WO2017166359A1 - User domain access method, access device, and mobile terminal - Google Patents

User domain access method, access device, and mobile terminal Download PDF

Info

Publication number
WO2017166359A1
WO2017166359A1 PCT/CN2016/080617 CN2016080617W WO2017166359A1 WO 2017166359 A1 WO2017166359 A1 WO 2017166359A1 CN 2016080617 W CN2016080617 W CN 2016080617W WO 2017166359 A1 WO2017166359 A1 WO 2017166359A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
access
user domain
password
Prior art date
Application number
PCT/CN2016/080617
Other languages
French (fr)
Chinese (zh)
Inventor
崔宇
王晓菲
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017166359A1 publication Critical patent/WO2017166359A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of terminal technologies, and in particular, to a user domain access method, a user domain access device, and a mobile terminal.
  • a security domain with a higher security level than the standard domain is stored outside the standard domain to store the applications and information, and is usually set in the standard domain.
  • the icon of the security domain is used as the access point of the security domain.
  • the invention is based on at least one of the above technical problems, and proposes a new user domain access scheme, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related art, and greatly improves the entire access process of the user domain.
  • the security meets the actual needs of users.
  • the present invention provides a user domain access method, including: hiding a specified user domain Detecting whether to obtain trigger information for triggering access to the specified user domain; and determining to obtain the trigger information, authenticating a user accessing the specified user domain; The user's authentication is passed, and the specified user domain is run.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "input error, please retry” can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
  • the step of authenticating a user accessing the specified user domain comprises: acquiring at least one unlocking element on the predetermined interface, and calculating according to the at least one unlocking element. Determining an access password of the user domain; obtaining verification information input by the user; determining whether the verification information matches the access password; and if determining that the verification information matches the access password, determining the opposite The user's authentication is passed.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the step of calculating an access password of the specified user domain according to the at least one unlocking element specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
  • a device for accessing a user domain including: a hiding unit, configured to hide an access entry of a specified user domain; and a first detecting unit, configured to detect whether the The triggering information is used to specify the user domain to access the authentication information, and the authentication unit is configured to perform identity verification on the user accessing the specified user domain when determining the triggering information, and the processing unit is configured to be in the identity verification unit.
  • the specified user domain is run when the authentication of the user passes.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the first detecting unit is specifically configured to: obtain character information input by the user, and determine whether the character information matches the preset character information, when determining the character information and When the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information. When it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "Input error, please retry” can be displayed at the same time, and the same preset information is continued for the second time, the whole process is to others. It is somewhat confusing and therefore improves safety.
  • the identity verification unit includes: a first obtaining unit, configured to acquire at least one unlocking element on the predetermined interface; and a calculating unit, configured to calculate, according to the at least one unlocking element, The access password of the specified user domain; the second obtaining unit is configured to obtain the verification information input by the user; the determining unit is configured to determine whether the verification information matches the access password, and the determining unit is configured to When the determining unit determines that the verification information matches the access password, it determines that the identity verification of the user passes.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the calculating unit is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and the The preset password generation rule corresponding to each unlocking element is calculated, and the access password is calculated.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: a second detecting unit, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired; When the second detecting unit determines that the verification information is acquired within the predetermined time, it is determined whether the verification information matches the access password.
  • a mobile terminal comprising a processor and a memory, wherein the memory stores a set of program codes, and the processor is configured to call program code stored in the memory for Do the following:
  • the step of detecting, by the processor, the trigger information for triggering access to the specified user domain specifically includes:
  • the step of the processor performing identity verification on a user accessing the specified user domain includes:
  • the step of calculating, by the processor, the access password of the specified user domain, according to the at least one unlocking element specifically includes:
  • the processor further performs the following operations before the step of determining whether the verification information matches the access password:
  • the access entry of the user domain is hidden and the dynamic access password is set for the user domain, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related technology, and greatly improves the security of the entire access process of the user domain. , to meet the actual needs of users.
  • FIG. 1 shows a schematic flow chart of a method of accessing a user domain according to an embodiment of the present invention
  • FIG. 2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention
  • FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention
  • 4A and 4B are diagrams showing an interface of a mobile terminal according to an embodiment of the present invention.
  • FIG. 5 is a schematic flow chart showing a method of accessing a user domain according to another embodiment of the present invention.
  • FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention.
  • FIG. 1 shows a schematic flow chart of a method of accessing a user domain in accordance with an embodiment of the present invention.
  • a method for accessing a user domain includes:
  • Step 102 Hide an access entry of a specified user domain.
  • Step 104 Detect whether a trigger information for triggering access to the specified user domain is obtained.
  • Step 106 When it is determined that the trigger information is obtained, accessing the user of the specified user domain Authenticate;
  • Step 108 Run the specified user domain if the identity verification of the user passes.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "input error, please retry” can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
  • the user accessing the specified user domain is performed on the body.
  • the step of verifying specifically includes: acquiring at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element; acquiring verification information input by the user; determining the verification Whether the information matches the access password; if it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the step of calculating an access password of the specified user domain according to the at least one unlocking element specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
  • FIG. 2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention.
  • the access device 200 of the user domain includes: a hiding unit 202, a first detecting unit 204, an identity verifying unit 206, and a processing unit 208.
  • the hiding unit 202 is configured to hide an access entry of the specified user domain
  • the detecting unit 204 is configured to detect whether trigger information for triggering access to the specified user domain is acquired
  • the identity verification unit 206 is configured to determine When the trigger information is obtained, the user accessing the specified user domain is authenticated; and the processing unit 208 is configured to run the specified user domain when the identity verification unit passes the identity verification of the user.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the first detecting unit 204 is specifically configured to: acquire character information input by the user, and determine whether the character information matches the preset character information, when determining the character information.
  • the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information.
  • it is determined that the information input by the user each time matches the preset information it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), such as continuous on the unlock interface.
  • the prompt information such as “Input error, please retry” can be displayed at the same time, and the same preset information is continued for the second time. The whole process has the same for others. Certainly confusing, so it will improve safety.
  • the identity verification unit 206 includes: a first obtaining unit 206A, configured to acquire at least one unlocking element on a predetermined interface; and a calculating unit 206B, configured to unlock according to the at least one An element, the access password of the specified user domain is calculated; the second obtaining unit 206C is configured to obtain the verification information input by the user; the determining unit 206D is configured to determine whether the verification information matches the access password; The unit 206E is configured to determine, when the determining unit determines that the verification information matches the access password, determine that the identity verification of the user passes.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the calculating unit 206B is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and The preset password generation rule corresponding to each unlocking element calculates the access password.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: a second detecting unit 210, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired;
  • the breaking unit 206D is specifically configured to determine, when the second detecting unit 210 determines that the verification information is acquired within the predetermined time, whether the verification information matches the access password.
  • FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention.
  • the mobile terminal 300 includes: an access device 200 of a user domain as shown in FIG. 2.
  • the initialization phase in the "Settings -> Lock Screen” setting item in the mobile terminal, a "Security Domain On” option specifically for processing the security domain policy may be added, and the security domain opening operation may be set.
  • the method includes a "preamble password” mode selection, a "preamble password” setting, a “security password” algorithm setting, and the like, and the security domain is hidden, that is, the interface is not displayed on any interface in the mobile terminal.
  • the access point of the security domain (such as the icon of the security domain), the user can set the association relationship between the "preamble password” and the security domain, so that the mobile terminal performs the "first password” in the subsequent processing. Triggers access to the security domain.
  • the role of the "preamble password” is to enable the "pilot mode”: notify the system user to try to enter the "security domain”, and prepare for this, such as pulling up relevant content in the background, obtaining the algorithm according to the user and related information.
  • the “emergency call” function 402 exists on the lock screen interface. After clicking 402, the “emergency call” interface can be accessed as an implicit security domain unlock interface, which not only has high concealment, but also has high concealment. Increased operational space for password settings.
  • the setting of "confusing type pilot password” can be based on the normal lock screen interface, such as graphic unlocking interface, digital unlocking interface, etc.
  • the setting rules are the same as the general unlocking password. The difference is: when you first enter the "confusing type pilot password", If the password is entered incorrectly, you need to enter the same "confusing pilot password” again before you can enable the "leading mode” to prepare the background of the security domain. Generally, after starting the "leading mode", you can jump to "emergency call”.
  • the interface receives the verification password input by the user through the “emergency call” interface for further verification.
  • the predetermined duration of the "pilot mode” is initiated (ie, the predetermined duration from the input of the "leading password", the predetermined duration may be determined by the user or the system default setting) whether the verification password input by the user is received, if the predetermined password is exceeded If the duration does not perform the input operation of verifying the password, the "lead mode" will be exited, and even if the correct verification password is entered, the system will not be verified.
  • the "security password” calculated by the system is the verification password for the security domain after entering the "leading mode". It does not use a fixed password, and can be combined with the specified information on the Keyguard interface (the specified information can be customized by the user). Algorithmic password setting, such as date, time, and lock screen information on the screen.
  • the specified date is the current date and time on the lock screen interface, for example, the current date and time is: 2016.01.29 12:31;
  • Inverted method Invert the current date and time (2016.01.29 12:31) and set it as “secure password”, then get “secure password” as “13 21 92 10 6102”, the user only needs to input when actually operating.
  • the verification password is “13 21 92 10 6102”, and you can access the security domain, which is easy to operate.
  • the registration method the user can arbitrarily set the alignment rule according to his own operating habits and requirements during the initial setting phase.
  • This embodiment describes the following alignment rules: from left to right, 4 bits are taken as a unit (such as " 2016" is a group, "0129” is a group, "1231” is a group), and then it is divided into 2 pairs of 2 digits, and the operation of ten and one digits respectively is performed, taking the addition as an example: 20, 16 Corresponding addition (2+1,0+6), the month and the Japanese registration are added (0+2,1+9), and the time and the quantitation are added (1+3, 2+1). Get the "Security Password” as "3 6 2 10 4 3".
  • Pinyin method Based on the customized lock screen information, the number corresponding to the pinyin is the password. For example, “Welcome to you” (HuanYingNi), then get the “security password” as "4826 9464 64", of course, you can also set the letter “HuanYingNi” to "security password”.
  • the processing process at the time of implementation, as shown in FIG. 5, includes:
  • step 502 it is determined whether it is in the lock screen interface. If yes, step 504 is performed; otherwise, step 516 is performed.
  • Step 504 it is determined whether there is a "prefix type first arrival password" or "confusing type pilot password” verification pass, and if so, step 506 is performed; otherwise, step 516 is performed.
  • step 506 the "pilot mode” is turned on, and the current "secure password” is calculated by setting an algorithm and specifying information.
  • Step 508 Determine whether the verification password input by the user is received within a predetermined duration of starting the "pilot mode". If yes, go to step 510; otherwise, go to step 512.
  • step 510 it is determined whether the current "secure password" and the verification password input by the user match, and if so, step 514 is performed; otherwise, step 516 is performed.
  • step 512 the "lead mode" is exited.
  • Step 514 run and enter the security domain.
  • step 516 access or entry to the security domain is prohibited.
  • FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention.
  • the mobile terminal may include at least one processor 61, such as a CPU, at least one communication bus 62, and a memory 63; a communication bus 62 for implementing connection communication between these components; and the memory 63 may be a high speed
  • the RAM memory may also be a non-volatile memory such as at least one disk memory.
  • a set of program codes is stored in the memory 63, and the processor 61 is configured to call the program code stored in the memory 63 to perform the following operations:
  • the step of detecting, by the processor 61, the trigger information for triggering access to the specified user domain specifically includes:
  • the step of the processor 61 performing identity verification on a user accessing the specified user domain includes:
  • the step of calculating, by the processor 61, the access password of the specified user domain, according to the at least one unlocking element specifically includes:
  • the processor further performs the following operations before the step of determining whether the verification information matches the access password:
  • the Keyguard (keyboard lock) application can be fully utilized, and the security domain hiding and encryption can be well realized on the basis of retaining the user's usage habits, which has high security and practicability, and can be largely Improve the user experience.
  • the technical solution of the present invention is described in detail above with reference to the accompanying drawings.
  • the technical solution of the present invention proposes a new user domain access scheme, which effectively avoids by hiding the access entry of the user domain and setting a dynamic access password for the user domain.
  • the access method has poor confidentiality and high leakage, which greatly improves the security of the entire access process of the user domain and satisfies the actual needs of the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Telephone Function (AREA)
  • Medical Informatics (AREA)
  • Automation & Control Theory (AREA)
  • Telephonic Communication Services (AREA)
  • Lock And Its Accessories (AREA)
  • Storage Device Security (AREA)

Abstract

Provided are a user domain access method, an access device, and a mobile terminal. The user domain access method comprises: concealing an access point of a designated user domain (102); detecting whether trigger information for triggering access to the designated user domain has been acquired (104); if it is determined that the trigger information has been acquired, verifying a user accessing the designated user domain (106); and enabling operation in the designated user domain if the user is successfully verified (108). Problems such as poor access confidentiality and high leakage risk are avoided by concealing an access point of a user domain and setting a dynamic password for accessing the user domain, thereby greatly improving security throughout the user domain access process and meeting actual needs of users.

Description

用户域的访问方法、访问装置及移动终端User domain access method, access device and mobile terminal
本申请要求于2016年03月28日提交中国专利局,申请号为201610182256.8、发明名称为“用户域的访问方法、访问装置及移动终端”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to Chinese Patent Application No. 201610182256.8, entitled "Access Method for User Domain, Access Device and Mobile Terminal", filed on March 28, 2016, the entire contents of which are incorporated by reference. In this application.
技术领域Technical field
本发明涉及终端技术领域,具体而言,涉及一种用户域的访问方法、一种用户域的访问装置和一种移动终端。The present invention relates to the field of terminal technologies, and in particular, to a user domain access method, a user domain access device, and a mobile terminal.
背景技术Background technique
随着移动终端的发展,智能终端具备的功能越来越多,应用场景层出不穷,与此同时,安全性问题也越来越受到关注。相关技术中,为了确保移动终端中的某些应用和信息的安全,在标准域之外会另建一个安全级别高于标准域的安全域来存储这些应用和信息,通常会在标准域中设置该安全域的图标,以作为该安全域的访问入口,用户在对该安全域进行访问时,可通过点击图标,并输入正确的验证密码后,进入该安全域,但这种安全域的访问方式主要存在以下缺点:With the development of mobile terminals, smart terminals have more and more functions, and application scenarios are emerging one after another. At the same time, security issues are getting more and more attention. In the related art, in order to ensure the security of certain applications and information in the mobile terminal, a security domain with a higher security level than the standard domain is stored outside the standard domain to store the applications and information, and is usually set in the standard domain. The icon of the security domain is used as the access point of the security domain. When the user accesses the security domain, the security domain can be accessed by clicking the icon and inputting the correct verification password. The main disadvantages are the following:
一、隐秘性差:任何人都可以看到安全域图标,点击后,均可尝试密码验证。First, the privacy is poor: Anyone can see the security domain icon, click on it, you can try password verification.
二、泄密性高:由于在界面上有图标等访问入口的存在,用户在输入密码的过程中,可能导致密码泄露,存在很大的安全隐患。Second, high leakage: Because there are icons and other access points on the interface, the user may cause password leakage during the process of entering the password, which has great security risks.
因此,如何实现对用户域的安全访问成为亟待解决的技术问题。Therefore, how to implement secure access to the user domain has become a technical problem to be solved.
发明内容Summary of the invention
本发明正是基于上述技术问题至少之一,提出了一种新的用户域的访问方案,有效地避免了相关技术中访问方式隐密性差、泄密性高等问题,大大提高了用户域整个访问过程的安全性,满足了用户的实际需求。The invention is based on at least one of the above technical problems, and proposes a new user domain access scheme, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related art, and greatly improves the entire access process of the user domain. The security meets the actual needs of users.
有鉴于此,本发明提出了一种用户域的访问方法,包括:隐藏指定用户域 的访问入口;检测是否获取到用于触发对所述指定用户域进行访问的触发信息;在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;若对所述用户的身份验证通过,则运行所述指定用户域。In view of this, the present invention provides a user domain access method, including: hiding a specified user domain Detecting whether to obtain trigger information for triggering access to the specified user domain; and determining to obtain the trigger information, authenticating a user accessing the specified user domain; The user's authentication is passed, and the specified user domain is run.
在该技术方案中,通过隐藏用户域的访问入口(用户可根据实际需求,对终端中的任一用户域进行隐藏,特别是存储有用户私密信息或一些支付应用等的用户域),隐藏用户域的访问入口后,在终端的任何界面上均不显示该用户域的图标等,使得除用户本人外的其他任何人很难获知该用户域的存在,有效地解决了相关技术中用户域访问时隐密性差的问题,而当用户本人对已隐藏访问入口的指定用户域有访问需求时,终端通过检测是否获取到用于触发对指定用户域进行访问的触发信息,并在确定获取到触发信息时,对访问指定用户域的用户进行身份验证,以对用户的身份验证通过,再运行指定用户域,由于用户域的访问入口已隐藏,在对用户进行身份验证时,对于用户输入的验证信息,他人很难将验证信息和已隐藏的用户域进行关联,降低了密码泄漏的机率,确保了用户域的整个访问过程的安全性,满足了用户对用户域访问过程的隐秘和安全需求。In the technical solution, by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved. The problem of poor privacy, when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained. In the case of information, the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated. Information, it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
在上述技术方案中,优选地,检测是否获取到用于触发对指定用户域进行访问的触发信息的步骤,具体包括:获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。In the above technical solution, preferably, the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
在该技术方案中,当用户域的访问入口隐藏后,用户需要访问该用户域时,可通过多种途径来实现:可以输入预设字符信息(预设字符信息可由用户预设进行设置),例如在紧急呼叫界面上输入字符信息“**##”;也可以连续多次输入同样的预设信息(预设信息可由用户预先设置),如在解锁界面上连续2次输入同样的预设信息,在第一次输入预设信息完成时,可同时显示“输入错误,请重试”等提示信息,第二次继续输入同样的预设信息,整个过程对他人具有一定的迷惑性,因此会提高安全性。 In the technical solution, when the access entry of the user domain is hidden, the user needs to access the user domain by using multiple ways: the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface. Information, when the first input of the preset information is completed, the prompt information such as "input error, please retry" can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
在上述任一项技术方案中,优选地,对访问所述指定用户域的用户进行身份验证的步骤,具体包括:获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;获取所述用户输入的验证信息;判断所述验证信息与所述访问密码是否相匹配;若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。In any one of the foregoing technical solutions, preferably, the step of authenticating a user accessing the specified user domain comprises: acquiring at least one unlocking element on the predetermined interface, and calculating according to the at least one unlocking element. Determining an access password of the user domain; obtaining verification information input by the user; determining whether the verification information matches the access password; and if determining that the verification information matches the access password, determining the opposite The user's authentication is passed.
在该技术方案中,考虑到若用户域的访问密码固定,用户每次访问都会输入同一个密码,可能会存在密码泄漏的安全隐患,因此通过获取预定界面上的至少一个解锁元素,并根据至少一个解锁元素,计算指定用户域的访问密码,使得用户域的访问密码处于变动状态,不固定设置,用户在访问时不会固定的输入密码,有效地避免了密码泄漏。其中,解锁元素可以是预定界面上的时间、日期、字符信息等。In the technical solution, it is considered that if the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed. The user does not input a password when accessing, effectively avoiding password leakage. The unlocking element may be time, date, character information, and the like on the predetermined interface.
在上述任一项技术方案中,优选地,根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。In any one of the foregoing technical solutions, the step of calculating an access password of the specified user domain according to the at least one unlocking element, specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
在该技术方案中,在计算访问密码时,可具体通过至少一个解锁元素和每个解锁元素对应的预设密码生成规则来计算,其中,解锁元素可以是预定界面上的时间、日期、字符信息等,例如,以时间(10:51)作为解锁元素,以倒排法作为与其对应的预设密码生成规则,那么计算得出当前的验证密码为“1501”,此例仅用于对如何计算验证密码进行说明,并不做任何限定,用户可以根据实际需求设定解锁元素的数量,以及与每个解锁元素对应的预设密码生成规则,每个解锁元素的预设密码成规则可相同,也可以不同。In the technical solution, when calculating the access password, the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface. Etc. For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation. The user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element. The preset passwords of each unlocking element can be the same. It can also be different.
在上述任一项技术方案中,优选地,在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还包括:检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。In any one of the foregoing technical solutions, preferably, before the step of determining whether the verification information matches the access password, the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
在该技术方案中,通过在检测到在获取到触发信息之后的预定时间内获取到验证信息时,再执行进一步的匹配验证,一方面确保了验证时的时效性,另一方面也避免后台一直处于待验证状态,降低了***运行负荷。 In this technical solution, by performing the matching verification after detecting the acquisition of the verification information within a predetermined time after the trigger information is acquired, on the one hand, the timeliness of the verification is ensured, and on the other hand, the background is always avoided. It is in the state to be verified, which reduces the system operation load.
根据本发明的第二方面,提出了一种用户域的访问装置,包括:隐藏单元,用于隐藏指定用户域的访问入口;第一检测单元,用于检测是否获取到用于触发对所述指定用户域进行访问的触发信息;身份验证单元,用于在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;处理单元,用于在所述身份验证单元对所述用户的身份验证通过时,运行所述指定用户域。According to a second aspect of the present invention, a device for accessing a user domain is provided, including: a hiding unit, configured to hide an access entry of a specified user domain; and a first detecting unit, configured to detect whether the The triggering information is used to specify the user domain to access the authentication information, and the authentication unit is configured to perform identity verification on the user accessing the specified user domain when determining the triggering information, and the processing unit is configured to be in the identity verification unit. The specified user domain is run when the authentication of the user passes.
在该技术方案中,通过隐藏用户域的访问入口(用户可根据实际需求,对终端中的任一用户域进行隐藏,特别是存储有用户私密信息或一些支付应用等的用户域),隐藏用户域的访问入口后,在终端的任何界面上均不显示该用户域的图标等,使得除用户本人外的其他任何人很难获知该用户域的存在,有效地解决了相关技术中用户域访问时隐密性差的问题,而当用户本人对已隐藏访问入口的指定用户域有访问需求时,终端通过检测是否获取到用于触发对指定用户域进行访问的触发信息,并在确定获取到触发信息时,对访问指定用户域的用户进行身份验证,以对用户的身份验证通过,再运行指定用户域,由于用户域的访问入口已隐藏,在对用户进行身份验证时,对于用户输入的验证信息,他人很难将验证信息和已隐藏的用户域进行关联,降低了密码泄漏的机率,确保了用户域的整个访问过程的安全性,满足了用户对用户域访问过程的隐秘和安全需求。In the technical solution, by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved. The problem of poor privacy, when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained. In the case of information, the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated. Information, it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
在上述技术方案中,优选地,所述第一检测单元具体用于:获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。In the above technical solution, preferably, the first detecting unit is specifically configured to: obtain character information input by the user, and determine whether the character information matches the preset character information, when determining the character information and When the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information. When it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
在该技术方案中,当用户域的访问入口隐藏后,用户需要访问该用户域时,可通过多种途径来实现:可以输入预设字符信息(预设字符信息可由用户预设进行设置),例如在紧急呼叫界面上输入字符信息“**##”;也可以连续多次输入同样的预设信息(预设信息可由用户预先设置),如在解锁界面上连续2次输入同样的预设信息,在第一次输入预设信息完成时,可同时显示“输入错误,请重试”等提示信息,第二次继续输入同样的预设信息,整个过程对他人 具有一定的迷惑性,因此会提高安全性。In the technical solution, when the access entry of the user domain is hidden, the user needs to access the user domain by using multiple ways: the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface. Information, when the first time the preset information is completed, the prompt information such as "Input error, please retry" can be displayed at the same time, and the same preset information is continued for the second time, the whole process is to others. It is somewhat confusing and therefore improves safety.
在上述任一项技术方案中,优选地,所述身份验证单元包括:第一获取单元,用于获取预定界面上的至少一个解锁元素;计算单元,用于根据所述至少一个解锁元素,计算所述指定用户域的访问密码;第二获取单元,用于获取所述用户输入的验证信息;判断单元,用于判断所述验证信息与所述访问密码是否相匹配;确定单元,用于在所述判断单元判定所述验证信息与所述访问密码相匹配时,确定对所述用户的身份验证通过。In any one of the above aspects, preferably, the identity verification unit includes: a first obtaining unit, configured to acquire at least one unlocking element on the predetermined interface; and a calculating unit, configured to calculate, according to the at least one unlocking element, The access password of the specified user domain; the second obtaining unit is configured to obtain the verification information input by the user; the determining unit is configured to determine whether the verification information matches the access password, and the determining unit is configured to When the determining unit determines that the verification information matches the access password, it determines that the identity verification of the user passes.
在该技术方案中,考虑到若用户域的访问密码固定,用户每次访问都会输入同一个密码,可能会存在密码泄漏的安全隐患,因此通过获取预定界面上的至少一个解锁元素,并根据至少一个解锁元素,计算指定用户域的访问密码,使得用户域的访问密码处于变动状态,不固定设置,用户在访问时不会固定的输入密码,有效地避免了密码泄漏。其中,解锁元素可以是预定界面上的时间、日期、字符信息等。In the technical solution, it is considered that if the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed. The user does not input a password when accessing, effectively avoiding password leakage. The unlocking element may be time, date, character information, and the like on the predetermined interface.
在上述任一项技术方案中,优选地,所述计算单元具体用于:确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。In any one of the foregoing technical solutions, the calculating unit is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and the The preset password generation rule corresponding to each unlocking element is calculated, and the access password is calculated.
在该技术方案中,在计算访问密码时,可具体通过至少一个解锁元素和每个解锁元素对应的预设密码生成规则来计算,其中,解锁元素可以是预定界面上的时间、日期、字符信息等,例如,以时间(10:51)作为解锁元素,以倒排法作为与其对应的预设密码生成规则,那么计算得出当前的验证密码为“1501”,此例仅用于对如何计算验证密码进行说明,并不做任何限定,用户可以根据实际需求设定解锁元素的数量,以及与每个解锁元素对应的预设密码生成规则,每个解锁元素的预设密码成规则可相同,也可以不同。In the technical solution, when calculating the access password, the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface. Etc. For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation. The user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element. The preset passwords of each unlocking element can be the same. It can also be different.
在上述任一项技术方案中,优选地,还包括:第二检测单元,用于检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;所述判断单元,具体用于在所述第二检测单元确定在所述预定时间内获取到所述验证信息时,判断所述验证信息与所述访问密码是否匹配。In any one of the foregoing technical solutions, the method further includes: a second detecting unit, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired; When the second detecting unit determines that the verification information is acquired within the predetermined time, it is determined whether the verification information matches the access password.
在该技术方案中,通过在检测到在获取到触发信息之后的预定时间内获取 到验证信息时,再执行进一步的匹配验证,一方面确保了验证时的时效性,另一方面也避免后台一直处于待验证状态,降低了***运行负荷。In the technical solution, by acquiring within a predetermined time after detecting that the trigger information is acquired When the verification information is obtained, further matching verification is performed, on the one hand, the timeliness of the verification is ensured, and on the other hand, the background is always in the state to be verified, and the system operation load is reduced.
根据本发明的第三方面,还提出了一种移动终端,包括处理器和存储器,所述存储器中存储一组程序代码,且所述处理器用于调用所述存储器中存储的程序代码,用于执行以下操作:According to a third aspect of the present invention, there is also provided a mobile terminal comprising a processor and a memory, wherein the memory stores a set of program codes, and the processor is configured to call program code stored in the memory for Do the following:
隐藏指定用户域的访问入口;检测是否获取到用于触发对所述指定用户域进行访问的触发信息;在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;若对所述用户的身份验证通过,则运行所述指定用户域。Hiding the access entry of the specified user domain; detecting whether the trigger information for triggering the access to the specified user domain is obtained; and determining to obtain the trigger information, authenticating the user accessing the specified user domain; The specified user domain is run if the authentication of the user is passed.
在上述任一项技术方案中,优选地,所述处理器检测是否获取到用于触发对所述指定用户域进行访问的触发信息的步骤,具体包括:In any one of the foregoing technical solutions, the step of detecting, by the processor, the trigger information for triggering access to the specified user domain, specifically includes:
获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。Obtaining the character information input by the user, and determining whether the character information matches the preset character information, and determining that the trigger information is acquired when determining that the character information matches the preset character information; or Obtaining information that the user inputs multiple times in succession, and determining whether the information input by the user each time matches the preset information, and determining that the information input by the user each time matches the preset information , determining that the trigger information is obtained.
在上述任一项技术方案中,优选地,所述处理器对访问所述指定用户域的用户进行身份验证的步骤,具体包括:In any one of the foregoing technical solutions, preferably, the step of the processor performing identity verification on a user accessing the specified user domain includes:
获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;获取所述用户输入的验证信息;判断所述验证信息与所述访问密码是否相匹配;若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。Acquiring at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element; acquiring verification information input by the user; determining whether the verification information is related to the access password Matching; if it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
在上述任一项技术方案中,优选地,所述处理器根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:In any one of the foregoing technical solutions, the step of calculating, by the processor, the access password of the specified user domain, according to the at least one unlocking element, specifically includes:
确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。Determining a preset password generation rule corresponding to each of the at least one unlocking element; calculating the access password according to the at least one unlocking element and a preset password generating rule corresponding to each of the unlocking elements.
在上述任一项技术方案中,优选地,所述处理器在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还执行以下操作: In any of the above technical solutions, preferably, the processor further performs the following operations before the step of determining whether the verification information matches the access password:
检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。Detecting whether the verification information is acquired within a predetermined time after the trigger information is acquired; if it is determined that the verification information is acquired within the predetermined time, performing the determining the verification information and the access password Whether to match the steps.
通过以上技术方案,隐藏用户域的访问入口并为用户域设置动态的访问密码,有效地避免了相关技术中访问方式隐密性差、泄密性高等问题,大大提高了用户域整个访问过程的安全性,满足了用户的实际需求。Through the above technical solution, the access entry of the user domain is hidden and the dynamic access password is set for the user domain, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related technology, and greatly improves the security of the entire access process of the user domain. , to meet the actual needs of users.
附图说明DRAWINGS
图1示出了根据本发明的实施例的用户域的访问方法的示意流程图;FIG. 1 shows a schematic flow chart of a method of accessing a user domain according to an embodiment of the present invention; FIG.
图2示出了根据本发明的实施例的用户域的访问装置的示意框图;2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention;
图3示出了根据本发明的实施例的移动终端的示意框图;FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention; FIG.
图4A和图4B示出了根据本发明的实施例的移动终端的界面示意图;4A and 4B are diagrams showing an interface of a mobile terminal according to an embodiment of the present invention;
图5示出了根据本发明的另一个实施例的用户域的访问方法的示意流程图;FIG. 5 is a schematic flow chart showing a method of accessing a user domain according to another embodiment of the present invention; FIG.
图6示出了根据本发明的另一个实施例的移动终端的示意框图。FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention.
具体实施方式detailed description
为了能够更清楚地理解本发明的上述目的、特征和优点,下面结合附图和具体实施方式对本发明进行进一步的详细描述。需要说明的是,在不冲突的情况下,本申请的实施例及实施例中的特征可以相互组合。The present invention will be further described in detail below with reference to the drawings and specific embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
在下面的描述中阐述了很多具体细节以便于充分理解本发明,但是,本发明还可以采用其他不同于在此描述的其他方式来实施,因此,本发明的保护范围并不受下面公开的具体实施例的限制。In the following description, numerous specific details are set forth in order to provide a full understanding of the invention, but the invention may be practiced otherwise than as described herein. Limitations of the embodiments.
图1示出了根据本发明的实施例的用户域的访问方法的示意流程图。FIG. 1 shows a schematic flow chart of a method of accessing a user domain in accordance with an embodiment of the present invention.
如图1所示,根据本发明的实施例的用户域的访问方法,包括:As shown in FIG. 1, a method for accessing a user domain according to an embodiment of the present invention includes:
步骤102,隐藏指定用户域的访问入口;Step 102: Hide an access entry of a specified user domain.
步骤104,检测是否获取到用于触发对所述指定用户域进行访问的触发信息;Step 104: Detect whether a trigger information for triggering access to the specified user domain is obtained.
步骤106,在确定获取到所述触发信息时,对访问所述指定用户域的用户 进行身份验证;Step 106: When it is determined that the trigger information is obtained, accessing the user of the specified user domain Authenticate;
步骤108,若对所述用户的身份验证通过,则运行所述指定用户域。Step 108: Run the specified user domain if the identity verification of the user passes.
在该技术方案中,通过隐藏用户域的访问入口(用户可根据实际需求,对终端中的任一用户域进行隐藏,特别是存储有用户私密信息或一些支付应用等的用户域),隐藏用户域的访问入口后,在终端的任何界面上均不显示该用户域的图标等,使得除用户本人外的其他任何人很难获知该用户域的存在,有效地解决了相关技术中用户域访问时隐密性差的问题,而当用户本人对已隐藏访问入口的指定用户域有访问需求时,终端通过检测是否获取到用于触发对指定用户域进行访问的触发信息,并在确定获取到触发信息时,对访问指定用户域的用户进行身份验证,以对用户的身份验证通过,再运行指定用户域,由于用户域的访问入口已隐藏,在对用户进行身份验证时,对于用户输入的验证信息,他人很难将验证信息和已隐藏的用户域进行关联,降低了密码泄漏的机率,确保了用户域的整个访问过程的安全性,满足了用户对用户域访问过程的隐秘和安全需求。In the technical solution, by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved. The problem of poor privacy, when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained. In the case of information, the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated. Information, it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
在上述技术方案中,优选地,检测是否获取到用于触发对指定用户域进行访问的触发信息的步骤,具体包括:获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。In the above technical solution, preferably, the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
在该技术方案中,当用户域的访问入口隐藏后,用户需要访问该用户域时,可通过多种途径来实现:可以输入预设字符信息(预设字符信息可由用户预设进行设置),例如在紧急呼叫界面上输入字符信息“**##”;也可以连续多次输入同样的预设信息(预设信息可由用户预先设置),如在解锁界面上连续2次输入同样的预设信息,在第一次输入预设信息完成时,可同时显示“输入错误,请重试”等提示信息,第二次继续输入同样的预设信息,整个过程对他人具有一定的迷惑性,因此会提高安全性。In the technical solution, when the access entry of the user domain is hidden, the user needs to access the user domain by using multiple ways: the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface. Information, when the first input of the preset information is completed, the prompt information such as "input error, please retry" can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
在上述任一项技术方案中,优选地,对访问所述指定用户域的用户进行身 份验证的步骤,具体包括:获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;获取所述用户输入的验证信息;判断所述验证信息与所述访问密码是否相匹配;若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。In any of the above technical solutions, preferably, the user accessing the specified user domain is performed on the body. The step of verifying, specifically includes: acquiring at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element; acquiring verification information input by the user; determining the verification Whether the information matches the access password; if it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
在该技术方案中,考虑到若用户域的访问密码固定,用户每次访问都会输入同一个密码,可能会存在密码泄漏的安全隐患,因此通过获取预定界面上的至少一个解锁元素,并根据至少一个解锁元素,计算指定用户域的访问密码,使得用户域的访问密码处于变动状态,不固定设置,用户在访问时不会固定的输入密码,有效地避免了密码泄漏。其中,解锁元素可以是预定界面上的时间、日期、字符信息等。In the technical solution, it is considered that if the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed. The user does not input a password when accessing, effectively avoiding password leakage. The unlocking element may be time, date, character information, and the like on the predetermined interface.
在上述任一项技术方案中,优选地,根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。In any one of the foregoing technical solutions, the step of calculating an access password of the specified user domain according to the at least one unlocking element, specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
在该技术方案中,在计算访问密码时,可具体通过至少一个解锁元素和每个解锁元素对应的预设密码生成规则来计算,其中,解锁元素可以是预定界面上的时间、日期、字符信息等,例如,以时间(10:51)作为解锁元素,以倒排法作为与其对应的预设密码生成规则,那么计算得出当前的验证密码为“1501”,此例仅用于对如何计算验证密码进行说明,并不做任何限定,用户可以根据实际需求设定解锁元素的数量,以及与每个解锁元素对应的预设密码生成规则,每个解锁元素的预设密码成规则可相同,也可以不同。In the technical solution, when calculating the access password, the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface. Etc. For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation. The user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element. The preset passwords of each unlocking element can be the same. It can also be different.
在上述任一项技术方案中,优选地,在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还包括:检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。In any one of the foregoing technical solutions, preferably, before the step of determining whether the verification information matches the access password, the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
在该技术方案中,通过在检测到在获取到触发信息之后的预定时间内获取到验证信息时,再执行进一步的匹配验证,一方面确保了验证时的时效性,另一方面也避免后台一直处于待验证状态,降低了***运行负荷。In this technical solution, by performing the matching verification after detecting the acquisition of the verification information within a predetermined time after the trigger information is acquired, on the one hand, the timeliness of the verification is ensured, and on the other hand, the background is always avoided. It is in the state to be verified, which reduces the system operation load.
图2示出了根据本发明的实施例的用户域的访问装置的示意框图。 2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention.
如图2所示,根据本发明的实施例的用户域的访问装置200,包括:隐藏单元202、第一检测单元204、身份验证单元206和处理单元208。As shown in FIG. 2, the access device 200 of the user domain according to an embodiment of the present invention includes: a hiding unit 202, a first detecting unit 204, an identity verifying unit 206, and a processing unit 208.
其中,隐藏单元202,用于隐藏指定用户域的访问入口;检测单元204,用于检测是否获取到用于触发对所述指定用户域进行访问的触发信息;身份验证单元206,用于在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;处理单元208,用于在所述身份验证单元对所述用户的身份验证通过时,运行所述指定用户域。The hiding unit 202 is configured to hide an access entry of the specified user domain, and the detecting unit 204 is configured to detect whether trigger information for triggering access to the specified user domain is acquired, and the identity verification unit 206 is configured to determine When the trigger information is obtained, the user accessing the specified user domain is authenticated; and the processing unit 208 is configured to run the specified user domain when the identity verification unit passes the identity verification of the user.
在该技术方案中,通过隐藏用户域的访问入口(用户可根据实际需求,对终端中的任一用户域进行隐藏,特别是存储有用户私密信息或一些支付应用等的用户域),隐藏用户域的访问入口后,在终端的任何界面上均不显示该用户域的图标等,使得除用户本人外的其他任何人很难获知该用户域的存在,有效地解决了相关技术中用户域访问时隐密性差的问题,而当用户本人对已隐藏访问入口的指定用户域有访问需求时,终端通过检测是否获取到用于触发对指定用户域进行访问的触发信息,并在确定获取到触发信息时,对访问指定用户域的用户进行身份验证,以对用户的身份验证通过,再运行指定用户域,由于用户域的访问入口已隐藏,在对用户进行身份验证时,对于用户输入的验证信息,他人很难将验证信息和已隐藏的用户域进行关联,降低了密码泄漏的机率,确保了用户域的整个访问过程的安全性,满足了用户对用户域访问过程的隐秘和安全需求。In the technical solution, by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved. The problem of poor privacy, when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained. In the case of information, the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated. Information, it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
在上述技术方案中,优选地,所述第一检测单元204具体用于:获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。In the above technical solution, preferably, the first detecting unit 204 is specifically configured to: acquire character information input by the user, and determine whether the character information matches the preset character information, when determining the character information. When the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information. When it is determined that the information input by the user each time matches the preset information, it is determined that the trigger information is acquired.
在该技术方案中,当用户域的访问入口隐藏后,用户需要访问该用户域时,可通过多种途径来实现:可以输入预设字符信息(预设字符信息可由用户预设进行设置),例如在紧急呼叫界面上输入字符信息“**##”;也可以连续多次输入同样的预设信息(预设信息可由用户预先设置),如在解锁界面上连续2 次输入同样的预设信息,在第一次输入预设信息完成时,可同时显示“输入错误,请重试”等提示信息,第二次继续输入同样的预设信息,整个过程对他人具有一定的迷惑性,因此会提高安全性。In the technical solution, when the access entry of the user domain is hidden, the user needs to access the user domain by using multiple ways: the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), such as continuous on the unlock interface. Enter the same preset information once, when the first input of the preset information is completed, the prompt information such as “Input error, please retry” can be displayed at the same time, and the same preset information is continued for the second time. The whole process has the same for others. Certainly confusing, so it will improve safety.
在上述任一项技术方案中,优选地,所述身份验证单元206包括:第一获取单元206A,用于获取预定界面上的至少一个解锁元素;计算单元206B,用于根据所述至少一个解锁元素,计算所述指定用户域的访问密码;第二获取单元206C,用于获取所述用户输入的验证信息;判断单元206D,用于判断所述验证信息与所述访问密码是否相匹配;确定单元206E,用于在所述判断单元判定所述验证信息与所述访问密码相匹配时,确定对所述用户的身份验证通过。In any one of the foregoing technical solutions, preferably, the identity verification unit 206 includes: a first obtaining unit 206A, configured to acquire at least one unlocking element on a predetermined interface; and a calculating unit 206B, configured to unlock according to the at least one An element, the access password of the specified user domain is calculated; the second obtaining unit 206C is configured to obtain the verification information input by the user; the determining unit 206D is configured to determine whether the verification information matches the access password; The unit 206E is configured to determine, when the determining unit determines that the verification information matches the access password, determine that the identity verification of the user passes.
在该技术方案中,考虑到若用户域的访问密码固定,用户每次访问都会输入同一个密码,可能会存在密码泄漏的安全隐患,因此通过获取预定界面上的至少一个解锁元素,并根据至少一个解锁元素,计算指定用户域的访问密码,使得用户域的访问密码处于变动状态,不固定设置,用户在访问时不会固定的输入密码,有效地避免了密码泄漏。其中,解锁元素可以是预定界面上的时间、日期、字符信息等。In the technical solution, it is considered that if the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed. The user does not input a password when accessing, effectively avoiding password leakage. The unlocking element may be time, date, character information, and the like on the predetermined interface.
在上述任一项技术方案中,优选地,所述计算单元206B具体用于:确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。In any one of the foregoing technical solutions, the calculating unit 206B is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and The preset password generation rule corresponding to each unlocking element calculates the access password.
在该技术方案中,在计算访问密码时,可具体通过至少一个解锁元素和每个解锁元素对应的预设密码生成规则来计算,其中,解锁元素可以是预定界面上的时间、日期、字符信息等,例如,以时间(10:51)作为解锁元素,以倒排法作为与其对应的预设密码生成规则,那么计算得出当前的验证密码为“1501”,此例仅用于对如何计算验证密码进行说明,并不做任何限定,用户可以根据实际需求设定解锁元素的数量,以及与每个解锁元素对应的预设密码生成规则,每个解锁元素的预设密码成规则可相同,也可以不同。In the technical solution, when calculating the access password, the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface. Etc. For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation. The user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element. The preset passwords of each unlocking element can be the same. It can also be different.
在上述任一项技术方案中,优选地,还包括:第二检测单元210,用于检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;所述判 断单元206D,具体用于在所述第二检测单元210确定在所述预定时间内获取到所述验证信息时,判断所述验证信息与所述访问密码是否匹配。In any one of the foregoing technical solutions, the method further includes: a second detecting unit 210, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired; The breaking unit 206D is specifically configured to determine, when the second detecting unit 210 determines that the verification information is acquired within the predetermined time, whether the verification information matches the access password.
在该技术方案中,通过在检测到在获取到触发信息之后的预定时间内获取到验证信息时,再执行进一步的匹配验证,一方面确保了验证时的时效性,另一方面也避免后台一直处于待验证状态,降低了***运行负荷。In this technical solution, by performing the matching verification after detecting the acquisition of the verification information within a predetermined time after the trigger information is acquired, on the one hand, the timeliness of the verification is ensured, and on the other hand, the background is always avoided. It is in the state to be verified, which reduces the system operation load.
图3示出了根据本发明的实施例的移动终端的示意框图。FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention.
如图3所示,根据本发明的实施例的移动终端300,包括:如图2所示的用户域的访问装置200。As shown in FIG. 3, the mobile terminal 300 according to an embodiment of the present invention includes: an access device 200 of a user domain as shown in FIG. 2.
以下结合图4A、图4B和图5对本发明的技术方案作进一步说明。The technical solution of the present invention will be further described below with reference to FIGS. 4A, 4B and 5.
在本实施例中,初始化阶段:可在移动终端中的“设置->锁屏”设置项中,增加一专门处理安全域策略的“安全域开启”选项,可针对安全域开启操作进行设置,具体包括“先导密码”的方式选择、“先导密码”的设定,“安全密码”的算法设定等,同时对该安全域进行隐藏设置,即在移动终端中的任何界面上均不显示该安全域的访问入口(如安全域的图标等标识信息),用户可设置“先导密码”与安全域之间的关联关系,以使移动终端在后续处理过程中,根据“先到密码”来执行触发对安全域的访问。In this embodiment, the initialization phase: in the "Settings -> Lock Screen" setting item in the mobile terminal, a "Security Domain On" option specifically for processing the security domain policy may be added, and the security domain opening operation may be set. Specifically, the method includes a "preamble password" mode selection, a "preamble password" setting, a "security password" algorithm setting, and the like, and the security domain is hidden, that is, the interface is not displayed on any interface in the mobile terminal. The access point of the security domain (such as the icon of the security domain), the user can set the association relationship between the "preamble password" and the security domain, so that the mobile terminal performs the "first password" in the subsequent processing. Triggers access to the security domain.
其中,“先导密码”的作用是开启“先导模式”:通知***用户将尝试进入“安全域”,对此进行相关准备工作,如后台拉起相关内容、根据用户设定的算法及相关信息得到当前“安全密码”、准备验证用户的输入密码等。The role of the "preamble password" is to enable the "pilot mode": notify the system user to try to enter the "security domain", and prepare for this, such as pulling up relevant content in the background, obtaining the algorithm according to the user and related information. Current "secure password", ready to verify the user's input password, and so on.
“先导密码”分为两种:There are two types of "leading passwords":
I:“前缀型先导密码”I: "Prefixed Pilot Password"
如图4A所示,锁屏界面上均存在“紧急呼叫”功能402,点击402后可进入“紧急呼叫”界面,将其作为隐密的安全域解锁界面,不仅具有很高的隐蔽性,更增加了密码设置的可操作空间。As shown in FIG. 4A, the “emergency call” function 402 exists on the lock screen interface. After clicking 402, the “emergency call” interface can be accessed as an implicit security domain unlock interface, which not only has high concealment, but also has high concealment. Increased operational space for password settings.
如图4B所示,在“紧急呼叫”界面,输入设置的“前缀密码”如“**##”,开启“先导模式”,***会自动计算出此时的“安全密码”,用户可直接在“前缀密码”后输入验证信息进行验证,若用户输入的验证密码和***计算出的“安全密码”匹配成功,则可进入安全域。As shown in Figure 4B, on the "Emergency Call" interface, enter the set "prefix password" such as "**##" to enable "pilot mode", the system will automatically calculate the "security password" at this time, the user can directly After the "prefix password" is entered, the authentication information is verified. If the authentication password entered by the user and the "security password" calculated by the system match successfully, the security domain can be entered.
II:“迷惑型先导密码” II: "Confused Pilot Password"
“迷惑型先导密码”的设置可以基于正常的锁屏界面,如图形解锁界面,数字解锁界面等,其设置规则与一般的解锁密码相同,区别在于:首先输入“迷惑型先导密码”时,会提示密码输入错误,需再次输入同样的“迷惑型先导密码”后,才能够开启“先导模式”,进行安全域的后台准备,一般在启动“先导模式”后,可跳转至“紧急呼叫”界面,通过“紧急呼叫”界面接收用户输入的验证密码,来进行进一步的验证。The setting of "confusing type pilot password" can be based on the normal lock screen interface, such as graphic unlocking interface, digital unlocking interface, etc. The setting rules are the same as the general unlocking password. The difference is: when you first enter the "confusing type pilot password", If the password is entered incorrectly, you need to enter the same "confusing pilot password" again before you can enable the "leading mode" to prepare the background of the security domain. Generally, after starting the "leading mode", you can jump to "emergency call". The interface receives the verification password input by the user through the “emergency call” interface for further verification.
在启动“先导模式”的预定时长(即从输入“先导性密码”后的预定时长,该预定时长可由用户自定义或***默认设置)内判断是否接收到用户输入的验证密码,若超过该预定时长没有进行验证密码的输入操作,将退出“先导模式”,此后即使输入正确的验证密码,也得不到***的验证。The predetermined duration of the "pilot mode" is initiated (ie, the predetermined duration from the input of the "leading password", the predetermined duration may be determined by the user or the system default setting) whether the verification password input by the user is received, if the predetermined password is exceeded If the duration does not perform the input operation of verifying the password, the "lead mode" will be exited, and even if the correct verification password is entered, the system will not be verified.
***计算出的“安全密码”是进入“先导模式”后,针对安全域的验证密码,其不采用固定型密码,可结合Keyguard(键盘锁)界面上的指定信息(指定信息可由用户自定义设置,如可以是屏幕上的日期、时间和锁屏信息等)进行算法型密码设定。The "security password" calculated by the system is the verification password for the security domain after entering the "leading mode". It does not use a fixed password, and can be combined with the specified information on the Keyguard interface (the specified information can be customized by the user). Algorithmic password setting, such as date, time, and lock screen information on the screen.
如以指定信息为锁屏界面上的当前日期和时间为例进行说明,如当前日期时间为:2016.01.29 12:31;For example, the specified date is the current date and time on the lock screen interface, for example, the current date and time is: 2016.01.29 12:31;
算法举例:Algorithm example:
倒排法:将当前日期时间(2016.01.29 12:31)倒排,设为“安全密码”,则得到“安全密码”为“13 21 92 10 6102”,用户在实际操作时,只要输入的验证密码为“13 21 92 10 6102”,即可访问安全域,操作较为简便。Inverted method: Invert the current date and time (2016.01.29 12:31) and set it as “secure password”, then get “secure password” as “13 21 92 10 6102”, the user only needs to input when actually operating. The verification password is “13 21 92 10 6102”, and you can access the security domain, which is easy to operate.
对位法:用户可在初始化设置阶段,根据自身操作习惯和需求,任意设置对位规则,本实施例以如下对位规则进行说明:从左至右,分别取4位为一单元(如“2016”为一组,“0129”为一组,“1231”为一组),再将其分为2对2位数,分别进行十位和个位的运算,以加法为例:20,16对应相加(2+1,0+6),月份与日份对位相加(0+2,1+9),时位与分位对位相加(1+3,2+1),得到“安全密码”为“3 6 2 10 4 3”。The registration method: the user can arbitrarily set the alignment rule according to his own operating habits and requirements during the initial setting phase. This embodiment describes the following alignment rules: from left to right, 4 bits are taken as a unit (such as " 2016" is a group, "0129" is a group, "1231" is a group), and then it is divided into 2 pairs of 2 digits, and the operation of ten and one digits respectively is performed, taking the addition as an example: 20, 16 Corresponding addition (2+1,0+6), the month and the Japanese registration are added (0+2,1+9), and the time and the quantitation are added (1+3, 2+1). Get the "Security Password" as "3 6 2 10 4 3".
拼音法:以自定义的锁屏信息为基础,取其拼音对应的数字为密码。如“欢迎你”(HuanYingNi),那么得到“安全密码”为“4826 9464 64”,当然,也可以设置字母“HuanYingNi”为“安全密码”。 Pinyin method: Based on the customized lock screen information, the number corresponding to the pinyin is the password. For example, "Welcome to you" (HuanYingNi), then get the "security password" as "4826 9464 64", of course, you can also set the letter "HuanYingNi" to "security password".
具体在实施时的处理过程,如图5所示,包括:Specifically, the processing process at the time of implementation, as shown in FIG. 5, includes:
步骤502,判断是否处于锁屏界面,若是,执行步骤504;否则,执行步骤516。In step 502, it is determined whether it is in the lock screen interface. If yes, step 504 is performed; otherwise, step 516 is performed.
步骤504,判断是否有“前缀型先到密码”或“迷惑型先导密码”验证通过,若是,执行步骤506;否则,执行步骤516。 Step 504, it is determined whether there is a "prefix type first arrival password" or "confusing type pilot password" verification pass, and if so, step 506 is performed; otherwise, step 516 is performed.
步骤506,开启“先导模式”,并通过设定算法以及指定信息计算当前的“安全密码”。In step 506, the "pilot mode" is turned on, and the current "secure password" is calculated by setting an algorithm and specifying information.
步骤508,判断在启动“先导模式”的预定时长内,是否接收到用户输入的验证密码,若是,执行步骤510;否则,执行步骤512。Step 508: Determine whether the verification password input by the user is received within a predetermined duration of starting the "pilot mode". If yes, go to step 510; otherwise, go to step 512.
步骤510,判断当前“安全密码”和用户输入的验证密码是否匹配,若是,执行步骤514;否则,执行步骤516。In step 510, it is determined whether the current "secure password" and the verification password input by the user match, and if so, step 514 is performed; otherwise, step 516 is performed.
步骤512,退出“先导模式”。In step 512, the "lead mode" is exited.
步骤514,运行并进入安全域。 Step 514, run and enter the security domain.
步骤516,禁止访问或进入安全域。In step 516, access or entry to the security domain is prohibited.
图6示出了根据本发明的另一个实施例的移动终端的示意框图。如图6所示,所述移动终端可以包括:至少一个处理器61,例如CPU,至少一个通信总线62以及存储器63;通信总线62用于实现这些组件之间的连接通信;存储器63可以是高速RAM存储器,也可以是非易失性存储器(non-volatile memory),例如至少一个磁盘存储器。存储器63中存储一组程序代码,且处理器61用于调用存储器63中存储的程序代码,执行以下操作:FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention. As shown in FIG. 6, the mobile terminal may include at least one processor 61, such as a CPU, at least one communication bus 62, and a memory 63; a communication bus 62 for implementing connection communication between these components; and the memory 63 may be a high speed The RAM memory may also be a non-volatile memory such as at least one disk memory. A set of program codes is stored in the memory 63, and the processor 61 is configured to call the program code stored in the memory 63 to perform the following operations:
隐藏指定用户域的访问入口;检测是否获取到用于触发对所述指定用户域进行访问的触发信息;在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;若对所述用户的身份验证通过,则运行所述指定用户域。Hiding the access entry of the specified user domain; detecting whether the trigger information for triggering the access to the specified user domain is obtained; and determining to obtain the trigger information, authenticating the user accessing the specified user domain; The specified user domain is run if the authentication of the user is passed.
在上述任一项技术方案中,优选地,所述处理器61检测是否获取到用于触发对所述指定用户域进行访问的触发信息的步骤,具体包括:In any one of the foregoing technical solutions, the step of detecting, by the processor 61, the trigger information for triggering access to the specified user domain, specifically includes:
获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预 设信息相匹配时,确定获取到了所述触发信息。Obtaining the character information input by the user, and determining whether the character information matches the preset character information, and determining that the trigger information is acquired when determining that the character information matches the preset character information; or Obtaining information that the user inputs multiple times in succession, and determining whether the information input by the user each time matches the preset information, and determining that the information input by the user each time is related to the pre-predetermined information When the information is matched, it is determined that the trigger information is acquired.
在上述任一项技术方案中,优选地,所述处理器61对访问所述指定用户域的用户进行身份验证的步骤,具体包括:In any one of the foregoing technical solutions, preferably, the step of the processor 61 performing identity verification on a user accessing the specified user domain includes:
获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;获取所述用户输入的验证信息;判断所述验证信息与所述访问密码是否相匹配;若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。Acquiring at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element; acquiring verification information input by the user; determining whether the verification information is related to the access password Matching; if it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
在上述任一项技术方案中,优选地,所述处理器61根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:In any one of the foregoing technical solutions, the step of calculating, by the processor 61, the access password of the specified user domain, according to the at least one unlocking element, specifically includes:
确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。Determining a preset password generation rule corresponding to each of the at least one unlocking element; calculating the access password according to the at least one unlocking element and a preset password generating rule corresponding to each of the unlocking elements.
在上述任一项技术方案中,优选地,所述处理器在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还执行以下操作:In any of the above technical solutions, preferably, the processor further performs the following operations before the step of determining whether the verification information matches the access password:
检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。Detecting whether the verification information is acquired within a predetermined time after the trigger information is acquired; if it is determined that the verification information is acquired within the predetermined time, performing the determining the verification information and the access password Whether to match the steps.
通过上述实施例,可以充分利用Keyguard(键盘锁)应用,在保留用户使用习惯的基础上,很好地实现了安全域的隐藏和加密,具有很高的安全性和实用性,可较大程度上提升用户的使用体验。Through the above embodiments, the Keyguard (keyboard lock) application can be fully utilized, and the security domain hiding and encryption can be well realized on the basis of retaining the user's usage habits, which has high security and practicability, and can be largely Improve the user experience.
以上结合附图详细说明了本发明的技术方案,本发明的技术方案提出了一种新的用户域的访问方案,通过隐藏用户域的访问入口并为用户域设置动态的访问密码,有效地避免了相关技术中访问方式隐密性差、泄密性高等问题,大大提高了用户域整个访问过程的安全性,满足了用户的实际需求。The technical solution of the present invention is described in detail above with reference to the accompanying drawings. The technical solution of the present invention proposes a new user domain access scheme, which effectively avoids by hiding the access entry of the user domain and setting a dynamic access password for the user domain. In the related technology, the access method has poor confidentiality and high leakage, which greatly improves the security of the entire access process of the user domain and satisfies the actual needs of the user.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims (15)

  1. 一种用户域的访问方法,其特征在于,包括:A method for accessing a user domain, comprising:
    隐藏指定用户域的访问入口;Hide the access entry for the specified user domain;
    检测是否获取到用于触发对所述指定用户域进行访问的触发信息;Detecting whether a trigger information for triggering access to the specified user domain is obtained;
    在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;When it is determined that the trigger information is obtained, performing identity verification on a user accessing the specified user domain;
    若对所述用户的身份验证通过,则运行所述指定用户域。The specified user domain is run if the authentication of the user is passed.
  2. 根据权利要求1所述的用户域的访问方法,其特征在于,所述检测是否获取到用于触发对所述指定用户域进行访问的触发信息的步骤,具体包括:The method for accessing a user domain according to claim 1, wherein the step of detecting whether to trigger trigger information for triggering access to the specified user domain includes:
    获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或Obtaining the character information input by the user, and determining whether the character information matches the preset character information, and determining that the trigger information is acquired when determining that the character information matches the preset character information; or
    获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。Obtaining information that the user inputs multiple times in succession, and determining whether the information input by the user each time matches the preset information, and determining that the information input by the user each time matches the preset information , determining that the trigger information is obtained.
  3. 根据权利要求1所述的用户域的访问方法,其特征在于,对访问所述指定用户域的用户进行身份验证的步骤,具体包括:The method for accessing a user domain according to claim 1, wherein the step of authenticating the user accessing the specified user domain comprises:
    获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;Obtaining at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element;
    获取所述用户输入的验证信息;Obtaining verification information input by the user;
    判断所述验证信息与所述访问密码是否相匹配;Determining whether the verification information matches the access password;
    若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。If it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
  4. 根据权利要求3所述的用户域的访问方法,其特征在于,根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:The method for accessing a user domain according to claim 3, wherein the step of calculating an access password of the specified user domain according to the at least one unlocking element comprises:
    确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;Determining a preset password generation rule corresponding to each of the at least one unlocking element;
    根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。 The access password is calculated according to the at least one unlocking element and a preset password generating rule corresponding to each of the unlocking elements.
  5. 根据权利要求3或4所述的用户域的访问方法,其特征在于,在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还包括:The method for accessing a user domain according to claim 3 or 4, further comprising: before the step of determining whether the verification information matches the access password, the method further comprising:
    检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;Detecting whether the verification information is acquired within a predetermined time after the trigger information is acquired;
    若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。If it is determined that the verification information is acquired within the predetermined time, the step of determining whether the verification information matches the access password is performed.
  6. 一种用户域的访问装置,其特征在于,包括:A user domain access device, comprising:
    隐藏单元,用于隐藏指定用户域的访问入口;Hidden unit for hiding the access entry of the specified user domain;
    第一检测单元,用于检测是否获取到用于触发对所述指定用户域进行访问的触发信息;a first detecting unit, configured to detect whether trigger information for triggering access to the specified user domain is acquired;
    身份验证单元,用于在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;An identity verification unit, configured to perform identity verification on a user accessing the specified user domain when determining to obtain the trigger information;
    处理单元,用于在所述身份验证单元对所述用户的身份验证通过时,运行所述指定用户域。And a processing unit, configured to run the specified user domain when the identity verification unit passes the authentication of the user.
  7. 根据权利要求6所述的用户域的访问装置,其特征在于,所述第一检测单元具体用于:The access device of the user domain according to claim 6, wherein the first detecting unit is specifically configured to:
    获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或Obtaining the character information input by the user, and determining whether the character information matches the preset character information, and determining that the trigger information is acquired when determining that the character information matches the preset character information; or
    获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。Obtaining information that the user inputs multiple times in succession, and determining whether the information input by the user each time matches the preset information, and determining that the information input by the user each time matches the preset information , determining that the trigger information is obtained.
  8. 根据权利要求6所述的用户域的访问装置,其特征在于,所述身份验证单元包括:The apparatus for accessing a user domain according to claim 6, wherein the identity verification unit comprises:
    第一获取单元,用于获取预定界面上的至少一个解锁元素;a first acquiring unit, configured to acquire at least one unlocking element on a predetermined interface;
    计算单元,用于根据所述至少一个解锁元素,计算所述指定用户域的访问密码;a calculating unit, configured to calculate an access password of the specified user domain according to the at least one unlocking element;
    第二获取单元,用于获取所述用户输入的验证信息;a second obtaining unit, configured to acquire verification information input by the user;
    判断单元,用于判断所述验证信息与所述访问密码是否相匹配;a determining unit, configured to determine whether the verification information matches the access password;
    确定单元,用于在所述判断单元判定所述验证信息与所述访问密码相匹配 时,确定对所述用户的身份验证通过。a determining unit, configured to determine, at the determining unit, that the verification information matches the access password When it is determined, the authentication of the user is passed.
  9. 根据权利要求8所述的用户域的访问装置,其特征在于,所述计算单元具体用于:The access device of the user domain according to claim 8, wherein the calculating unit is specifically configured to:
    确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;Determining a preset password generation rule corresponding to each of the at least one unlocking element;
    根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。The access password is calculated according to the at least one unlocking element and a preset password generating rule corresponding to each of the unlocking elements.
  10. 根据权利要求8或9所述的用户域的访问装置,其特征在于,还包括:The access device of the user domain according to claim 8 or 9, further comprising:
    第二检测单元,用于检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;a second detecting unit, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired;
    所述判断单元,具体用于在所述检测单元确定在所述预定时间内获取到所述验证信息时,判断所述验证信息与所述访问密码是否匹配。The determining unit is specifically configured to determine, when the detecting unit determines that the verification information is acquired within the predetermined time, whether the verification information matches the access password.
  11. 一种移动终端,其特征在于,包括处理器和存储器,所述存储器中存储一组程序代码,且所述处理器用于调用所述存储器中存储的程序代码,用于执行以下操作:A mobile terminal, comprising: a processor and a memory, wherein the memory stores a set of program codes, and the processor is configured to invoke program code stored in the memory for performing the following operations:
    隐藏指定用户域的访问入口;Hide the access entry for the specified user domain;
    检测是否获取到用于触发对所述指定用户域进行访问的触发信息;Detecting whether a trigger information for triggering access to the specified user domain is obtained;
    在确定获取到所述触发信息时,对访问所述指定用户域的用户进行身份验证;When it is determined that the trigger information is obtained, performing identity verification on a user accessing the specified user domain;
    若对所述用户的身份验证通过,则运行所述指定用户域。The specified user domain is run if the authentication of the user is passed.
  12. 根据权利要求11所述的移动终端,其特征在于,所述处理器检测是否获取到用于触发对所述指定用户域进行访问的触发信息的步骤,具体包括:The mobile terminal according to claim 11, wherein the step of detecting, by the processor, the trigger information for triggering access to the specified user domain, specifically includes:
    获取所述用户输入的字符信息,并判断所述字符信息与预设字符信息是否相匹配,当判定所述字符信息与所述预设字符信息相匹配时,确定获取到了所述触发信息;或Obtaining the character information input by the user, and determining whether the character information matches the preset character information, and determining that the trigger information is acquired when determining that the character information matches the preset character information; or
    获取所述用户连续多次输入的信息,并判断所述用户每次输入的信息是否均与预设信息相匹配,当判定所述用户每次输入的信息均与所述预设信息相匹配时,确定获取到了所述触发信息。Obtaining information that the user inputs multiple times in succession, and determining whether the information input by the user each time matches the preset information, and determining that the information input by the user each time matches the preset information , determining that the trigger information is obtained.
  13. 根据权利要求11所述的移动终端,其特征在于,所述处理器对访问所述指定用户域的用户进行身份验证的步骤,具体包括: The mobile terminal according to claim 11, wherein the step of the processor performing identity verification on the user accessing the specified user domain comprises:
    获取预定界面上的至少一个解锁元素,并根据所述至少一个解锁元素,计算所述指定用户域的访问密码;Obtaining at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element;
    获取所述用户输入的验证信息;Obtaining verification information input by the user;
    判断所述验证信息与所述访问密码是否相匹配;Determining whether the verification information matches the access password;
    若判定所述验证信息与所述访问密码相匹配,则确定对所述用户的身份验证通过。If it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
  14. 根据权利要求13所述的移动终端,其特征在于,所述处理器根据所述至少一个解锁元素,计算所述指定用户域的访问密码的步骤,具体包括:The mobile terminal according to claim 13, wherein the step of calculating, by the processor, the access password of the specified user domain according to the at least one unlocking element, specifically includes:
    确定所述至少一个解锁元素中的每个解锁元素对应的预设密码生成规则;Determining a preset password generation rule corresponding to each of the at least one unlocking element;
    根据所述至少一个解锁元素和所述每个解锁元素对应的预设密码生成规则,计算所述访问密码。The access password is calculated according to the at least one unlocking element and a preset password generating rule corresponding to each of the unlocking elements.
  15. 根据权利要求13或14所述的移动终端,其特征在于,所述处理器在判断所述验证信息与所述访问密码是否相匹配的步骤之前,还执行以下操作:The mobile terminal according to claim 13 or 14, wherein the processor further performs the following operations before the step of determining whether the verification information matches the access password:
    检测在获取到所述触发信息之后的预定时间内是否获取到所述验证信息;Detecting whether the verification information is acquired within a predetermined time after the trigger information is acquired;
    若确定在所述预定时间内获取到所述验证信息,则执行所述判断所述验证信息与所述访问密码是否匹配的步骤。 If it is determined that the verification information is acquired within the predetermined time, the step of determining whether the verification information matches the access password is performed.
PCT/CN2016/080617 2016-03-28 2016-04-29 User domain access method, access device, and mobile terminal WO2017166359A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610182256.8A CN105787318B (en) 2016-03-28 2016-03-28 Access method, access mechanism and the mobile terminal of user domain
CN201610182256.8 2016-03-28

Publications (1)

Publication Number Publication Date
WO2017166359A1 true WO2017166359A1 (en) 2017-10-05

Family

ID=56391872

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/080617 WO2017166359A1 (en) 2016-03-28 2016-04-29 User domain access method, access device, and mobile terminal

Country Status (2)

Country Link
CN (1) CN105787318B (en)
WO (1) WO2017166359A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503583B (en) * 2016-10-26 2019-06-14 北京小米移动软件有限公司 The operating method and device that terminal is attended to anything else
CN106548051A (en) * 2016-10-31 2017-03-29 宇龙计算机通信科技(深圳)有限公司 The management method of private visit pattern, managing device and terminal
CN112784245A (en) * 2020-06-05 2021-05-11 环鸿电子(昆山)有限公司 Screen unlocking method of mobile equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103294941A (en) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 Method for accessing private space and mobile device
US20140366114A1 (en) * 2012-03-02 2014-12-11 Tencent Technology (Shenzhen) Company Limited Login Method and Device, Terminal and Network Server
CN104732125A (en) * 2015-01-30 2015-06-24 深圳市中兴移动通信有限公司 Method and terminal for displaying encrypted information
CN105069333A (en) * 2015-08-20 2015-11-18 宇龙计算机通信科技(深圳)有限公司 User domain access method, access system and terminal
CN105160274A (en) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 User data protection method and terminal

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1281025C (en) * 2003-09-08 2006-10-18 赵忠华 Password variable identification verification technique
CN103377352A (en) * 2012-04-16 2013-10-30 上海博路信息技术有限公司 Sliding password unlocking method
CN103809897B (en) * 2012-11-15 2017-06-30 展讯通信(上海)有限公司 Terminal device and its control method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103294941A (en) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 Method for accessing private space and mobile device
US20140366114A1 (en) * 2012-03-02 2014-12-11 Tencent Technology (Shenzhen) Company Limited Login Method and Device, Terminal and Network Server
CN104732125A (en) * 2015-01-30 2015-06-24 深圳市中兴移动通信有限公司 Method and terminal for displaying encrypted information
CN105069333A (en) * 2015-08-20 2015-11-18 宇龙计算机通信科技(深圳)有限公司 User domain access method, access system and terminal
CN105160274A (en) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 User data protection method and terminal

Also Published As

Publication number Publication date
CN105787318B (en) 2018-09-14
CN105787318A (en) 2016-07-20

Similar Documents

Publication Publication Date Title
US9641521B2 (en) Systems and methods for network connected authentication
CN112425114B (en) Password manager protected by public key-private key pair
US8863243B1 (en) Location-based access control for portable electronic device
US20130024932A1 (en) Enhanced security for bluetooth-enabled devices
WO2016106989A1 (en) Multi-system security authentication method, multi-system security authentication apparatus and terminal
WO2014121612A1 (en) Method and device for unlocking screen, and terminal
US20200145421A1 (en) Method for authentication and authorization and authentication server using the same
CN103813334A (en) Right control method and right control device
US11038684B2 (en) User authentication using a companion device
JP2013528857A (en) Password safe input system using password key movement value and password safe input method
US10140445B2 (en) Information processing apparatus and information processing method
WO2015117332A1 (en) Method and device for enabling interface in usb debugging mode, and terminal
WO2019047148A1 (en) Password verification method, terminal, and computer readable storage medium
WO2017166689A1 (en) Privacy protection method and device
TWI739778B (en) The login mechanism of the operating system
US20150047019A1 (en) Information processing method and electronic device
WO2017166359A1 (en) User domain access method, access device, and mobile terminal
AU2020220152A1 (en) Interception-proof authentication and encryption system and method
CN105989269A (en) Unlocking method and device and multi-system terminal
US20120023139A1 (en) Intelligent attached storage
US10009341B1 (en) External keyboard with OTP capability
WO2017071498A1 (en) Identity authentication method and device
WO2016116017A1 (en) Unlocking method and device for touch screen, and locking interface updating method and device for touch screen
CN106936672A (en) The control method and terminal of gas-fired equipment
EP3037997A1 (en) Apparatus, login processing method, and program

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16896137

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16896137

Country of ref document: EP

Kind code of ref document: A1