CN106778348A

CN106778348A - A kind of method and apparatus for isolating private data

Info

Publication number: CN106778348A
Application number: CN201611213374.7A
Authority: CN
Inventors: 徐利军; 王春雷; 刘刚
Original assignee: Beijing Qihoo Technology Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd
Priority date: 2016-12-23
Filing date: 2016-12-23
Publication date: 2017-05-31

Abstract

A kind of method and apparatus for isolating private data are the embodiment of the invention provides, for the partial data isolation to applying, partial data is disclosed.Methods described includes：Privacy catalogue and general catalogue are created to operate in the intended application in sandbox；The privacy catalogue and the general catalogue are separate；The private data of the intended application is stored under the privacy catalogue, and the general data of the intended application is stored under the general catalogue；When the pattern of the intended application is privacy mode, the private data stored under the privacy catalogue is read, when the pattern of the intended application is general mode, read the general data under the general catalogue, and hide the privacy catalogue；The intended application can switch between the privacy mode and the general mode.

Description

A kind of method and apparatus for isolating private data

Technical field

The present invention relates to field of computer technology, more particularly to a kind of method and apparatus for isolating private data.

Background technology

As Science and Technology Day crescent strange land is developed, and requirement of the user to electronic product feature-richization, application program is Through the every aspect for progressively going deep into routine work and life.However, at the same time, using involved privacy of user also increasingly It is many.In order to protect the private data of user in application, in the related art, a part of application can set privacy mode.Specifically For, it is set to applying needed when starting or reentering application interface and being verified to user identity for privacy mode.Only There is the correct identity information of input, by checking, can just start or reenter application.And after cancelling privacy mode, then appoint What with can arbitrarily start per family and enter application operated.

It can be seen that, the privacy of insulation blocking application in the above described manner can only isolate the data of all applications, or disclose all answering Data.

The content of the invention

The embodiment of the invention provides it is a kind of isolate private data method and apparatus, for apply partial data every From partial data is disclosed.

In a first aspect, the invention provides a kind of method for isolating private data, including：

Privacy catalogue and general catalogue are created to operate in the intended application in sandbox；The privacy catalogue and described common Catalogue is separate；

The private data of the intended application is stored under the privacy catalogue, and by the common of the intended application Data storage is under the general catalogue；

When the pattern of the intended application is privacy mode, the privacy number stored under the privacy catalogue is read According to, when the pattern of the intended application is general mode, the general data under the reading general catalogue, and hide institute State privacy catalogue；The intended application can switch between the privacy mode and the general mode.

Optionally, after the private data of the intended application is stored under the privacy catalogue, also include：

The private data being successfully stored under the privacy catalogue is encrypted according to predetermined encryption mode；

After the private data stored under reading the privacy catalogue, also include：

It is decrypted to storing the private data under the privacy catalogue according to the predetermined encryption mode.

Optionally, the private data includes privacy profile file, and what is stored in the case where the privacy catalogue is read is described hidden After private data, also include：

Run in the privacy profile file to load the intended application so that the configuration parameter of the intended application with The privacy mode matching.

Optionally, methods described also includes：

Receive the trigger action for starting or reentering the intended application；The trigger action is for controlling The intended application enters the first trigger action of the general mode or described hidden for controlling the intended application to enter Second trigger action of private pattern；

When the trigger action is second trigger action, the user to performing second trigger action carries out body Part checking；

When the user enters the privacy mode by after authentication, controlling the intended application, and allow described User accesses the intended application.

Optionally, to operate in before the intended application in sandbox creates privacy catalogue and general catalogue, also include：

System Privileges are obtained by exempting from ROOT modes；

Based on the System Privileges, obtain the installation kit of the intended application and preserve to assigned catalogue；

Sandbox required for constructing the intended application operation.

Optionally, System Privileges are obtained by exempting from ROOT modes, including：

Obtain service packs；

Particular system leak is repaired by loading the service packs, to obtain the System Privileges；

Wherein, the service packs includes：It is described to create privacy catalogue and common to operate in the intended application in sandbox Catalogue, the private data by the intended application is stored under the privacy catalogue, by the common number of the intended application It is according to storage under the general catalogue and described when the pattern of the intended application is privacy mode, read the privacy The private data stored under catalogue, when the pattern of the intended application is general mode, reads under the general catalogue The general data, and hide the privacy catalogue the step of execution file.

Optionally, particular system leak is repaiied by loading the service packs, including：

Specific system applications are replaced with the service packs, loading of the system to the execution file in the service packs is realized, So that the execution file acquisition Android system authority in the service packs.

Second aspect, the invention provides a kind of device for isolating private data, including：

Creation module, for creating privacy catalogue and general catalogue to operate in the intended application in sandbox；The privacy Catalogue and the general catalogue are separate；

Memory module, for the private data of the intended application to be stored under the privacy catalogue, and will be described The general data of intended application is stored under the general catalogue；

Read module, for when the pattern of the intended application is privacy mode, reading storage under the privacy catalogue The private data, when the pattern of the intended application is general mode, read described common under the general catalogue Data, and hide the privacy catalogue；The intended application can switch between the privacy mode and the general mode.

Optionally, described device also includes：

Encrypting module, for after the private data of the intended application is stored under the privacy catalogue, according to Predetermined encryption mode is encrypted to the private data being successfully stored under the privacy catalogue；

Deciphering module, for after the private data stored under reading the privacy catalogue, according to described default Cipher mode is decrypted to storing the private data under the privacy catalogue.

Optionally, the private data includes privacy profile file, and described device also includes：

Load-on module, for after the private data stored under reading the privacy catalogue, running the privacy To load the intended application in configuration file, so that the configuration parameter of the intended application is matched with the privacy mode.

Optionally, described device also includes：

Receiver module, for receiving the trigger action for starting or reentering the intended application；The triggering Operation is for controlling the intended application to enter the first trigger action of the general mode or for controlling the target Using the second trigger action for entering the privacy mode；

Authentication module, for when the trigger action is second trigger action, to performing the second triggering behaviour The user of work carries out authentication；

Control module, for entering the privacy mould by after authentication, controlling the intended application as the user Formula, and allow the user to access the intended application.

Optionally, described device also includes：

Authority acquiring module, for for operate in the intended application in sandbox create privacy catalogue and general catalogue it Before, obtain System Privileges by exempting from ROOT modes；

Installation kit acquisition module, for based on the System Privileges, obtaining the installation kit of the intended application and preserving extremely Under assigned catalogue；

Constructing module, the sandbox required for for constructing the intended application operation.

Optionally, the authority acquiring module is used to obtain service packs；Particular system is leaked by loading the service packs Hole is repaired, to obtain the System Privileges；

Wherein, the creation module, the memory module and the read module are by calling holding in the service packs Style of writing part performs corresponding step.

Optionally, the authority acquiring module is used to replace specific system applications with the service packs, realizes system to institute State the loading of the execution file in service packs so that the execution file acquisition Android system authority in the service packs.

Said one or multiple technical schemes in the embodiment of the present application, at least imitate with following one or more technology Really：

In the technical scheme of the embodiment of the present invention, create separate to operate in the intended application in sandbox first Privacy catalogue and general catalogue, then store under privacy catalogue the private data of intended application, by the common of intended application Data storage, when the pattern of intended application is privacy mode, reads the privacy number stored under privacy catalogue under general catalogue According to, and when the pattern of intended application is general mode, the general data under general catalogue is read, and privacy catalogue is hidden, mesh Mark application can switch between privacy mode and general mode.So, created mutually solely by for private data and general data Vertical catalogue, and the private data under privacy catalogue is read during privacy mode, and only read under general catalogue during general mode Data, thus achieve and only isolate private data under general mode, general data is then disclosed.So, the present invention realizes right In an application, partial data isolation, technique effect disclosed in partial data.

Brief description of the drawings

By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings：

Fig. 1 is the method flow diagram of isolated data in the embodiment of the present invention；

Fig. 2 is the apparatus structure schematic diagram of isolated data in the embodiment of the present invention.

Specific embodiment

In order to solve the above-mentioned technical problem, the technical scheme general thought that the present invention is provided is as follows：

Technical solution of the present invention is described in detail below by accompanying drawing and specific embodiment, it should be understood that the application Specific features in embodiment and embodiment are the detailed description to technical scheme, rather than to present techniques The restriction of scheme, in the case where not conflicting, the technical characteristic in the embodiment of the present application and embodiment can be mutually combined.

The terms "and/or", only a kind of incidence relation for describing affiliated partner, represents there may be three kinds of passes System, for example, A and/or B, can represent：Individualism A, while there is A and B, individualism B these three situations.In addition, herein Middle character "/", typicallys represent forward-backward correlation pair as if a kind of relation of "or".

First aspect present invention provides a kind of isolation private data method, refer to Fig. 1, be in the embodiment of the present invention every From the method flow diagram of private data.The method includes：

S101：Privacy catalogue and general catalogue are created to operate in the intended application in sandbox；The privacy catalogue and institute State general catalogue separate；

S102：The private data of the intended application is stored under the privacy catalogue, and by the intended application General data store under the general catalogue；

S103：When the pattern of the intended application is privacy mode, what is stored under the reading privacy catalogue is described hidden Private data, when the pattern of the intended application is general mode, read the general data under the general catalogue, and hidden Hide the privacy catalogue；The intended application can switch between the privacy mode and the general mode.

Specifically, the intended application in the embodiment of the present invention can be any application in electronic equipment, such as Social networking application, music application and office application etc..For the application that user needs isolated part data, can be put into sandbox Perform the method in the embodiment of the present invention.

Intended application is added into sandbox operation, in S101, for intended application creates two separate mesh in sandbox Record.Also, in order that two catalogue status are identical, two catalogues are set up in same level.In the embodiment of the present invention mutually All nodes are differed during two independent catalogues refer to two catalogues, and are not attached to.Two catalogues are respectively used to storage The private data and general data of intended application.Two catalogues are distinguished for convenience, and the present invention will deposit the catalogue of private data Referred to as privacy catalogue, general catalogue is referred to as by the catalogue for storing general data.

Wherein, the private data in the embodiment of the present invention is underground data, and general data then refers to disclosing Data.During implementing, it is private data that sandbox can give tacit consent to such as data such as configuration file, journal file.Or Person, user can also be according to selecting private data from the data of intended application the need for oneself.For example, intended application It is chat application, user's selection is private data with the chat content of good friend A and good friend B, is common with the chat content of good friend C Data.During implementing, those skilled in the art can be of the invention according to actually being selected It is not particularly limited.

Privacy catalogue and general catalogue are created that, and determine what type of data for private data, which kind of type Data for after general data, in S102, under private data storage in the data that intended application is produced to privacy catalogue, And the general data for producing intended application is stored under general catalogue.

Seen from the above description, general data is redirected under general catalogue in the embodiment of the present invention, private data weight It is directed under privacy catalogue, because general catalogue and privacy catalogue are separate, so store to the data under two catalogues It is separate, thus it is achieved that the technique effect for keeping apart private data and general data.

Further, in embodiments of the present invention, sandbox is also further for the method for operation of intended application provides two moulds Formula：Privacy mode and general mode.In S103, when the pattern of intended application is privacy mode, deposited under reading privacy catalogue The private data of storage, when the pattern of intended application is general mode, reads the general data under general catalogue, and hide privacy Catalogue.

Specifically, in embodiments of the present invention, privacy profile file is specifically included in private data, when intended application is During privacy mode, privacy profile file will be read out under privacy catalogue, further comprised：

Specifically, the privacy profile file in the embodiment of the present invention includes the configuration ginseng of intended application under privacy mode Number and configuration mode.When intended application is privacy mode, sandbox reads privacy profile file from privacy mode, and according to hidden Configuration parameter and configuration mode loaded targets application in private configuration file, so that intended application is operated under privacy mode. For example, privacy profile file includes password, and shows the inputting interface of password after representing the icon for clicking on intended application, And password match enters the configuration parameter at intended application interface, chatting for user and good friend A and good friend B is also included in private data Its content.When so, with privacy mode operational objective application, should according to the privacy profile file loaded targets in private data With, and read the chat content of user and good friend A and good friend B.And then, user will enter after clicking on intended application icon in sandbox Enter the interface for password input of intended application, be input into after correct password and enter intended application interface, and view with good friend A and The chat content of good friend B.

And when intended application is general mode, sandbox only reads data from general mode.During implementing, Can also include and the incoherent general profile of privacy profile file in general data.Wherein, general profile includes Configuration parameter and the configuration parameter that includes with privacy profile file of configuration mode and configuration mode can be the same or different. For example, the general profile in general data includes representing the icon that intended application is configured into click intended application i.e. Into, and the chat content including user Yu good friend C.When so, with general mode operational objective application, according to common configuration File loaded targets application, and read the chat content of user and good friend C.And then user clicks on intended application icon in sandbox Intended application can be immediately entered, and view the chat content with good friend C.

During implementing, even if configuration parameter and configuration mode and general profile in privacy profile file Configuration parameter it is identical with configuration mode, it is also desirable to each a configuration file of storage under privacy catalogue and general catalogue respectively. Reason is that the general profile under general catalogue is read under general mode, rather than the configuration text read under privacy catalogue Part, thus avoids privacy catalogue from exposing.

Meanwhile, it is in embodiments of the present invention, husky when intended application operates in general mode in order to protect private data Case by hiding privacy catalogue, and then cause using general mode intended application user cannot or private data presence, And then private data cannot be read.

In addition, in embodiments of the present invention, privacy mode and general mode can mutually switch so that user can be with Check general data and private data.Specifically, user can be switched by clicking on " switching " virtual key, or by spy Determine gesture, parallel sliding gesture for example from left to right, or by particular fingerprint, or the iris authentication for passing through user etc. is cut Change, those skilled in the art can be that the present invention is not particularly limited according to being actually configured.

By foregoing description as can be seen that in the technical scheme of the embodiment of the present invention, first to operate in the mesh in sandbox Mark application creates separate privacy catalogue and general catalogue, then stores in privacy catalogue the private data of intended application Under, the general data of intended application is stored under general catalogue, when the pattern of intended application is privacy mode, read privacy The private data stored under catalogue, and when the pattern of intended application is general mode, the general data under general catalogue is read, And privacy catalogue is hidden, intended application can switch between privacy mode and general mode.So, by being private data and general The separate catalogue of logical data creation, and the private data under privacy catalogue is read during privacy mode, and during general mode The data under general catalogue are only read, is thus achieved and only isolate private data under general mode, general data is then disclosed.Institute So that the present invention is realized for an application, partial data isolation, technique effect disclosed in partial data.

More detailed introduction is carried out to the embodiment of the present invention below.

In order to pass through the data of sandbox redirection target application, before S101 of the present invention, also include：

System Privileges are obtained by exempting from ROOT modes；

Sandbox required for constructing the intended application operation.

Specifically, the operating system of Unix systems, by taking Android system as an example, is widely used in various user equipmenies, example Such as mobile phone, panel computer and Wearable.Android system has strict rights management mechanism, under default conditions, non-system The authority applied of uniting is relatively low.Gonna breakthrough authority is limited, it is necessary to the authority of nonsystematic application is improved, it is therefore desirable to is carried out ROOT and is awarded Power.The nonsystematic application for obtaining Android system authority can be intercepted to the malicious act of other Android applications, be to consumption The setting option of resource of uniting is modified, therefore, in most cases, fail-safe software on the market needs obtaining ROOT mandates Android user equipment on work, can be only achieved optimum efficiency.But, domestic consumer does not grasp professional knowledge higher, therefore Correct ROOT mandates can not be carried out to user equipment.Even if having carried out ROOT mandates, authority higher is being opened for safety applications Meanwhile, also give malicious application opportunity.More contradiction, under the conditions of non-ROOT, a part of malicious application can work, And traditional security monitoring application can lose absolute predominance.

Therefore, in order to solve the above-mentioned technical problem that system authorization can only be obtained after ROOT, in the embodiment of the present invention also There is provided in the case of not ROOT for intended application build sandbox.

Specifically, for convenience of description, illustrated so that the system of user equipment is case subsystem as an example below. Before S101, Android system authority is obtained, that is, obtain the operating right of the system system files in Android system.It is existing ROOT modes are the fundamental prerequisites for obtaining system directory operating right in technology, however, unlike the prior art, we Case does not obtain system directory operating right by ROOT modes, can those cannot ROOT or user be unwilling the use of ROOT The data isolation of implementation goal application in the equipment of family, without modification system, the quality guarantee and upgrading of user is not influenceed.

Specifically, in the embodiment of the present invention, System Privileges are obtained by exempting from ROOT, is realized especially by following process：

Obtain service packs；

Specifically, in embodiments of the present invention, repaired by for particular system leak, by means of repair system leak it Power traction enters service packs, and service packs is loaded into Android system, the part as system application, to obtain Android system power Limit.Wherein, the particular system leak in the embodiment of the present invention refers to：There is arbitrary system vulnerability in existing Android system.

Particular system leak is repaired above by loading service packs, obtains Android system authority, specifically included： During loading service packs repairs particular system leak, specific system applications are replaced with service packs, realize Android system to mending The loading of the execution file in fourth bag so that the execution file acquisition Android system authority in service packs.Wherein, in service packs File acquisition is performed to after Android system authority, the system files in Android system can be operated.And this hair Execution file in bright embodiment includes performing for the intended application operated in sandbox creates privacy catalogue and general catalogue, The private data of intended application is stored under privacy catalogue, the general data of intended application is stored under general catalogue, with And when the pattern of intended application is privacy mode, the private data stored under privacy catalogue is read, when the pattern of intended application During for general mode, the general data under reading general catalogue, and the logical code of each step such as privacy catalogue is hidden, Therefore, the code performed in file is run after loading service packs, it is possible to perform above-mentioned S101 to S103.

Said process is illustrated with a specific example, it is assumed that the particular system leak in the embodiment of the present invention Main key MasterKey leaks in for Android system, Android can be changed using the leak in the case where signature is not changed System code.Based on the primary leaks of MasterKey, on the one hand the present invention repaiies while being repaired to MasterKey leaks MasterKey leaks are answered, on the other hand Android system authority has been obtained using the repair process of MasterKey leaks, at one stroke Many, meet actual demand, ensure information security of the user using user equipment.Specifically, in embodiments of the present invention, exist To check will inform the user that after the MaterKey leaks in Android system and MasterKey leaks are repaired, in repair process Need to obtain for repairing the service packs of MasterKey leaks, and the service packs of acquisition is installed, Android is replaced with service packs application The original system application memory of system sets Setting Storage, or, should in the original system of Android system with service packs Upgraded with the basis of Setting Storage, because system application Setting Storage are when Android system starts Loaded, so the execution file in service packs is also just loaded when Android system starts.Now in service packs The code performed in file has Android system highest authority, it is possible to achieve system file accesss, rights management etc. are operated. After Android system authority is obtained, you can create privacy catalogue and common to operate in intended application in sandbox to perform Catalogue, the private data of intended application is stored under privacy catalogue, and the general data of intended application is stored in general catalogue Under, and when the pattern of intended application is privacy mode, the private data stored under privacy catalogue is read, when intended application When pattern is general mode, the general data under general catalogue, and the step of hiding privacy catalogue are read.

Additionally, the service packs that particular system leak is repaired in the embodiment of the present invention can at any time be unloaded according to user intention, Noresidue after unloading, meets user's request.

During implementing, particular system leak MasterKey leaks above and specific system applications Setting Storage applications are for example, those skilled in the art can be according to the actual requirements Selected, the present invention is not particularly limited.

Next, obtaining the installation kit of intended application based on System Privileges and preserving to assigned catalogue.It is wherein of the invention Assigned catalogue described in embodiment refers to the present invention in file organization, the consideration of the efficiency of management and to be that these need to build husky The application of case environmental goals and the self-defined default directory that provides, the installation of all applications run in sandbox by this programme Bag, can be moved or copying and saving is in assigned catalogue.During implementing, assigned catalogue can also be in system Catalogue through existing, can be single catalogue, or multiple catalogues.Therefore, generally, it is the present invention that assigned catalogue is The catalogue of the installation kit for depositing the intended application that sandbox environment is built by this programme for being used.

Specifically, in embodiments of the present invention, obtain the installation kit of intended application and be saved under assigned catalogue, can be with It is accomplished in several ways.Wherein three kinds modes are introduced below.It is including but not limited to following during implementing Three kinds of modes.

Mode one：When intended application is when having installed to apply, intended application to be searched from systematic difference installation directory Installation kit, assigned catalogue is copied to by installation kit, then the intended application in uninstalling system.

For example, the installation applied in Android system can be related to the operation to following catalogue：Android system elder generation when installing application During APK (installation kit of Android application, AndroidPackage) is copied to Android application installation directory data/app catalogues；Will Code file (.dex files) after APK decompressions is installed under data/dalvik-cache catalogues；Data/data sets up and deposits Resource data needed for putting Android application.Understand that the APK file of application is the installation kit of application based on above-mentioned principle, The installation kit of application can be found in data/app catalogues.Therefore, for mounted intended application, can be from data/ Corresponding APK file is replicated in app catalogues in assigned catalogue, intended application is then unloaded from Android system so that be follow-up Intended application is run in sandbox without being run outside sandbox, it is to avoid clash.

Mode two, when intended application is the application installed, should by registering default installation device interception target Installation broadcast message, obtains the installation kit of intended application from broadcast message is installed, and installation kit is deposited to assigned catalogue.

For example, for the intended application for preparing or being installed, the present invention can be registered as by by itself The form of default installation device, obtains the installation broadcast message of the intended application.Intended application is obtained from broadcast message is installed Installation kit position, and then the installation kit of intended application is obtained from installation kit position, then by the installation of intended application Bag movement is stored in assigned catalogue.

After installation kit is saved under assigned catalogue, next, it is possible to construct the sandbox environment of intended application.Tool For body, sandbox can be built by procedure below in the embodiment of the present invention：

The installation kit of the intended application under the assigned catalogue is parsed, the relevant information of the intended application is obtained；

Resource environment needed for constructing the intended application operation, to transfer corresponding money when the intended application is run Source；

Construction Classloader, to load the corresponding class file performed in file of the intended application；

Construction main thread, so that the main thread performs the start-up operation of each component in the intended application；

Each component in for the intended application constructs a loading application installation package object respectively.

Specifically, the installation kit of the intended application under parsing assigned catalogue, obtains each component included in installation kit.Its In, the component of an application is divided into four types, and these four types are respectively：Movable Activity components, broadcast recipients Broadcast Receiver components, service Service components and content provider's Content Provider components.Specific In implementation process, some applications are likely to by a kind of above-mentioned component or multiple assembly component, and must not necessarily include above-mentioned four Plant component.Each component of application is required for the registration could to use, i.e., each component is required for the installation kit in application matching somebody with somebody Put and configured in file AndroidManifest.xml.Therefore, the configuration file of the installation kit of application Can be listed in AndroidManifest.xml using included all component.It follows that the present embodiment can be by reading mesh The AndroidManifest.xml files in the installation kit of application are marked come the institute included in the installation kit for obtaining intended application There is component.Need exist for explanation be：PMS (installation kit management server, Package Manager Service) in system It is exactly the mistake of the configuration file AndroidManifest.xml in the installation kit that parsing is applied on the process nature for installing application Journey, and the relevant information being applied from the inside, the Activity components being such as applied, Service components, Broadcast The information such as Receiver components and Content Provider components.After having relevant information, by AMS (campaign management services, Activity Manager Service) just can normally run in systems and apply.Application is installed with said system Process is similar to, and the present invention also first passes through the installation kit of parsing intended application to obtain the relevant information of intended application.Specifically, may be used Each component included in the installation kit that intended application is obtained using reflex mechanism.Wherein, employed in the embodiment of the present invention Reflex mechanism can be Java Java reflex mechanisms, Java reflex mechanisms be in running status, for any one class, can Enough know all properties and method of this class；For any one object, its any one method can be called；It is this The function of the method for dynamic access information and dynamic call object is the reflex mechanism of Java language.Different language has it Corresponding reflex mechanism, for example, C language and C Plus Plus have its corresponding reflex mechanism.

Secondly, the context that intended application is used when operation is loaded is the context of sandbox, therefore, this programme institute Each component in energy loaded targets application is not only wanted in the sandbox of construction, the environment required for building intended application operation is also needed.

Specifically, apply during operation, be to read to be packaged in by explorer Asset Manager Resource file inside the installation kit of application.Each Activity component of application associates one Contextlmpl pairs As, this Contextlmpl object is for describing the operation context environmental of Activity components.Call The member function init of ContextImpl objects initializes the work of Activity assembly operating context environmentals to perform, its In just include create be used for access application resource Resources objects and AssetManager objects work.Wherein, ContextImpl.init functions are just defined on file f rameworks/base/core/java/android/app/ In ContextImpl.java.What the parameter packageInfo in ContextImpl.init functions was pointed to is one LoadedApk objects, this LoadedApk object factory is the current APK started belonging to component.For accessing application Resources pairs of program resource likes the member's letter by the LoadedApk objects pointed by call parameters packageInfo Number getResources is created.It follows that in order to create Resources objects, to extract or access application resource, this hair Bright embodiment also needs the one loadedApk object of each component construction in respectively intended application.

It can be seen that, the embodiment of the present invention needs the resource environment for needed for intended application constructs its operation, to start each group Corresponding resource is transferred during part.Specifically, can realize in the following way：To in the constructed fuction of resource Resources classes Member variable massets modify, with start each component when corresponding resource is transferred by massets；And/or it is right Asset Path functions in explorer Asset Manager are modified, and amended Asset Path functions are pointed to Resource file in the installation kit of intended application, Asset Path are transferred with when each component is started by Asset Manager Function obtains the corresponding resource in resource file.Wherein, the constructed fuction of Resources classes is defined on file Frameworks/base/core/java/android/content/res/Resources. in java.Because Resources Be stored in an AssetManager object pointed by parameter assets in member variable mAssets by the constructed fuction of class, That is mAssets=assets so that the constructed fuction of Resources classes can be by mAssets come the money of access application Source.Therefore, the embodiment of the present invention can modify by the member variable massets in resources-type constructed fuction, come real Resource needed for now transferring application program by massets.Wherein, above-mentioned implementation can be realized using reflex mechanism.When So, the Asset Path functions in explorer Asset Manager can also be modified, such as passes through AssetManager The member function addAssetPath of object adds the application resource file path specified (such as：Path is /system/ App/Music.apk) in Asset Path functions.Due to addAssetPath be hide API (application programming interface, Application Programming Interface), we cannot directly invoke, so can only be by reflex mechanism come real It is existing.

Further, the embodiment of the present invention also needs to construct Classloader for intended application, corresponding in each component to load Loading classes.Specifically, Classloader is constructed, can be realized in the following way：The path of intended application is added to class loading In path list pathlist in device, construction searches the Classloader of loading classes according to application path；And/or, to class M parent members in loader modify, and construction looks for the Classloader of loading classes with parent first.Construction is used first It is that when a loading classes are looked for, what is adjusted first is system that parent looks for the purpose of the Classloader of loading classes Findloadedclass () function, can go to call mparentfindclass () function with that.If the embodiment of the present invention Class loader directly are configured to be looked for parent first the Classloader of loading classes, such system look for this class when Wait, just directly invoke mparentfindclass () function and go for, eliminate and call findloadedclass () function to look for The step of class.

Then, due to an operation only one of which host process ActivityThread for application, ActivityThread couples As describing the application process being currently running, therefore, the embodiment of the present invention needs to construct intended application in sandbox ActivityThread, so that the start-up operation of each component in Activity Thread performance objective applications.

Finally, respectively each component constructs an installation kit loadedApk object for loaded targets application.Specifically, can Realize in the following way：The packageinfo reflected in Activity Thread by reflex mechanism, to be respectively each group Part constructs an installation kit loadedApk object for intended application.

If additionally, the component of loading is content provider's ContentProvider components, being called by reflex mechanism ContentProvider components.

Seen from the above description, technical scheme provided in an embodiment of the present invention runs required fortune by building intended application Row environment, provides with the running environment identical sandbox environment after being installed in Android system so that target with for intended application Apply and run in sandbox, and then the private data and general data of intended application can be redirected to by two phases based on sandbox Mutually under independent catalogue, the data isolation of intended application is achieved in.

Or, in embodiments of the present invention, it is also possible to construct sandbox in the following way, specifically include：

The installation kit of the intended application under the assigned catalogue is parsed, the mirror image for generating the intended application is installed Bag；

The code for indicating to call Hook Function is injected in the execution file of the mirror image installation kit；

The configuration parameter of the configuration file of the mirror image installation kit is changed, for loading the application；

The mirror image installation kit is installed and run in systems；Wherein, the Hook Function is used for the row to the application To be monitored.

Specifically, the installation kit of intended application is compressed file, in a kind of mode, can be by the installation kit of intended application Solution is depressed into an odd-job catalogue to complete to decompress work, after decompression, you can to each text in the installation kit of intended application Part is parsed.In another way, it is also possible to the installation kit of intended application is directly parsed in internal memory.No matter which kind of side is taken Formula is parsed to the installation kit of intended application, in order to obtain relevant parameter and resource, to configure generation intended application Mirror image installation kit.

Mirror image can be that hard disk mirror-image can also be memory mirror.Due to being wrapped in the configuration file of the installation kit of intended application Containing file Classes.dex is performed, correspondingly, also comprising execution file in the mirror image installation kit of intended application Classes.dex, this programme injects instruction and calls hook journey by Classes.dex in the execution file in mirror image installation kit The code of sequence.And configuration file Androidmanifest.xml is included in the configuration file of the installation kit of intended application, accordingly Ground, also includes configuration file Androidmanifest.xml in the mirror image installation kit of intended application, and the configuration file is carried out Modification so that amended mirror image installation kit is suitable to loaded targets application.Specifically, this programme reflects call-by mechanism using Java The running configuration information reflection that LoadApk and ActivityThread are related to is substituted for the intended application in assigned catalogue The Classloader ClassLoader and resource of installation kit, realize the corresponding application of mirror image installation kit operationally to intended application Loading.So far, the mirror image installation kit of the intended application constructed by the embodiment of the present invention operationally, first loads above-mentioned instruction and adjusts With the execution file of hook program, intended application is reloaded, can realize sending out intended application in operation using hook program The monitoring capture of raw behavior.

In the embodiment of the present invention, intended application is loaded into the corresponding application of mirror image installation kit of constructed intended application Internal environment in go operation, the internal environment of the corresponding application of mirror image installation kit of intended application is substantially equivalent to be sandbox Environment, intended application is kept apart in Android system, and by the sandbox environment set hook program it is right to realize The monitoring of the behavior of intended application.

During implementing, those skilled in the art can be any of the above-described according to actual selection Mode builds sandbox, and the present invention is not particularly limited.

Further, as a kind of optional embodiment, after by under private data storage to privacy catalogue, also include：

Before the private data stored under reading privacy catalogue, also include：

Specifically, in order to be protected to segregate private data, the present invention further also needs to arrive hidden to storage Private data under private catalogue is encrypted.Specifically, when a private data storage is arrived under privacy catalogue, and storage is completed Afterwards, this private data will be encrypted according to predetermined encryption mode immediately.Wherein, predetermined encryption mode can include but not Be limited to AES (Advanced Encryption Standard, Advanced Encryption Standard), ECC (elliptic curve cipher coding theory, Elliptic Curves Cryptography) and Hash cipher mode etc., the present invention is not particularly limited.Belonging to of the invention The technical staff in field can be encrypted according to actual selection any one or any multiple combination to private data, the present invention It is not particularly limited.

Further, since private data is encrypted, therefore in order to allow users to normally check and use private data, from After reading out private data in privacy catalogue, private data is decrypted further according to preset algorithm.

Further, as a kind of optional embodiment, the present invention is still further comprised：

First, the trigger action for starting or reentering intended application that user performs is received.The present invention is implemented Intended application is reentered in example, refers to for intended application being adjusted to front stage operation by running background, and enter intended application Interface.Trigger action is, for example, to click on the clicking operation of intended application icon, apply corresponding many from the multiple with running background In individual label the selection operation of the label of selection target application or rock up and down mobile phone rock operation etc., the present invention belonging to The those of ordinary skill in field can be according to actually being selected, and the present invention is not particularly limited.

Because the intended application in the embodiment of the present invention has general mode and privacy mode both of which, therefore trigger action Also two kinds of different trigger actions are specifically included.Wherein, the trigger action that general mode is entered for control targe application is the One trigger action, the trigger action for entering privacy mode for control targe application is the second trigger action.First trigger action It is different with the second trigger action.For example, the first trigger action is the operation of the icon for clicking on intended application, the second triggering behaviour As the operation for clicking on the button for being provided with fingerprint identification module；Or, the first trigger action is the icon for clicking on intended application Operation, the second trigger action be double-click intended application icon operation.By different trigger actions, user just can be square Just intended application into privacy mode or general mode is switched.In addition, during implementing, in order to avoid other people know Intended application has private data, therefore the first trigger action is set to and is started in the prior art or is reentered target It is preferably selection that the operation of application is similar to.And then, start or reenter intended application by the first trigger action in user When, just it is not easy to be appreciated that the presence of hiding data, thus protect privacy of user.

When now receiving when being specially the second trigger action, in order to protect private data, it is to avoid other people arbitrarily check Private data, in the embodiment of the present invention, further carries out authentication to the user for performing the second trigger action.

Specifically, have various to the mode that user carries out authentication in the embodiment of the present invention, for example, verify that user is defeated Whether the password for entering to enter privacy mode is correct, and by authentication if correct, such as the fingerprint of checking user is It is no with the fingerprint matching that pre-sets, by authentication if matching, or checking user vocal print whether with set in advance The voice print matching put, passes through authentication if matching.The present invention is not particularly limited.

Preferably, user rapidly enters the intended application of privacy mode for convenience, will receive the second trigger action and body It is preferably selection that part checking combines.For example, due to being both provided with fingerprint collecting mould on current most of user equipmenies Block, and finger print acquisition module is often provided on main menu or power key.Therefore, main menu is arranged on acquisition module equipment As a example by upper, it is the click entree singly-bound under screen locking pattern that can set the second trigger action, and then, electronic equipment receives main menu While key clicking operation, the fingerprint of the finger for performing clicking operation is collected by finger print acquisition module.Then, based on click The operation of entree singly-bound determines to have received the second trigger action, and the fingerprint obtained during by this click entree singly-bound with it is pre- If fingerprint is matched.If the fingerprint is matched with preset fingerprint, then it represents that the user for now performing click entree singly-bound has The authority of private data is checked, therefore control targe application enters privacy module, reads the private data under privacy catalogue, and permit Access target application in family allowable., whereas if the fingerprint is mismatched with preset fingerprint, then it represents that now perform and click on entree singly-bound User do not have and check the authority of private data, therefore control targe application does not enter privacy module, and privacy mesh is not read yet Private data under record.

During implementing, in order to avoid the other users in addition to the user for checking private data authority exist During use, perform the second trigger action by mistake and know that intended application has private data, when receiving the second trigger action, But when the identity of the user of the second trigger action of execution is not verified, user equipment can not responded, and not carried out not Response prompting, so that the user for now performing the second trigger action is not carried out the presence of the private data of intended application.

Based on the inventive concept same with the method for isolating private data in previous embodiment, second aspect present invention is also carried For a kind of device for isolating private data, as shown in Fig. 2 including：

Creation module 101, for creating privacy catalogue and general catalogue to operate in the intended application in sandbox；It is described hidden Private catalogue and the general catalogue are separate；

Memory module 102, for the private data of the intended application to be stored under the privacy catalogue, and by institute The general data for stating intended application is stored under the general catalogue；

Read module 103, for when the pattern of the intended application is privacy mode, being deposited under the reading privacy catalogue The private data of storage, when the pattern of the intended application is general mode, reads described general under the general catalogue Logical data, and hide the privacy catalogue；The intended application can switch between the privacy mode and the general mode.

Further, the device in the embodiment of the present invention also includes：

Private data in the embodiment of the present invention includes privacy profile file, and the device in the embodiment of the present invention also includes：

Further, the device in the embodiment of the present invention also includes：

Specifically, authority acquiring module is used to obtain service packs；By loading the service packs to particular system leak Repaired, to obtain the System Privileges；

Further, authority acquiring module is used to replace specific system applications with the service packs, realizes system to described The loading of the execution file in service packs so that the execution file acquisition Android system authority in the service packs.

The various change mode and instantiation of the method for the isolation private data in the embodiment of earlier figures 1 are equally applicable to The device of the isolation private data of the present embodiment, by the foregoing detailed description to isolating the method for private data, this area skill Art personnel are clear that the implementation of the device of isolation private data in the present embodiment, so for the letter of specification It is clean, will not be described in detail herein.

Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein. Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system Structure be obvious.Additionally, the present invention is not also directed to any certain programmed language.It is understood that, it is possible to use it is various Programming language realizes the content of invention described herein, and the description done to language-specific above is to disclose this hair Bright preferred forms.

In specification mentioned herein, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention Example can be put into practice in the case of without these details.In some instances, known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.

Similarly, it will be appreciated that in order to simplify one or more that the disclosure and helping understands in each inventive aspect, exist Above to the description of exemplary embodiment of the invention in, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention：I.e. required guarantor The application claims of shield features more more than the feature being expressly recited in each claim.More precisely, such as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, and wherein each claim is in itself All as separate embodiments of the invention.

Those skilled in the art are appreciated that can be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment Unit or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit exclude each other, can use any Combine to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power Profit is required, summary and accompanying drawing) disclosed in each feature can the alternative features of or similar purpose identical, equivalent by offer carry out generation Replace.

Although additionally, it will be appreciated by those of skill in the art that some embodiments in this include institute in other embodiments Including some features rather than further feature, but the combination of the feature of different embodiments means in the scope of the present invention Within and form different embodiments.For example, in the following claims, embodiment required for protection it is any it One mode can use in any combination.

All parts embodiment of the invention can be realized with hardware, or be run with one or more processor Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice Microprocessor or digital signal processor (DSP) are come in realizing gateway according to embodiments of the present invention, proxy server, system Some or all parts some or all functions.The present invention is also implemented as performing side as described herein Some or all equipment or program of device (for example, computer program and computer program product) of method.It is such Realize that program of the invention can be stored on a computer-readable medium, or there can be the shape of one or more signal Formula.Such signal can be downloaded from internet website and obtained, or be provided on carrier signal, or with any other shape Formula is provided.

It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol being located between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not Element listed in the claims or step.Word "a" or "an" before element is not excluded the presence of as multiple Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame Claim.

The invention discloses A1, a kind of method of isolation private data, it is characterised in that including：

A2, the method according to A1, it is characterised in that stored described hidden by the private data of the intended application After under private catalogue, also include：

A3, the method according to A2, it is characterised in that the private data includes privacy profile file, are reading institute State after the private data stored under privacy catalogue, also include：

A4, the method according to A3, it is characterised in that methods described also includes：

A5, the method according to A1, it is characterised in that creating privacy catalogue to operate in the intended application in sandbox Before general catalogue, also include：

System Privileges are obtained by exempting from ROOT modes；

Sandbox required for constructing the intended application operation.

A6, the method according to A5, it is characterised in that obtain System Privileges by exempting from ROOT modes, including：

Obtain service packs；

A7, the method according to A6, it is characterised in that carried out to particular system leak by loading the service packs Repair, including：

B8, a kind of device of isolation private data, it is characterised in that including：

B9, the device according to B8, it is characterised in that described device also includes：

B10, the device according to B9, it is characterised in that the private data includes privacy profile file, described device Also include：

B11, the device according to B10, it is characterised in that described device also includes：

B12, the device according to B8, it is characterised in that described device also includes：

B13, the device according to B12, it is characterised in that the authority acquiring module is used to obtain service packs；Pass through Load the service packs to repair particular system leak, to obtain the System Privileges；

B14, the device according to B13, it is characterised in that the authority acquiring module is used to be replaced with the service packs Specific system applications, realize loading of the system to the execution file in the service packs so that perform text in the service packs Part obtains Android system authority.

Claims

1. it is a kind of isolate private data method, it is characterised in that including：

Privacy catalogue and general catalogue are created to operate in the intended application in sandbox；The privacy catalogue and the general catalogue It is separate；

The private data of the intended application is stored under the privacy catalogue, and by the general data of the intended application Storage is under the general catalogue；

When the pattern of the intended application is privacy mode, the private data stored under the privacy catalogue is read, when When the pattern of the intended application is general mode, the general data under the general catalogue is read, and hide described hidden Private catalogue；The intended application can switch between the privacy mode and the general mode.

2. the method for claim 1, it is characterised in that stored described hidden by the private data of the intended application After under private catalogue, also include：

3. method as claimed in claim 2, it is characterised in that the private data includes privacy profile file, is reading institute State after the private data stored under privacy catalogue, also include：

Run in the privacy profile file to load the intended application so that the configuration parameter of the intended application with it is described Privacy mode is matched.

4. method as claimed in claim 3, it is characterised in that methods described also includes：

Receive the trigger action for starting or reentering the intended application；The trigger action is described for controlling Intended application enters the first trigger action of the general mode or for controlling the intended application to enter the privacy mould Second trigger action of formula；

When the trigger action is second trigger action, the user to performing second trigger action carries out identity and tests Card；

When the user enters the privacy mode by after authentication, controlling the intended application, and allow the user Access the intended application.

5. the method for claim 1, it is characterised in that creating privacy catalogue to operate in the intended application in sandbox Before general catalogue, also include：

System Privileges are obtained by exempting from ROOT modes；

Sandbox required for constructing the intended application operation.

6. method as claimed in claim 5, it is characterised in that obtain System Privileges by exempting from ROOT modes, including：

Obtain service packs；

Wherein, the service packs includes：It is described to create privacy catalogue and general catalogue to operate in the intended application in sandbox, The private data by the intended application is stored under the privacy catalogue, and the general data of the intended application is stored It is under the general catalogue and described when the pattern of the intended application is privacy mode, read under the privacy catalogue The private data of storage, when the pattern of the intended application is general mode, reads described under the general catalogue General data, and hide the privacy catalogue the step of execution file.

7. method as claimed in claim 6, it is characterised in that carried out to particular system leak by loading the service packs Repair, including：

Specific system applications are replaced with the service packs, loading of the system to the execution file in the service packs is realized so that Execution file acquisition Android system authority in the service packs.

8. it is a kind of isolate private data device, it is characterised in that including：

Creation module, for creating privacy catalogue and general catalogue to operate in the intended application in sandbox；The privacy catalogue It is separate with the general catalogue；

Memory module, for the private data of the intended application to be stored under the privacy catalogue, and by the target The general data of application is stored under the general catalogue；

Read module, for when the pattern of the intended application is privacy mode, reading the institute stored under the privacy catalogue Private data is stated, when the pattern of the intended application is general mode, the general data under the general catalogue is read, And hide the privacy catalogue；The intended application can switch between the privacy mode and the general mode.

9. device as claimed in claim 8, it is characterised in that described device also includes：

Encrypting module, for after the private data of the intended application is stored under the privacy catalogue, according to default Cipher mode is encrypted to the private data being successfully stored under the privacy catalogue；

Deciphering module, for after the private data stored under reading the privacy catalogue, according to the predetermined encryption Mode is decrypted to storing the private data under the privacy catalogue.

10. device as claimed in claim 9, it is characterised in that the private data includes privacy profile file, described device Also include：

Load-on module, for after the private data stored under reading the privacy catalogue, running the privacy profile To load the intended application in file, so that the configuration parameter of the intended application is matched with the privacy mode.