CN112287372A - Method and apparatus for protecting clipboard privacy - Google Patents

Method and apparatus for protecting clipboard privacy Download PDF

Info

Publication number
CN112287372A
CN112287372A CN202011252297.2A CN202011252297A CN112287372A CN 112287372 A CN112287372 A CN 112287372A CN 202011252297 A CN202011252297 A CN 202011252297A CN 112287372 A CN112287372 A CN 112287372A
Authority
CN
China
Prior art keywords
information
clipboard
text
privacy
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011252297.2A
Other languages
Chinese (zh)
Other versions
CN112287372B (en
Inventor
游德贵
方芳
赵竹珺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics China R&D Center, Samsung Electronics Co Ltd filed Critical Samsung Electronics China R&D Center
Priority to CN202011252297.2A priority Critical patent/CN112287372B/en
Publication of CN112287372A publication Critical patent/CN112287372A/en
Application granted granted Critical
Publication of CN112287372B publication Critical patent/CN112287372B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

Embodiments of the present disclosure disclose methods and apparatus for protecting clipboard privacy. The specific implementation mode of the method comprises the following steps: detecting whether privacy information is included in the copy information in response to receiving the copy instruction; if the private information is included, the copied information is encrypted to generate an encrypted text; storing the encrypted text in a clipboard and printing an encrypted label; detecting whether the pasting action is a safe action or not in response to receiving the pasting instruction; if the behavior is a safe behavior, the clipboard text is decrypted and returned; and if the action is a non-safety action, directly returning the encrypted text in the clipboard. According to the embodiment, the information of the clipboard cannot be used at will even if stolen, so that the risk of information leakage is reduced.

Description

Method and apparatus for protecting clipboard privacy
Technical Field
Embodiments of the present disclosure relate to the field of computer technologies, and in particular, to a method and an apparatus for protecting clipboard privacy.
Background
The App can easily acquire clipboard data of the system and provide the application through clipboard contents. Many apps use clipboard permissions to scan user clipboard information. When the shopping App shares the link with the WeChat friend, the friend copies the link of the baby in the WeChat, and then switches to the shopping App client from the background, the App pops up a page to inquire whether to jump to the corresponding commodity page. The principle is very simple: when App is opened (or switched in), a clipboard is scanned, and when the latest copied information is found to be a commodity shopping link or a relevant password, the commodity information to be purchased by the user is guessed intelligently. Although the user experience may be good, when the App scans the clipboard, it may obtain user privacy information such as an account password on the clipboard. Each application mall has a large number of clipboard function related applications for managing your cutting operation records very "conveniently". Some rogue applications force to write contents that can be profit in the clipboard, and open the relevant applications to pop up.
When the App calls the clipboard, the system does not need any authorization from the user at all, or even has no prompt. Users with whom mobile devices can communicate are more dangerous if the iOS side enables a universal clipboard and these applications can also access content copied on a computer (Mac). In the prior art, the risk that clipboard contents, particularly account passwords or private information, are stolen is high, and security problems such as information leakage are easily caused. The clipboard should be used for identifying and anonymizing security-related information, so as to ensure the security of user information.
Disclosure of Invention
Embodiments of the present disclosure propose methods and apparatuses for protecting clipboard privacy.
In a first aspect, an embodiment of the present disclosure provides a method for protecting clipboard privacy, including: detecting whether privacy information is included in the copy information in response to receiving the copy instruction; if the private information is included, the copied information is encrypted to generate an encrypted text; storing the encrypted text in the clipboard and printing an encrypted label.
In some embodiments, encrypting the replication information to generate encrypted text includes: acquiring the position of the privacy information in the copied information; encrypting the private information to generate a ciphertext; and replacing the private information with a ciphertext according to the position to obtain an encrypted text.
In some embodiments, detecting whether private information is included in the replicated information includes: identifying whether privacy information is included in the copied information by at least one of the following methods: regular expression matching method, regular matching method, dictionary matching method, named entity recognition method.
In some embodiments, the method further comprises: responding to a received call instruction of the clipboard, and acquiring text information to be pasted or displayed; if the text information has the encryption tag, judging whether the calling instruction is safe, and if so, decrypting the text information; and pasting or displaying the decrypted content.
In some embodiments, decrypting the textual information comprises: detecting whether a call instruction of a clipboard comes from an authorized application; and if the text message comes from the authorized application, decrypting the text message, otherwise, not decrypting the text message.
In some embodiments, decrypting the textual information comprises: if the encrypted tag comprises the position information of the ciphertext, decrypting the ciphertext according to the position information to obtain a plaintext character string; and replacing the ciphertext in the text information with a plaintext character string according to the position information.
In some embodiments, the method employs a block encryption algorithm.
In a second aspect, an embodiment of the present disclosure provides an apparatus for protecting clipboard privacy, including: a detection unit configured to detect whether or not privacy information is included in the copy information in response to receiving the copy instruction; an encryption unit configured to encrypt the copy information to generate an encrypted text if the privacy information is included; and the storage unit is configured to store the encrypted text in the clipboard and print the encrypted label.
In some embodiments, the encryption unit is further configured to: acquiring the position of the privacy information in the copied information; encrypting the private information to generate a ciphertext; and replacing the private information with a ciphertext according to the position to obtain an encrypted text.
In some embodiments, the detection unit is further configured to: identifying whether private information is included in the copied information by at least one of: regular expression matching method, regular matching method, dictionary matching method, named entity recognition method.
In some embodiments, the apparatus further comprises a decryption unit configured to: responding to a received call instruction of the clipboard, and acquiring text information to be pasted or displayed; if the text information has the encryption tag, judging whether the calling instruction is safe, and if so, decrypting the text information; and pasting or displaying the decrypted content.
In some embodiments, the apparatus further comprises a rights management unit configured to: detecting whether a call instruction of a clipboard comes from an authorized application; if the text message comes from the authorized application, the text message is automatically decrypted, otherwise, the text message is not decrypted.
In some embodiments, the decryption unit is further configured to: if the encrypted tag comprises the position information of the ciphertext, decrypting the ciphertext according to the position information to obtain a plaintext character string; and replacing the ciphertext in the text information with a plaintext character string according to the position information.
In some embodiments, the apparatus employs a symmetric block cipher algorithm.
In a third aspect, embodiments of the present disclosure provide an electronic device for protecting clipboard privacy, comprising: one or more processors; a storage device having one or more programs stored thereon which, when executed by one or more processors, cause the one or more processors to implement a method as in any one of the first aspects.
In a fourth aspect, embodiments of the disclosure provide a computer readable medium having a computer program stored thereon, wherein the program when executed by a processor implements a method as in any one of the first aspect.
According to the method and the device for protecting the privacy of the clipboard, when the information is copied to the clipboard, the information with privacy such as account passwords in the clipboard is identified and encrypted. When the information is used, decryption is performed on the information. The information of the clipboard can not be used at will even if stolen, and therefore the risk of information leakage is reduced.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present disclosure may be applied;
FIG. 2 is a flow diagram of one embodiment of a method for protecting clipboard privacy in accordance with the present disclosure;
FIG. 3 is a schematic diagram of one application scenario of a method for protecting clipboard privacy in accordance with the present disclosure;
FIG. 4 is a flow diagram of yet another embodiment of a method for protecting clipboard privacy in accordance with the present disclosure;
FIG. 5 is a schematic diagram of yet another application scenario of a method for protecting clipboard privacy in accordance with the present disclosure;
FIG. 6 is a block diagram of one embodiment of an apparatus for protecting clipboard privacy, according to the present disclosure;
FIG. 7 is a schematic block diagram of a computer system suitable for use with an electronic device implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the disclosed method for or apparatus for protecting clipboard privacy may be applied.
As shown in fig. 1, system architecture 100 may include a network 102 of terminal devices 101 and terminal devices 103. Network 103 is the medium used to provide a communication link between terminal device 101 and terminal device 103. The network may include various connection types, such as cellular mobile networks, WIFI, and so on.
The user may use terminal device 101 to interact with terminal device 103 over a network to receive or send messages or the like. The terminal devices 101 and 103 may have various communication client applications installed thereon, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal devices 101 and 103 may be various electronic devices having a display screen and supporting a copy and paste function, including but not limited to a smart phone, a tablet computer, an e-book reader, an MP3 player (Moving Picture Experts Group Audio Layer III, motion Picture Experts Group Audio Layer 3), an MP4 player (Moving Picture Experts Group Audio Layer IV, motion Picture Experts Group Audio Layer 4), a laptop portable computer, a desktop computer, and the like. When the terminal apparatus 101 is software, it can be installed in the electronic apparatuses listed above. It may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
It should be noted that the method for protecting clipboard privacy provided by the embodiments of the present disclosure is generally performed by the terminal device 101, 103, and accordingly, the apparatus for protecting clipboard privacy is generally disposed in the terminal device 101, 103.
It should be understood that the number of terminal devices and networks in fig. 1 is merely illustrative. There may be any number of terminal devices and networks, as desired for implementation.
With continuing reference to fig. 2, a flow 200 of one embodiment of a method for protecting clipboard privacy in accordance with the present disclosure is presented. The method for protecting the privacy of the clipboard comprises the following steps:
step 201, in response to receiving a copy instruction, detecting whether privacy information is included in the copy information.
In the present embodiment, when a user uses an execution subject (for example, the terminal device shown in fig. 1) of the method for protecting the privacy of a clipboard, a copy instruction including copy information is transmitted to the terminal device by a click/long press or the like operation. The replication information may include privacy information, including but not limited to: bank card number, bank account number, mobile phone number, identification card number, password, email address, driver license number, passport number, and home address.
The detection mode of the private information mainly comprises a regular expression/rule matching mode/dictionary matching mode and a machine learning mode (Named Entity Recognition (NER)) based on a pre-training model. The method is characterized in that entities with obvious rules such as bank account numbers, bank card numbers, driver license numbers, email addresses, passport numbers, mobile phone IMEI codes, telephone numbers, passwords and the like are combined by regular expressions and keyword rules. In a sentence, the entity meeting the regular expression and the rule at the same time is identified to obtain the character string of the privacy entity in the sentence, the privacy category to which the entity belongs, and the starting and ending position information of the entity in the original sentence. On the other hand, for information related to a specific address, such as a home address of a user, the named entity is identified by machine learning. Storing the pre-trained model in the terminal equipment, and calling the prediction function of the model to identify the named entity when the clipboard has data to be stored. The NER algorithm involved in machine learning can select the existing NER toolkit, such as Stanford toolkit and the like, and can also realize that the identification accuracy of the current latest algorithm is improved, such as the embedding can be improved by using a knowledge enhancement mode, and a more complex model can be used in an encoding stage.
Step 202, if the private information is included, encrypting the copy information to generate an encrypted text.
In this embodiment, the entire copy information may be encrypted to generate an encrypted text (bulk encryption method). It is also possible to encrypt only private information (partial encryption mode), and not to encrypt other information.
If a local encryption mode is adopted, the position of the privacy information in the copied information can be acquired; encrypting the private information to generate a ciphertext; and replacing the private information with a ciphertext according to the position to obtain an encrypted text.
Alternatively, the selection of the whole encryption or the partial encryption may be made according to the number of the private information (the ratio of the number of characters to the copy information or the number of discontinuous private information). For example, if the ratio of the number of characters to the copy information is greater than a predetermined ratio threshold, for example, 70%, the entire encryption may be performed. If the number of the private information is larger than the number threshold value, for example, the copy information includes 3 private information in total, such as an identification card, a telephone number, and a password, then the whole encryption is possible. Therefore, the encryption times can be reduced, and the encryption speed can be improved.
The same encryption algorithm can be used regardless of the encryption method. Because the encryption and decryption operations are carried out at the mobile phone end, network transmission is not needed, and certain requirements are placed on the encryption and decryption efficiency, the encryption algorithm can select a symmetric encryption mode. The symmetric encryption method only needs the same public key when encrypting and decrypting. Comparing algorithm efficiency, resource consumption and security. The traditional symmetric Encryption algorithm des (data Encryption standard) or the domestic SM4 algorithm can be used.
Alternatively, the Encryption algorithm may be selected from a symmetric block Encryption algorithm aes (advanced Encryption standard). AES consists of multiple rounds, where each round is divided into 4 steps of SubBytes (byte substitution), ShiftRows (row shift), MixColumns (column obfuscation), AddRoundKey (round key plus). The required rounds are different according to the key length, and the keys with 128 bits, 192 bits and 256 bits respectively require 10 rounds, 12 rounds and 14 rounds. Since the mobile phone clipboard encryption takes speed into account, a key length of 128 bits, 10 rounds of encryption, may be selected here. The encryption mode selects a CBC (client Block Chaining mode) mode with higher security, which can ensure that ciphertext blocks encrypted by the same plaintext Block are different, and the structures of plaintext and ciphertext are also different.
Step 203, storing the encrypted text in the clipboard and printing an encrypted label.
In this embodiment, the encrypted text is stored in the clipboard and is then available to the system, application, user. No matter which encryption mode is adopted, the encryption label is marked on the encrypted text. The encryption tag of the partial encryption mode also needs to include the position of the privacy information in the copy information for indicating the decryption position when decrypting.
Copy information that does not include privacy information is not encrypted and the original text is saved in the clipboard.
With continued reference to fig. 3, fig. 3 is a schematic diagram of an application scenario of the method for protecting clipboard privacy according to the present embodiment. In the application scenario of fig. 3, the user presses the mobile phone screen for a long time, and selects the copy information "name: zhang three, telephone number: 17898745896, mailbox: jianwang @163.com, address: xing' an street 235. The mobile phone does not directly store the copied information into the clipboard, but firstly detects the private information, and encrypts the copied information and then stores the encrypted copied information into the clipboard if the private information is detected. The terminal can adopt a whole encryption mode or a partial encryption mode for encryption. The whole encryption mode encrypts the complete copy information, generates an encrypted text, stores the encrypted text in the clipboard and prints an encrypted tag (the encrypted tag of the whole encryption mode does not include the position of the private information). When decrypting, the complete information is directly decrypted. The terminal can also adopt a local encryption mode. Only "17898745896", "jianwang @163. com" and "xing' an street 235" are encrypted. When identifying the private information, the position of the private information can be obtained, the original plaintext is replaced by the ciphertext according to the position, and the encrypted text is' name: zhang three, telephone number: bmloYW8, mailbox: dfh45t0@ v5, address: fjert4509 ". The encrypted text is stored in the clipboard and an encryption tag is printed (the encryption tag in a local encryption mode includes the location of the private information). When decrypting, only the content indicated by the position is directly decrypted.
The prior art clipboard has no differential encryption and poor readability when used by a user. The current clipboard encryption algorithm encrypts and stores the whole clipboard text, so that the user is difficult to locate the content to be pasted facing the encrypted text when using the clipboard encryption algorithm. Therefore, the private information in the text is identified and only the private information part is encrypted, so that the experience of the user using the clipboard can be enhanced. Further, when it is recognized that a certain operation on the clipboard is an active action of the user, the full plaintext is automatically decrypted and presented to the user.
The clipboard in the prior art judges whether to encrypt or not according to the condition manually set by the user, and the user operation is complex. Some clipboard encryption algorithms determine which need to be encrypted according to conditions manually set by a user, and the user has complex operation and poor experience. Therefore, the method and the device can automatically identify the privacy information in the text, and improve the use feeling of the user.
With further reference to fig. 4, a flow 400 of yet another embodiment of a method for protecting clipboard privacy is shown. The flow 400 of the method for protecting clipboard privacy comprises the steps of:
step 401, in response to receiving a call instruction of the clipboard, obtaining text information to be pasted or displayed.
In this embodiment, the clipboard of the terminal may store at least one copied piece of text information. The user may invoke the clipboard through an invocation instruction (e.g., paste or display, etc.) of the clipboard. The clipboard can be opened directly to display the text information, or the latest text information can be pasted directly to the target position by the pasting operation.
And step 402, if the text information has the encryption label, judging whether the calling instruction is safe, and if so, decrypting the text information.
In this embodiment, the text information may be encrypted or plaintext, and it can be determined whether the text information has an encryption tag. If the encrypted tag does not include the position information of the ciphertext, the encryption is overall encryption, and the complete text information is decrypted during decryption. If the encrypted tag comprises the position information of the ciphertext, the partial encryption is indicated, the encrypted content is found according to the position, and decryption is carried out to obtain the plaintext character string. And then replacing the ciphertext with the plaintext string. The encryption algorithm and the key used in decryption are the same as in the encryption process. Before decryption, whether the calling instruction is safe needs to be judged, if the calling instruction comes from the user or an authorized application, the calling instruction is safe, and otherwise, the calling instruction is unsafe.
Optionally, decrypting the text information includes: detecting whether a call instruction of a clipboard comes from an authorized application; if the text message comes from the authorized application, the text message is automatically decrypted, otherwise, the text message is not decrypted. The system can be set in advance that some applications authorize to read the private information of the clipboard, and if the applications are actively opened by the user, the authorization is equivalent to reading the private information of the clipboard.
And judging whether the current clipboard calling operation is a user-level operation or not by monitoring the user behavior. And judging the identity of the caller by calling the command and the parameter of the clipboard. The caller is given different clipboard permissions. There are 4 cases as follows:
1) at system level automatic invocation, the clipboard automatically decrypts the encrypted text by default and returns
2) When a third party trusted app (manually set by the user) is automatically invoked, the clipboard automatically decrypts the encrypted text by default and returns
3) When other apps of the third party are automatically called, the clipboard returns the encrypted text by default
4) When the user level operates, the clipboard automatically decrypts the encrypted text by default and returns
Thus, when the untrusted ordinary app automatically calls the clipboard, the decrypted text information containing privacy cannot be acquired.
Step 403, pasting or displaying the decrypted content.
In this embodiment, the decrypted content (plaintext) can be pasted or displayed only when the clipboard is pasted or displayed by a system level call, a user level call, or a third party trusted app call. In other cases, ciphertext is pasted or displayed.
With continued reference to fig. 5, fig. 5 is a schematic diagram of an application scenario of the method for protecting clipboard privacy according to the present embodiment. In the application scenario of fig. 5, when a user needs to read or copy information from the clipboard, the clipboard is opened first. The system judges that the operation of opening the clipboard is initiated by the user, and then the system can automatically acquire the key information and the position information of the entity needing to be decrypted, so that the decryption process can be automatically executed, and the decrypted information of the full plaintext is returned to the user. When a trusted system-level application accesses the clipboard, the system also recognizes its identity information and obtains its permissions on the clipboard. At this time, if there is an operation of reading/copying information, the system decrypts in the same manner as described above.
For example, if the user presses the mobile phone screen for a long time and selects the paste option, the clipboard is opened, and the content "name: zhang three, telephone number: bmloYW8, mailbox: dfh45t0@ v5, address: fjert4509 ″, and an encryption tag (including location information of the ciphertext). The content is encrypted, and before executing the paste instruction, it is determined whether the app calling the paste instruction is authorized, for example, if the user selects to paste on a certain app interface, it is equivalent to that the user is authorized by the app, and at this time, the terminal can decrypt according to the encrypted tag to obtain a plaintext "name: zhang three, telephone number: 17898745896, mailbox: jianwang @163.com, address: xing' an street 235. If not, decryption is not performed, and the app obtains ciphertext, so that the privacy of the user is protected.
Clipboard copy paste scene example:
scene: the user A transfers accounts to the friend user B, the user B sends the bank account number and the user name to the user A through WeChat/short message, the user A pastes the sent bank account number and the sent user name to the clipboard, and the clipboard is identified, anonymized and stored in the clipboard. And the bank client selects a user name and a bank account number in the clipboard, the clipboard manager de-anonymizes the record and pastes the record to an account number edit bar, and the user A finishes the account transfer operation for the user B after confirming the record.
Clipboard privacy protection scenario example:
scene: the user A sends the account password of the public comment to the friend user B, and the user B copies the password of the user A and successfully logs in the public comment. Later user B opens the shop that the panning was strolling and eating, and panning APP visits system clipboard data automatically, because panning APP belongs to untrusted third party APP in clipboard authority control module, the system can not carry out automatic deciphering to the text that encrypts, what the panning was visited at this moment is the text after this record encryption of password, has protected user's privacy from a certain extent.
With further reference to fig. 6, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for protecting privacy of a clipboard, which corresponds to the method embodiment shown in fig. 2, and which is particularly applicable to various electronic devices.
As shown in fig. 6, the apparatus 600 for protecting privacy of a clipboard of the present embodiment includes: detection unit 601, encryption unit 602, storage unit 603. Wherein the detecting unit 601 is configured to detect whether privacy information is included in the copy information in response to receiving the copy instruction; an encryption unit 602 configured to encrypt the copy information to generate an encrypted text if the privacy information is included; a storage unit 603 configured to store the encrypted text in the clipboard and to print the encrypted label.
In this embodiment, the specific processing of the detecting unit 601, the encrypting unit 602, and the storing unit 603 of the apparatus 600 for protecting the privacy of the clipboard may refer to step 201, step 202, and step 203 in the corresponding embodiment of fig. 2.
In some optional implementations of this embodiment, the encryption unit 602 is further configured to: acquiring the position of the privacy information in the copied information; encrypting the private information to generate a ciphertext; and replacing the private information with a ciphertext according to the position to obtain an encrypted text.
In some optional implementations of the present embodiment, the detection unit 601 is further configured to: identifying whether private information is included in the copied information by at least one of: regular expression matching method, regular matching method, dictionary matching method, named entity recognition method.
In some optional implementations of this embodiment, the apparatus further comprises a decryption unit 604 configured to: responding to a received call instruction of the clipboard, and acquiring text information to be pasted or displayed; if the text information has the encryption tag, judging whether the calling instruction is safe, and if so, decrypting the text information; and pasting or displaying the decrypted content.
In some optional implementations of this embodiment, the apparatus further includes a rights management unit 605 configured to: detecting whether a call instruction of a clipboard comes from an authorized application; if the text message comes from the authorized application, the text message is automatically decrypted, otherwise, the text message is not decrypted.
In some optional implementations of this embodiment, the decryption unit 604 is further configured to: if the encrypted tag comprises the position information of the ciphertext, decrypting the ciphertext according to the position information to obtain a plaintext character string; and replacing the ciphertext in the text information with a plaintext character string according to the position information.
In some alternative implementations of this embodiment, the apparatus employs a symmetric block cipher algorithm.
Referring now to fig. 7, shown is a schematic diagram of an electronic device (e.g., terminal device in fig. 1) 700 suitable for use in implementing embodiments of the present disclosure. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a fixed terminal such as a digital TV, a desktop computer, and the like. The terminal device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the use range of the embodiments of the present disclosure.
As shown in fig. 7, electronic device 700 may include a processing means (e.g., central processing unit, graphics processor, etc.) 701 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from storage 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the electronic apparatus 700 are also stored. The processing device 701, the ROM 702, and the RAM 703 are connected to each other by a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
Generally, the following devices may be connected to the I/O interface 705: input devices 706 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 707 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 708 including, for example, magnetic tape, hard disk, etc.; and a communication device 709. The communication means 709 may allow the electronic device 700 to communicate wirelessly or by wire with other devices to exchange data. While fig. 7 illustrates an electronic device 700 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 7 may represent one device or may represent multiple devices as desired.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such embodiments, the computer program may be downloaded and installed from a network via the communication means 709, or may be installed from the storage means 708, or may be installed from the ROM 702. The computer program, when executed by the processing device 701, performs the above-described functions defined in the methods of embodiments of the present disclosure. It should be noted that the computer readable medium described in the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: detecting whether privacy information is included in the copy information in response to receiving the copy instruction; if the private information is included, the copied information is encrypted to generate an encrypted text; storing the encrypted text in the clipboard and printing an encrypted label.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a detection unit, an encryption unit, and a storage unit. Here, the names of these units do not constitute a limitation on the unit itself in some cases, and for example, the detection unit may also be described as "a unit that detects whether or not privacy information is included in the copy information in response to receiving a copy instruction".
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is possible without departing from the inventive concept. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.

Claims (10)

1. A method for protecting clipboard privacy, comprising:
detecting whether privacy information is included in the copy information in response to receiving the copy instruction;
if the private information is included, encrypting the copied information to generate an encrypted text;
and storing the encrypted text in a clipboard and printing an encrypted label.
2. The method of claim 1, wherein said encrypting the copy information to generate encrypted text comprises:
acquiring the position of the privacy information in the copied information;
encrypting the private information to generate a ciphertext;
and replacing the privacy information with the ciphertext according to the position to obtain an encrypted text.
3. The method of claim 1, wherein the detecting whether the copied information includes private information comprises:
identifying whether privacy information is included in the copied information by at least one of the following methods:
regular expression matching method, regular matching method, dictionary matching method, named entity recognition method.
4. The method of claim 1, wherein the method further comprises:
responding to a received call instruction of the clipboard, and acquiring text information to be pasted or displayed;
if the text information has the encrypted tag, judging whether the calling instruction is safe, and if so, decrypting the text information;
and pasting or displaying the decrypted content.
5. The method of claim 4, wherein said decrypting the textual information comprises:
detecting whether a call instruction of the clipboard comes from an authorized application;
and if the text message comes from the authorized application, automatically decrypting the text message, otherwise, not decrypting the text message.
6. The method of claim 4, wherein said decrypting the textual information comprises:
if the encrypted tag comprises the position information of the ciphertext, decrypting the ciphertext according to the position information to obtain a plaintext character string;
and replacing the ciphertext in the text information with the plaintext character string according to the position information.
7. The method of any of claims 1-6, wherein the method employs a symmetric block cipher algorithm.
8. An apparatus for protecting clipboard privacy, comprising:
a detection unit configured to detect whether or not privacy information is included in the copy information in response to receiving the copy instruction;
an encryption unit configured to encrypt the copy information to generate an encrypted text if the privacy information is included;
a storage unit configured to store the encrypted text in a clipboard and to print an encrypted label.
9. An electronic device for protecting clipboard privacy, comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-7.
CN202011252297.2A 2020-11-11 2020-11-11 Method and apparatus for protecting clipboard privacy Active CN112287372B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011252297.2A CN112287372B (en) 2020-11-11 2020-11-11 Method and apparatus for protecting clipboard privacy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011252297.2A CN112287372B (en) 2020-11-11 2020-11-11 Method and apparatus for protecting clipboard privacy

Publications (2)

Publication Number Publication Date
CN112287372A true CN112287372A (en) 2021-01-29
CN112287372B CN112287372B (en) 2023-05-26

Family

ID=74397867

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011252297.2A Active CN112287372B (en) 2020-11-11 2020-11-11 Method and apparatus for protecting clipboard privacy

Country Status (1)

Country Link
CN (1) CN112287372B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113297605A (en) * 2021-06-24 2021-08-24 建信金融科技有限责任公司 Copy data management method, device, electronic equipment and computer readable medium
CN113691875A (en) * 2021-08-02 2021-11-23 康佳集团股份有限公司 Application program password login processing method and device, intelligent terminal and storage medium
CN114945176A (en) * 2022-04-12 2022-08-26 荣耀终端有限公司 Clipboard access control method, electronic device and storage medium
CN116484396A (en) * 2023-03-13 2023-07-25 数影星球(杭州)科技有限公司 Method and system for encrypting clipboard content based on browser
CN117113417A (en) * 2023-10-18 2023-11-24 中孚安全技术有限公司 Method, system, equipment and medium for managing and controlling clipboard under Linux system
WO2024037360A1 (en) * 2022-08-16 2024-02-22 华为技术有限公司 Privacy protection method and related device
EP4365763A1 (en) * 2022-11-07 2024-05-08 Nokia Technologies Oy Certified copy paste

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104361294A (en) * 2014-10-28 2015-02-18 深圳市大成天下信息技术有限公司 Document protection method, device and system
CN109117670A (en) * 2018-08-16 2019-01-01 海南新软软件有限公司 A kind of realization shear plate data encryption and decryption method, apparatus and hardware device
CN111581665A (en) * 2020-05-09 2020-08-25 维沃移动通信有限公司 Data processing method and device and electronic equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104361294A (en) * 2014-10-28 2015-02-18 深圳市大成天下信息技术有限公司 Document protection method, device and system
CN109117670A (en) * 2018-08-16 2019-01-01 海南新软软件有限公司 A kind of realization shear plate data encryption and decryption method, apparatus and hardware device
CN111581665A (en) * 2020-05-09 2020-08-25 维沃移动通信有限公司 Data processing method and device and electronic equipment

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113297605A (en) * 2021-06-24 2021-08-24 建信金融科技有限责任公司 Copy data management method, device, electronic equipment and computer readable medium
CN113691875A (en) * 2021-08-02 2021-11-23 康佳集团股份有限公司 Application program password login processing method and device, intelligent terminal and storage medium
CN113691875B (en) * 2021-08-02 2024-05-24 康佳集团股份有限公司 Application program password login processing method and device, intelligent terminal and storage medium
CN114945176A (en) * 2022-04-12 2022-08-26 荣耀终端有限公司 Clipboard access control method, electronic device and storage medium
WO2024037360A1 (en) * 2022-08-16 2024-02-22 华为技术有限公司 Privacy protection method and related device
EP4365763A1 (en) * 2022-11-07 2024-05-08 Nokia Technologies Oy Certified copy paste
CN116484396A (en) * 2023-03-13 2023-07-25 数影星球(杭州)科技有限公司 Method and system for encrypting clipboard content based on browser
CN116484396B (en) * 2023-03-13 2023-10-31 数影星球(杭州)科技有限公司 Method and system for encrypting clipboard content based on browser
CN117113417A (en) * 2023-10-18 2023-11-24 中孚安全技术有限公司 Method, system, equipment and medium for managing and controlling clipboard under Linux system

Also Published As

Publication number Publication date
CN112287372B (en) 2023-05-26

Similar Documents

Publication Publication Date Title
CN112287372B (en) Method and apparatus for protecting clipboard privacy
US10681081B2 (en) Secure content and encryption methods and techniques
CN111835511A (en) Data security transmission method and device, computer equipment and storage medium
US9917817B1 (en) Selective encryption of outgoing data
JP6506884B2 (en) System and method for preventing data loss while maintaining confidentiality
WO2016154520A1 (en) Access files
CN103095457A (en) Login and verification method for application program
US10540637B2 (en) Intelligent, context-based delivery of sensitive email content to mobile devices
CN104660589A (en) Method and system for controlling encryption of information and analyzing information as well as terminal
US9659189B2 (en) Systems and methods of safeguarding user information while interacting with online service providers
US20190347441A1 (en) Patient privacy de-identification in firewall switches forming VLAN segregation
CN108900553B (en) Communication method, device and computer readable storage medium
CN110519203B (en) Data encryption transmission method and device
CN106203141A (en) The data processing method of a kind of application and device
US11809603B2 (en) Systems and methods for real-time encryption of sensitive data
CN109120576B (en) Data sharing method and device, computer equipment and storage medium
US10049222B1 (en) Establishing application trust levels using taint propagation
CN113037760B (en) Message sending method and device
CN102387181A (en) Login method and device
US9537842B2 (en) Secondary communications channel facilitating document security
US8966254B2 (en) Keyless challenge and response system
US10594486B1 (en) Password identification system and method
CN107111635A (en) Content delivery method
CN107153791B (en) Data presentation method and electronic equipment
KR101511451B1 (en) Method of encryption to keyboard input information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant