CN111709054A

CN111709054A - Privacy space information access control method and device and computer equipment

Info

Publication number: CN111709054A
Application number: CN202010535477.5A
Authority: CN
Inventors: 刘惠明; 张向前
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2020-06-12
Filing date: 2020-06-12
Publication date: 2020-09-25

Abstract

The application relates to a method and a device for controlling access to private space information, computer equipment and a storage medium. The method comprises the following steps: displaying user debugging interface options of the privacy space on a developer option interface; acquiring an opening triggering operation of a user debugging interface option of a privacy space; responding to an opening triggering operation, and collecting a password to be verified; opening a user debugging interface option of a privacy space when the password to be verified passes verification; and opening a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space. According to the method, the user debugging interface of the private space can be opened only through password verification in the developer mode, so that other people can be prevented from easily controlling the information of the multi-user space by calling the user debugging interface of the private space in the developer mode, and the information safety is guaranteed.

Description

Privacy space information access control method and device and computer equipment

Technical Field

The present application relates to the field of information security technologies, and in particular, to a method and an apparatus for controlling access to private space information, a computer device, and a storage medium.

Background

Along with the popularization of intelligent terminal equipment, the intelligent terminal equipment becomes an essential tool for daily life of people. The intelligent terminal device records a large amount of information of the user. Some of the information is relatively private and needs to be protected by relatively confidential measures.

Therefore, the terminal system provides a privacy space function, and the privacy space is protected by a password different from the main space so as to achieve the effect of protecting the privacy of the user. The privacy space utilizes the multi-user function of the terminal system, and a new user is created for the use of the privacy space. When the privacy space is created, a password different from the main space needs to be input, so that the information security of the privacy space is protected through the password.

However, in practical applications, in the case where the main space password is leaked or the control right is leaked, the information of the private space may be obtained by other abnormal means. This poses a threat to the information security of the private space.

Disclosure of Invention

In view of the above, it is necessary to provide a private space information access control method, apparatus, computer device, and storage medium capable of improving information security in response to the above technical problem.

A method of access control to private space information, the method comprising:

displaying user debugging interface options of the privacy space on a developer option interface;

acquiring a password to be verified when an opening triggering operation of a user debugging interface option of a privacy space is acquired;

the password to be verified is transmitted into a physical security space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical security space is compared through the physical security space;

if the private space is consistent with the private space, opening a user debugging interface option of the private space;

and opening the user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

A method of access control to private space information, the method comprising:

acquiring an opening triggering operation of a user debugging interface option of the privacy space;

responding to the opening triggering operation, and collecting a password to be verified;

opening a user debugging interface option of the privacy space when the password to be verified passes verification;

In one embodiment, the method further comprises:

when the password to be verified passes verification, setting a mark of a user debugging interface of a privacy space to be opened;

and when the password to be verified is wrong in verification, setting the mark of the user debugging interface of the privacy space as closed.

In one embodiment, the method further comprises:

acquiring a debugging command of a user debugging interface of the privacy space;

viewing indicia of a user debug interface of the privacy space;

and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In one embodiment, after the setting of the flag of the user debugging interface of the privacy space is turned on, the method further includes:

starting a first timer;

and when the timing time of the first timer is up, setting the mark of the user debugging interface of the privacy space as closed.

In one embodiment, after setting the flag of the user debugging interface of the privacy space to be turned off, the method further includes:

closing user debugging interface options of the privacy space;

and closing the user debugging interface of the privacy space.

In one embodiment, the comparing whether the password to be verified is consistent with the password in the privacy space includes:

and transmitting the password to be verified into a physical security space, and comparing whether the password to be verified is consistent with the password stored in the privacy space of the physical security space through the physical security space.

In one embodiment, the method further comprises:

if the password verification error times reach the threshold value, starting a second timer;

and when the timing time of the second timer is not reached, setting to prohibit acquisition of the verification password.

An apparatus for controlling access to private space information, the apparatus comprising:

the interface display module is used for displaying user debugging interface options of the privacy space on a developer option interface;

the opening operation module is used for acquiring opening triggering operation of a user debugging interface option of the privacy space;

the password acquisition module is used for responding to the opening triggering operation and acquiring a password to be verified;

the verification module is used for acquiring a password to be verified through the password acquisition interface;

the option switch module is used for opening the user debugging interface options of the privacy space when the password to be verified passes the verification;

and the control module is used for opening a user debugging interface of the privacy space, and the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

A computer device comprising a memory storing a computer program and a processor implementing the steps of the above embodiments when executing the computer program.

A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned embodiments.

According to the method, the device, the computer equipment and the storage medium for controlling the access to the information of the privacy space, the user debugging interface option of the privacy space is displayed on the option interface of the developer, when the opening triggering operation of the option is triggered, the password to be verified is collected, and when the input password is verified, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through password verification in the developer mode, other people can be prevented from easily controlling the information of the privacy space by using the user debugging interface of the privacy space in the developer mode, and the information safety is guaranteed.

Drawings

FIG. 1 is a schematic diagram of an application scenario of an access control method for private space information in one embodiment;

FIG. 2 is a schematic flow chart of a method for controlling access to private space information in one embodiment;

FIG. 3 is a schematic flow diagram that illustrates the request to open a privacy space, under an embodiment;

FIG. 4 is an interface diagram of developer options in one embodiment;

FIG. 5 is a schematic diagram of an embodiment of a password collection interface;

FIG. 6 is a diagram illustrating operation of a user debug interface option to open a privacy space in one embodiment;

FIG. 7 is a flowchart illustrating a method for controlling access to private space information in accordance with another embodiment;

FIG. 8 is a diagram illustrating the operation of password modification in one embodiment;

FIG. 9 is a schematic diagram of a process flow for a user debug interface requesting opening of a privacy space, in one embodiment;

FIG. 10 is a flowchart illustrating a method for controlling access to private space information in accordance with another embodiment;

FIG. 11 is a block diagram showing the structure of an access control apparatus for private space information according to an embodiment;

FIG. 12 is a diagram illustrating an internal structure of a computer device according to an embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.

The private space information access control method provided by the application can be applied to the application environment shown in fig. 1. As shown in fig. 1, the debugging device 102 and the terminal device 104 are included, and the debugging device 102 is connected to the terminal device in communication. The debugging 102 inputs a debugging command, and the connected terminal device 104 can be debugged. The terminal equipment displays a user debugging interface option of the privacy space on a developer option interface; acquiring an opening triggering operation of a user debugging interface option of a privacy space; responding to an opening triggering operation, and collecting a password to be verified; opening a user debugging interface option of a privacy space when the password to be verified passes verification; and opening a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space. The terminal device may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The debugging device may be, but is not limited to, a personal computer and a notebook computer.

In one embodiment, as shown in fig. 1, a method for controlling access to private space information is provided, which is described by taking the method as an example applied to a terminal device, and includes the following steps:

step 202, displaying user debugging interface options of the privacy space on a developer option interface.

The developer option is an option set by the terminal operating system for the developer, and is usually in a hidden state. Developer options are visible after developer mode is turned on.

The developer mode is a functional option for development and test preparation provided by the system to system and software developers. Generally, software developed based on a system can be installed on a terminal device through testing, and a developer sends the software to the terminal device by using a developer mode for entity testing when the software development is completed. The average user may also set the terminal device using various functions within the developer mode, such as adjusting the scaling speed of the window animation, transition animation, limiting the number of background processes, forcing GPU rendering, and the like. The developer mode is a hidden mode, usually in an off state, and requires active activation by the user to turn on.

Different brands of terminal devices have different methods of starting the developer mode. For example, a certain brand of terminal equipment can open a developer mode by opening the setting- > system- > about mobile phone- > continuously clicking the version number of the terminal equipment. After the developer mode is started, the developer option appears in a setting-system interface, and the developer option interface can be displayed by clicking.

In the case of the developer option, a number of functions are provided, such as a "show touch operation" function, which can be activated to show a touch trajectory in the screen. As another example, a "USB debug function," start-up allows an external program, particularly a PC terminal program, to manage the terminal through an adb command. The functions provided by the developer option are very many, and the developer option interface lists the functions provided by the developer option interface, and the functions are enabled by opening the developer option interface for operation, such as the functions of a USB debugging function, a display touch function and a user debugging interface function of a privacy space.

The privacy space is one function provided by the system. After the function of the privacy space is started, the privacy space is a private space independent of the main space, and private data can be stored. The privacy space can be provided with an independent password different from that of the main space so as to switch from the screen locking interface and the setting to carry out the privacy space. The password of the privacy space can be a character password, a graphic password and a biological characteristic password. A biometric code such as a fingerprint. The essence of the private space is to create a new user for the use of the private space by utilizing the multi-user function of the system.

The multi-user is that the terminal equipment adds a plurality of users on one terminal equipment by separating user account numbers and application data. The multi-user realization utilizes a user management interface UserManager exposed to a user by a terminal system. The user management interface UserManager provides an interface for user operations such as creating/deleting/erasing a user, user information acquisition, user handle acquisition, and the like. In the case of multiple users, the master space is allowed some control over the addition of new user space, especially in developer mode. In particular, other user spaces can be controlled using multi-user commands of the debug interface under the developer option. Namely, the information of other user spaces under multiple users can be obtained through the user debugging interface of the privacy space. The private space can be regarded as a multi-user space relative to the main space, that is, the private space utilizes multi-user functions of the system, and the private space is an application of one form of the multi-user functions.

Fig. 3 shows an operation flow diagram of the user for the privacy space, and when the user a opens the privacy space on the terminal for the first time, the user a is prompted to set an independent password of the privacy space. After the setting is successful, the terminal sets a safe privacy space of the user A, and the user A enters the safe privacy space. And storing the password of the safe privacy space into a trust zone (Trustzone) with high physical safety level, establishing a new user X, and logging in the system by the user A as the user X under a multi-user mechanism of the terminal system. And when the user switches to the main space, quitting the privacy space and returning to the main space. For example, user a switches to the master space using the master space password in the lock screen state. Thereafter, user A may enter the privacy space by entering an independent password for the privacy space.

If the privacy space is not opened for the first time, when the user requests to open the privacy space, the user is prompted to input a privacy space password. The user enters a privacy space password. And comparing the password submitted by the user with the privacy space password stored in the trust zone. If the comparison is consistent, the user logs in the system as the user X under the multi-user mechanism of the terminal system, and normally enters the privacy space. If the comparison is wrong, the password is prompted to be wrong, and the privacy space is not allowed to be performed. And when the user switches to the main space, quitting the privacy space and returning to the main space.

The user debugging interface of the privacy space refers to a debugging interface which can access information in the privacy space. The privacy space is a multi-user function utilizing the terminal operating system, namely the privacy space is an encrypted user space of one of multiple users. The user debugging interface of the privacy space is the debugging interface of the user of the privacy space in multiple users. For example, am, pm, content, and other debugging commands support directly acquiring information in other user spaces under multiple users through a "- -user" (specified user ID) option in the main space, and when the user ID is the user ID of the privacy space, the debugging interface of the user ID is the user debugging interface of the privacy space. Thus, the user debugging interface that calls the privacy space can also obtain the information of the privacy space.

The user debug interface option of the privacy space is an option switch, and when the option is triggered, the user debug interface of the privacy space is turned on.

According to the technical scheme, in order to avoid other users from acquiring the information of the privacy space and the information of other spaces by calling the user debugging interface of the privacy space, the user debugging interface of the privacy space is closed by default. Since these interfaces are of value to developers developing applications, a switch is also provided that turns on the user debug interface of the privacy space, which is set as a user debug interface option of the privacy space. The user debugging interface of the privacy space can be opened through active triggering of the user.

In particular, the developer options interface provides a plurality of options that are positionable to user debug interface options through a sliding operation when the developer options interface is opened. Specifically, the developer options interface as shown in fig. 4, a user debug interface option 401 for adding a privacy space is added to the developer options interface.

Step 204, obtaining the opening triggering operation of the user debugging interface option of the privacy space.

As shown in fig. 4, the user debugging interface 401 for the privacy space is also provided with an option switch 402. The options switch 402 is used to control the turning on and off of user debug interface options for the privacy space. When the user debugging interface option is turned on, the user debugging interface of the privacy space is turned on, and the information of the privacy space can be accessed through the user debugging interface of the privacy space.

In the developer mode, the initial state of the user debug interface option 401 of the privacy space is off, that is, the default user debug interface option 401 of the privacy space is off. When a user needs to use a user debugging interface of the privacy space for debugging, or an attack tries to open the user debugging interface of the privacy space to facilitate the attack, an option switch 402 of a user debugging interface option 401 of the privacy space is triggered to operate by opening a developer option interface in the main space, and the user debugging interface option of the privacy space is opened to be switched from a closed state to an open state. Wherein the on-trigger operation is a click operation performed on an option switch of a user debug interface option of the privacy space in the off state. When the user himself or herself or others click on the click operation performed on the option switch 402 of the user debug interface option of the privacy space in the closed state, an open request for the user debug interface of the privacy space is triggered.

And step 206, responding to the opening triggering operation, and collecting the password to be verified.

And when the opening triggering operation of the user debugging interface of the privacy space is detected, responding to the opening triggering operation and displaying the password acquisition interface. Namely, the user debugging interface of the privacy space can be opened after the verification is passed. In order to avoid obtaining the information of the privacy space through the user debugging interface of the privacy space, the verification password may be defaulted to the password of the privacy space. Specifically, the collecting the password to be verified in response to the opening triggering operation includes: and responding to the opening triggering operation, displaying the password acquisition interface, and acquiring the password to be verified through the password acquisition interface.

In one embodiment, as shown in FIG. 4, a user in the privacy space debugs an interface option to open the option with a text prompt, requiring entry of a password. Wherein, for further prompting the password, the prompt message may be to open the option and require inputting the password of the privacy space. The verification password can be a character password, a graphic password, a biological characteristic password, such as a fingerprint, and the like. It should be noted that the password of the privacy space should be different from the main space because, in the case that the main space has adopted the face and the voiceprint as the password, the password of the privacy space is not suitable for the face and the voiceprint, etc. with unique biometric passwords, and the fingerprint adopted may be different from the main space, for example, the password of the main space is the fingerprint of the index finger of the right hand, and the password of the privacy space may adopt the fingerprint of the middle finger of the right hand.

The password collection interface is used for interacting with a user to obtain a user interface of the password to be verified. The interactive mode is related to the password mode, the password mode is different, the interactive mode is different, and the password acquisition interface is different.

For example, if the verification password is a character password, the interactive mode is character password input, and the password acquisition interface comprises a password input frame and a password input keyboard. The user inputs characters through the password input keyboard, and the terminal obtains the character password input by the user. If the verification password is a graphic password, the interactive mode is pattern input, and the password acquisition interface is a drawing interface. And drawing on the drawing interface by the user, and acquiring a user drawing graph as a verification password by the terminal. If the verification password is a biological characteristic password, the interactive mode is to align and adjust the relevant biological characteristics to the biological characteristic acquisition equipment of the terminal according to the prompt and feedback of the password acquisition interface, the password acquisition interface is a biological characteristic acquisition interface, and the terminal calls the biological characteristic acquisition equipment to acquire the biological characteristics (fingerprints) of the user as the verification password.

Taking a character password as an example, a schematic diagram of a password capture interface of an embodiment is shown in fig. 5, and includes a password input prompt 501, a password input box 502, and a submit button 503. The password input prompt 501 is used to prompt password information, such as displaying "please input a password for a privacy space". When the password input box is triggered, the virtual keyboard is displayed, and the user clicks the submit button 503 after inputting the password through the virtual keyboard. And acquiring the password to be verified through a password acquisition interface. Specifically, a password input by a user through a password acquisition interface is used as a password to be authenticated.

And step 208, verifying the password to be verified. If the verification passes, step 210 is performed.

And the step of verifying the password to be verified is to compare the password to be verified with a preset password. The preset verification password may be a password of the privacy space requested to be opened. Specifically, in order to secure the password, it may be stored in a storage space having a high physical security level for the password set in advance. The storage space with a high physical security level is a physically isolated secure area of the terminal device, such as a trust zone (Trustzone) or a physical Secure Element (SE).

TrustZone is an instruction set level security solution, and solves security problems from the lowest layer in the earliest stage of chip design, such as environment isolation, secure boot, secure upgrade, rollback attack prevention and the like. Secure element (secure element) SE, commonly provided in the form of a chip. In order to prevent external malicious analysis attack and protect data security, an encryption/decryption logic circuit is arranged in a chip.

And during verification, the password to be verified is transmitted into a physical security space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical security space is compared in the physical security. If the verification passes, step 210 is performed.

Step 210, opening the user debug interface option of the privacy space.

As shown in fig. 6, if the password to be verified passes the verification, for example, if the password input by the user is consistent with the password of the privacy space, the option switch of the user debugging interface option of the privacy space is switched from off to on.

Step 212, a user debugging interface of the privacy space is opened, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

And after the user debugging interface option of the privacy space is opened, opening the user debugging interface of the privacy space to enable the user debugging interface to be in an available state. Through a user debugging interface of the privacy space, the debugging equipment can access information in the privacy space through a debugging command.

As shown in fig. 6, when the developer option interface triggers an open request for a multi-user interface option, the open request is responded, a password acquisition interface is displayed, and a password to be verified is obtained through the password acquisition interface. After the verification is passed, the user debugging interface option of the privacy space of the developer option interface is started, and meanwhile, the background opens the user debugging interface of the privacy space.

According to the technical scheme, the option switch for opening the user debugging interface of the privacy space by using password verification is additionally arranged on the option interface of the developer, so that the user debugging interface opening authority of the privacy space is managed, the development requirement of the developer is met, and meanwhile, the information safety is ensured.

As mentioned above, according to the technical solution of the present application, the user debugging interface of the privacy space is turned off by default. And when the verification password passes, the user debugging interface of the privacy space can be opened, and the user can process the user debugging interface of the privacy space. For example, in the developer mode, the information of the privacy space is processed through a user debugging interface of the privacy space. Since the user debugging interface for opening the privacy space verifies the password of the privacy space, that is, the user has the operation authority for the privacy space, even if the verified user processes the information of the privacy space through the user debugging interface of the privacy space, the problem of privacy information leakage is not caused.

According to the method for controlling the access to the information of the privacy space, the user debugging interface options of the privacy space are displayed on the option interface of the developer, when the opening triggering operation of the options is triggered, the password to be verified is collected, and when the input password is verified to pass, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through password verification in the developer mode, other people can be prevented from easily controlling the information of the privacy space by using the user debugging interface of the privacy space in the developer mode, and the information safety is guaranteed.

In another embodiment, when the password to be verified passes the verification, the opening of the private space user debugging interface option comprises: and if the password to be verified is consistent with the password of the privacy space, the verification is passed, and the user debugging interface option of the privacy space is opened.

That is, specifically, the password to be authenticated is compared with the password of the privacy space. The password of the privacy space is the password set when the privacy space is created. The technical solution of the present application is to prevent the information in the private space from being easily accessed through the user debugging interface in the private space, and the purpose of the invention is consistent with the purpose of setting the password in the private space, so that, for the user, by setting the user debugging interface option open password in the private space and the password in the private space to be the same password, on one hand, there is no need to separately add the password setting to the user debugging interface option in the private space, because, for the user, there are few users who need to use the user debugging interface in the private space, and in the using process, the debugging using the user debugging interface option in the private space is the operation of the debugging device, the debugging process does not need to interact with the terminal device, there is no interactive interface which sets the verification password separately to the user debugging interface option in the private space, and if an interactive interface is added, the verification password is set to be too abrupt to not conform to the user's habit, therefore, the opening password of the user debugging interface option of the privacy space and the password of the privacy space are set to be the same password, and the use habit and the use thinking of the user are met to the maximum extent.

In another embodiment, before the developer options interface displays the private space user debugging interface options, the method further comprises: when a debug request with a debug device is detected in developer mode, a developer option interface is presented.

Specifically, after the developer mode is triggered, when debugging connection with the debugging equipment is detected, a developer option interface is displayed. For the operating systems, the terminal devices and the debugging devices of different operating systems have different debugging connection modes. Taking an operating system as an Android operating system as an example, the terminal device is connected with the debugging device through an ADB (Android debug bridge). The Android Debug Bridge (ADB) is a general command line tool that allows the debug device to communicate with the simulator instance or connected Android device, and the ADB is a command line tool. It is used for communication between a bridging simulator instance (Android device) and a background running daemon (server). The android debug bridge may facilitate various device operations, such as installing and debugging applications, and provide access to the Unix shell (which may be used to run various commands on a simulator or connected device).

After the ADB is installed on the debugging device, the debugging device is connected with the terminal device through the USB in a manner that the Android device and the debugging device running the ADB are connected to the same local area network, for example, to the same WiFi. Specifically, in the Android device, the IP address is searched from the setting > > wi-fi setting > > high-level > IP address. The devices are connected through the ADB using the same IP address. For example: network IP address-148.100.1.17 $ adb devices additional device list 148.100.1.17:5555 devices. Thus, the final configuration is completed and 'adb' is successfully configured through the wireless network.

Generally, under normal conditions, the requirement for the terminal device to connect to the external device through the USB may be to charge or access the data in the main space. As before, the developer mode is a hidden mode that needs to be triggered by clicking the version number multiple times in succession on the settings interface. After the developer mode is started, the developer option also needs to call out a developer option interface through complicated operation, and the user debugging interface option in the privacy space is located.

However, in practical applications, since the trigger operation of the developer mode is complicated and secret, the situation of misoperation trigger can be eliminated. After the developer mode is triggered, if the developer mode is connected with the debugging device, the user needs to debug the terminal device by using the debugging device.

Therefore, when connection with the debugging device is detected in the developer mode, such as connection with the debugging device through a USB or connection with the debugging device of the same local area network through WIFI, the developer option interface is displayed. After the debugging equipment is connected with the terminal equipment, the option interface of the developer can be popped up, the condition that a user enters a setting option to call the option interface of the developer through complicated operation is avoided, and the operation convenience is improved.

In one embodiment, when the password to be verified passes verification, a mark of a user debugging interface of a privacy space is set to be opened; and when the password to be verified is wrong in verification, setting the mark of the user debugging interface of the privacy space as closed.

The mark of the user debugging interface of the privacy space is used for representing the user debugging interface state of the privacy space, and the mark attribute of the mark is related to the user debugging interface state of the privacy space. The mark of the user debugging interface of the privacy space can facilitate the background program to read the user debugging interface state of the privacy space. The marking attribute of the user debugging interface of the privacy space has three states, namely no mark, the marking attribute is on, and the marking attribute is off. And in default, the marking attribute of the user debugging interface of the privacy space is in a non-marking state. In this embodiment, if the password to be verified passes the verification, the system sets a flag (multiuserADB) of the user debugging interface of the privacy space to be on, that is, the user debugging interface of the privacy space is normally turned on. And if the password to be verified is wrong in verification, setting the mark of the user debugging interface of the privacy space as closed, namely, not opening the user debugging interface of the privacy space.

The mark attribute of the user debugging interface of the privacy space is set according to the password verification result, so that the state of the user debugging interface of the privacy space can be acquired according to the mark attribute of the user debugging interface of the privacy space.

Further, in the actual use process, the method for controlling access to private space information further includes:

acquiring a debugging command of a user debugging interface of a privacy space; looking at the indicia of the user debug interface of the privacy space; and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In this embodiment, for each received debug command, the flag attribute of the user debug interface in the privacy space is checked, and only when the flag attribute of the user debug interface in the privacy space is on, the user debug interface in the privacy space can be called to execute the debug command, so as to access information in the privacy space. Through the user debugging interface mark additionally arranged in the privacy space, when the inside of the privacy space is debugged, each command needs to verify the mark of the user debugging interface in the privacy space, the effectiveness of password protection in the protection of the safe privacy space can be ensured, and certain interfaces can not be left by.

The user debugging interface mark of the privacy space is used as a basis for judging the state of the user debugging interface of the privacy space in the actual debugging process, so that the safety of the user debugging interface mark of the privacy space is very important, and the mark attribute of the user debugging interface mark needs to be prevented from being updated randomly. Therefore, in the present application, the label of the user debugging interface of the privacy space is stored in a physical security space, such as a trust zone (TrustZone) or an SE chip, to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, thereby greatly improving the security.

When the debugging command is acquired, the mark of the user debugging interface of the privacy space is checked in the physical security space, and if the mark attribute of the user debugging interface of the privacy space is closed, the password verification is wrong when the user debugging interface option of the privacy space is requested to be opened. Correspondingly, if the received debugging command is marked when the user debugging interface of the privacy space is checked in the physical security space, if the marking attribute of the user debugging interface of the privacy space is closed or no marking, the debugging command is not allowed to be executed.

In another embodiment, after the password to be verified passes the verification, the flag attribute of the user debugging interface of the privacy space is set to be on. The additional security module starts a timer and when the time (e.g. 2 hours) has been reached, the flag of the user debug interface of the privacy space is set to off. To prevent normal users from forgetting to turn off this interface. Specifically, a first timer is started; and when the timing time of the first timer is up, setting the marking attribute of the user debugging interface of the privacy space to be closed.

The timing duration of the first timer can be set according to experience, such as the longest use duration of one-time debugging according to the user debugging habit and the use habit. And after the marking attribute of the user debugging interface of the privacy space is opened, the first timer starts to time, and when the timing time of the first timer is up, the marking attribute of the user debugging interface of the privacy space is set to be closed. By adopting the timer, the mark attribute of the user debugging interface can be updated to be opened, and only the fixed time length can be opened, after the fixed time length is long, even if the user does not close the user debugging interface option of the private space, the mark attribute of the user debugging interface of the private space is set to be closed, and because the mark attribute of the user debugging interface of the private space needs to be judged every time the debugging command is executed, other people can still be prevented from accessing the information of the private space through the user debugging interface of the private space under the condition of no verification even if the option of the user debugging interface is not closed.

In another embodiment, after setting the flag attribute of the user debugging interface of the privacy space to off, the method further includes: closing the user debugging interface options of the privacy space; and closing the user debugging interface of the privacy space.

That is, when the timing duration of the first timer reaches, the user debugging interface option of the privacy space and the user debugging interface of the privacy space are further closed except that the flag attribute of the user debugging interface of the privacy space is set to be closed. Therefore, when the user uses the password verification device next time, the user debugging interface option of the privacy space is in a closed state, and password verification needs to be carried out again if the user needs to open the password verification device.

In another embodiment, a method for controlling access to private space information further includes: displaying user debugging interface options of the opened privacy space on a developer option interface; acquiring a closing triggering operation of a user debugging interface option of a privacy space; closing the user debugging interface options of the privacy space; and closing the user debugging interface of the privacy space.

Specifically, after the user is debugged, the user debugging interface option of the opened privacy space can be operated by opening the developer option interface, and the user debugging interface option of the privacy space and the user debugging interface of the privacy space are triggered to be closed. And after the user debugging interface option is closed, setting the mark attribute of the user debugging interface in the privacy space to be in a non-state or closed.

And when the disconnection with the debugging equipment is detected, showing a developer option interface, and displaying the user debugging interface options of the opened privacy space on the developer option interface. That is, when the disconnection from the debugging device is detected, the debugging may be considered to be finished, and in order to avoid that the user forgets to close the user debugging interface option of the privacy space, after the disconnection, the developer option interface is displayed to prompt the user to close the user debugging interface option of the privacy space in time. Meanwhile, the disconnection is usually the debugging end, and after the disconnection, an option interface of a developer is automatically popped up to remind the user to close in time, so that the user can be prevented from calling out the interface for operation in a terminal in a complicated operation mode, the operation convenience is improved, and the system safety is further protected.

In another embodiment, the password to be verified is wrong, and if the password verification error frequency reaches a threshold value, a second timer is started; and when the timing time of the second timer is not reached, setting to prohibit the acquisition of the verification password.

In this embodiment, in order to prevent another person from attacking the blasting, if the number of times of password input errors exceeds the threshold, when the timing time of the second timer is not reached, the password collection is prohibited, that is, the password collection time is limited by the second timer. And when the timing time of the second timer is not up, the password collection is prohibited. When the timing time of the second timer is reached, the setting allows the collection of the verification password.

Specifically, if the password to be verified is wrong in verification, re-inputting the password, and if the password verification error frequency does not reach the first threshold (for example, 5 times), prompting re-inputting on a password acquisition interface; and returning to the step of obtaining the password to be verified through the password acquisition interface. If the password verification error times reach a first threshold (such as 5 times), starting a second timer; when the timing time (e.g., 1 minute) of the second timer is not reached, it is set to prohibit the input of the authentication password. When the timed time of the second timer is reached (e.g., 1 minute), the setting allows entry of the authentication password. That is, if the number of times the password entered by the user is incorrect exceeds a threshold (e.g., 5 times), the time for entering the password will be limited, e.g., 1 minute will be required for the sixth time.

Further, if the number of password authentication errors exceeds a second threshold (for example, 20), starting a third timer, wherein the second threshold is greater than the first threshold; when the timing time (such as one week) of the third timer is not reached, the input of the verification password is prohibited; when the timing time (such as one week) of the third timer is reached, the authentication password is allowed to be input, and the timing time of the third timer is longer than that of the second timer. That is, if the number of times the user has entered the password incorrectly exceeds a threshold (e.g., 20), the password entry time is limited, e.g., 1 week later for the 21 st time.

When the password entry error is greater than a third threshold (e.g., 100), the flag of the multi-user interface is set to always off.

According to the embodiment, when the password error condition is larger than the threshold value, the password verification is limited, and the attack and blasting of others can be prevented.

In another embodiment, as shown in fig. 7, a method for controlling access to information in a private space includes two stages, a first stage of setting a user debug interface option switch of the private space, and a second stage of debugging.

In the first stage, as shown in fig. 7, a developer option interface is displayed on a terminal device, the developer option interface displays a user debugging interface option of a privacy space, and when an opening triggering operation for the user debugging interface option of the privacy space is acquired, a user debugging interface of a user requesting to open the privacy space is acquired. At the moment, a password acquisition interface is displayed at the equipment terminal, and the password to be verified acquired through the password acquisition interface is acquired.

The developer option interface can be automatically popped up when the connection with the debugging equipment is detected in the developer mode, so that the condition that a user can call the developer option interface through complicated operation can be avoided, and the operation is more convenient and intelligent.

In the technical scheme of the application, in order to avoid other users from acquiring the information of the multi-user space by calling the user debugging interface of the privacy space, for example, the information of the privacy space, the user debugging interface of the privacy space is closed by default. Since these interfaces are of some value to developers developing applications, the option of opening a private space user debug interface is also provided. The option of the user debugging interface of the privacy space is equivalent to an interface switch, and when the option is turned on, the user debugging interface of the privacy space is turned on.

And verifying the password to be verified. For a user of a terminal system, the purpose of the application is to avoid the disclosure of privacy space information by managing a user debugging interface of a privacy space. Based on this, the open password of the user trial interface option of the privacy space can be set as the privacy space password.

Specifically, the password authentication method includes: and comparing whether the password to be verified is consistent with the password of the privacy space.

Specifically, in order to ensure the security of the password, after the user sets the password in the privacy space, the password is stored in the storage space with a high physical security level in order to protect the password. The storage space with high physical security level may be a trust zone (Trustzone) or a physical security element. The method physically protects the security of the password. In one embodiment, the password is stored in a trusted zone (Trustzone), and in one embodiment the password is stored in a physical secure element. And during verification, the password to be verified is transmitted into the physical security space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical security space or not is compared. Specifically, as shown in fig. 7, the acquired password to be verified is transmitted into the physical security space for verification, and is transmitted into the Driver layer interface through the system Server internal interface, and is transmitted into the physical security space through the Driver layer interface. The physical security space stores a password for the privacy space. And comparing the password to be verified with the password of the privacy space.

In other embodiments, for more convenient or easier compromise, the key saving mechanism of the main space may be used to encrypt the password, store the hash value of the password to a place where the system can read the hash value only with high authority, and protect the security of the password from software. Specifically, comparing whether the password to be verified is consistent with the password in the privacy space includes: encrypting the password to be verified to obtain a hash value of the password to be verified; and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

In another embodiment, as shown in fig. 7, after opening the user debugging interface of the privacy space, the method includes: and when a debugging command of the user debugging interface needing to call the privacy space is acquired, if the mark of the user debugging interface of the privacy space is opened, the user debugging interface of the privacy space is called to execute the debugging command.

Specifically, if the password to be verified passes the verification, the system sets a flag (multiuserADB) of the user debugging interface of the privacy space to be on, that is, the user debugging interface of the privacy space is normally opened. In particular, indicia of the user's debug interface of the privacy space is maintained in a physical security space, such as a trust zone (TrustZone), for security. If the input verification password is incorrect, even the root authority can not modify the configuration, thereby greatly improving the security.

When a user uses the debugging commands of the user debugging interface of the privacy space to carry out normal multi-user debugging, the commands check the mark of the user debugging interface of the privacy space. If the user debug interface of the privacy space is marked open, then execution of the debug command is allowed. Specifically, a Flag (Flag) of a user debug interface (multiservadb) of a privacy space in a trust zone (TrustZone) is detected, and if it is on, execution of a debug command is allowed.

As shown in fig. 7, when the password to be verified is verified incorrectly, the flag of the user debugging interface that sets the privacy space is turned off. Specifically, if the password to be verified passes the verification, a flag (multiuserADB) of the user debugging interface of the privacy space is set to off in the system. In particular, indicia of the user's debug interface of the privacy space is maintained in a physical security space, such as a trust zone (TrustZone), for security. If the input verification password is incorrect, even the root authority can not modify the configuration, thereby greatly improving the security.

As shown in fig. 7, after the password to be verified passes the verification, the flag of the multi-user debug interface is set to be on. The additional security module starts a timer and sets the flag of the multi-user debug interface to off when the time (e.g., 2 hours) has elapsed. To prevent normal users from forgetting to turn off this interface. Specifically, a first timer is started; and when the timing time of the first timer is up, setting the mark of the multi-user debugging interface to be closed.

As shown in fig. 7, if the password to be verified is wrong in verification, re-input is performed, and if the number of times of password verification errors does not reach the first threshold (e.g., 5 times), re-input is prompted on the password acquisition interface; and returning to the step of obtaining the password to be verified through the password acquisition interface. If the password verification error times reach a first threshold (such as 5 times), starting a second timer; when the timing time (e.g., 1 minute) of the second timer is not reached, it is set to prohibit the input of the authentication password. When the timed time of the second timer is reached (e.g., 1 minute), the setting allows entry of the authentication password. That is, if the number of times the password entered by the user is incorrect exceeds a threshold (e.g., 5 times), the time for entering the password will be limited, e.g., 1 minute will be required for the sixth time.

Further, if the number of password authentication errors exceeds a second threshold (for example, 20), starting a third timer, wherein the second threshold is greater than the first threshold; when the timing time (such as one week) of the third timer is not reached, the input of the verification password is prohibited; when the timing time (such as one week) of the third timer is reached, the authentication password is allowed to be input, and the timing time of the third timer is longer than that of the second timer. That is, if the number of times the user has entered the password incorrectly exceeds a threshold (e.g., 20), the password entry time is limited, e.g., 1 week later for the 21 st time. When the password entry error is greater than a third threshold (e.g., 100), the flag of the multi-user interface is set to always off. According to the embodiment, when the password error condition is larger than the threshold value, the password verification is limited, and the attack and blasting of others can be prevented.

The second phase is the debug phase.

When a debugging command of a user debugging interface of a private space is acquired, such as am, pm, content and other commands, the 'user' option of the user ID of the private space is appointed, and whether the mark of the user debugging interface of the private space is opened or not is judged.

In particular, indicia of the user's debug interface of the privacy space is maintained in a physical security space, such as a trust zone (TrustZone), for security. If the input verification password is incorrect, even the root authority can not modify the configuration, thereby greatly improving the security.

When a debugging command of a user debugging interface needing to call the privacy space is acquired, if the mark of the user debugging interface of the privacy space is closed, the debugging command is not allowed to be executed. Specifically, when a user performs normal multi-user debugging using debugging commands of the user debugging interface of the privacy space, the commands check the flag of the user debugging interface of the privacy space. If the user debug interface of the privacy space is marked off, then the debug command is not allowed to be executed. Specifically, a Flag (Flag) of a user debug interface (multiservadb) of a privacy space in a trust zone (TrustZone) is detected, and if it is off, execution of a debug command is not allowed. This provides a good protection against attacks. In order to ensure the effectiveness of password protection in protecting the secure privacy space, there cannot be some interface that can be bypassed, and therefore, when debugging the inside of the privacy space, each command needs to verify the mark of the user debugging interface of the privacy space. Only when the user debugging interface of the privacy space is marked as open, the corresponding interface can be called.

In another embodiment, after the verification is passed, the user can also modify the password of the user debugging interface of the privacy space. Specifically, as shown in fig. 8, after the password to be verified is verified, that is, after the switch of the user debugging interface option in the privacy space is turned on, a password modification mark 801 is further displayed on the user debugging interface option in the privacy space, and when a trigger operation on the password modification mark is detected, a password collection interface 802 is displayed, and a modified password is obtained through the password collection interface. Through the password modification function, the user can set an independent password outside the multi-user space according to the user debugging interface option of the private space, and the information safety is further improved.

The process of the user debug interface requesting the opening of the privacy space for the user himself and the attacker is shown in fig. 9. And in the main space, when a user triggers an opening request of a user debugging interface of the privacy space through a developer option interface of the terminal, a password acquisition interface is displayed. A user inputs a privacy space password through a password acquisition interface, the password is verified to be correct, a user debugging interface of the privacy space is opened, a multi-user interface mark is set to be opened, and then the multi-user interface can be normally used for debugging.

And in the main space, when an attacker triggers an opening request of a user debugging interface of the privacy space through a developer option interface of the terminal, displaying a password acquisition interface. An attacker tries to input a password through a password acquisition interface, the password is not consistent with the password of the privacy space after verification, the verification is wrong, when the number of times of the verification error is larger than a threshold value, a multi-user interface mark is set to be closed forever, the attacker does not have an independent password of the privacy space, so that a user debugging interface option of the privacy space cannot be opened, in a main space, a correct password cannot be input to open a related interface, the access to the multi-user ADB debugging interfaces is forbidden, further attack cannot be performed through the multi-user interface, information in the privacy space is obtained, and therefore the information safety is protected.

In one embodiment, there is further provided a method for controlling access to private space information, as shown in fig. 10, including:

s1002, displaying user debugging interface options of the privacy space on a developer option interface.

S1004, when the opening triggering operation of the user debugging interface option of the privacy space is acquired, the password to be verified is collected.

S1006, the password to be verified is transmitted into the physical security space, and whether the password to be verified is consistent with the password stored in the privacy space of the physical security space is compared through the physical security space. If yes, go to step S1008.

The password of the privacy space is the password set when the privacy space is created. Therefore, the opening password of the user debugging interface option of the privacy space and the password of the privacy space are set to be the same password, and the use habit and the use thinking of the user are met to the maximum extent.

Specifically, in order to secure the password, it may be stored in a storage space having a high physical security level for the password set in advance. The storage space with a high physical security level is a physically isolated secure area of the terminal device, such as a trust zone (Trustzone) or a physical Secure Element (SE).

In one embodiment, when the password of the privacy space needs to be verified, the terminal program transmits the password to be verified into the physical security space, compares whether the password to be verified is consistent with the password stored in the privacy space of the physical security space in the physical security space, and transmits the comparison result out of the physical security space. When the comparison result is that the password to be verified is consistent with the password stored in the privacy space of the physical security space, the terminal program executes step S1008.

And S1008, opening the user debugging interface options of the privacy space.

S1010, opening a user debugging interface of the privacy space, wherein the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

According to the privacy space information access control method, the user debugging interface options of the privacy space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the password to be verified is collected, the password to be verified is compared with the password stored in the privacy space of the physical security space, and the password security is ensured. When the input password passes the verification, the user debugging interface of the privacy space is opened, so that the user debugging interface of the privacy space can be opened only through the password verification in the developer mode, other people can be prevented from easily controlling the information of the privacy space by using the user debugging interface of the privacy space in the developer mode, and the information safety is guaranteed.

In another embodiment, when the password to be verified is compared with the password stored in the privacy space of the physical security space, setting a mark of a user debugging interface of the privacy space in the physical security space as open; and when the password to be verified is not consistent with the password stored in the privacy space of the physical security space, setting the mark of the user debugging interface of the privacy space in the physical security space as closed.

In the present application, the label of the user debugging interface of the privacy space is stored in a physical security space, such as a trust zone (TrustZone) or an SE chip, to ensure security. If the input verification password is incorrect, even the root authority can not modify the configuration, thereby greatly improving the security.

In another embodiment, a method for access control to private space information further comprises: acquiring a debugging command of a user debugging interface of a privacy space; checking the mark of a user debugging interface of a privacy space in the physical security space; and if the mark of the user debugging interface of the privacy space is opened, calling the user debugging interface of the privacy space to execute the debugging command.

In another embodiment, after the marking of the user debugging interface of the physical security space setting privacy space as open, the method further comprises: starting a first timer; when the timing time of the first timer is reached, the mark of the user debugging interface of the privacy space is set to be closed in the physical security space.

In another embodiment, after the marking of the user debugging interface of the physical security space setting privacy space as off, the method further comprises: closing the user debugging interface options of the privacy space; and closing the user debugging interface of the privacy space.

In another embodiment, a method for access control to private space information further comprises: if the password verification error times reach the threshold value, starting a second timer; and when the timing time of the second timer is not reached, setting to prohibit the acquisition of the verification password.

It should be understood that although the steps in the flowcharts of fig. 2, 3, 7, 9 and 10 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2, 3, 7, 9 and 10 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least some of the other steps.

In one embodiment, as shown in fig. 11, there is provided a private space information access control apparatus, which may be a part of a computer device using a software module or a hardware module, or a combination of the two, and specifically includes: interface display module, open operation module, password collection module, verification module, option switch module and control module, wherein:

an interface display module 1002, configured to display a user debugging interface option of the privacy space on the developer option interface.

An open operation module 1004, configured to obtain an open trigger operation on the user debugging interface option of the privacy space.

And the password acquisition module 1006 is configured to respond to the opening trigger operation and acquire the password to be authenticated.

And the verification module 1008 is configured to obtain the password to be verified through the password acquisition interface.

And the option switch module 1010 is configured to open the user debugging interface option of the privacy space when the password to be verified passes verification.

The control module 1012 is configured to open a user debugging interface of the privacy space, where the user debugging interface of the privacy space is a debugging interface capable of accessing information in the privacy space.

According to the private space information access control device, the user debugging interface options of the private space are displayed on the developer option interface, when the opening triggering operation of the options is triggered, the password to be verified is collected, when the input password is verified to pass, the user debugging interface of the private space is opened, so that in a developer mode, the user debugging interface of the private space can be opened through password verification, other people can be prevented from easily controlling the information of the private space by using the user debugging interface of the private space in the developer mode, and the information safety is guaranteed.

In another embodiment, the verification module is configured to verify that the password to be verified is consistent with the password of the privacy space. And the option switch module is used for opening the user debugging interface options of the privacy space when the password to be verified is not consistent with the password of the privacy space in the verification module.

In another embodiment, the interface presentation module is further configured to present the developer option interface when a debug connection with the debug device is detected in the developer mode.

In another embodiment, the private space information access control apparatus further includes:

and the setting module is used for setting the mark of the user debugging interface of the privacy space to be opened when the password to be verified passes the verification, and setting the mark of the user debugging interface of the privacy space to be closed when the password to be verified is wrong in verification.

and the debugging command acquisition module is used for acquiring a debugging command of the user debugging interface of the privacy space.

And the checking module is used for checking the mark of the user debugging interface of the privacy space.

And the debugging module is used for calling the user debugging interface of the privacy space to execute the debugging command if the mark of the user debugging interface of the privacy space is opened.

the timer is used for starting the first timer;

and the setting module is also used for setting the mark of the user debugging interface of the privacy space to be closed when the timing time of the first timer is up.

In another embodiment, the control module is further configured to turn off the user debugging interface option of the privacy space and turn off the user debugging interface of the privacy space.

In another embodiment, the interface presentation module is further configured to display user debugging interface options for the opened privacy space in the developer option interface.

And the opening operation module is also used for acquiring the closing triggering operation of the user debugging interface options of the privacy space.

The control module is also used for closing the user debugging interface options of the privacy space; and closing the user debugging interface of the privacy space.

In another embodiment, the interface presentation module is further configured to present the developer option interface when a disconnection from the debugging device is detected.

In another embodiment, the verification module is configured to transmit the password to be verified into the physical security space, and compare whether the password to be verified is consistent with the password stored in the privacy space of the physical security space.

In another embodiment, the verification module is configured to encrypt the password to be verified to obtain a hash value of the password to be verified; and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

In another embodiment, the verification module is further configured to start a second timer if the number of password verification errors reaches a threshold; and when the timing time of the second timer is not reached, setting to prohibit the acquisition of the verification password.

In another embodiment, the interface setting apparatus further includes:

the password modification module is used for displaying a password modification mark after the password to be verified passes the verification; the password modification device comprises a password acquisition module and a password storage module, wherein the password acquisition module is also used for displaying a password acquisition interface when the trigger operation of the password modification mark is detected, and the password storage module is used for acquiring the modification password through the password acquisition interface.

In one embodiment, there is also provided a private space information access control apparatus including:

and the interface display module displays the user debugging interface options of the privacy space on the developer option interface.

And the password acquisition module acquires the password to be verified when the opening triggering operation of the user debugging interface option of the privacy space is acquired.

And the verification module is used for transmitting the password to be verified into a physical security space and comparing whether the password to be verified is consistent with the password stored in the privacy space of the physical security space or not through the physical security space.

And the option switch module is used for opening the user debugging interface options of the privacy space when the verification module verifies the consistency.

For specific limitations of the private space information access control device, reference may be made to the above limitations of the private space information access control method, which will not be described herein again. The modules in the above private space information access control device may be implemented wholly or partially by software, hardware, or a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.

In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 12. The computer device includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a method of access control for private space information. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.

Those skilled in the art will appreciate that the architecture shown in fig. 12 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.

In one embodiment, a computer device is further provided, which includes a memory and a processor, the memory stores a computer program, and the processor implements the steps of the above method embodiments when executing the computer program.

In an embodiment, a computer-readable storage medium is provided, in which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.

The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims

1. A method of access control to private space information, the method comprising:

2. The method of claim 1, further comprising:

when the password to be verified is compared with the password stored in the privacy space of the physical security space, setting a mark of a user debugging interface of the privacy space in the physical security space as open;

and when the password to be verified is not consistent with the password stored in the privacy space of the physical security space, setting the mark of the user debugging interface of the privacy space in the physical security space as closed.

3. The method of claim 2, further comprising:

viewing indicia of a user debug interface of the privacy space in the physical security space;

4. The method of claim 2, after the marking of the user debug interface of the physical security space setting privacy space as on, further comprising:

starting a first timer;

and when the timing time of the first timer is up, setting the mark of the user debugging interface of the privacy space as closed in the physical security space.

5. The method of claim 4, after the physical security space sets a flag of a user debug interface of the privacy space to off, further comprising:

closing user debugging interface options of the privacy space;

and closing the user debugging interface of the privacy space.

6. The method of claim 1, further comprising:

7. A method of access control to private space information, the method comprising:

8. The method of claim 7, wherein the step of opening the private space user debug interface option upon authentication of the password to be authenticated comprises: and if the password to be verified is consistent with the password of the privacy space, the verification is passed, and the user debugging interface option of the privacy space is opened.

9. The method of claim 7, further comprising, prior to displaying the user debug interface options for the privacy space at the developer options interface:

when a debug connection with a debug device is detected in developer mode, the developer option interface is presented.

10. The method of claim 7, further comprising:

displaying user debugging interface options of the opened privacy space on a developer option interface;

acquiring a closing triggering operation of a user debugging interface option of the privacy space;

closing user debugging interface options of the privacy space;

and closing the user debugging interface of the privacy space.

11. The method of claim 10, before the developer options interface displaying user debug interface options for the privacy space that have been opened, comprising:

and when the disconnection with the debugging equipment is detected, displaying the developer option interface.

12. The method of claim 8, wherein comparing whether the password to be verified is consistent with the password in the privacy space comprises:

encrypting the password to be verified to obtain a hash value of the password to be verified;

and comparing whether the hash value of the password to be verified is consistent with the hash value of the password in the privacy space.

13. An apparatus for controlling access to private space information, the apparatus comprising:

14. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method according to any of claims 1 to 12.

15. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 12.