CN115001842B - Method, device, equipment and medium for accessing user information - Google Patents

Method, device, equipment and medium for accessing user information Download PDF

Info

Publication number
CN115001842B
CN115001842B CN202210727073.5A CN202210727073A CN115001842B CN 115001842 B CN115001842 B CN 115001842B CN 202210727073 A CN202210727073 A CN 202210727073A CN 115001842 B CN115001842 B CN 115001842B
Authority
CN
China
Prior art keywords
file
accessed
user information
access
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210727073.5A
Other languages
Chinese (zh)
Other versions
CN115001842A (en
Inventor
成金祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Power Commercial Systems Co Ltd
Original Assignee
Inspur Power Commercial Systems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Power Commercial Systems Co Ltd filed Critical Inspur Power Commercial Systems Co Ltd
Priority to CN202210727073.5A priority Critical patent/CN115001842B/en
Publication of CN115001842A publication Critical patent/CN115001842A/en
Application granted granted Critical
Publication of CN115001842B publication Critical patent/CN115001842B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a method, a device, equipment and a medium for accessing user information, and relates to the technical field of information security. The method comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated through user file configuration containing user information; and if the permission field is included, refusing to access the file to be accessed. And configuring a permission field in the user file containing the user information, wherein the permission field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the malicious software is prevented from collecting the user information, and the user information is prevented from being leaked.

Description

Method, device, equipment and medium for accessing user information
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, an apparatus, a device, and a medium for accessing user information.
Background
With the rapid development of the information age, mobile equipment terminals (such as mobile phones, portable watches, etc.) have been greatly developed, and more personal privacy information is stored in the mobile equipment terminals. Therefore, a higher demand is placed on the storage capacity of mobile terminal devices, and cloud storage has been developed in order to meet the demands of users for storing information. However, for some applications (which may be understood as APP or applet) in mobile terminal devices, personal privacy information is collected in order to cater to customer preferences. When the existing application program accesses the mobile terminal equipment, the mobile terminal generally limits access to the file containing the user information in a file authority mode, but even if a user sets the file authority mode to be not granted with authority, malicious software can maliciously copy the file containing the user information through a background, so that the purpose of collecting the user information is achieved.
In view of the above-mentioned problems, it is a matter of great effort for a person skilled in the art to find out how to prevent malicious software from collecting files containing user information by background.
Disclosure of Invention
The application aims to provide a method, a device, equipment and a medium for accessing user information, which are used for preventing malicious software from maliciously collecting files containing the user information through the background.
In order to solve the above technical problems, the present application provides a method for accessing user information, including:
acquiring a file to be accessed;
judging whether the file to be accessed contains an authority field, wherein the authority field is generated through user file configuration containing user information;
and if the permission field is included, refusing to access the file to be accessed.
Preferably, generating the permission field by the user file configuration includes:
acquiring the extension attribute of a user file;
adding access attributes representing refusal of access to the user files in the extension attributes;
a plurality of rights fields are generated from the access attributes.
Preferably, after the file to be accessed is acquired, before determining whether the file to be accessed contains the permission field, the method further includes:
judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, a step of judging whether the file to be accessed contains an authority field or not is carried out;
if not, after mapping the file to be accessed to the page buffer, entering a step of judging whether the file to be accessed contains an authority field.
Preferably, after refusing to access the file to be accessed, the method further comprises:
and generating prompt information for prompting the user that the file containing the user information is accessed.
Preferably, generating the plurality of rights fields from the access attribute comprises:
a plurality of rights fields are generated using a macess function.
Preferably, after refusing to access the file to be accessed, the method further comprises:
updating the file to be accessed at regular time;
traversing and judging whether a newly added user file exists in the files to be accessed;
if yes, configuring the authority field for the user file;
if not, returning to the step of obtaining the file to be accessed.
In order to solve the above technical problem, the present application further provides an apparatus for accessing user information, including:
the first acquisition module is used for acquiring a file to be accessed;
the first judging module is used for judging whether the file to be accessed contains a permission field, wherein the permission field is generated through user file configuration containing user information;
and the access refusing module is used for refusing to access the file to be accessed if the access refusing module contains the permission field.
The device for accessing the user information further comprises the following modules:
the second acquisition module is used for acquiring the extension attribute of the user file;
the adding module is used for adding access attributes representing refusal to access the user file in the extension attributes;
the first generation module is used for generating a plurality of authority fields according to the access attribute.
The second judging module is used for judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, entering a first judging module;
if not, a mapping module is entered for mapping the file to be accessed to the page buffer, and a first judging module is entered after mapping.
And the second generation module is used for generating prompt information for prompting the user that the file containing the user information is accessed.
And the third generation module is used for generating a plurality of authority fields by using the maccess function.
The timing updating module is used for updating the file to be accessed at regular time;
the traversing and judging module is used for traversing and judging whether newly added user files exist in the files to be accessed;
if yes, entering a configuration module for configuring the authority field of the user file;
if not, returning to the first acquisition module.
In order to solve the above technical problem, the present application further provides a device for accessing user information, including:
a memory for storing a computer program;
a processor for pointing to a computer program, implementing the steps of a method of accessing user information.
To solve the above technical problem, the present application further provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of the above method for accessing all user information.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated through user file configuration containing user information; and if the permission field is included, refusing to access the file to be accessed. And configuring a permission field in the user file containing the user information, wherein the permission field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the malicious software is prevented from collecting the user information, and the user information is prevented from being leaked.
The application also provides a device, equipment and medium for accessing the user information, and the effects are the same as the above.
Drawings
For a clearer description of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described, it being apparent that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a method for accessing user information according to an embodiment of the present application;
FIG. 2 is a flowchart of another method for accessing user information according to an embodiment of the present application;
fig. 3 is a block diagram of an apparatus for accessing user information according to an embodiment of the present application;
fig. 4 is a block diagram of a device for accessing user information according to an embodiment of the present application.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments herein without making any inventive effort are intended to fall within the scope of the present application.
The core of the application is to provide a method, a device, equipment and a medium for accessing user information, which can prevent malicious software from maliciously collecting files containing the user information through the background.
In order to provide a better understanding of the present application, those skilled in the art will now make further details of the present application with reference to the drawings and detailed description.
The application relates to communication between an application layer and a kernel layer in a background Linux system. When the application layer communicates with the kernel layer, the communication between the application layer and the kernel layer is generally divided into two cases, namely that the application layer actively transmits a message to the kernel layer and that the kernel layer actively communicates with the application layer. The application layer protocol defines how application processes running on different end systems communicate messages to each other. In particular, it defines: the type of messages exchanged, such as request messages and response messages; syntax for various message types, such as various fields in the message and detailed descriptions thereof; the semantics of a field, i.e. the meaning of the information contained in the field; rules for when and how a process sends a message and responds to the message; furthermore, some application layer protocols are defined by RFC documents, so they are in the public domain, such as hypertext transfer protocol http; meanwhile, some application layer protocols are private to a company or individual and are located in private areas, such as QQ.
The application layer communicates with the kernel layer through several protocols including: domain name system (Domain Name System, DNS): a network service for implementing a network device name to network co-address (Internet Protocal, IP) mapping; file transfer protocol (File Transfer Protocol, FTP): the method is used for realizing the interactive file transmission function; simple mail transfer protocol (Simple Mail Transfer Protocol, SMTP): for implementing electronic mailbox transfer functions, such as: MIME, POP3, IMAP; hypertext transfer protocol http: for implementing web services; simple network management protocol SNMP: for managing and monitoring network devices, such as: routers, switches, etc.; telnet protocol: for implementing a telnet function.
The domain name system DNS can be understood as a web site.
The hypertext transfer protocol http provides the function of accessing hypertext information, and is an application layer communication protocol between the WWW browser and the WWW server. A data transfer protocol specifies rules for communicating between a browser and a Web server, and transfers Web documents via the Internet. Hypertext transfer protocol http defines how a Web client requests a Web page from a Web server and how the server transmits the Web page to the client. Hypertext transfer protocol http employs a request/response model. The client sends a request message to the server, wherein the request message comprises a request method, a URL, a protocol version, a request header and request data.
The hypertext transfer protocol http can be split into three parts, namely hypertext, transfer and protocol;
the content of the hypertext transfer protocol http transfer is hypertext. Text is simply a character word at early times on in the internet, but now text can be expanded into pictures, videos, compressed packages, etc., and the above mentioned files or data in hypertext transfer protocol http can be referred to as text. Hypertext is the most critical hyperlink of a mixture of words, pictures, videos, etc., and can jump from one hypertext to another. html documents are the most common hypertext documents, which are pure text documents, but a plurality of labels define links of pictures, videos and the like, and web pages with characters and pictures or videos can be displayed after analysis of a browser.
Hypertext transfer protocol http is a bi-directional protocol that allows for intermediation or relay. In the hypertext transfer protocol http protocol, anything else can be added as long as the basic data transfer is not disturbed.
Hypertext transfer protocol is a convention and specification that is used exclusively in the computer world to transfer data between two points. More than two participants are necessary; and all participants must transmit data in accordance with conventions and specifications.
Among them, for the file transfer protocol FTP, FTP based on a transmission control protocol (Transmission Control Protocol, TCP) and TFTP based on a user data protocol (User System Interconnection, UDP) can be classified.
Simple network management protocol SNMP is a standard protocol specifically designed for managing network nodes (servers, workstations, routers, switches, hub, etc.) in an IP network, which is an application layer protocol. SNMP enables network administrators to manage network performance, discover and solve network problems, and plan network growth. The network management system knows that the network has problems by receiving random messages (and event reports) through SNMP.
The Telnet protocol allows a user to dynamically interact with a remote computer, i.e. the user uses an input device such as a keyboard and a mouse to operate the remote computer, runs software on the remote computer, knows the running condition on a display of the user, and views the running result.
Fig. 1 is a flowchart of a method for accessing user information according to an embodiment of the present application. As shown in fig. 1, a method for accessing user information includes:
s10: and acquiring a file to be accessed.
In this embodiment, the file to be accessed is one or more of all files stored in the background cache of the mobile terminal device. In one access, a plurality of files to be accessed can be acquired at the same time, or only one file to be accessed can be accessed. In this embodiment, the number of files to be accessed that can be obtained in one access is not limited, and the files to be accessed can be obtained by setting a preset number or by user definition. It should be noted that, the information stored in the file to be accessed may be stored in text form, or may be stored in binary data or 8421 code form. When information is stored in binary data, the specific expressions can be expressed as a 1-bit, 2-bit, 4-bit and 8-bit data string in sequence: "0", "10", "0110", "10011011"; when information is stored in text form, it may be expressed specifically as "name: xxx ", it will be appreciated that the above mentioned data strings and text forms are only a few of many examples, and not limiting to all embodiments, and that a user may select a convenient and suitable embodiment according to a specific implementation scenario.
S11: and judging whether the file to be accessed contains a permission field.
Wherein the rights field is generated by a user file configuration containing user information. The permission field may be expressed in text form, or may be expressed in binary data or 8421 code form. When the expression form is binary data, the data strings can be 1 bit, 2 bits, 4 bits and 8 bits, and the specific expression can be expressed as follows in sequence: "1", "11", "0100", "10110111"; when the expression form is a text form, the expression may be specifically expressed as "access refusal", and it is to be understood that the above-mentioned data string and text form are only a few examples, and not limited to all embodiments, and a user may select a convenient and suitable embodiment according to a specific implementation scenario.
If the permission field is included, the process proceeds to step S12: refusing to access the file to be accessed; if the authority field is not contained, the process proceeds to step S13: the file to be accessed is accessed.
It should be noted that, generating the permission field through the user file configuration includes the following steps:
and obtaining the extension attribute of the user file. In practical applications, the extended attribute may be denoted as attr.
And adding an access attribute representing refusal of access to the user file in the extension attribute. The access attribute may be denoted attr_access.
A plurality of rights fields are generated from the access attributes, the rights fields being denoted PG_access. A plurality of rights fields are generated using a macess function.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated through user file configuration containing user information; and if the permission field is included, refusing to access the file to be accessed. And configuring a permission field in the user file containing the user information, wherein the permission field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the malicious software is prevented from collecting the user information, and the user information is prevented from being leaked.
Fig. 2 is a flowchart of another method for accessing user information according to an embodiment of the present application. On the basis of the above embodiment, as a preferred embodiment, as shown in fig. 2, after the file to be accessed is obtained, before determining whether the file to be accessed contains the permission field, the method further includes:
s20: judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, go to step S11: judging whether the file to be accessed contains a permission field or not;
if not, go to step S21: mapping the file to be accessed to the page buffer, and proceeding to step S11 after this step: and judging whether the file to be accessed contains a permission field.
The storage formats of the files are different according to different information in consideration of the files to be accessed. Some formats can be directly read and can be subjected to subsequent access or access refusal operation; however, there are some formats of files that do not support direct reading, so in order to be able to read data in a file, the file that cannot be read directly is mapped to a page buffer, an intermediate conversion is found, and after mapping to the page buffer, the file to be accessed can be read.
On the basis of the above embodiment, as a preferred embodiment, after refusing to access the file to be accessed, the method further includes:
s22: and generating prompt information.
For prompting the user that a file containing user information is accessed. In order to timely improve the safety of the used mobile terminal equipment, after refusing to access the file to be accessed, the user needs to generate an alarm through a short message, a mailbox or a background and display the alarm on the mobile terminal equipment, so that the user is reminded of refusing to access the privacy information once, the user can inquire the APP which maliciously accesses the privacy information of the user, and the user can unload or pull the APP into a blacklist.
On the basis of the above embodiment, as a preferred embodiment, after refusing to access the file to be accessed, the method further includes:
s23: updating the file to be accessed at regular time;
s24: traversing and judging whether a newly added user file exists in the files to be accessed;
if yes, go to step S25: configuring a permission field for a user file;
if not, return to step S10: and acquiring a file to be accessed.
Considering that a user downloads a new APP, takes a picture, processes a work file on a mobile phone, etc. every time a period of time, corresponding privacy information is cached in the background. In order to prevent malicious software from accessing the newly added files and data containing user information, the operation of updating the files to be accessed at regular time is set, and the malicious software is prevented from collecting the files and data containing the user information. The timing period can be set by user definition according to the requirements of users, and can be one day, one week or one month, etc.
In the above embodiments, the method for accessing the user information is described in detail, and the present application further provides corresponding embodiments of the apparatus for accessing the user information. It should be noted that the present application describes an embodiment of the device portion from two angles, one based on the angle of the functional module and the other based on the angle of the hardware.
Fig. 3 is a block diagram of an apparatus for accessing user information according to an embodiment of the present application. As shown in fig. 3, the present application further provides an apparatus for accessing user information, including:
a first obtaining module 30, configured to obtain a file to be accessed;
a first judging module 31, configured to judge whether the file to be accessed contains a permission field, where the permission field is generated by configuring a user file containing user information;
and the access refusal module 32 is configured to refuse to access the file to be accessed if the access refusal module contains the permission field.
The device for accessing the user information further comprises the following modules:
the second acquisition module is used for acquiring the extension attribute of the user file;
the adding module is used for adding access attributes representing refusal to access the user file in the extension attributes;
the first generation module is used for generating a plurality of authority fields according to the access attribute.
The second judging module is used for judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, entering a first judging module;
if not, a mapping module is entered for mapping the file to be accessed to the page buffer, and a first judging module is entered after mapping.
And the second generation module is used for generating prompt information for prompting the user that the file containing the user information is accessed.
And the third generation module is used for generating a plurality of authority fields by using the maccess function.
The timing updating module is used for updating the file to be accessed at regular time;
the traversing and judging module is used for traversing and judging whether newly added user files exist in the files to be accessed;
if yes, entering a configuration module for configuring the authority field of the user file;
if not, returning to the first acquisition module.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated through user file configuration containing user information; and if the permission field is included, refusing to access the file to be accessed. And configuring a permission field in the user file containing the user information, wherein the permission field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the malicious software is prevented from collecting the user information, and the user information is prevented from being leaked.
Since the embodiments of the apparatus portion and the embodiments of the method portion correspond to each other, the embodiments of the apparatus portion are referred to the description of the embodiments of the method portion, and are not repeated herein.
Fig. 4 is a block diagram of an apparatus for accessing user information according to an embodiment of the present application, where, as shown in fig. 4, the apparatus for accessing user information includes:
a memory 40 for storing a computer program;
a processor 41 for carrying out the steps of the method of accessing user information as mentioned in the above embodiments when executing a computer program.
The device for accessing user information provided in this embodiment may include, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, or the like.
Processor 41 may include one or more processing cores, such as a 4-core processor, an 8-core processor, etc., among others. The processor 41 may be implemented in at least one hardware form of digital signal processing (Digital Signal Processing, DSP), field programmable gate array (Field-Programmable Gate Array, FPGA), programmable logic array (Programmable Logic Array, PLA). The processor 41 may also comprise a main processor, which is a processor for processing data in an awake state, also called central processor (Central Processing Unit, CPU), and a coprocessor; a coprocessor is a low-power processor for processing data in a standby state. In some embodiments, the processor 41 may be integrated with an image processor (Graphics Processing Unit, GPU) for taking care of rendering and rendering of the content that the display screen is required to display. In some embodiments, the processor 41 may also include an artificial intelligence (Artificial Intelligence, AI) processor for processing computing operations related to machine learning.
Memory 40 may include one or more computer-readable storage media, which may be non-transitory. Memory 40 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In this embodiment, the memory 40 is at least used for storing a computer program, wherein the computer program, when loaded and executed by the processor 41, is capable of implementing the relevant steps of the method for accessing user information disclosed in any of the foregoing embodiments. In addition, the resources stored in the memory 40 may also include an operating system, data, etc., and the storage manner may be transient storage or permanent storage. The operating system may include Windows, unix, linux, among others. The data may include, but is not limited to, a method of accessing user information, and the like.
In some embodiments, the device for accessing user information may further include a display screen, an input-output interface, a communication interface, a power supply, and a communication bus.
Those skilled in the art will appreciate that the structure shown in fig. 4 is not limiting of the device that accesses user information and may include more or fewer components than shown.
The device for accessing user information provided in the embodiment of the present application includes a memory 40 and a processor 41, where the processor 41 can implement a method for accessing user information when executing a program stored in the memory 40.
Finally, the present application also provides a corresponding embodiment of the computer readable storage medium. The computer-readable storage medium has stored thereon a computer program which, when executed by a processor, performs the steps as described in the method embodiments above.
It will be appreciated that the methods of the above embodiments, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored on a computer readable storage medium. With such understanding, the technical solution of the present application, or a part contributing to the prior art or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium, performing all or part of the steps of the method described in the various embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random-access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The method, the device, the equipment and the medium for accessing the user information provided by the application are described in detail. In the description, each embodiment is described in a progressive manner, and each embodiment is mainly described by the differences from other embodiments, so that the same similar parts among the embodiments are mutually referred. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section. It should be noted that it would be obvious to those skilled in the art that various improvements and modifications can be made to the present application without departing from the principles of the present application, and such improvements and modifications fall within the scope of the claims of the present application.
It should also be noted that in this specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Claims (7)

1. A method of accessing user information, comprising:
acquiring a file to be accessed;
judging whether the file to be accessed contains a permission field, wherein the permission field is generated through user file configuration containing user information;
if the permission field is contained, refusing to access the file to be accessed;
generating the rights field by the user file configuration includes:
acquiring the extension attribute of the user file; the extension attribute is attr;
adding an access attribute representing refusal of access to the user file into the extension attribute; the access attribute is attr_access;
generating a plurality of authority fields according to the access attribute; the authority field is PG_access;
the generating a plurality of the rights fields from the access attributes includes:
generating a plurality of the authority fields by using a macess function.
2. The method for accessing user information according to claim 1, wherein after the obtaining the file to be accessed, before the determining whether the file to be accessed contains the authority field, further comprising:
judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, entering the step of judging whether the file to be accessed contains an authority field;
if not, mapping the file to be accessed to a page buffer, and then entering the step of judging whether the file to be accessed contains an authority field.
3. The method of accessing user information according to claim 1, further comprising, after said refusing to access the file to be accessed:
and generating prompt information for prompting the user that the file containing the user information is accessed.
4. The method of accessing user information according to claim 1, further comprising, after said refusing to access the file to be accessed:
updating the file to be accessed at regular time;
traversing and judging whether the newly added user file exists in the file to be accessed;
if yes, configuring the authority field for the user file;
if not, returning to the step of obtaining the file to be accessed.
5. An apparatus for accessing user information, comprising:
the acquisition module is used for acquiring the file to be accessed;
the judging module is used for judging whether the file to be accessed contains a permission field, wherein the permission field is generated through user file configuration containing user information;
the access refusing module is used for refusing to access the file to be accessed if the permission field is included;
the second acquisition module is used for acquiring the extension attribute of the user file; the extension attribute is attr;
the adding module is used for adding access attributes representing refusal to access the user file in the extension attributes; the access attribute is attr_access;
the first generation module is used for generating a plurality of authority fields according to the access attribute; the authority field is PG_access;
and the third generation module is used for generating a plurality of authority fields by using the maccess function.
6. An apparatus for accessing user information, comprising:
a memory for storing a computer program;
processor for implementing the steps of the method of accessing user information according to any of claims 1 to 4 when executing said computer program.
7. A computer-readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method of accessing user information according to any of claims 1 to 4.
CN202210727073.5A 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information Active CN115001842B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210727073.5A CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210727073.5A CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Publications (2)

Publication Number Publication Date
CN115001842A CN115001842A (en) 2022-09-02
CN115001842B true CN115001842B (en) 2023-06-16

Family

ID=83036483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210727073.5A Active CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Country Status (1)

Country Link
CN (1) CN115001842B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6892201B2 (en) * 2001-09-05 2005-05-10 International Business Machines Corporation Apparatus and method for providing access rights information in a portion of a file
CN100561496C (en) * 2006-08-31 2009-11-18 中兴通讯股份有限公司 A kind of method that guarantees file security in the embedded system
JP2009151592A (en) * 2007-12-21 2009-07-09 Duaxes Corp File access control device

Also Published As

Publication number Publication date
CN115001842A (en) 2022-09-02

Similar Documents

Publication Publication Date Title
US7844670B2 (en) Method and computer program product for establishing real-time communications between networked computers
US10230593B2 (en) Method, system and computer program product for interception, quarantine and moderation of internal communications of uncontrolled systems
US8898796B2 (en) Managing network data
US8671145B2 (en) Method and computer program product for establishing real-time communications between networked computers
US8793341B2 (en) Web page content translator
RU2498520C2 (en) Method of providing peer-to-peer communication on web page
US20080195954A1 (en) Delivery of contextually relevant web data
US9350763B1 (en) HTTP tunnelling over websockets
CN111736775A (en) Multi-source storage method, device, computer system and storage medium
US9628515B2 (en) Method, system and computer program product for enforcing access controls to features and subfeatures on uncontrolled web application
CN101388891A (en) Apparatus and method for managing presence information of a presentity
EP2862338A1 (en) Method, server, and client for pushing and displaying splash screen
WO2006071324A2 (en) Imroved bitmask access for managing blog content
US11882154B2 (en) Template representation of security resources
US20090228549A1 (en) Method of tracking usage of client computer and system for same
CN111427613A (en) Application program interface API management method and device
CN115001842B (en) Method, device, equipment and medium for accessing user information
CN114039801B (en) Short link generation method, short link analysis system, short link analysis equipment and storage medium
CN112994934B (en) Data interaction method, device and system
CN108011964A (en) Picture upload method, device, electric terminal and readable storage medium storing program for executing
CN106487861B (en) Network data providing method and device
US20020065913A1 (en) Network password reset system
CN115686229A (en) Expression input method, expression input device and computer program storage medium
EP1649398A2 (en) Method and apparatus for translating a web services address
Ryan et al. MobJeX: A declaratively configurable Java based framework for resource aware object mobility

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant