CN108229149B - Data protection method and device - Google Patents

Data protection method and device Download PDF

Info

Publication number
CN108229149B
CN108229149B CN201711474388.9A CN201711474388A CN108229149B CN 108229149 B CN108229149 B CN 108229149B CN 201711474388 A CN201711474388 A CN 201711474388A CN 108229149 B CN108229149 B CN 108229149B
Authority
CN
China
Prior art keywords
preset
authentication information
mobile terminal
consistent
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711474388.9A
Other languages
Chinese (zh)
Other versions
CN108229149A (en
Inventor
何奋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Anyun Century Technology Co Ltd
Original Assignee
Beijing Anyun Century Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Anyun Century Technology Co Ltd filed Critical Beijing Anyun Century Technology Co Ltd
Priority to CN201711474388.9A priority Critical patent/CN108229149B/en
Publication of CN108229149A publication Critical patent/CN108229149A/en
Application granted granted Critical
Publication of CN108229149B publication Critical patent/CN108229149B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Automation & Control Theory (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephone Function (AREA)

Abstract

The embodiment of the invention provides a method and a device for protecting data, which are applied to a mobile terminal, wherein the mobile terminal is provided with a sandbox system, one or more specific application programs are installed and run in the sandbox system, and the specific application programs do not present desktop icons on an interface of the mobile terminal, and the method comprises the following steps: receiving authentication information submitted by a user; verifying whether the identity authentication information is consistent with preset identity authentication information; when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system and starting a specific application program matched with the identity authentication information; in the embodiment of the invention, the desktop icon is not presented on the interface of the mobile terminal, so that the safety of the application program is improved, a plurality of different verification modes are adopted for verification, the steps of user setting are reduced, the risk generated in the running process of the application program is reduced, and the user experience is improved.

Description

Data protection method and device
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a data protection method and a data protection device.
Background
At present, with the development of science and technology, more and more people have mobile terminals, and the functions of the mobile terminals are continuously improved and increased, for example, the mobile terminals can take pictures more clearly, can open webpages more quickly, and have larger screens.
Certainly, the user can conveniently use various payment application programs to perform payment operations by using the mobile terminal, for example, the user can perform shopping at an online virtual shop, also can perform shopping at an online physical shop, and also can pay for certain financial products.
Disclosure of Invention
In view of the above, the present invention has been made to provide a method of data protection and a corresponding apparatus of data protection that overcome or at least partially solve the above problems.
According to an aspect of the present invention, there is provided a method for protecting data, which is applied to a mobile terminal, wherein a sandbox system is arranged in the mobile terminal, one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, the method comprising:
receiving authentication information submitted by a user;
verifying whether the identity authentication information is consistent with preset identity authentication information;
and when the identity authentication information is consistent with the preset identity authentication information, entering the sandbox system and starting a specific application program matched with the identity authentication information.
Optionally, the mobile terminal includes a specific chip, the specific chip performs data interaction with the sandbox system through an independent read-write channel, and the specific application program is installed in the isolated storage area to which the sandbox system belongs.
Optionally, the step of receiving the authentication information submitted by the user includes:
fingerprint features and/or iris features submitted by a user are received.
Optionally, the step of receiving the authentication information submitted by the user includes:
receiving a data tag input by a user;
and/or receiving a pressing event of the entity key by the user.
Optionally, the preset identity verification information includes a preset fingerprint feature, a preset iris feature, a preset data tag, and a preset entity key.
Optionally, the step of verifying whether the authentication information is consistent with preset authentication information includes:
acquiring the preset fingerprint characteristics and/or the preset iris characteristics;
checking whether the fingerprint features are consistent with the preset fingerprint features;
and/or checking whether the iris characteristics are consistent with the preset iris characteristics.
Optionally, the step of verifying whether the authentication information is consistent with preset authentication information further includes:
acquiring the preset data label and/or the preset entity key;
checking whether the data label is consistent with the preset data label or not;
and/or checking whether the key in the pressing event conforms to a preset entity key.
Optionally, the mobile terminal includes a specific chip, the preset fingerprint feature and/or the preset iris feature is stored in the specific chip, and the step of acquiring the preset fingerprint feature and/or the preset iris feature includes:
reading the preset fingerprint features and/or the preset iris features from the specific chip.
Optionally, the mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the step of acquiring the preset data tag and/or the preset entity key includes:
and acquiring the preset data label from the external module.
Optionally, the specific application displays an application icon in a sandbox system, and the method further comprises:
when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system;
receiving a click event of a user for the application icon;
and responding to the click event to start the specific application program.
According to another aspect of the present invention, there is provided an apparatus for data protection, which is applied to a mobile terminal, wherein a sandbox system is provided in the mobile terminal, and one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, the apparatus comprising:
the information receiving module is used for receiving the identity authentication information submitted by the user;
the verification module is used for verifying whether the identity authentication information is consistent with preset identity authentication information or not;
and the first starting module is used for entering the sandbox system and starting the specific application program matched with the identity authentication information when the identity authentication information is consistent with the preset identity authentication information.
Optionally, the mobile terminal includes a specific chip, the specific chip performs data interaction with the sandbox system through an independent read-write channel, and the specific application program is installed in the isolated storage area to which the sandbox system belongs.
Optionally, the information receiving module includes:
and the first receiving sub-module is used for receiving the fingerprint features and/or iris features submitted by the user.
Optionally, the information receiving module includes:
the second receiving submodule is used for receiving a data tag input by a user;
and/or the third receiving submodule is used for receiving a pressing event of the user aiming at the entity key.
Optionally, the preset identity verification information includes a preset fingerprint feature, a preset iris feature, a preset data tag, and a preset entity key.
Optionally, the verification module includes:
the first acquisition sub-module is used for acquiring the preset fingerprint features and/or the preset iris features;
the first checking sub-module is used for checking whether the fingerprint features are consistent with the preset fingerprint features or not;
and/or the second checking sub-module is used for checking whether the iris characteristics are consistent with the preset iris characteristics.
Optionally, the verification module further includes:
the second obtaining submodule is used for obtaining the preset data label and/or the preset entity key;
the third checking submodule is used for checking whether the data label is consistent with the preset data label or not;
and/or the fourth checking submodule is used for checking whether the key in the pressing event conforms to the preset entity key.
Optionally, the mobile terminal includes a specific chip, the preset fingerprint feature and/or the preset iris feature are stored in the specific chip, and the first obtaining sub-module includes:
and the first acquisition unit is used for reading the preset fingerprint characteristics and/or the preset iris characteristics from the specific chip.
Optionally, the mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the second obtaining sub-module includes:
and the second acquisition unit is used for acquiring the preset data label from the external module.
Optionally, the specific application displays an application icon in a sandbox system, and the apparatus further comprises:
the system entry module is used for entering the sandbox system when the identity authentication information is consistent with preset identity authentication information;
the event receiving module is used for receiving a click event of the user aiming at the application icon;
a first launching module for launching the specific application in response to the click event.
According to another aspect of the present invention, there is provided a mobile terminal, comprising a processor and a memory,
the memory is used for storing a program for executing the data protection;
the processor is configured to execute programs stored in the memory.
According to the data protection method and the related equipment, a sandbox system is arranged in a mobile terminal, one or more specific application programs are installed and operated in the sandbox system, desktop icons are not presented on the interface of the mobile terminal by the specific application programs, authentication information submitted by a user is received, whether the authentication information is consistent with preset authentication information or not is verified, when the authentication information is consistent with the preset authentication information, the specific application programs matched with the authentication information are started by entering the sandbox system, in the embodiment of the invention, the sandbox system is arranged in the mobile terminal, the specific application programs are operated in the environment of the sandbox, the desktop icons are not presented on the interface of the mobile terminal, the safety of the application programs is improved, further, whether the authentication information of the user is consistent with the preset authentication information is verified, if the authentication information is consistent with the authentication information, starting a specific application program adaptive to the authentication information, and verifying by adopting multiple different authentication modes, so that steps set by a user are reduced, risks generated in the running process of the application program are reduced, and user experience is improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 illustrates a flow diagram of steps of a method of data protection according to one embodiment of the invention;
FIG. 2 is a flow diagram illustrating steps of a method of data protection according to one embodiment of the invention;
FIG. 3 is a flow diagram illustrating steps of a method of data protection according to one embodiment of the invention;
FIG. 4 illustrates an apparatus for data protection according to one embodiment of the present invention; and
fig. 5 is a block diagram showing a partial structure of a cellular phone related to a terminal provided by an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Referring to fig. 1, a flowchart illustrating steps of an embodiment of a method for protecting data according to an embodiment of the present invention is shown, and is applied to a mobile terminal, where a sandbox system is disposed in the mobile terminal, and one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, where the method specifically includes the following steps:
step 101, receiving identity authentication information submitted by a user;
in the embodiment of the invention, the sandbox system is a virtual system program and is an execution environment which can limit program behaviors according to a security policy, the sandbox system is arranged in a certain specific area of a memory of the mobile terminal and can be called as an isolated storage area, files generated in the running process and the installation process of a specific application program running in the sandbox system are redirected and stored in the isolated storage area, and a virtual security execution environment is realized by intercepting system calls of the application program and monitoring the behaviors of the program.
In the embodiment of the present invention, the mobile terminal may be a terminal such as a smart phone or a tablet computer, or may be another terminal capable of installing an application program, such as a smart watch.
In the embodiment of the present invention, the operating system of the mobile terminal may include Android (Android), IOS, Windows phone, Windows, and the like.
In the embodiment of the invention, one or more specific application programs are installed and run in the sandbox system, and the specific application programs do not present desktop icons on the interface of the mobile terminal.
Specifically, the mobile terminal first receives the authentication information submitted by the user, where the authentication information may include some biometric features of the user, and the biometric features may be features reflecting uniqueness of each mobile terminal user, such as fingerprint features, iris features, eye print features, vein features, and the like, and may further include data tags preset by the user, such as passwords, authentication codes, and sliding gestures, which are not specifically limited in the embodiments of the present invention.
102, checking whether the authentication information is consistent with preset authentication information or not;
further, after the mobile terminal receives the authentication information of the user, preset authentication information may be further obtained, where the preset authentication information may be obtained from a specific chip of the mobile terminal, the specific chip may be an independent chip such as another chip (a processor chip, a Digital Signal Processing (DSP) chip, a power management chip) on the mobile terminal, and the specific chip may only store the preset authentication information of the user, some private data, and the like, and the sandbox system of the mobile terminal may read the preset authentication information from an independent read-write channel of the specific chip.
Specifically, in the embodiment of the present invention, the sandbox system of the mobile terminal may further obtain the preset identity authentication information from an external module, where the external module may include a memory card or an encryption module having the same function as that of a U shield, the embodiment of the present invention does not specifically limit the Type and the operation manner of the external module, the U shield is a built-in micro smart card processor, and encrypts, decrypts, and digitally signs data by using a specific key algorithm, so as to ensure confidentiality, authenticity, and integrity of online transactions, and the memory card or the encryption module may be connected to the mobile terminal in different manners, such as through a Type-C interface and a lightning interface, which is not limited in the embodiment of the present invention.
When the sandbox system of the mobile terminal can read the preset identity authentication information from the independent read-write channel of the specific chip, the step of checking whether the identity authentication information is consistent with the preset identity authentication information can be performed, and when a plurality of identity authentication information are input by a user, the checking operation can be performed simultaneously or respectively.
And 103, entering the sandbox system and starting a specific application program adapted to the identity authentication information when the identity authentication information is consistent with preset identity authentication information.
In the embodiment of the invention, when the mobile terminal judges that the identity authentication information is consistent with the preset identity authentication information, the mobile terminal enters the sandbox system and starts the specific application program adaptive to the identity authentication information. And when the verification is successful, entering the running environment of the sandbox system, and starting the specific application program matched with the identity authentication information under the running environment.
It should be noted that, in the embodiment of the present invention, each authentication information is preset with a corresponding specific application program, and when the authentication information is consistent with the preset authentication information, starting a corresponding specific application program in the running environment of the sandbox system, for example, when the user sets the preset authentication information, the specific application program which is started in association can be set simultaneously, when the identity authentication information input by the user is consistent with the preset identity authentication information, then, upon launching the particular application, e.g., the fingerprint of the user's right index finger as the preset authentication information, if the specific application program started in association with the preset identity authentication information is a pay treasure, when the user enters the fingerprint of the index finger of the right hand, and when the mobile terminal judges that the fingerprint is consistent with the fingerprint input for the first time, the mobile terminal operates the payment treasure under the operation environment of the sandbox system.
Of course, in the embodiment of the present invention, a specific application program may also be executed in other manners, for example, when the identity verification information is consistent with the preset identity verification information, a pop-up box is displayed on a screen of the mobile terminal, where the pop-up box includes application icons of one or more specific application programs that can be executed under the sandbox system, the mobile terminal receives a click event of a user for the application icon, and executes the specific application program corresponding to the application icon in an execution environment of the sandbox system.
In the embodiment of the invention, a sandbox system is arranged in a mobile terminal, one or more specific application programs are installed and operated in the sandbox system, the specific application programs do not present desktop icons on an interface of the mobile terminal, identity authentication information submitted by a user is received, whether the identity authentication information is consistent with preset identity authentication information is checked, when the identity authentication information is consistent with the preset identity authentication information, the specific application programs matched with the identity authentication information enter the sandbox system and are started, in the embodiment of the invention, the sandbox system is arranged in the mobile terminal, the specific application programs are operated in a sandbox environment, the desktop icons are not presented on the interface of the mobile terminal, the safety of the application programs is improved, further, whether the identity authentication information input by the user is consistent with the preset identity authentication information is verified, if the authentication information is consistent with the authentication information, starting a specific application program adaptive to the authentication information, and verifying by adopting multiple different authentication modes, so that steps set by a user are reduced, risks generated in the running process of the application program are reduced, and user experience is improved.
Referring to fig. 2, a flowchart illustrating steps of an embodiment of a method for protecting data according to an embodiment of the present invention is shown, and is applied to a mobile terminal, where a sandbox system is disposed in the mobile terminal, and one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, where the method specifically includes the following steps:
step 201, receiving fingerprint characteristics and/or iris characteristics submitted by a user;
in the embodiment of the invention, the mobile terminal can receive the fingerprint characteristics and/or the iris characteristics submitted by the user, wherein the fingerprint characteristics refer to the striae generated by the convex and concave unevenness on the front skin of the tail end of the finger of the user. The lines are regularly arranged to form different line types. The starting point, the ending point, the combination point and the bifurcation point of the lines are called the minutiae characteristic points of the fingerprints, are the physiological characteristics of the users like the fingerprint characteristics, also comprise the iris characteristics, the iris characteristics refer to the woven structures forming various colors and textures around the pupil, and the iris of each person has unique characteristic structures like crowns, crystallines, filaments, spots, pits, salient points, rays, wrinkles, stripes and the like. Of course, the embodiment of the present invention may also include other physiological features, such as vein features, which is not limited in this respect.
Step 202, acquiring the preset fingerprint characteristics and/or the preset iris characteristics;
it should be noted that, after receiving the fingerprint feature and/or the iris feature submitted by the user, the mobile terminal obtains the preset fingerprint feature and/or the preset iris feature of the user, and the specific obtaining mode may be obtaining from a specific chip through an independent read-write channel.
In a preferred embodiment of the present invention, the mobile terminal may include a specific chip, the preset fingerprint feature and/or the preset iris feature of the user may be stored in the specific chip, and the step of obtaining the preset fingerprint feature and/or the preset iris feature may include reading the preset fingerprint feature and/or the preset iris feature from the specific chip.
Specifically, a specific chip in the mobile terminal performs data interaction with the sandbox system through an independent read-write channel, and the specific application program is installed in an isolated storage area to which the sandbox system belongs.
Step 203, checking whether the fingerprint characteristics are consistent with the preset fingerprint characteristics;
step 204, checking whether the iris characteristics are consistent with the preset iris characteristics;
in the embodiment of the invention, after receiving the fingerprint characteristics and/or the iris characteristics submitted by the user, the mobile terminal further acquires the preset fingerprint characteristics and the preset iris characteristics of the user, and then judges whether the fingerprint characteristics are consistent with the preset fingerprint characteristics and/or judges whether the iris characteristics are consistent with the preset iris characteristics.
And step 205, if the identity information is consistent with the identity authentication information, entering the sandbox system, and starting a specific application program adapted to the identity authentication information.
Specifically, when the mobile terminal determines that the fingerprint features are consistent with the preset fingerprint features or the iris features are consistent with the preset iris features, the mobile terminal enters a sandbox system and starts a specific application program corresponding to the fingerprint features or the iris features.
It should be noted that, in the embodiment of the present invention, the user may associate each piece of authentication information with a specific application program, and when the mobile terminal receives the authentication information, the mobile terminal may start the associated specific application program after the verification is successful.
In the embodiment of the invention, a mobile terminal receives fingerprint characteristics and/or iris characteristics submitted by a user and acquires the preset fingerprint characteristics and/or the preset iris characteristics; and checking whether the fingerprint characteristics are consistent with the preset fingerprint characteristics, checking whether the iris characteristics are consistent with the preset iris characteristics, and entering the sandbox system to start a specific application program adapted with the identity verification information if the fingerprint characteristics are consistent with the preset iris characteristics.
Referring to fig. 3, a flowchart illustrating steps of an embodiment of a method for protecting data according to an embodiment of the present invention is shown, and is applied to a mobile terminal, where a sandbox system is disposed in the mobile terminal, and one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, where the method specifically includes the following steps:
step 301, receiving a data tag input by a user;
in the embodiment of the present invention, the mobile terminal receives a data tag input by a user, where the data tag may include a password, an authentication code, a sliding gesture, and the like, which is not limited in this embodiment of the present invention.
Step 302, receiving a pressing event of a user aiming at an entity key;
further, while the mobile terminal receives the data tag input by the user, the mobile terminal may also receive a pressing event of the user for an entity key, where the entity key may include a volume key, a power key, a main key, and the like, and the embodiment of the present invention is not limited thereto.
Step 303, acquiring the preset data label and/or the preset entity key;
specifically, in the embodiment of the present invention, the preset data tag and/or the preset entity key are obtained, in a preferred embodiment of the present invention, a mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the step of obtaining the preset data tag and/or the preset entity key includes: and acquiring the preset data label from the external module.
It should be noted that the preset data tag and/or the preset physical key are stored in the external module, and the external module may include a storage device such as a memory card, and is connected to the mobile terminal through a specific interface.
Step 304, checking whether the data label is consistent with the preset data label;
step 305, checking whether the key in the pressing event conforms to a preset entity key;
in the embodiment of the invention, after the mobile terminal receives the data label submitted by the user and/or the pressing event, the mobile terminal further obtains the user preset data label and the preset entity key, and then judges whether the data label is consistent with the preset data label and/or whether the key in the pressing event conforms to the preset entity key.
And step 306, if the identity authentication information is consistent with the identity authentication information, entering the sandbox system, and starting a specific application program adapted to the identity authentication information.
It should be noted that the specific application program is installed in the isolated storage area to which the sandbox system belongs.
Specifically, when the mobile terminal determines that the data tag is consistent with the preset data tag or determines that the key in the pressing event conforms to a preset entity key, the mobile terminal enters a sandbox system and starts a specific application program corresponding to the data tag or the key in the pressing event.
In a preferred embodiment of the present invention, the specific application displays an application icon in a sandbox system, and the method further includes: when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system; receiving a click event of a user for the application icon; and responding to the click event to start the specific application program.
In the embodiment of the invention, the mobile terminal receives a data tag input by a user, receives a pressing event aiming at an entity key of the user, verifies whether the data tag is consistent with the preset data tag or not, verifies whether the key in the pressing event accords with the preset entity key or not, and enters the sandbox system to start a specific application program adaptive to the identity authentication information if the data tag is consistent with the preset entity key.
For simplicity of explanation, the method embodiments are described as a series of acts or combinations, but those skilled in the art will appreciate that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the embodiments of the invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Referring to fig. 4, a block diagram of an embodiment of an apparatus for data protection according to an embodiment of the present invention is shown, and is applied to a mobile terminal, where a sandbox system is disposed in the mobile terminal, and one or more specific applications are installed and run in the sandbox system, and the specific applications do not present desktop icons on an interface of the mobile terminal, and specifically may include the following modules:
an information receiving module 401, configured to receive authentication information submitted by a user;
a checking module 402, configured to check whether the authentication information is consistent with preset authentication information;
a first starting module 403, configured to enter the sandbox system to start a specific application adapted to the authentication information when the authentication information is consistent with preset authentication information.
Preferably, the mobile terminal includes a specific chip, the specific chip performs data interaction with the sandbox system through an independent read-write channel, and the specific application program is installed in the isolated storage area to which the sandbox system belongs.
Preferably, the information receiving module includes:
and the first receiving sub-module is used for receiving the fingerprint features and/or iris features submitted by the user.
Preferably, the information receiving module includes:
the second receiving submodule is used for receiving a data tag input by a user;
and/or the third receiving submodule is used for receiving a pressing event of the user aiming at the entity key.
Preferably, the preset identity authentication information includes a preset fingerprint feature, a preset iris feature, a preset data tag and a preset entity key.
Preferably, the verification module includes:
the first acquisition sub-module is used for acquiring the preset fingerprint features and/or the preset iris features;
the first checking sub-module is used for checking whether the fingerprint features are consistent with the preset fingerprint features or not;
and/or the second checking sub-module is used for checking whether the iris characteristics are consistent with the preset iris characteristics.
Preferably, the verification module further comprises:
the second obtaining submodule is used for obtaining the preset data label and/or the preset entity key;
the third checking submodule is used for checking whether the data label is consistent with the preset data label or not;
and/or the fourth checking submodule is used for checking whether the key in the pressing event conforms to the preset entity key.
Preferably, the mobile terminal includes a specific chip, the preset fingerprint feature and/or the preset iris feature are stored in the specific chip, and the first obtaining sub-module includes:
and the first acquisition unit is used for reading the preset fingerprint characteristics and/or the preset iris characteristics from the specific chip.
Preferably, the mobile terminal is connected with an external module, the external module is provided with the preset data tag, and the second obtaining sub-module includes:
and the second acquisition unit is used for acquiring the preset data label from the external module.
Preferably, the specific application displays an application icon in a sandbox system, and the apparatus further comprises:
the system entry module is used for entering the sandbox system when the identity authentication information is consistent with preset identity authentication information;
the event receiving module is used for receiving a click event of the user aiming at the application icon;
a first launching module for launching the specific application in response to the click event.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
Fig. 5 shows only a portion related to the embodiment of the present invention for convenience of description, and please refer to the method portion in the embodiment of the present invention for details that are not disclosed. The terminal may be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (point of Sales), a vehicle-mounted computer, etc., taking the terminal as the mobile phone as an example:
fig. 5 is a block diagram illustrating a partial structure of a mobile phone related to a terminal provided in an embodiment of the present invention. Referring to fig. 5, the handset includes: a Radio Frequency (RF) circuit 510, a memory 520, an input unit 530, a display unit 540, a sensor 550, an audio circuit 560, a wireless fidelity (WiFi) module 570, a processor 580, a power supply 590, and a specific chip. Those skilled in the art will appreciate that the handset configuration shown in fig. 5 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
The following describes each component of the mobile phone in detail with reference to fig. 5:
RF circuit 510 may be used for receiving and transmitting signals during information transmission and reception or during a call, and in particular, for processing downlink information of a base station after receiving the downlink information to processor 580; in addition, the data for designing uplink is transmitted to the base station. In general, RF circuit 510 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, RF circuit 510 may also communicate with networks and other devices via wireless communication. The wireless communication may use any communication standard or protocol, including but not limited to global system for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), email, Short Messaging Service (SMS), and the like.
The memory 520 may be used to store software programs and modules, and the processor 580 executes various functional applications and data processing of the mobile phone by operating the software programs and modules stored in the memory 520. The memory 520 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 520 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The input unit 530 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the cellular phone. Specifically, the input unit 530 may include a touch panel 531 and other input devices 532. The touch panel 531, also called a touch screen, can collect touch operations of a user on or near the touch panel 531 (for example, operations of the user on or near the touch panel 531 by using any suitable object or accessory such as a finger or a stylus pen), and drive the corresponding connection device according to a preset program. Alternatively, the touch panel 531 may include two parts, a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, and sends the touch point coordinates to the processor 580, and can receive and execute commands sent by the processor 580. In addition, the touch panel 531 may be implemented by various types such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. The input unit 1530 may include other input devices 532 in addition to the touch panel 531. In particular, other input devices 532 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 540 may be used to display information input by the user or information provided to the user and various menus of the mobile phone. The display unit 540 may include a display panel 541, and optionally, the display panel 541 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel 531 may cover the display panel 541, and when the touch panel 531 detects a touch operation on or near the touch panel 531, the touch panel is transmitted to the processor 580 to determine the type of the touch event, and then the processor 580 provides a corresponding visual output on the display panel 541 according to the type of the touch event. Although the touch panel 531 and the display panel 541 are shown as two separate components in fig. 5 to implement the input and output functions of the mobile phone, in some embodiments, the touch panel 531 and the display panel 541 may be integrated to implement the input and output functions of the mobile phone.
The handset may also include at least one sensor 550, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 541 according to the brightness of ambient light, and the proximity sensor may turn off the display panel 541 and/or the backlight when the mobile phone is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing the posture of a mobile phone (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer and tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.
Audio circuitry 560, speaker 561, and microphone 562 may provide an audio interface between a user and a cell phone. The audio circuit 560 may transmit the electrical signal converted from the received audio data to the speaker 561, and convert the electrical signal into a sound signal by the speaker 561 for output; on the other hand, the microphone 562 converts the collected sound signals into electrical signals, which are received by the audio circuit 560 and converted into audio data, which are then processed by the audio data output processor 580, and then passed through the RF circuit 510 to be sent to, for example, another cellular phone, or output to the memory 520 for further processing.
WiFi belongs to short distance wireless transmission technology, and the mobile phone can help the user to send and receive e-mail, browse web pages, access streaming media, etc. through the WiFi module 570, which provides wireless broadband internet access for the user. Although fig. 5 shows the WiFi module 570, it is understood that it does not belong to the essential constitution of the handset, and can be omitted entirely as needed within the scope not changing the essence of the invention.
The processor 580 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 520 and calling data stored in the memory 520, thereby performing overall monitoring of the mobile phone. Alternatively, processor 580 may include one or more processing units; preferably, the processor 580 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 580.
The handset also includes a power supply 590 (e.g., a battery) for powering the various components, which may preferably be logically coupled to the processor 580 via a power management system, such that the power management system may be used to manage charging, discharging, and power consumption.
Although not shown, the mobile phone may further include a camera, a bluetooth module, etc., which are not described herein.
In the embodiment of the present invention, the processor 580 included in the terminal further has the following functions: receiving authentication information submitted by a user; verifying whether the identity authentication information is consistent with preset identity authentication information; and when the identity authentication information is consistent with the preset identity authentication information, entering the sandbox system and starting a specific application program matched with the identity authentication information.
Optionally, the processor 580 also has the following functions: fingerprint features and/or iris features submitted by a user are received.
Optionally, the processor 580 also has the following functions: receiving a data tag input by a user; and/or receiving a pressing event of the entity key by the user.
Optionally, the processor 580 also has the following functions: acquiring the preset fingerprint characteristics and/or the preset iris characteristics; checking whether the fingerprint features are consistent with the preset fingerprint features; and/or checking whether the iris characteristics are consistent with the preset iris characteristics.
Optionally, the processor 580 also has the following functions: acquiring the preset data label and/or the preset entity key; checking whether the data label is consistent with the preset data label or not; and/or checking whether the key in the pressing event conforms to a preset entity key.
Optionally, the processor 580 also has the following functions: reading the preset fingerprint features and/or the preset iris features from the specific chip.
Optionally, the processor 580 also has the following functions: and acquiring the preset data label from the external module.
Optionally, the processor 580 also has the following functions: when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system; receiving a click event of a user for the application icon; and responding to the click event to start the specific application program.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in a data protection apparatus according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The invention discloses A1 and a data protection method, which is applied to a mobile terminal, wherein the mobile terminal is provided with a sandbox system, one or more specific application programs are installed and run in the sandbox system, and the specific application programs do not present desktop icons on the interface of the mobile terminal, and the method comprises the following steps:
receiving authentication information submitted by a user;
verifying whether the identity authentication information is consistent with preset identity authentication information;
and when the identity authentication information is consistent with the preset identity authentication information, entering the sandbox system and starting a specific application program matched with the identity authentication information.
A2, the method according to A1, wherein the mobile terminal comprises a specific chip, the specific chip and the sandbox system perform data interaction through an independent read-write channel, and the specific application program is installed in an isolated storage area to which the sandbox system belongs.
A3, the method of A1, the step of receiving user-submitted authentication information comprising:
fingerprint features and/or iris features submitted by a user are received.
A4, the method of A1, the step of receiving user-submitted authentication information comprising:
receiving a data tag input by a user;
and/or receiving a pressing event of the entity key by the user.
A5, the method according to a1, wherein the preset authentication information includes a preset fingerprint feature, a preset iris feature, a preset data tag and a preset physical key.
A6, the method as claimed in a1, A3 or a5, wherein the step of checking whether the authentication information is consistent with the preset authentication information comprises:
acquiring the preset fingerprint characteristics and/or the preset iris characteristics;
checking whether the fingerprint features are consistent with the preset fingerprint features;
and/or checking whether the iris characteristics are consistent with the preset iris characteristics.
A7, the method as claimed in a1, a4 or a5, wherein the step of checking whether the authentication information is consistent with the preset authentication information further comprises:
acquiring the preset data label and/or the preset entity key;
checking whether the data label is consistent with the preset data label or not;
and/or checking whether the key in the pressing event conforms to a preset entity key.
A8, the method according to a6, wherein the mobile terminal comprises a specific chip, the preset fingerprint features and/or the preset iris features are stored in the specific chip, and the step of acquiring the preset fingerprint features and/or the preset iris features comprises:
reading the preset fingerprint features and/or the preset iris features from the specific chip.
A9, the method as in a7, where the mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the step of obtaining the preset data tag and/or the preset entity key includes:
and acquiring the preset data label from the external module.
A10, the method of A1, the particular application displaying application icons in a sandbox system, the method further comprising:
when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system;
receiving a click event of a user for the application icon;
and responding to the click event to start the specific application program.
The invention also discloses B11 and a data protection device, which is applied to a mobile terminal, wherein the mobile terminal is provided with a sandbox system, one or more specific application programs are installed and run in the sandbox system, and the specific application programs do not present desktop icons on the interface of the mobile terminal, and the device comprises:
the information receiving module is used for receiving the identity authentication information submitted by the user;
the verification module is used for verifying whether the identity authentication information is consistent with preset identity authentication information or not;
and the first starting module is used for entering the sandbox system and starting the specific application program matched with the identity authentication information when the identity authentication information is consistent with the preset identity authentication information.
B12, the device as described in B11, the mobile terminal includes a specific chip, the specific chip and the sandbox system perform data interaction via an independent read-write channel, and the specific application program is installed in the isolated storage area to which the sandbox system belongs.
B13, the apparatus as described in B11, the information receiving module comprising:
and the first receiving sub-module is used for receiving the fingerprint features and/or iris features submitted by the user.
B14, the apparatus as described in B11, the information receiving module comprising:
the second receiving submodule is used for receiving a data tag input by a user;
and/or the third receiving submodule is used for receiving a pressing event of the user aiming at the entity key.
B15, the apparatus of B11, wherein the predetermined authentication information includes a predetermined fingerprint feature, a predetermined iris feature, a predetermined data tag, and a predetermined physical key.
B16, the apparatus as described in B11 or B13 or B15, the verification module comprising:
the first acquisition sub-module is used for acquiring the preset fingerprint features and/or the preset iris features;
the first checking sub-module is used for checking whether the fingerprint features are consistent with the preset fingerprint features or not;
and/or the second checking sub-module is used for checking whether the iris characteristics are consistent with the preset iris characteristics.
B17, the apparatus as described in B11 or B14 or B15, the verification module further comprising:
the second obtaining submodule is used for obtaining the preset data label and/or the preset entity key;
the third checking submodule is used for checking whether the data label is consistent with the preset data label or not;
and/or the fourth checking submodule is used for checking whether the key in the pressing event conforms to the preset entity key.
B18, the apparatus according to B16, wherein the mobile terminal includes a specific chip, the preset fingerprint features and/or the preset iris features are stored in the specific chip, and the first obtaining sub-module includes:
and the first acquisition unit is used for reading the preset fingerprint characteristics and/or the preset iris characteristics from the specific chip.
B19, the device as B17, the mobile terminal is connected with an external module, the external module is provided with the preset data tag, and the second obtaining sub-module comprises:
and the second acquisition unit is used for acquiring the preset data label from the external module.
B20, the apparatus as in B11, the particular application displaying application icons in a sandbox system, the apparatus further comprising:
the system entry module is used for entering the sandbox system when the identity authentication information is consistent with preset identity authentication information;
the event receiving module is used for receiving a click event of the user aiming at the application icon;
a first launching module for launching the specific application in response to the click event.
C21, a mobile terminal, comprising a processor and a memory,
the memory for storing a program supporting the transceiving means to perform the method of data protection of A1-A10;
the processor is configured to execute programs stored in the memory.

Claims (17)

1. A method for protecting data is applied to a mobile terminal, a sandbox system is arranged in the mobile terminal, one or more specific applications are installed and run in the sandbox system, and desktop icons are not presented on an interface of the mobile terminal by the specific applications, and the method comprises the following steps:
receiving authentication information submitted by a user, wherein the step of receiving the authentication information submitted by the user comprises the following steps: receiving fingerprint features and/or iris features submitted by a user;
verifying whether the identity authentication information is consistent with preset identity authentication information;
when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system and starting a specific application program matched with the identity authentication information;
the mobile terminal comprises a specific chip, the specific chip and the sandbox system perform data interaction through an independent read-write channel, and the specific application program is installed in an isolated storage area to which the sandbox system belongs.
2. The method of claim 1, wherein the step of receiving user-submitted authentication information comprises:
receiving a data tag input by a user;
and/or receiving a pressing event of the entity key by the user.
3. The method of claim 2, wherein the predetermined authentication information comprises a predetermined fingerprint feature, a predetermined iris feature, a predetermined data tag, and a predetermined physical key.
4. The method of claim 3, wherein the step of verifying whether the authentication information is consistent with preset authentication information comprises:
acquiring the preset fingerprint characteristics and/or the preset iris characteristics;
checking whether the fingerprint features are consistent with the preset fingerprint features;
and/or checking whether the iris characteristics are consistent with the preset iris characteristics.
5. The method of claim 3, wherein the step of verifying whether the authentication information is consistent with preset authentication information further comprises:
acquiring the preset data label and/or the preset entity key;
checking whether the data label is consistent with the preset data label or not;
and/or checking whether the key in the pressing event conforms to a preset entity key.
6. The method according to claim 4, wherein the mobile terminal comprises a specific chip, the preset fingerprint feature and/or the preset iris feature are stored in the specific chip, and the step of acquiring the preset fingerprint feature and/or the preset iris feature comprises:
reading the preset fingerprint features and/or the preset iris features from the specific chip.
7. The method according to claim 5, wherein the mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the step of obtaining the preset data tag and/or the preset entity key includes:
and acquiring the preset data label from the external module.
8. The method of claim 1, wherein the particular application displays an application icon in a sandbox system, the method further comprising:
when the identity authentication information is consistent with preset identity authentication information, entering the sandbox system;
receiving a click event of a user for the application icon;
and responding to the click event to start the specific application program.
9. A data protection device is applied to a mobile terminal, a sandbox system is arranged in the mobile terminal, one or more specific applications are installed and run in the sandbox system, and desktop icons are not presented on an interface of the mobile terminal by the specific applications, and the device comprises:
the information receiving module is used for receiving the authentication information submitted by the user, wherein the information receiving module comprises: the first receiving sub-module is used for receiving fingerprint features and/or iris features submitted by a user;
the verification module is used for verifying whether the identity authentication information is consistent with preset identity authentication information or not;
the first starting module is used for entering the sandbox system and starting a specific application program matched with the identity authentication information when the identity authentication information is consistent with preset identity authentication information;
the mobile terminal comprises a specific chip, the specific chip and the sandbox system perform data interaction through an independent read-write channel, and the specific application program is installed in an isolated storage area to which the sandbox system belongs.
10. The apparatus of claim 9, wherein the information receiving module comprises:
the second receiving submodule is used for receiving a data tag input by a user;
and/or the third receiving submodule is used for receiving a pressing event of the user aiming at the entity key.
11. The apparatus of claim 10, wherein the predetermined authentication information comprises a predetermined fingerprint feature, a predetermined iris feature, a predetermined data tag, and a predetermined physical key.
12. The apparatus of claim 11, wherein the verification module comprises:
the first acquisition sub-module is used for acquiring the preset fingerprint features and/or the preset iris features;
the first checking sub-module is used for checking whether the fingerprint features are consistent with the preset fingerprint features or not;
and/or the second checking sub-module is used for checking whether the iris characteristics are consistent with the preset iris characteristics.
13. The apparatus of claim 11, wherein the verification module further comprises:
the second obtaining submodule is used for obtaining the preset data label and/or the preset entity key;
the third checking submodule is used for checking whether the data label is consistent with the preset data label or not;
and/or the fourth checking submodule is used for checking whether the key in the pressing event conforms to the preset entity key.
14. The apparatus according to claim 12, wherein the mobile terminal includes a specific chip, the preset fingerprint feature and/or the preset iris feature are stored in the specific chip, and the first obtaining sub-module includes:
and the first acquisition unit is used for reading the preset fingerprint characteristics and/or the preset iris characteristics from the specific chip.
15. The apparatus according to claim 13, wherein the mobile terminal is connected to an external module, the external module is provided with the preset data tag, and the second obtaining sub-module includes:
and the second acquisition unit is used for acquiring the preset data label from the external module.
16. The apparatus of claim 9, wherein the particular application displays an application icon in a sandbox system, the apparatus further comprising:
the system entry module is used for entering the sandbox system when the identity authentication information is consistent with preset identity authentication information;
the event receiving module is used for receiving a click event of the user aiming at the application icon;
a first launching module for launching the specific application in response to the click event.
17. A mobile terminal comprising a processor and a memory,
the memory is used for storing a program for supporting a transceiver to execute the method for protecting data of any one of claims 1 to 8;
the processor is configured to execute programs stored in the memory.
CN201711474388.9A 2017-12-29 2017-12-29 Data protection method and device Active CN108229149B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711474388.9A CN108229149B (en) 2017-12-29 2017-12-29 Data protection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711474388.9A CN108229149B (en) 2017-12-29 2017-12-29 Data protection method and device

Publications (2)

Publication Number Publication Date
CN108229149A CN108229149A (en) 2018-06-29
CN108229149B true CN108229149B (en) 2020-11-06

Family

ID=62646846

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711474388.9A Active CN108229149B (en) 2017-12-29 2017-12-29 Data protection method and device

Country Status (1)

Country Link
CN (1) CN108229149B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111466889A (en) * 2020-04-13 2020-07-31 蔚奥斯科技(珠海)有限公司 Body temperature monitoring system
CN111949334B (en) * 2020-10-16 2021-06-18 腾讯科技(深圳)有限公司 Sandbox environment-based virtual application starting control method, device and equipment
CN113297568B (en) * 2021-06-04 2024-04-30 国网汇通金财(北京)信息科技有限公司 Data processing method and system based on sandboxes

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295387A (en) * 2015-06-05 2017-01-04 北京壹人壹本信息科技有限公司 A kind of safety protecting method and device
CN106446632A (en) * 2016-09-22 2017-02-22 北京奇虎科技有限公司 Hide display starting device and hide display starting method for application programs
CN106855923A (en) * 2015-12-09 2017-06-16 神州医者(北京)科技有限公司 A kind of electronic installation based on biological identification technology

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100223579A1 (en) * 2009-03-02 2010-09-02 Schwartz Gerry M Iphone application disguiser
CN102509055B (en) * 2011-11-24 2015-04-08 宇龙计算机通信科技(深圳)有限公司 Mobile terminal and method for hiding programs of mobile terminal
CN103634482A (en) * 2013-12-26 2014-03-12 厦门福龙天下网络技术有限公司 Safety protecting method for application software of portable intelligent equipment
CN104732157B (en) * 2015-03-31 2018-09-07 酷派软件技术(深圳)有限公司 A kind of application hides, deployment method and device
CN106778297B (en) * 2016-11-30 2020-02-14 Oppo广东移动通信有限公司 Application program running method and device and mobile terminal
CN106874731A (en) * 2017-04-14 2017-06-20 深信服科技股份有限公司 A kind of application layer multi-user method and device based on terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106295387A (en) * 2015-06-05 2017-01-04 北京壹人壹本信息科技有限公司 A kind of safety protecting method and device
CN106855923A (en) * 2015-12-09 2017-06-16 神州医者(北京)科技有限公司 A kind of electronic installation based on biological identification technology
CN106446632A (en) * 2016-09-22 2017-02-22 北京奇虎科技有限公司 Hide display starting device and hide display starting method for application programs

Also Published As

Publication number Publication date
CN108229149A (en) 2018-06-29

Similar Documents

Publication Publication Date Title
US11269981B2 (en) Information displaying method for terminal device and terminal device
US10719689B2 (en) Electronic device and fingerprint recognition method
EP3355304B1 (en) Voice input method and electronic device supporting the same
EP2869528B1 (en) Method for performing authentication using biometrics information and portable electronic device supporting the same
CN106778175B (en) Interface locking method and device and terminal equipment
US20150294101A1 (en) Running applications, and authenticating users
EP3637289B1 (en) Permission control method and related product
US9626505B2 (en) Method and apparatus for managing authentication
EP3499918B1 (en) Data sharing method and terminal
CN107451450B (en) Biometric identification method and related product
CN108475304B (en) Method and device for associating application program and biological characteristics and mobile terminal
CN107527200A (en) A kind of payment management method, mobile terminal and computer-readable recording medium
CN107240157B (en) Near field communication security control method, mobile terminal and computer readable storage medium
CN106534093B (en) A kind of processing method of terminal data, apparatus and system
CN106327193B (en) A kind of system unlocking method and equipment
EP3528192A1 (en) Transaction method, payment device, verification device and server
CN108229149B (en) Data protection method and device
EP3736691B1 (en) Display method and apparatus for authentication window
CN108319873A (en) Flexible screen terminal security authentication control method, terminal and computer storage media
CN108491713B (en) Safety reminding method and electronic equipment
CN108781234A (en) Function control method and terminal
CN107480495B (en) Unlocking method of mobile terminal and related product
CN107516070B (en) Biometric identification method and related product
CN106447325B (en) NFC communication-based processing method and device and mobile terminal
CN104573437A (en) Information authentication method, device and terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant