge module 10, also for when the access environment of accessed Wi-Fi hotspot is secure accessing environment, judges that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.
Be understandable that, the Rule of judgment of dangerous Wi-Fi hotspot that whether also can be the Wi-Fi hotspot that described judgement accessed be combines, a Rule of judgment wherein, such as, when access environment is unsafe conditions, or when for unverified Wi-Fi hotspot, judge that the Wi-Fi hotspot of described access is dangerous Wi-Fi hotspot; When all meeting, such as, be secure accessing environment at described access environment, and when accessed Wi-Fi hotspot is the Wi-Fi hotspot of the security protocol of certification, judge that the Wi-Fi hotspot accessed is safe Wi-Fi hotspot.Improve the accuracy that Wi-Fi hotspot fail safe judges, and then improve the fail safe of data access.
Described handover module 20, for when accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, automatically switches to data security access module.
Under described data security access module, limit the access to terminal profile, data that splitting limit of delegating power allows access, does not allow access to the data of open authority, or allows instruction rear may have access to receiving.In the present embodiment, the data of described data security access module limiting access is preferably the private data of end side user, such as, the data of individual privacy is set for the authentication data (user name and user cipher, fingerprint data, voiceprint data, pupil data etc.), contact data, note, multimedia message, message registration etc. of safety verification.When accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module.Namely the pattern of data limiting access is entered.
Concrete, with reference to Figure 10, described handover module 20 comprises acquiring unit 21 and switch unit 22,
Described acquiring unit 21, obtains Security analysis result for obtaining the also program of analysis request data access or the fail safe of process;
Described switch unit 22, for according to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.
Arrange the data security access strategy under data security access module in advance, such as, limiting access contact data, limiting access are used for the authentication data etc. of safety verification.Described secure access strategy is corresponding with the program of secure access or the Security analysis result of process.Described terminal obtains and the program of analysis request data access or the fail safe of process obtain Security analysis result; According to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.And different data security access strategies is set according to the process of accessing or application program difference.
When accessed Wi-Fi hotspot is safe Wi-Fi hotspot, process ends, controls the data of normal access terminal, does not namely limit the access to the data in terminal, does not namely perform data security access strategy.
Described reminding module 30, for when receiving data access request, sends data access prompting.
Described terminal is when automatically switching under data security access module, and the access of limiting terminal data, when receiving data access request, send data access prompting, whether prompting user allows data to access.Equally also can be, when automatically switching to data security access module, and when receiving data access instruction, directly refuse the access of terminal profile, and information is accessed unsuccessfully.Described data access request comprises the data access request that user manually inputs, and the data access request that system triggers automatically.Data corresponding to described data access request accesses the situation of being accessed by background application for data.In other embodiments of the present invention, also can also be judge whether the Wi-Fi hotspot of current access is safe Wi-Fi hotspot, when current Wi-Fi hotspot is dangerous Wi-Fi hotspot when receiving data access request, enter data security access module, send data access prompting.
The present embodiment, by when terminal accesses Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot, and when for dangerous Wi-Fi hotspot, terminal automatically switches to data security access module, carries out prompting access to access profile.When the Wi-Fi hotspot accessed is unsafe Wi-Fi hotspot, the data of terminal is conducted interviews restriction, effectively avoid people when the Wi-Fi hotspot connected is dangerous Wi-Fi hotspot, when namely there is potential safety hazard, easily cause private data to be gone fishing by WiFi and utilize insecure protocol active attack subscriber data, private data is revealed, the problem of the poor stability of data.Ensure that private data is not gone fishing by WiFi and utilizes insecure protocol active attack subscriber data, private data is not revealed, improves the fail safe of data.
With reference to Figure 11, described reminding module 30 comprises determining unit 31, Tip element 32, sending and receiving unit 33 and control unit 34,
Described determining unit 31, for when receiving data access request, determines the safe class of described data access request initiator;
Described Tip element 32, for the safe class according to described data access request initiator, sends data access information;
Described sending and receiving unit 33, accesses the response message of information as the first response message for receiving based on described data;
Described control unit 34, for when described first response message is for allowing to access, controls to allow the described data of access.
After entering data security access module, when receiving data access request, determine the safe class of described data access request initiator.Described terminal is according to the safe class of described data access request initiator, send data access information, namely described terminal arranges the safe class of each data access in advance, when safe class height, need to send data access information, when safe class is low, do not need to send data access information.Such as, when described data access request needs access associated person information, because the safe class of associated person information is high, therefore need to send contact data access information.Described data access information comprises the data of described data access request needs access, and the response message received based on described data access information, using the response message of reception as the first response message, when certain hour (1 minute, 30s) does not receive described first response message, refuse the access of the corresponding data of described data access request.When receiving described first response message, judging that described first response message allows access profile or denied access data, when described first response message is for permission access profile, controlling the data allowing the described data access request of access corresponding; When described first response message is denied access data, then send the information that data access is failed, and point out contact data corresponding to described access request to restricted access, complete described data access process again after informing the corresponding authority of transmitting terminal application of described access request.
In order to improve the fail safe of data access further, obtain the data that described access request is corresponding, and determine the application message that obtained data is corresponding, and show described application message, with which application of prompt terminal side user just accessed, and make priority assignation based on accessed application message, so that the application of some secrets or the application that relates to privacy are set to limiting access, the fail safe of further raising data access.
In other embodiments of the present invention, can also be: when receiving data access request determine the data that described data access request is corresponding; Judge whether determined data is restriction access profile; When determined data is for restriction access profile, prompting data is accessed unsuccessfully.Namely under data security access module, when the data of request access is for restriction access profile, denied access.
The present embodiment by entering data security access module, and when receiving data access request, sends data access information, and receives the response message based on described data access information, allows or the access of refusal data according to response message.Making when entering data security access module, effectively can stop the leakage of data, further increasing the fail safe of contact data.
Further, described judge module 10, also for judging that whether determined data is the authentication data for secure access;
When receiving data access request, determine the access profile that described data access request is corresponding, and judge that whether described access profile is the authentication data for safety verification.Described authentication data comprises user name for logging in and user cipher, fingerprint data, voiceprint data, pupil data etc.
Described Tip element 32, time also for being the authentication data for secure access in determined data, sends authentication information.
When described access profile is the authentication data for safety verification, send authentication prompting data, namely under data security pattern, the authentication data for safety verification is needed to force prompting, and need when receiving the confirmation permission access, could be accessed.Described access information comprises: allow the information of accessing and not allowing to access.The present embodiment under data security pattern, access be used for the authentication data of safety verification time, forcing prompting whether to allow accessed, when allowing accessed, controlling to be allowed for the access of the whether authenticated data of safety verification; When not allowing access, controlling to stop the access of the whether authenticated data being used for safety verification and sending the failed information of access.Effectively ensure that the fail safe of the authentication data for safety verification by the way, and then improve the fail safe of secret data.
Further, whether described judge module 10, time also for being the authentication data for safety verification in described access profile, judge described consistent with the authentication data that standard agreement specifies for the authentication data of safety verification;
The authentication data that described standard agreement specifies is safe access mode, and the authentication data that namely default standard agreement specifies is safe data access, and described standard agreement comprises WiFi agreement etc.
When accessing the authentication data being used for safety verification, judge that whether described access profile is consistent with the authentication data that standard agreement specifies.
Described Tip element 32, also for when the described authentication data specified for authentication data and the standard agreement of safety verification is inconsistent, sends authentication data access information;
Described sending and receiving unit 33, also for receiving response message based on described access information as the second response message;
Described control unit 34, also for when described second response data is for allowing to access, controls to allow the described authentication data for safety verification of access.
Described access authentication data and standard agreement specify inconsistent time, force the information sending authentication data, after receiving and allowing access instruction, control to allow the described authentication data for safety verification of access; Allow access instruction if do not receive or receive prevention access instruction, then controlling to stop the described access for the authentication data of safety verification, and send the failed information of access.
The present embodiment is under data security pattern, when accessing the authentication data being used for safety verification, and when the authentication data for safety verification that the described authentication data for safety verification and standard agreement specify is inconsistent, prompting is forced whether to allow accessed, when allowing accessed, control the access being allowed for the authentication data of safety verification; When not allowing access, controlling to stop the access of the authentication data being used for safety verification and sending the failed information of access.While effectively ensure that the fail safe for the authentication data of safety verification by the way, improve the accuracy of the authentication data access security for safety verification.
Further, described judge module 10, also for when described access profile is not the authentication data for safety verification, judges whether described access profile restricted access;
Described Tip element 32, also for when described access profile restricted access, sends the information that data access is failed.
When described access profile is not for authentication data, judge whether described access profile restricted access, namely judge that described access profile is the need of pressure prompting.When described access profile restricted access, send the information that data access is failed; When described access profile does not restricted access, control the access allowing described access profile.The described part restricted access can be contact data, note, multimedia message etc. except for other data except the authentication of safety certification.
In other embodiments of the present invention, also can also be, when there is the part restricted access in described access profile, the access of the part restricted access described in restriction, allow the part do not restricted access in described access profile, and the accessed part of prompting restriction is prevented from access.Described information can be word, voice, picture etc.
The present embodiment, by when described access profile is not the authentication data for safety verification, judges whether described access profile restricted access, if restricted access, then stops the described access profile of access; If there is part limiting access in described access profile, then limit the access of described part information.Effective guarantee except the fail safe for other data except the authentication data of safety verification, and then improves the fail safe of data access.
These are only the preferred embodiments of the present invention; not thereby the scope of the claims of the present invention is limited; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.

Claims (10)

1. a terminal profile access control method, is characterized in that, comprises the following steps:
Terminal, when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
When accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, described terminal automatically switches to data security access module;
Described terminal, when receiving data access request, sends data access information.
2. terminal profile access control method as claimed in claim 1, is characterized in that, whether the Wi-Fi hotspot that described judgement accesses is that the step of dangerous Wi-Fi hotspot comprises:
Whether the Wi-Fi hotspot that described terminal judges accesses is the Wi-Fi hotspot of the security protocol of certification or is dangerous access environment;
Described terminal accessed Wi-Fi hotspot be unverified security protocol Wi-Fi hotspot or for dangerous access environment time, judge that the Wi-Fi hotspot that accesses is dangerous Wi-Fi hotspot.
3. terminal profile access control method as claimed in claim 1 or 2, it is characterized in that, the step that described terminal automatically switches to data security access module comprises:
Obtain the also program of analysis request data access or the fail safe of process and obtain Security analysis result;
According to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.
4. terminal profile access control method as claimed in claim 1 or 2, is characterized in that, the step that described terminal sends data access prompting comprises:
Described terminal, when receiving data access request, determines the safe class of described data access request initiator;
Described terminal, according to the safe class of described data access request initiator, sends data access information;
Described terminal receives accesses the response message of information as the first response message based on described data, when described first response message is for allowing to access, controls the described data of permission access.
5. terminal profile access control method as claimed in claim 4, is characterized in that, the safe class of described data access request initiator, and the step sending data access information comprises:
Whether the determined data of described terminal judges is the authentication data for secure access;
Described terminal, when determined data is the authentication data for secure access, sends authentication information.
6. a terminal profile access control apparatus, is characterized in that, comprising:
Judge module, for when accessing Wi-Fi hotspot, judges whether the Wi-Fi hotspot accessed is dangerous Wi-Fi hotspot;
Handover module, for when accessed Wi-Fi hotspot is dangerous Wi-Fi hotspot, automatically switches to data security access module;
Reminding module, for when receiving data access request, sends data access information.
7. terminal profile access control apparatus as claimed in claim 6, is characterized in that, described judge module, also for judge accessed Wi-Fi hotspot be whether the security protocol of certification Wi-Fi hotspot or as dangerous access environment; Also in accessed Wi-Fi hotspot be unverified security protocol Wi-Fi hotspot or for dangerous access environment time, judge that the Wi-Fi hotspot that accesses is dangerous Wi-Fi hotspot.
8. terminal profile access control apparatus as claimed in claims 6 or 7, it is characterized in that, described handover module comprises acquiring unit and switch unit,
Described acquiring unit, obtains Security analysis result for obtaining the also program of analysis request data access or the fail safe of process;
Described switch unit, for according to described Security analysis result, automatic decision also performs data security access strategy, to automatically switch to data security access module.
9. terminal profile access control apparatus as claimed in claims 6 or 7, it is characterized in that, described reminding module comprises determining unit, Tip element, sending and receiving unit and control unit,
Described determining unit, for when receiving data access request, determines the safe class of described data access request initiator;
Described Tip element, for the safe class according to described data access request initiator, sends data access information;
Described sending and receiving unit, accesses the response message of information as the first response message for receiving based on described data;
Described control unit, for when described first response message is for allowing to access, controls to allow the described data of access.
10. terminal profile access control apparatus as claimed in claim 9, is characterized in that, described judge module, also for judging that whether determined data is the authentication data for secure access;
Described Tip element, time also for being the authentication data for secure access in determined data, sends authentication information.
CN201510016675.XA 2015-01-13 2015-01-13 Terminal profile access control method and device Active CN104506561B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510016675.XA CN104506561B (en) 2015-01-13 2015-01-13 Terminal profile access control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510016675.XA CN104506561B (en) 2015-01-13 2015-01-13 Terminal profile access control method and device

Publications (2)

Publication Number Publication Date
CN104506561A true CN104506561A (en) 2015-04-08
CN104506561B CN104506561B (en) 2016-03-23

Family

ID=52948276

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510016675.XA Active CN104506561B (en) 2015-01-13 2015-01-13 Terminal profile access control method and device

Country Status (1)

Country Link
CN (1) CN104506561B (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105138906A (en) * 2015-08-31 2015-12-09 联想(北京)有限公司 Information processing method and electronic equipment
CN105162768A (en) * 2015-07-31 2015-12-16 腾讯科技(深圳)有限公司 Method and device for detecting phishing Wi-Fi hotspots
CN105430023A (en) * 2016-01-04 2016-03-23 上海斐讯数据通信技术有限公司 Method and device for ensuring information safety
CN105636142A (en) * 2015-07-16 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Data communication network selection method and system
CN105873032A (en) * 2016-04-21 2016-08-17 林碧琴 Bus mobile hotspot authentication method
CN105873062A (en) * 2016-06-27 2016-08-17 联想(北京)有限公司 Method and device to be networked with wireless communication network, and terminal equipment
WO2016131289A1 (en) * 2015-07-28 2016-08-25 中兴通讯股份有限公司 Method, device and user equipment for testing security of wireless hotspot
WO2016184213A1 (en) * 2015-05-15 2016-11-24 中兴通讯股份有限公司 Method and apparatus for improving access security of wireless network and mobile terminal
CN106454813A (en) * 2016-11-17 2017-02-22 珠海市魅族科技有限公司 Wireless communication mode setting method and device
CN106446636A (en) * 2016-09-30 2017-02-22 努比亚技术有限公司 Mobile terminal and control method
WO2017036200A1 (en) * 2015-08-28 2017-03-09 宇龙计算机通信科技(深圳)有限公司 Method and system for encrypting user file system in multiple domains
CN106792671A (en) * 2016-12-30 2017-05-31 广东欧珀移动通信有限公司 Data ciphering method, device and terminal device
CN107343279A (en) * 2017-07-07 2017-11-10 广东欧珀移动通信有限公司 Method for connecting network, device, terminal device and storage medium
CN107484168A (en) * 2017-07-29 2017-12-15 广东欧珀移动通信有限公司 Bio-identification unlocking method and Related product
WO2017219558A1 (en) * 2016-06-24 2017-12-28 中兴通讯股份有限公司 Method and device for running incognito mode in mobile terminal, and mobile terminal
CN109660991A (en) * 2017-10-11 2019-04-19 腾讯科技(深圳)有限公司 Pseudo-base station reminding method, device and storage medium
CN110618783A (en) * 2019-09-12 2019-12-27 北京小米移动软件有限公司 Text broadcasting method, device and medium
CN111225378A (en) * 2018-11-27 2020-06-02 奇酷互联网络科技(深圳)有限公司 Intelligent wifi screening method, mobile terminal and terminal readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103368941A (en) * 2013-04-22 2013-10-23 北京奇虎科技有限公司 User network access scenario-based protection method and device
CN103561404A (en) * 2013-10-22 2014-02-05 宇龙计算机通信科技(深圳)有限公司 Method and device for having access to network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103368941A (en) * 2013-04-22 2013-10-23 北京奇虎科技有限公司 User network access scenario-based protection method and device
CN103561404A (en) * 2013-10-22 2014-02-05 宇龙计算机通信科技(深圳)有限公司 Method and device for having access to network

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106302315A (en) * 2015-05-15 2017-01-04 中兴通讯股份有限公司 A kind of wireless network that improves accesses the method for safety, device and mobile terminal
WO2016184213A1 (en) * 2015-05-15 2016-11-24 中兴通讯股份有限公司 Method and apparatus for improving access security of wireless network and mobile terminal
CN105636142A (en) * 2015-07-16 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Data communication network selection method and system
WO2016131289A1 (en) * 2015-07-28 2016-08-25 中兴通讯股份有限公司 Method, device and user equipment for testing security of wireless hotspot
CN106385683A (en) * 2015-07-28 2017-02-08 中兴通讯股份有限公司 Wireless hot spot safety detection method, apparatus and user equipment thereof
CN105162768A (en) * 2015-07-31 2015-12-16 腾讯科技(深圳)有限公司 Method and device for detecting phishing Wi-Fi hotspots
WO2017036200A1 (en) * 2015-08-28 2017-03-09 宇龙计算机通信科技(深圳)有限公司 Method and system for encrypting user file system in multiple domains
CN105138906A (en) * 2015-08-31 2015-12-09 联想(北京)有限公司 Information processing method and electronic equipment
CN105138906B (en) * 2015-08-31 2019-02-05 联想(北京)有限公司 Information processing method and electronic equipment
CN105430023A (en) * 2016-01-04 2016-03-23 上海斐讯数据通信技术有限公司 Method and device for ensuring information safety
CN105873032A (en) * 2016-04-21 2016-08-17 林碧琴 Bus mobile hotspot authentication method
WO2017219558A1 (en) * 2016-06-24 2017-12-28 中兴通讯股份有限公司 Method and device for running incognito mode in mobile terminal, and mobile terminal
CN105873062A (en) * 2016-06-27 2016-08-17 联想(北京)有限公司 Method and device to be networked with wireless communication network, and terminal equipment
CN106446636A (en) * 2016-09-30 2017-02-22 努比亚技术有限公司 Mobile terminal and control method
CN106454813A (en) * 2016-11-17 2017-02-22 珠海市魅族科技有限公司 Wireless communication mode setting method and device
CN106792671A (en) * 2016-12-30 2017-05-31 广东欧珀移动通信有限公司 Data ciphering method, device and terminal device
CN107343279A (en) * 2017-07-07 2017-11-10 广东欧珀移动通信有限公司 Method for connecting network, device, terminal device and storage medium
CN107484168A (en) * 2017-07-29 2017-12-15 广东欧珀移动通信有限公司 Bio-identification unlocking method and Related product
CN109660991A (en) * 2017-10-11 2019-04-19 腾讯科技(深圳)有限公司 Pseudo-base station reminding method, device and storage medium
CN109660991B (en) * 2017-10-11 2021-03-19 腾讯科技(深圳)有限公司 Pseudo base station prompting method, device and storage medium
CN111225378A (en) * 2018-11-27 2020-06-02 奇酷互联网络科技(深圳)有限公司 Intelligent wifi screening method, mobile terminal and terminal readable storage medium
CN110618783A (en) * 2019-09-12 2019-12-27 北京小米移动软件有限公司 Text broadcasting method, device and medium
CN110618783B (en) * 2019-09-12 2021-04-13 北京小米移动软件有限公司 Text broadcasting method, device and medium

Also Published As

Publication number Publication date
CN104506561B (en) 2016-03-23

Similar Documents

Publication Publication Date Title
CN104506561B (en) Terminal profile access control method and device
JP6970080B2 (en) How to control access to an in-vehicle wireless network
US20220312166A1 (en) Network Access Method, Device, and System
US20120036557A1 (en) Wi-fi access method, access point and wi-fi access system
CN105357740B (en) Wireless network access method and wireless access node
CN108471610B (en) Bluetooth connection control system
CN102318386B (en) To the certification based on service of network
CN105813071B (en) Traffic sharing method and device, and terminal
CN102883320A (en) WiFi (Wireless Fidelity) authentication method and system thereof
EP2876855A1 (en) Mobile wireless access and establishment of virtual private network
KR20160021763A (en) User identity authenticating method, terminal, and server
CN101990202B (en) Method for updating user policy and application server
US20200228981A1 (en) Authentication method and device
CN103874065A (en) Method and device for judging user position abnormity
CN104156657A (en) Information input method and information input device of terminal and terminal
CN104540131A (en) Authentication method based on wireless signal intensity
KR20060088409A (en) Network access method of wlan terminal and network system thereof
WO2013185709A1 (en) Call authentication method, device, and system
KR100778558B1 (en) Method for establishing a connection between a terminal and an operating mobile radio network, mobile radio network and terminal used in such a method
CN109561413B (en) Bluetooth authentication and authorization method and system of BLE equipment
CN108834142B (en) Wireless router and connection authentication method thereof
CN113365271A (en) Safe connection distribution network binding method and device of intelligent air conditioner and air conditioner
CN105208557B (en) A kind of safety establishes the method and wireless router of WIFI connection
CN115529678A (en) Connection establishing method, system and storage medium
KR101940722B1 (en) Method for providing communication security for user mobile in open wifi zone

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee
CP01 Change in the name or title of a patent holder

Address after: 518057 Guangdong province Shenzhen city Nanshan District high tech park, No. 9018 North Central Avenue, building A, floor six, Han's innovation

Patentee after: Nubian Technologies Ltd.

Address before: 518057 Guangdong province Shenzhen city Nanshan District high tech park, No. 9018 North Central Avenue, building A, floor six, Han's innovation

Patentee before: Shenzhen ZTE Mobile Tech Co., Ltd.