CN109886044A - A kind of method for secret protection and device - Google Patents
A kind of method for secret protection and device Download PDFInfo
- Publication number
- CN109886044A CN109886044A CN201910114807.0A CN201910114807A CN109886044A CN 109886044 A CN109886044 A CN 109886044A CN 201910114807 A CN201910114807 A CN 201910114807A CN 109886044 A CN109886044 A CN 109886044A
- Authority
- CN
- China
- Prior art keywords
- functional module
- user
- module
- access
- browser
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of method for secret protection, execute in the browser of terminal device, this method comprises: obtaining the identity attribute of active user;Determine that the access module of active user, access module include functional module list and file cache path according to identity attribute;Corresponding functional module and associated documents are called respectively according to functional module list and file cache path;The functional module and associated documents are respectively loaded on browser frames, to provide a user browser access service.The present invention discloses corresponding privacy protection device together.Technical solution of the present invention ensure that the isolation of different access mode in terms of function and data two, to realize the omnibearing protection to privacy of user.
Description
Technical field
The present invention relates to Internet technical field more particularly to a kind of method for secret protection and device.
Background technique
The development of internet allows user more easily to obtain information by various terminal equipment, but also uses simultaneously
Family faces the risk of privacy leakage.For example, user is when accessing website by browser on own terminal device, it will usually deposit
The account number and password of common website are stored up, exempts to input automated log on to realize;In addition, browsing to be more convenient for, user is generally also
The historical records such as caching, cookie and search, browsing will not be cleared up immediately.In some cases, user can be by the end of oneself
End equipment is temporarily lent other people and is used, other people, may be using the silent of the user when using the terminal device access browser
The number of admitting what one has said or done Website login or the historical record for seeing the user, so that the privacy of the user is arrived in snooping.In other cases,
User can access some incredible websites, and identity, behavior may be identified, track, so that privacy of user be made to face prestige
The side of body.
There are mainly two types of existing browser privacy guard methods, and one is browser privacy mode switch, another kind is
Privacy Shipping Options Page is created, the principle of both methods is similar, is the state that browser is switched to a privacy, in this shape
Under state, the data such as cookie information, browsing record, the search record of user are not saved.But this privacy state of switching to
Mode does not save the browsing trace of user only, and cannot be completely isolated by the normal state of browser and privacy state, therefore,
The secret protection limitation of this method, can not protect privacy of user in all directions.
Summary of the invention
For this purpose, the present invention provides a kind of method for secret protection and device, it is existing above to try hard to solve or at least alleviate
Problem.
According to an aspect of the present invention, a kind of method for secret protection is provided, is executed in the browser of terminal device, institute
The method of stating includes: to obtain the identity attribute of active user;The access module of active user, institute are determined according to the identity attribute
Stating access module includes functional module list and file cache path;According to the functional module list and file cache path point
Corresponding functional module and associated documents are not called;The functional module and associated documents are respectively loaded on browser frames,
To provide a user browser access service.
Optionally, in method for secret protection according to the present invention, further includes: configure the functional module column of each access module
Table and file cache path, wherein file cache path corresponding to different access modules is different.
Optionally, in method for secret protection according to the present invention, the function of browser is stored in the terminal device
Module inventory, the functional module inventory include a plurality of functional module record, each functional module record include module id,
Module name and switch state, wherein the switch state of a functional module is for indicating that can user use in a browser
Function corresponding to the functional module;The functional module list of access module configures in accordance with the following methods: obtaining the function mould
The switch state of all functional modules in functional module inventory is showed user by block inventory;User is obtained for each function
The setting of the switch state of module;Determine that active user is corresponding according to the functional module in the open state of user setting
Functional module list.
Optionally, in method for secret protection according to the present invention, further includes: adjust function according to the access data of user
The display position of each functional module in a browser in energy module list;And/or according to the access data of user come to
Recommend new functional module in family.
Optionally, in method for secret protection according to the present invention, when the identity attribute of user changes, terminate to work as
Preceding process starts new process;New guest mode corresponding to new identity attribute, the new guest mode are determined using new process
Including new function module list and new file cache path;And according to the new function module list and new file cache path
To provide a user browser access service.
Optionally, described to distinguish the functional module and associated documents in method for secret protection according to the present invention
Being loaded onto browser frames includes: that browser kernel calls the corresponding interface of the functional module respectively, and loads respectively
The corresponding associated documents of the functional module, so as to show the call entry of the functional module on browser interface respectively
It is called for active user.
According to the second aspect of the invention, a kind of privacy protection device is provided, is resided in terminal device, described device
It include: acquisition module, suitable for obtaining the identity attribute of active user;Initialization module is suitable for according to the identity attribute come really
Determine the access module of active user, the access module includes functional module list and file cache path;And access modules,
Suitable for calling corresponding functional module and associated documents respectively according to the functional module list and file cache path;And it will
The functional module and associated documents are respectively loaded on browser frames, to provide a user browser access service.
According to the third aspect of the present invention, a kind of terminal device is provided, comprising: at least one processor;Be stored with
The memory of program instruction, wherein described program instruction is configured as being suitable for being executed by least one described processor, the journey
Sequence instruction includes the instruction for executing method for secret protection as described above.
According to the fourth aspect of the present invention, a kind of readable storage medium storing program for executing for being stored with program instruction is provided, when the journey
When sequence instruction is read and executed by terminal device, so that the terminal device executes method for secret protection as described above.
Technical solution of the present invention protects browser privacy by creating a variety of access modules according to user identity attribute,
Every kind of access module all has corresponding functional module list and file cache path, and different access modules corresponds to different
File cache path.Method for secret protection of the invention ensure that in terms of function and data two different access mode every
From to realize the omnibearing protection to privacy of user.
On the one hand, the file cache path of different access mode is different, that is, different access modules corresponds to different magnetic
Disc storage space.Further, when the identity attribute of user changes and needs handover access mode, terminate former access mould
Process under formula starts new process, and the access operation under new access module is executed using new process.Since each process has
There is independent memory headroom, correspondingly, memory headroom corresponding to new, old two access modules is different.Therefore, of the invention hidden
Private protection scheme realizes the data isolation (including data in magnetic disk isolation and internal storage data isolation) under different access mode, from number
Privacy of user is protected according to level.
On the other hand, access module includes corresponding functional mode list, and functional module list is defined in the access mould
User's workable function in a browser under formula.Functional module list corresponding to access module is configurable, it is generally the case that
Under guest mode workable function be less than holotype, thus make the functional module of certain more privacies under guest mode for
User is invisible, and the function of realizing between guest mode and holotype is isolated, and protects privacy of user from functional plane.
In addition, due to being provided with a variety of access modules, different access modules corresponds to different identity attributes, works as user
When using browser with guest mode, Web server corresponding to the webpage that user is accessed can not be distinguished by user name
The true identity of user, so that the anonymous access in terms of realizing user name, avoids user behavior to a certain extent and chased after
Track or privacy leakage.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
To the accomplishment of the foregoing and related purposes, certain illustrative sides are described herein in conjunction with following description and drawings
Face, these aspects indicate the various modes that can practice principles disclosed herein, and all aspects and its equivalent aspect
It is intended to fall in the range of theme claimed.Read following detailed description in conjunction with the accompanying drawings, the disclosure it is above-mentioned
And other purposes, feature and advantage will be apparent.Throughout the disclosure, identical appended drawing reference generally refers to identical
Component or element.
Fig. 1 shows the schematic diagram of terminal device 100 according to an embodiment of the invention;
Fig. 2 shows the flow charts of method for secret protection 200 according to an embodiment of the invention;
Fig. 3 shows the bandwagon effect figure of functional module switch state according to an embodiment of the invention;
Fig. 4 shows the bandwagon effect figure of functional module list corresponding to Fig. 3 in a browser;
Fig. 5 shows the schematic diagram of the display position of adjustment functional module according to an embodiment of the invention;
Fig. 6 shows the schematic diagram that functional module according to an embodiment of the invention is recommended;And
Fig. 7 shows the schematic diagram of privacy protection device 700 according to an embodiment of the invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
Fig. 1 shows the structure chart of terminal device 100 according to an embodiment of the invention.Terminal device 100 can be
The mobile devices such as mobile phone, tablet computer, multimedia player, intelligent wearable device are also possible to laptop, desktop electricity
The personal computer etc. of the configurations such as brain, but not limited to this.As shown in Figure 1, terminal device 100 may include memory interface 102,
Multi-core processor 104 and peripheral interface 106.
Memory interface 102, multi-core processor 104 and/or peripheral interface 106 can also collect either discrete component
At in one or more integrated circuits.In terminal device 100, various elements can by one or more communication bus or
Signal wire couples.Sensor, equipment and subsystem may be coupled to peripheral interface 106, to help to realize multiple functions.
For example, acceleration transducer 110, magnetic field sensor 112 and gravity sensor 114 may be coupled to peripheral interface
106, acceleration transducer 110 can acquire the acceleration information on three change in coordinate axis direction of fuselage coordinates system, and magnetic field passes
Sensor 112 can acquire the magnetic field data (magnetic induction intensity) on three change in coordinate axis direction of fuselage coordinates system, gravity sensitive
Device 114 can acquire the gravimetric data in three reference axis of fuselage coordinates system, the above sensor can be convenient realize step counting,
The functions such as orientation, horizontal/vertical screen intelligence switching.Other sensors 116 can equally be connected with peripheral interface 106, such as positioning system
(such as GPS receiver), temperature sensor, biometric sensor or other sensor devices, it is possible thereby to help to implement correlation
Function.
Camera sub-system 120 and optical sensor 122 can be used for the camera of convenient such as record photos and video clips
The realization of function, wherein the camera sub-system and optical sensor for example can be charge-coupled device (CCD) or complementary gold
Belong to oxide semiconductor (CMOS) optical sensor.It can help to realize by one or more radio communication subsystems 124
Communication function, wherein radio communication subsystem may include radio-frequency transmitter and transmitter and/or light (such as infrared) receiver
And transmitter.The particular design and embodiment of radio communication subsystem 124 can depend on terminal device 100 is supported one
A or multiple communication networks.For example, terminal device 100 may include be designed to support LTE, 3G, GSM network, GPRS network,
The communication subsystem 124 of EDGE network, Wi-Fi or WiMax network and BlueboothTM network.
Audio subsystem 126 can be coupled with loudspeaker 128 and microphone 130, to help to implement to enable voice
Function, such as speech recognition, speech reproduction, digital record and telephony feature.I/O subsystem 140 may include touch screen control
Device 142 processed and/or other one or more input controllers 144.Touch screen controller 142 may be coupled to touch screen 146.It lifts
For example, any one of a variety of touch-sensing technologies are can be used to detect in the touch screen 146 and touch screen controller 142
The contact and movement or pause carried out therewith, wherein detection technology includes but is not limited to capacitive character, resistive, infrared and table
Face technology of acoustic wave.Other one or more input controllers 144 may be coupled to other input/control devicess 148, such as one
Or the pointer device of multiple buttons, rocker switch, thumb wheel, infrared port, USB port, and/or stylus etc.It is described
One or more button (not shown)s may include the up/down for controlling 130 volume of loudspeaker 128 and/or microphone
Button.
Memory interface 102 can be coupled with memory 150.The memory 150 may include internal storage and outer
Portion's memory, internal storage for example can be static random access memory (SRAM), nonvolatile memory (NVRAM)
Deng, but not limited to this;External memory for example can be hard disk, mobile hard disk, USB flash disk etc., but not limited to this.Memory 150
It can store program instruction, program instruction for example may include operating system 152 and using 154.Operating system 152 for example can be with
It is Android, iOS, Windows Phone etc. comprising for handling basic system services and executing dependent on hardware
The program instruction of task.Memory 150 can also be stored using 154, and application 154 may include for realizing various users expectation
Function program instruction.It can be using 154 independently of operating system offer, be also possible to what operating system carried.Separately
Outside, when application 154 is mounted in terminal device 100, drive module can also be added to operating system.It is run in mobile device
When, meeting load operating system 152 from memory 150, and executed by processor 104.It at runtime using 154, also can be from
It loads in memory 150, and is executed by processor 104.Operated on operating system using 154, using operating system and
The interface that bottom hardware provides realizes the various desired functions of user, such as hardware management, instant messaging, web page browsing.
In above-mentioned various applications 154, one such application is browser 160, and browser 160 can provide a user
WEB-browsing services, user pass through the various information resources on the accessible Web server of browser 160.Particularly, in this hair
It include the instruction for executing method for secret protection 200 of the invention in bright, in browser 160, the instruction is so that browser 160
It can support a variety of access modules, every kind of access module that all there is corresponding functional module list and file cache path, it is different
Access module correspond to different file cache paths.Method for secret protection 200 of the invention is from two sides of function and data
Face ensure that the isolation of different access mode, to realize the omnibearing protection to privacy of user.
On the one hand, the file cache path of different access mode is different, that is, different access modules corresponds to different magnetic
Disc storage space.Further, when the identity attribute of user changes and needs handover access mode, terminate former access mould
Process under formula starts new process, and the access operation under new access module is executed using new process.Since each process has
There is independent memory headroom, correspondingly, memory headroom corresponding to new, old two access modules is different.Therefore, of the invention hidden
Private protection scheme realizes the data isolation (including data in magnetic disk isolation and internal storage data isolation) under different access mode, from number
Privacy of user is protected according to level.
On the other hand, access module includes corresponding functional mode list, and functional module list is defined in the access mould
User's workable function in a browser under formula.Functional module list corresponding to access module is configurable, it is generally the case that
Under guest mode workable function be less than holotype, thus make the functional module of certain more privacies under guest mode for
User is invisible, and the function of realizing between guest mode and holotype is isolated, and protects privacy of user from functional plane.
Secret protection scheme of the invention will be described in detail below.
Fig. 2 shows the flow charts of method for secret protection 200 according to an embodiment of the invention.Method 200 is suitable for
It is executed in the browser (such as browser 160 of aforementioned terminals equipment 100) of terminal device.As shown in Fig. 2, method 200 starts from
Step S210.
In step S210, the identity attribute of active user is obtained.
Identity attribute is intended to indicate that the attribute of user identity feature, for example, according to the different criteria for classifying, identity attribute
There are many division modes.For example, identity attribute includes owner, guest etc. using ascendancy as the criteria for classifying;It is to draw with age bracket
Minute mark is quasi-, and identity attribute includes old man, a middle-aged person, youth, teenager etc.;Using gender as the criteria for classifying, identity attribute include women,
Male etc.;Etc..The present invention to the criteria for classifying and value range of identity attribute with no restrictions.
In an embodiment of the present invention, there are many acquisition modes for the identity attribute of active user.It is clear according to a kind of embodiment
It lookes in device and is provided with the interface of identity switching, user enters the interface by the modes such as clicking, and identity category is inputted in the interface
Property information.According to another embodiment, browser would generally remember the identity attribute that user's last login browser is inputted, and use
Family this when opening browser, browser can be defaulted to be logged in the identity attribute of last time.For example, user's last time is with mastership
Log in browser, then user this when making browser, the identity attribute that browser defaults active user is also owner.Certainly,
In this case, user can switch identity attribute by the identity switching interface in browser.
Then, in step S220, determine that the access module of active user, access module include function according to identity attribute
It can module list and file cache path.
In an embodiment of the present invention, each identity attribute both corresponds to an access module.For example, mastership pair
Guest mode should be corresponded in holotype, guest's identity;Old man's identity corresponds to old man's mode, and juvenile identity corresponds to juvenile mould
Formula, etc..
Access module is the set of one group of configuration parameter, and under a certain access module, browser will be according to the access module
Configuration parameter set provide services to the user.In the present invention, access module includes functional module list and file cache
Path, correspondingly, under a certain access module, browser will be according to the functional module list and file cache path come to user
Access service is provided.
It include at least one functional module in functional module list, each functional module is for providing corresponding function.It answers
When pointing out, browser uses component based architecture on the whole, each function that browser provides a user both corresponds to a function
Energy module, each functional module is an independent component.It is mutually indepedent between the component of each functional module, not mutually according to
Rely and quotes.For example, several typical functional modules of browser include bookmark, historical record, offline webpage save, downloading,
Theme, hot word, news, website seniority among brothers and sisters (TopSite), weather, sharing, account number, integral, etc..Certainly, except it is above-mentioned it is listed it
Outside, it will be understood by those skilled in the art that functional module in browser is there are also very much, will not enumerate herein.
In the present invention, each guest mode both corresponds to a functional module list, and functional module list defines
(such as holotype or guest mode) the user workable function in a browser under certain access module.Each access module
Functional module list can be configured, and the functional module list of different access modules may be the same or different.
Under normal conditions, all functional modules information that browser can be provided is stored in a configuration file, we
The configuration file is denoted as functional module inventory.It will be understood by those skilled in the art that the functional module list of each access module
It is the subset of above-mentioned functional module inventory.The functional module list of each access module can be functional module inventory itself,
Setting can be customized by the user.For example, the access authority of user is usually higher under holotype, it can be by the function of holotype
Module list is set as functional module inventory itself.And the quantity of the functional module in the functional module list of guest mode is less than
The quantity of functional module in the functional module list of holotype, i.e. the user workable function under guest mode are less than main mould
Formula realizes guest mode and master to keep the functional module of certain more privacies invisible for user under guest mode
Function isolation between mode, protects privacy of user from functional plane.
According to the following steps 1)~3 according to a kind of embodiment, the functional module list of access module can be with) it configures:
1) functional module inventory is obtained, the switch state of all functional modules in functional module inventory is showed into use
Family.
As previously mentioned, including all functional modules that browser can provide in functional module inventory.Each function mould
Block corresponds to a functional module record, and a functional module record includes the switch shape of module id, module name and module
State, wherein the switch state of functional module is for indicating that can user in a browser using function corresponding to the functional module
Can, in other words, the switch state of functional module is for indicating whether the functional module is visible for user.
Functional module inventory is usually stored in file with JSON format.Entire functional module inventory is a JSON number
Group, each functional module record in functional module inventory is a JSON data, and a JSON data include functional module
Module id, module name and switch state.Wherein, the component mark of module id and code components corresponding to the functional module
Know unanimously, to can search by module id and configure component code corresponding to the functional module.
Functional module inventory is obtained, the switch state of all functional modules in functional module inventory is showed into user,
The switch state of each functional module can be arranged in user on the displaying interface.Specifically, current process is clear from functional module
JSON file corresponding to list reads out JSON array, and is stored in the memory headroom of current process.It then, will be in memory
JSON array is parsed into dynamic array (ArrayList), shows user with the pattern of list.JSON array is in parsing, often
One JSON data corresponds to a functional module, and being parsed into one includes module id, module name and switch state three
The data structure of a attribute, and all data structures are stored in dynamic array.According to a kind of embodiment, module id is usual
For one by letter and/or the character string to unique identification functional module that forms of number, without the meaning in terms of semantic,
It helps for a user less, therefore, when carrying out showing interface, usual display module name and switch state.
Fig. 3 shows the bandwagon effect figure of the switch state of functional module.As shown in figure 3, listing each function in interface
The module name and switch state of module.Certainly, in other examples, module id can also be listed together.
2) setting of the user for the switch state of each functional module is obtained.
As shown in figure 3, the switch state of each module can be by user setting, user is by clicking switch corresponding to each module
Button, i.e., the switch state of settable each functional module.The switch state of each functional module of user setting, be equivalent to have modified it is dynamic
The switch state attribute of each data structure in state array.
3) functional module list is determined according to the functional module in the open state of user setting.That is, access module
Functional module list in functional module be user setting functional module in the open state.Current process is read in it
The dynamic array in space is deposited, dynamic array is traversed, finding out wherein switch state is the data structure opened, and is saved it in
In one new dynamic array.This dynamic array is the functional module list for the access module being arranged.Meanwhile it is this is new
Dynamic array be converted into JSON data and save into file, when for next user with the access module access browser, lead to
Reading this document is crossed to obtain functional module list.
For example, as shown in figure 3, user configure guest mode functional module list when, will " theme ", " hot word ", " newly
Hear " states of three functional modules is set on, then, and include in the functional module list of guest mode " theme ", " hot word ",
" news " three functional modules.
In the present invention, file cache path is cache file catalogue corresponding to each functional module, that is, file cache road
It is stored with file relevant to functional module in diameter, these files include that (such as user is function for the configuration information of functional module
Font, shortcut key, message push frequency etc. the information of module setting) and user use history number caused by functional module
According to (such as browse history, search history, collection history etc.) etc., but not limited to this.
In the present invention, the file cache path of each access module can be configured, the file of different access modules
Cache path is different, that is, different access modules corresponds to different disk storage spaces.Therefore, secret protection of the invention
Scheme realizes the data isolation between different access mode, protects privacy of user from data plane.
According to a kind of embodiment, other than functional module list and file cache path, access module further includes file
Download location and offline webpage storage location.The file download position of access module and offline webpage storage location can carry out
The file download position of configuration, different access mode is different, and offline webpage storage location is not also identical.Due to different access mode
File download position, offline webpage storage location it is different, therefore, user cannot be directly viewed other under current accessed mode
Generated data in access module protect user hidden to further ensure the data isolation between each access module
It is private.For example, user incorporates file download position A using the file of browser downloading under holotype;And in guest mode
Under, user's downloaded file incorporates file download position B, and user cannot be directly viewed the text of holotype under guest mode
File in the A of part download location.
Then, in step S230, corresponding function mould is called according to functional module list and file cache path respectively
Block and associated documents.The functional module that user can call in a browser is determined according to functional module list, from file cache road
Read associated documents corresponding to these functional modules in diameter, associated documents include configuration information (such as the user of functional module
Push the information such as frequency for the font of functional module setting, shortcut key, message) and user use caused by functional module
Historical data (such as browsing history, search history, collection history etc.) etc., but not limited to this.
Then, in step S240, the functional module and associated documents are respectively loaded on browser frames, Lai Xiangyong
Family provides browser access service.
According to a kind of embodiment, browser kernel calls the corresponding interface of each functional module respectively, and loads respectively
The corresponding associated documents of each functional module, so as to show the call entry of each functional module for working as on browser interface respectively
Preceding user is called.
By obtaining the corresponding associated documents of functional module, and interface corresponding to calling functional modules, can be completed
The initialization of functional module, the call entry of display function module on browser interface, for active user carry out using.Example
Such as, it is based on Fig. 3, includes " theme ", " hot word ", " news " three functional modules in the functional module list of guest mode, then uses
When family uses browser under guest mode, browser kernel calls the interface of these three functional modules respectively, and loads respectively
Associated documents corresponding to these three functional modules, so that these three functional modules are shown and only shown on browser interface,
His functional module is invisible for user, as shown in Figure 4.That is, user is only other than basic web page browsing function
" theme ", " hot word ", " news " these three functions can be additionally used again, and other function does not show that user can not in a browser
The entrance for obtaining other function, to not be available other function.
In addition, current process can call user caused by each functional module during user uses browser
Access data are stored to the file cache path of current accessed mode.For example, user is produced during using functional module
Raw new data, for example, modify or be arranged for the first time certain configuration informations, generation access historical information (such as browsing go through
History, search history, collection history) etc., it can all store as the associated documents of the functional module to the file cache of active user
Path.According to a kind of embodiment, the life cycle of the file stored in file cache path is can be set in user, with further
Guarantee the privacy in terms of data according to user's needs.The file in file cache path is carried out for example, user can be set
Periodically remove;Or be arranged when user returns to browser homepage, exits access module or exit browser, to file cache path
In file be purged, etc..
According to a kind of embodiment, during user uses browser, current process is also by user's downloaded file
It stores to the file download position of current accessed mode, and the offline webpage that user is saved is stored to current accessed mode
Offline webpage storage location.Since the file download position of different access mode, offline webpage storage location are different, in this way,
User cannot be directly viewed generated data in other access modules under current accessed mode, to further ensure each
Data isolation between access module, protects privacy of user.For example, user uses the text of browser downloading under holotype
Part incorporates file download position A;And under guest mode, user's downloaded file incorporates file download position B, user
It cannot be directly viewed the file in the file download position A of holotype under guest mode.
According to a kind of embodiment, each function mould in functional module list can be adjusted according to the access data of user
The display position of block in a browser.
It include " theme ", " hot word ", " news " three functions in the functional module list of guest mode for example, being based on Fig. 3
Module, then when user uses browser under guest mode, as shown in figure 4, only showing " theme ", " hot word ", " new in browser
Hear " these three functional modules, other function module is invisible for user, and these three modules are from left to right arranged successively.It is clear
The history of the available user of device of looking at accesses data, and the access preference of user is determined according to the history of user access data, will
The functional module of user preference comes the position that user is easily accessible by.Divide for example, accessing data by the history to user
Analysis it is the most frequent to determine that user accesses " hot word " module in the recent period, followed by " theme ", " news " module, this shows that user is recent
Preference accesses " hot word " module.Therefore, the display position that each functional module is adjusted according to the access preference of user, by " hot word "
The display position of functional module is adjusted to left number first, is successively " theme ", " news " functional module backward, after adjusting position
Display effect it is as shown in Figure 5.
According to a kind of embodiment, new functional module can also be recommended to user according to the access data of user.Ability
Field technique personnel can determine that functional module recommended to the user, the present invention calculate the recommendation of functional module using any particular algorithms
Method is with no restrictions.In some embodiments, functional module recommended to the user can be determined using collaborative filtering.Example
Such as, the access preference that user is determined according to the history of user access data, will be similar with the preferred functional module of user
Functional module recommends user.In another example according to the characteristic information (such as age, gender, educational background, hobby etc.) of active user come
It determines the user similar with active user, the similar selected functional module of user is recommended into active user.
Fig. 6 shows the schematic diagram that functional module according to an embodiment of the invention is recommended.In Fig. 6, according to user
History access data, determine the preferred functional module of user be " hot word " and " theme "." popular video " is and " hot word "
Similar functional module, " wallpaper " are that the functional module similar with " theme " therefore recommends " popular video " with " wallpaper "
User.
Identity attribute may be switched during user uses browser according to a kind of embodiment, that is, switching is visited
Ask mode.In order to further ensure the data isolation between access module, provided in different modes using different processes
Access service.That is, terminating current process when the identity attribute of user changes, starting new process;Using new process come really
New guest mode corresponding to fixed new identity attribute, new guest mode includes new function module list and new file cache path;
And browser access service is provided a user according to new function module list and new file cache path.Due to each process
With independent memory headroom, correspondingly, memory headroom corresponding to new, old two access modules is different.Therefore, the present invention removes
It can be realized by configuring different file cache paths for different access modules except data in magnetic disk isolation, it can be with
It realizes that internal storage data is isolated by starting different processes under different access modules, further ensure that from data plane
Privacy of user.
Fig. 7 shows the schematic diagram of privacy protection device 700 according to an embodiment of the invention.Device 700 resides at
In terminal device (such as aforementioned terminals equipment 100), for making terminal device execute method for secret protection 200 of the invention.Such as
Shown in Fig. 7, privacy protection device 700 includes obtaining module 710, initialization module 720 and access modules 730.
Obtain the identity attribute that module 710 is suitable for obtaining active user.
In an embodiment of the present invention, there are many acquisition modes for the identity attribute of active user.It is clear according to a kind of embodiment
It lookes in device and is provided with the interface of identity switching, user enters the interface by the modes such as clicking, and identity category is inputted in the interface
Property information.According to another embodiment, browser would generally remember the identity attribute that user's last login browser is inputted, and use
Family this when opening browser, browser can be defaulted to be logged in the identity attribute of last time.For example, user's last time is with mastership
Log in browser, then user this when making browser, the identity attribute that browser defaults active user is also owner.Certainly,
In this case, user can switch identity attribute by the identity switching interface in browser.
Initialization module 720 is suitable for determining the access module of active user according to identity attribute, and access module includes function
It can module list and file cache path.
In an embodiment of the present invention, each identity attribute both corresponds to an access module.For example, mastership pair
Guest mode should be corresponded in holotype, guest's identity;Old man's identity corresponds to old man's mode, and juvenile identity corresponds to juvenile mould
Formula, etc..
Access module is the set of one group of configuration parameter, and under a certain access module, browser will be according to the access module
Configuration parameter set provide services to the user.In the present invention, access module includes functional module list and file cache
Path, correspondingly, under a certain access module, browser will be according to the functional module list and file cache path come to user
Access service is provided.
In the present invention, each guest mode both corresponds to a functional module list and a file cache path.
Functional module list defines under certain access module (such as holotype or guest mode) user and can be used in a browser
Function.User's generated access during using browser under certain access module of file cache path definition
The storage location of data, that is, a file cache path corresponds to one piece of specific disk space.
Access modules 730 be suitable for according to functional module list and file cache path call respectively corresponding functional module and
Associated documents;And the functional module and associated documents are respectively loaded on browser frames, to provide a user browser
Access service.Specifically, access modules 730 are suitable for that browser kernel is made to call the corresponding interface of each functional module respectively,
And the corresponding associated documents of each functional module are loaded respectively, so as to which the tune of each functional module is shown on browser interface respectively
It is called with confession active user is entered.
Access data for example may include cookie information, web cache, browsing history, search history, downloading history etc.,
But not limited to this.According to a kind of embodiment, privacy protection device 700 further includes removing module 740 (to remove module 740 not in Fig. 7
In show), remove module 740 be suitable for when user returns to browser homepage, exits access module or exit browser, remove text
The access data stored in part cache path, to further protect the privacy of user in terms of data.
According to a kind of embodiment, privacy protection device 700 further includes that (configuration module 750 is not in Fig. 7 for configuration module 750
It shows).Configuration module 750 is suitable for configuring functional module list and the file cache path of each access module, wherein different visits
Ask the difference of file cache path corresponding to mode.Therefore, secret protection scheme of the invention realizes under different access mode
Data isolation, protect privacy of user from data plane.
According to a kind of embodiment, configuration module 750 is suitable for coming according to the following steps the functional module column of configuration access mode
Table: firstly, obtaining functional module inventory, the switch state of all functional modules in functional module inventory is showed into user;
Then, setting of the user for the switch state of each functional module is obtained;Finally, according to the in the open state of user setting
Functional module determines functional module list.
In an embodiment of the present invention, the functional module list of each access module can be configured, different access moulds
The functional module list of formula may be the same or different.Normally, under holotype, the access authority of user is higher, accordingly
Ground can set functional module inventory itself for the functional module list of holotype.And the functional module list of guest mode
In functional module quantity less than holotype functional module list in functional module quantity, i.e., user is in guest mode
Lower workable function is less than holotype, to make the functional module of certain more privacies can not for user under guest mode
See, the function of realizing between guest mode and holotype is isolated, and protects privacy of user from functional plane.
According to a kind of embodiment, configuration module 750 is further adapted for file download position and the offline webpage of configuration access mode
Storage location, correspondingly, access modules 730 are further adapted for: user's downloaded file is stored to file download position;And it will
The offline webpage that user is saved is stored to offline webpage storage location.
In the present invention, the file download position of different access mode, offline webpage storage location are different, in this way, user
It cannot be directly viewed generated data in other access modules under current accessed mode, to further ensure each access
Data isolation between mode, protects privacy of user.For example, user is deposited using the file of browser downloading under holotype
File download position A is entered;And under guest mode, user's downloaded file incorporates file download position B, and user is visiting
It cannot be directly viewed the file in the file download position A of holotype under objective mode.
According to a kind of embodiment, privacy protection device 700 further includes that personality module 760 (do not scheming by personality module 760
It is shown in 7).Personality module 760 is suitable for the access data according to user to adjust each function mould in functional module list
The display position of block in a browser;And/or recommend new functional module to user according to the access data of user, thus to
User provides personalized service.
According to a kind of embodiment, privacy protection device 700 further includes that (process manager module 770 is not for process manager module 770
It is shown in FIG. 7).Process manager module 770 is suitable for when the identity attribute of user changes, and terminates current process, starting
New process;Determine that new guest mode corresponding to new identity attribute, new guest mode have corresponding new function using new process
It can module list and new file cache path;And it is provided a user according to new function module list and new file cache path
Browser access service.Since each process has independent memory headroom, correspondingly, corresponding to new, old two access modules
Memory headroom it is different.Therefore, the present invention is in addition to can be by configuring different file cache paths for different access modules
Except realizing that data in magnetic disk is isolated, memory number can also be realized by starting different processes under different access modules
According to isolation, further privacy of user ensure that from data plane.
Technical solution of the present invention protects browser privacy by creating a variety of access modules according to user identity attribute,
Every kind of access module all has corresponding functional module list and file cache path, and different access modules corresponds to different
File cache path.Method for secret protection of the invention ensure that in terms of function and data two different access mode every
From to realize the omnibearing protection to privacy of user.
Device described in A9:A8, wherein the functional module inventory of browser, the function are stored in the terminal device
Energy module inventory includes a plurality of functional module record, and each functional module record includes module id, module name and switch
State, wherein the switch state of a functional module is for indicating that can user right using the functional module in a browser
The function of answering;The configuration module is further adapted for: the functional module inventory is obtained, the institute in functional module inventory is active
The switch state of energy module shows user;Obtain setting of the user for the switch state of each functional module;It is set according to user
The functional module in the open state set determines the corresponding functional module list of active user.
Device described in A10:A7, further includes: personality module, suitable for adjusting function mould according to the access data of user
The display position of each functional module in a browser in block list;And/or it is pushed away according to the access data of user to user
Recommend new functional module.
Device described in A11:A7, further includes: process manager module, suitable for when the identity attribute of user changes,
Terminate current process, starts new process;New guest mode corresponding to new identity attribute, the new visit are determined using new process
Objective mode includes new function module list and new file cache path;And it is slow according to the new function module list and new file
Path is deposited to provide a user browser access service.
Device described in A12:A7, the access modules are further adapted for: browser kernel being made to call the function respectively
The corresponding interface of module, and the corresponding associated documents of the functional module are loaded respectively, so that on browser interface
Show that the call entry of the functional module is called for active user respectively.
Various technologies described herein are realized together in combination with hardware or software or their combination.To the present invention
Method and apparatus or the process and apparatus of the present invention some aspects or part can take insertion tangible media, such as can
Program code (instructing) in mobile hard disk, USB flash disk, floppy disk, CD-ROM or other any machine readable storage mediums
Form, wherein when program is loaded into the machine of such as computer etc, and when being executed by the machine, the machine becomes to practice
Equipment of the invention.
In the case where program code executes on programmable computers, terminal device generally comprises processor, processor
Readable storage medium (including volatile and non-volatile memory and or memory element), at least one input unit, and extremely
A few output device.Wherein, memory is configured for storage program code;Processor is configured for according to the memory
Instruction in the said program code of middle storage executes method for secret protection of the invention.
By way of example and not limitation, readable medium includes readable storage medium storing program for executing and communication media.Readable storage medium storing program for executing
Store the information such as computer readable instructions, data structure, program module or other data.Communication media is generally such as to carry
The modulated message signals such as wave or other transmission mechanisms embody computer readable instructions, data structure, program module or other
Data, and including any information transmitting medium.Above any combination is also included within the scope of readable medium.
In the instructions provided here, algorithm and display not with any certain computer, virtual system or other
Equipment is inherently related.Various general-purpose systems can also be used together with example of the invention.As described above, it constructs this kind of
Structure required by system is obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can
With using various programming languages realize summary of the invention described herein, and the description that language-specific is done above be for
Disclosure preferred forms of the invention.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, knot is not been shown in detail
Structure and technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect
Shield the present invention claims than feature more features expressly recited in each claim.More precisely, as following
As claims reflect, inventive aspect is all features less than single embodiment disclosed above.Therefore, it abides by
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
As a separate embodiment of the present invention.
Those skilled in the art should understand that the module of the equipment in example disclosed herein or unit or groups
Part can be arranged in equipment as depicted in this embodiment, or alternatively can be positioned at and the equipment in the example
In different one or more equipment.Module in aforementioned exemplary can be combined into a module or furthermore be segmented into multiple
Submodule.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
Meaning one of can in any combination mode come using.
In addition, be described as herein can be by the processor of computer system or by executing by some in the embodiment
The combination of method or method element that other devices of the function are implemented.Therefore, have for implementing the method or method
The processor of the necessary instruction of element forms the device for implementing this method or method element.In addition, Installation practice
Element described in this is the example of following device: the device be used for implement as in order to implement the purpose of the invention element performed by
Function.
As used in this, unless specifically stated, come using ordinal number " first ", " second ", " third " etc.
Description plain objects, which are merely representative of, is related to the different instances of similar object, and is not intended to imply that the object being described in this way must
Must have the time it is upper, spatially, sequence aspect or given sequence in any other manner.
Although the embodiment according to limited quantity describes the present invention, above description, the art are benefited from
It is interior it is clear for the skilled person that in the scope of the present invention thus described, it can be envisaged that other embodiments.Additionally, it should be noted that
Language used in this specification primarily to readable and introduction purpose and select, rather than in order to explain or limit
Determine subject of the present invention and selects.Therefore, without departing from the scope and spirit of the appended claims, for this
Many modifications and changes are obvious for the those of ordinary skill of technical field.For the scope of the present invention, to this
It invents done disclosure to be illustrative and be not restrictive, it is intended that the scope of the present invention be defined by the claims appended hereto.
Claims (10)
1. a kind of method for secret protection executes in the browser of terminal device, which comprises
Obtain the identity attribute of active user;
Determine that the access module of active user, the access module include functional module list and text according to the identity attribute
Part cache path;
Corresponding functional module and associated documents are called respectively according to the functional module list and file cache path;
The functional module and associated documents are respectively loaded on browser frames, to provide a user browser access service.
2. the method as described in claim 1, further includes:
Configure functional module list and the file cache path of each access module, wherein the file cache road of different access mode
Diameter is different.
3. method according to claim 2, wherein be stored with the functional module inventory of browser, institute in the terminal device
Stating functional module inventory includes a plurality of functional module record, each functional module record include module id, module name and
Switch state, wherein the switch state of a functional module is for indicating that can user use the functional module in a browser
Corresponding function;
The functional module list of access module configures in accordance with the following methods:
The functional module inventory is obtained, the switch state of all functional modules in functional module inventory is showed into user;
Obtain setting of the user for the switch state of each functional module;
The corresponding functional module list of active user is determined according to the functional module in the open state of user setting.
4. the method as described in claim 1, further includes:
The display position of each functional module in a browser in functional module list is adjusted according to the access data of user;
And/or
Recommend new functional module to user according to the access data of user.
5. the method for claim 1, wherein
When the identity attribute of user changes, terminates current process, start new process;
Determine that new guest mode corresponding to new identity attribute, the new guest mode include new function module using new process
List and new file cache path;And
Browser access service is provided a user according to the new function module list and new file cache path.
6. the method as described in claim 1, described that the functional module and associated documents are respectively loaded on browser frames
Include:
Browser kernel calls the corresponding interface of the functional module respectively, and it is right respectively to load the functional module respectively
The associated documents answered, so as to show that the call entry of the functional module is adjusted for active user on browser interface respectively
With.
7. a kind of privacy protection device, resides in terminal device, described device includes:
Module is obtained, suitable for obtaining the identity attribute of active user;
Initialization module, suitable for determining that the access module of active user, the access module include according to the identity attribute
Functional module list and file cache path;And
Access modules, suitable for calling corresponding functional module and phase respectively according to the functional module list and file cache path
Close file;And the functional module and associated documents are respectively loaded on browser frames, it is visited to provide a user browser
The service of asking.
8. device as claimed in claim 7, further includes:
Configuration module, suitable for configuring functional module list and the file cache path of each access module, wherein different access moulds
File cache path corresponding to formula is different.
9. a kind of terminal device, comprising:
At least one processor;With
It is stored with the memory of program instruction, wherein described program instruction is configured as being suitable for by least one described processor
It executes, described program instruction includes for executing the instruction such as method for secret protection of any of claims 1-6.
10. a kind of readable storage medium storing program for executing for being stored with program instruction, when described program instruction is read and is executed by terminal device,
So that the terminal device executes such as method for secret protection of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910114807.0A CN109886044A (en) | 2019-02-14 | 2019-02-14 | A kind of method for secret protection and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910114807.0A CN109886044A (en) | 2019-02-14 | 2019-02-14 | A kind of method for secret protection and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109886044A true CN109886044A (en) | 2019-06-14 |
Family
ID=66928097
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910114807.0A Pending CN109886044A (en) | 2019-02-14 | 2019-02-14 | A kind of method for secret protection and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109886044A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113379507A (en) * | 2021-06-30 | 2021-09-10 | 特赞(上海)信息科技有限公司 | Customization method and device suitable for enterprise-level multi-tenant product and electronic equipment |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102708141A (en) * | 2011-03-14 | 2012-10-03 | 国际商业机器公司 | System and method for in-private browsing |
| CN104063657A (en) * | 2013-03-19 | 2014-09-24 | 腾讯科技(深圳)有限公司 | Method and device for starting private browsing, browser and electronic equipment |
| CN104954385A (en) * | 2015-06-26 | 2015-09-30 | 小米科技有限责任公司 | Method and device for providing InPrivate browsing |
| CN106295284A (en) * | 2015-05-27 | 2017-01-04 | 中兴通讯股份有限公司 | A kind of information protecting method and mobile terminal |
| CN106528279A (en) * | 2015-09-14 | 2017-03-22 | 广州市动景计算机科技有限公司 | Method and system for rapidly switching browser configuration |
| CN106681616A (en) * | 2015-11-06 | 2017-05-17 | 广州市动景计算机科技有限公司 | Browser function bar display method, browser function bar display device and processing equipment |
| CN106778348A (en) * | 2016-12-23 | 2017-05-31 | 北京奇虎科技有限公司 | A kind of method and apparatus for isolating private data |
| US20170357827A1 (en) * | 2016-06-10 | 2017-12-14 | Nirvon Shoa | Method and Apparatus for Hiding Private Browsing Data |
-
2019
- 2019-02-14 CN CN201910114807.0A patent/CN109886044A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102708141A (en) * | 2011-03-14 | 2012-10-03 | 国际商业机器公司 | System and method for in-private browsing |
| CN104063657A (en) * | 2013-03-19 | 2014-09-24 | 腾讯科技(深圳)有限公司 | Method and device for starting private browsing, browser and electronic equipment |
| CN106295284A (en) * | 2015-05-27 | 2017-01-04 | 中兴通讯股份有限公司 | A kind of information protecting method and mobile terminal |
| CN104954385A (en) * | 2015-06-26 | 2015-09-30 | 小米科技有限责任公司 | Method and device for providing InPrivate browsing |
| CN106528279A (en) * | 2015-09-14 | 2017-03-22 | 广州市动景计算机科技有限公司 | Method and system for rapidly switching browser configuration |
| CN106681616A (en) * | 2015-11-06 | 2017-05-17 | 广州市动景计算机科技有限公司 | Browser function bar display method, browser function bar display device and processing equipment |
| US20170357827A1 (en) * | 2016-06-10 | 2017-12-14 | Nirvon Shoa | Method and Apparatus for Hiding Private Browsing Data |
| CN106778348A (en) * | 2016-12-23 | 2017-05-31 | 北京奇虎科技有限公司 | A kind of method and apparatus for isolating private data |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113379507A (en) * | 2021-06-30 | 2021-09-10 | 特赞(上海)信息科技有限公司 | Customization method and device suitable for enterprise-level multi-tenant product and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102355481B1 (en) | Smart Assist for Repeated Actions | |
| CN105917349B (en) | Privacy filtering of requested user data and context activated privacy modes | |
| CN105549819B (en) | The display methods and device of background application information | |
| CN110785756A (en) | Data content filter | |
| US9483475B2 (en) | Content recommendation method | |
| CN102411469B (en) | For showing the method for internet webpage and utilizing the mobile terminal of the method | |
| US20230022898A1 (en) | Generating Application Configurations Based on User Engagement Segments | |
| US11475029B2 (en) | Presenting user information suggestions | |
| EP3111356B1 (en) | Incentive-based app execution | |
| KR20170015129A (en) | Computing system with privacy control mechanism and method of operation thereof | |
| WO2018031378A1 (en) | Email personalization | |
| KR20140051222A (en) | Client-side modification of search results based on social network data | |
| CN107329750A (en) | The recognition methods of advertisement page, jump method and mobile terminal in application program | |
| US20150149939A1 (en) | Variable user interface theme customization | |
| KR20140143028A (en) | Method for operating program and an electronic device thereof | |
| US10681162B2 (en) | Segmenting users based on user engagement | |
| CN111338725A (en) | Interface layout method and related product | |
| US11803395B1 (en) | Virtual assistant transfer protocol | |
| CN105446766B (en) | For providing the system and method for service via application | |
| CN108038102A (en) | Recommendation method, apparatus, terminal and the storage medium of facial expression image | |
| CN104246772A (en) | System for suggesting activities based on contacts | |
| CN110611733A (en) | Configuration method of shortcut entrance, terminal and computer storage medium | |
| CN109241437A (en) | A kind of generation method, advertisement recognition method and the system of advertisement identification model | |
| CN113454669A (en) | Characterizing a place by user visited features | |
| US20190370017A1 (en) | Configuring Applications Using Multilevel Configuration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190614 |