WO2022194167A1 - File sharing method and device - Google Patents

File sharing method and device Download PDF

Info

Publication number
WO2022194167A1
WO2022194167A1 PCT/CN2022/081009 CN2022081009W WO2022194167A1 WO 2022194167 A1 WO2022194167 A1 WO 2022194167A1 CN 2022081009 W CN2022081009 W CN 2022081009W WO 2022194167 A1 WO2022194167 A1 WO 2022194167A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
user
sharing
propagation
chain data
Prior art date
Application number
PCT/CN2022/081009
Other languages
French (fr)
Chinese (zh)
Inventor
高长寿
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2022194167A1 publication Critical patent/WO2022194167A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • G06F16/275Synchronous replication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Definitions

  • the embodiments of the present application relate to the field of communication technologies, and in particular, to a file sharing method and apparatus.
  • file sharing has become a common business form. Users can spread and share files based on the relationship chain in social applications, such as photo sharing based on friend relationships and document sharing based on coworker relationships.
  • the recipient can download and view the content of the file, and the recipient can also share the file with other recipients in some ways, such as copying and sharing and downloading and uploading Share again later.
  • the above sharing behaviors may lead to the risk that the scope of file sharing will be expanded.
  • the user cannot control the subsequent dissemination and forwarding of the file.
  • the embodiments of the present application provide a file sharing method and apparatus, and the embodiments of the present application provide a technical solution that can be used to control the scope of file sharing, which can prevent files from being spread maliciously or illegally.
  • an embodiment of the present application provides a file sharing method, the file sharing method comprising: in response to a request for sharing a file of a first user with a second user, acquiring the file of the first user;
  • the file includes propagation chain data, and the propagation chain data is data formed by each user through which the file is propagated; a propagation rule is obtained from the propagation chain data, wherein the propagation rule A sharing rule set for each user when sharing a file; using the propagation rule in the file to control the file sharing of the first user to the second user.
  • the file sharing of the first user to the second user can be controlled correspondingly according to the propagation rules set by the user. Therefore, the file sharing method of the embodiment of the present application can be used to control the file sharing scope, and can prevent the file from being spread maliciously or illegally.
  • the propagation rule is to prohibit the second user from tampering with the file. Based on such a design, malicious tampering of files during sharing can be avoided.
  • the propagation rule is to prohibit the second user from sharing files with the third user. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
  • the propagation rule is to limit the number of users who receive the file. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
  • the second user downloads the content of the file and the data of the propagation chain through an application in the user equipment, and saves the content of the file and the data of the propagation chain in a security sandbox.
  • the files stored in the security sandbox can only be accessed by the application to which they belong or other applications authorized by the application, thus ensuring that the files including the transmission chain data are not stolen and tampered with by third-party applications.
  • the application copies the file including the file content and the propagation chain data in the security sandbox. Based on this design, the second user downloads the file containing the propagation chain data, and when the file is copied, the propagation chain data is also copied.
  • the application uploads both the file content and the propagation chain data to the server. Based on this design, the second user uploads the file containing the propagation chain, and when the file is copied, the data of the propagation chain is also uploaded.
  • an embodiment of the present application further provides a file sharing device
  • the file sharing device includes: an obtaining unit configured to obtain the first user's file in response to a request to share a second user's file with the second user.
  • the file of a user wherein the file includes dissemination chain data, and the dissemination chain data is data formed by each user that the file passes through during dissemination;
  • the acquiring unit is further configured to obtain data from the The propagation rules are obtained from the propagation chain data, wherein the propagation rules are the sharing rules set when each user shares files;
  • the control unit is configured to use the propagation rules in the files to control the first The user's file sharing to the second user.
  • the file sharing of the first user to the second user can be controlled correspondingly according to the propagation rules set by the user. Therefore, the file sharing method of the embodiment of the present application can be used to control the file sharing scope, and can prevent the file from being spread maliciously or illegally.
  • control unit is further configured to prohibit the second user from tampering with the file according to the propagation rule. Based on such a design, malicious tampering of files during sharing can be avoided.
  • control unit is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
  • control unit is further configured to limit the number of users who receive the file according to the propagation rule. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
  • the file of the first user when a request to share the file of the first user with the second user is received, the file of the first user can be obtained, and the propagation rules can be obtained from the propagation chain data of the file, and then Then use the propagation rule in the file to control the file sharing of the first user to the second user.
  • the scope of file sharing can be controlled, and files can be prevented from being spread maliciously or illegally.
  • FIG. 1 is a schematic diagram of a file sharing provided by an embodiment of the present application.
  • FIG. 2 is another schematic diagram of file sharing provided by an embodiment of the present application.
  • FIG. 3 is another schematic diagram of file sharing provided by an embodiment of the present application.
  • FIG. 4 is a schematic diagram of a file sharing process provided by an embodiment of the present application.
  • FIG. 5 is a schematic flowchart of a file sharing method provided by an embodiment of the present application.
  • FIG. 6 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
  • FIG. 7 is a schematic flowchart of a file sharing method according to another embodiment according to an embodiment of the present application.
  • FIG. 8 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
  • FIG. 9 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
  • FIG. 10 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
  • FIG. 11 is a schematic structural diagram of a file sharing apparatus according to an embodiment of the present application.
  • FIG. 12 is a schematic structural diagram of another file sharing apparatus provided by an embodiment of the present application.
  • words such as “first” and “second” are only used to distinguish different objects, and cannot be understood as indicating or implying relative importance, nor can they be understood as indicating or implying order.
  • the first application, the second application, etc. are used to distinguish different applications, rather than to describe the specific order of the applications, and the features defined with “first” and “second” may expressly or implicitly include one or more of this feature.
  • Each user can disseminate shared content based on the user's relationship chain. For example, a user publishes his shared content in an application, and other users with a follow relationship can view or acquire the shared content.
  • the sharer can initiate sharing of their own files.
  • the sharer can have two sharing methods, that is, one is to share with everyone, and any user can access the file. The other is to share with a designated user, and the server saves the sharing relationship and authenticates the recipient's authority.
  • the content of the file can be reviewed. And check the risk level of the content of the file, such as whether the content of the file involves pornographic content, terrorist content, violent content and other content that violates the law, and then evaluate the classification or risk level of the file according to the content of the file.
  • the server can block or allow the sharer to share the file according to the rules set according to the risk level of the file. If the server allows the sharer to share the file, the recipient can download or view the file after receiving the share.
  • the server since the content of the file needs to be read when reviewing the content of the file, the server needs to identify the format of the file, so as to determine whether the content of the file contains illegal or illegal content. If the file is the user's personal data, it may be illegally stolen by a third party when shared.
  • the file is encrypted, the contents of the file may not be readable because it cannot be decrypted.
  • the sharer can only control the sharing scope in a limited way when sharing, but cannot control the recipient's secondary spread, especially after the file is tampered with by malicious users.
  • the dissemination chain of the file may be: user 1 ⁇ user 2 ⁇ user 3 ⁇ user 4 and user 1 ⁇ user 2 ⁇ User 5 ⁇ User 6. It can be understood that in the process of sharing a user with other users, each user is given a score and rating. That is, the files can be shared according to the control rules set by the content rating and the user rating.
  • the content of the file is first reviewed to obtain the content rating, and then the content rating and user rating can be combined to calculate the current sharing risk level according to the control rules to determine Whether to allow this sharing.
  • the sharer may be illegally stolen by a third party when sharing, and the content of the file may not be read because it cannot be decrypted.
  • the sharer also cannot effectively control the subsequent dissemination and forwarding of the file.
  • the embodiments of the present application provide a file sharing method, which solves the problem that the sharer cannot control the subsequent dissemination and forwarding of the file, can control the sharing scope of the file, and avoid malicious and illegal dissemination of the file.
  • the file sharing method provided in this embodiment of the present application may be applied to the scenario in which the first user 100 and the second user 200 share based on the server 300 as shown in FIG. 3 .
  • the first user 100 and the second user 200 may use respective user equipments.
  • the user equipment may include, but is not limited to, one or more of the following: a desktop computer, a portable computer, a tablet computer, a personal digital assistant (PDA), a cellular phone, a smart phone, and the like. It can be understood that information and data of the user may be stored on the user equipment.
  • the user requests the interactive interface of the server 300 to communicate, and different users can share information.
  • different devices can communicate with each other.
  • Communication media between devices may include but are not limited to: network connection, such as the Internet, wide area network, local area network; telecommunication communication, such as 2G, 3G, 4G, 5G and other wireless telecommunication communication networks of various generations; near field communication, such as infrared, Bluetooth, etc. .
  • the server 300 may communicate with the user devices of the respective users in order to control the sharing of files among the different users. According to the embodiment of the present application, file sharing between different users may be completed under the control of the server 300 .
  • the first user 100 may initiate file sharing on the user equipment, and the user equipment of the first user 100 may install an application matching the file service.
  • the server 300 may provide related interfaces of file services, such as server-side interfaces such as uploading, downloading, sharing, and copying of files, so as to be invoked by the user equipment.
  • the server 300 may also control sharing risks, such as file content review, user rating, sharing behavior review, and the like.
  • the first user 100 may be the sharer
  • the second user 200 may be the receiver.
  • the user equipment of the first user 100 can send webpage links, text, images, documents, folders, videos, audios, or installed applications to the user equipment of the second user 200 as the files to be shared, so as to realize the communication between the devices. file sharing function.
  • the first user 100 ie the sharer
  • the server 300 can manage the propagation chain data of the file, and generate a propagation node for file sharing, that is, generate a propagation behavior data.
  • the file metadata may be different from the data of the file content.
  • the file metadata may be used to describe the characteristics of the file, such as file size, sha256, file name, file type, and the like.
  • the server 300 will review the file content and the dissemination rules, that is, the server 300 will review the file content and sharing behavior.
  • the propagation rules include propagation rules set by the user and propagation rules configured by the system.
  • the server 300 can perform file sharing control according to the propagation chain data. If it is determined that file sharing is allowed, the server 300 adds the propagation node of the sharing to the propagation chain.
  • the propagation rule is a sharing rule set when each user shares a file.
  • the second user 200 can download the shared file through the APP in the user equipment, the downloaded content includes the propagation chain data of the file, and save the downloaded file and propagation chain data to the security of the system Sandbox.
  • the security sandbox provides a security mechanism to isolate the environment for the executing program.
  • the security sandbox can ensure the security of the system by strictly controlling the resources accessed by the executed programs.
  • the data (data in memory and disk) stored by the application in the security sandbox cannot be directly accessed by other applications.
  • the application needs to copy the propagation chain data of the file while copying the content of the file. If the second user 200 uploads the file to the server 300, the application also needs to upload the propagation chain data together.
  • a file sharing method provided by the embodiment of the present application is described in detail by taking the sharing of the first user 100 and the second user 200 based on the server 300 as an example. As shown in FIG. 5 , the method includes:
  • Step S51 receiving a request for sharing the file of the first user with the second user.
  • the file sharing may be initiated by the first user 100 , that is, the first user 100 may send a file sharing request to the server 300 .
  • the first user 100 may operate its user equipment to share the specified file to the second user 200 .
  • the first user 100 can call the interface of the server 300 on the terminal side to share the file, and can specify a recipient, such as the first user 100, or can share to all users when sharing.
  • the first user 100 may set a propagation rule when sharing.
  • Step S52 acquiring the propagation chain data of the file.
  • dissemination chain data in this embodiment may be data formed by each user that the file passes through during dissemination.
  • the server 300 after receiving the sharing request from the first user 100, the server 300 will acquire the dissemination chain data of the file. It can be understood that the server 300 can obtain necessary data for the propagation chain in the file, such as file metadata, sharer, propagation rules, etc., and supplement these necessary data into the propagation chain data to form a propagation node.
  • dissemination information will be generated during the file sharing process, and may be stored in the dissemination chain.
  • the server when a file is shared by the owner of the file for the first time, the server will generate a propagation behavior data S0, and build a propagation chain C0. That is, C0 contains one-time propagation behavior data S0. Among them, the propagation chain data can be saved in the metadata information of the file. If the recipient of the file shares the file with other users again, this sharing will also generate a propagation behavior data S1, and add S1 to the propagation chain C0, and the new propagation chain will be recorded as C1.
  • the propagation chain Cn+1 contains the propagation behavior data of S0, S1, ..., Sn+1.
  • step S53 sharing control is performed on the file.
  • the server 300 may perform file sharing control according to the propagation chain data.
  • the file sharing control may be the control of the server 300 to block or allow sharing according to the file content, user characteristics, and propagation characteristics, in combination with the rules set by the system and the propagation rules on the propagation chain.
  • the propagation rules can be specified by the sharer when sharing (and saved in the propagation behavior data of the propagation chain), or can be specified by the system configuration (saved in the server).
  • the server 300 may allow the first user 100 to share files with the second user 200 according to the propagation chain data, or the server 300 may prevent the first user 100 from sharing files with the second user 200 according to the propagation chain data
  • the second user 200 performs file sharing.
  • the server 300 performing file sharing control may include:
  • step S71 the content of the file is checked.
  • the server 300 may perform content audit on the content of the file uploaded by the first user 100, so as to obtain the content rating of the file.
  • Step S72 acquiring the propagation chain data from the file.
  • the server 300 can obtain the propagation chain data from the file.
  • step S73 the propagation rules are acquired from the propagation chain data.
  • the server 300 may obtain the propagation rules set by the user in the propagation chain data, for example, the server 300 may obtain the propagation rules set by the first user 100 in the propagation chain data. It is understandable that each user can set a propagation rule when sharing a file.
  • Step S74 check the propagation rules in turn.
  • the server 300 may check these propagation rules in turn, and may perform sharing control according to the propagation rules.
  • the dissemination rule set by the user may be: prohibiting the recipient from tampering with the file (for example, copyright protection).
  • the dissemination rule (P0) when the first user 100 shares a file, it is set in the dissemination rule (P0) that the recipient is prohibited from modifying the file, and the dissemination rule (P0) is stored in the dissemination chain .
  • the second user 200 modifies the file after downloading the file from the server 300, and shares the file with the third user.
  • the server 300 checks according to the propagation chain, and checks that the hash value of the file in the current propagation behavior data S1 is inconsistent with the hash value of the file in the propagation behavior data S0, and the server 300 can It is confirmed that the file has been tampered with, thereby preventing the second user from sharing the file with the third user.
  • the user when a user shares, the user can set the sharing dissemination rules, and the server controls according to the dissemination rules set by the user, thereby protecting its own private data, copyright and other legitimate rights and interests.
  • the propagation rule set by the user may be: secondary sharing is prohibited.
  • the server 300 can prevent this sharing according to the propagation rules on the propagation chain (ie, prohibiting secondary sharing).
  • the embodiments of the present application may limit the operable permissions of the recipient to the shared files, and the foregoing operable permissions may include modification, copying, sharing, downloading, and the like.
  • the spreading rule set by the user may be: limiting the total number of users who receive the file or the number of spreading times.
  • the sharer can limit the number of recipients of the file in the dissemination rule, and the server can obtain the source of the file from the dissemination chain, and obtain it from the dissemination chain or other dissemination chains of the source file.
  • the recipient data of the file, from which the server can derive the total number of recipients of the file When the total number of file recipients exceeds the total number of users receiving files in the propagation rule, the sharing is blocked.
  • the user can control the dissemination scope of the file sharing, which specifically includes the number of recipients, the number of times of dissemination, and the user characteristics of the recipients.
  • the propagation rule set by the system may be: limit the risk level of sharing to be lower than the preset index.
  • the server 300 may perform a comprehensive evaluation according to parameters such as the risk level of the file content, the number of recipients of the transmission, the number of transmissions, the recipient's risk level, and the number of complaints, and then the shared risk level may be obtained. .
  • the content level or risk level of the file can be evaluated according to the content of the file by checking the risk level of the file content, for example, the content that violates the law, such as pornographic content, terrorist content, and violent content. If content auditing of the file is not possible, the default value of the system configuration is used.
  • users on the propagation path can be obtained from the propagation paths of the "violating" files that have occurred, and through the process of sharing these users with other users, the risk level of the receivers can be obtained by evaluating the risks of the users.
  • the server 300 detects that the risk level of the first user 100's sharing is greater than a preset index, the server 300 will prevent the sharing.
  • the embodiment of the present application can use the communication feature to carry out the sharing behavior according to the information in the process of sharing and disseminating the file, such as the source of the file, the sharer, the receiver, the complaint information, etc. control.
  • Step S54 the second user downloads the shared file through the application in the user equipment, and saves the file and the propagation chain data in the security sandbox.
  • the sharer can change the original file into a new file by copying or downloading it first and then re-uploading it as another file. At this time, the transmission chain data is not in the new file. Therefore, in order to prevent the user's files from being tampered with, stolen and maliciously spread, it is necessary to protect the transmission chain data.
  • the second user 200 can download the shared file from the server 300 through an application in his user equipment.
  • the content downloaded by the second user 200 may include the propagation chain data of the file.
  • the second user 200 can save the file and the propagation chain data in the security sandbox of the operating system.
  • the application needs to control the copying of the content of the file and also copy the propagation chain data of the file. If the second user 200 uploads the file to the server 300, the application also needs to upload the file carrying the propagation chain data.
  • the protection mechanism of the security sandbox of the operating system can be used to protect the propagation chain data.
  • the files stored in the security sandbox can only be accessed by the application to which they belong or other applications authorized by the application, thereby ensuring that the files including the transmission chain data are not stolen and tampered with by third-party applications.
  • the second user 200 when the second user 200 downloads and views the file shared by the first user 100 in the user equipment, the second user 200 can operate the application to call the interface of the server 300 to download the file from the server 300 .
  • the server 300 downloads the file shared by the first user 100 .
  • the server 300 transmits the file content and the dissemination chain data to the application, and the application saves the file downloaded from the server 300 in the security sandbox of the system.
  • the file includes file content and propagation chain data.
  • the application When the second user 200 copies a file as a new file, the application also needs to copy the file in the security sandbox, and the copied file includes the file content and the propagation chain data to ensure that the propagation chain data is maintained from the source file to the target file .
  • the application needs to upload both the file content and the dissemination chain data to the server 300, so as to ensure that when the file is copied, the Chain data continues to be retained in this file. It can be understood that if the server 300 copies the file as a new file, it will copy and retain the propagation chain data in the source file.
  • the file transmission chain data can be protected from tampering and loss during the process of downloading, copying, modifying and uploading.
  • FIG. 11 is a schematic structural diagram of a file sharing apparatus disclosed in an embodiment of the present application.
  • the file sharing apparatus 500 may be used to execute some or all of the steps of the file sharing method described in FIG. 3 to FIG. 10 .
  • FIG. 11 please refer to the relevant descriptions in FIG. 3 to FIG. 10 , which will not be repeated here.
  • the file sharing apparatus 500 may be a server.
  • the file sharing apparatus 500 may include: an acquisition unit 501 and a control unit 502 .
  • the obtaining unit 501 is configured to obtain the file of the first user in response to a request to share the file of the first user with the second user.
  • the file includes propagation chain data
  • the propagation chain data is data formed by each user that the file passes through when the file is propagated.
  • the obtaining unit 501 is also configured to obtain propagation rules from the propagation chain data.
  • the dissemination rule is a sharing rule set when the first user shares the file with the second user.
  • the control unit 502 is configured to control file sharing by the first user to the second user using the propagation rules in the file.
  • control unit 502 is further configured to prohibit the second user from tampering with the file according to the propagation rule.
  • control unit 502 is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule.
  • control unit 502 is further configured to limit the number of users who receive the file according to the propagation rule.
  • each module in the above-mentioned file sharing device is only used for illustration. In other embodiments, the file sharing device can be divided into different modules as required to complete all or part of the above-mentioned file sharing device. Function.
  • each unit in the embodiments of the present application may also correspond to the corresponding descriptions of the method embodiments shown in FIG. 3 to FIG. 10 .
  • the file sharing scope can be controlled, and the malicious or illegal spreading of files can be avoided.
  • the file sharing apparatus 500 is presented in the form of a unit.
  • a "unit” here may refer to an application-specific integrated circuit (ASIC), a processor and memory executing one or more software or firmware programs, an integrated logic circuit, and/or other devices that can provide the above-described functions .
  • the acquisition unit 501 and the control unit 502 may be implemented by the processor 601 of the file sharing apparatus shown in FIG. 12 .
  • the file sharing apparatus 600 can be implemented with the structure in FIG. 12 , and the file sharing apparatus 600 includes at least one processor 601 , at least one memory 602 , and at least one communication interface 603 .
  • the processor 601 , the memory 602 and the communication interface 603 may be connected through a communication bus and communicate with each other.
  • the processor 601 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the above programs.
  • CPU central processing unit
  • ASIC application-specific integrated circuit
  • the communication interface 603 is used to communicate with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area network (Wireless Local Area Networks, WLAN) and the like.
  • RAN radio access network
  • WLAN Wireless Local Area Networks
  • the memory 602 may be read-only memory (ROM) or other type of static storage device that can store static information and instructions, random access memory (RAM) or other type of static storage device that can store information and instructions It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or capable of carrying or storing desired program code in the form of instructions or data structures and capable of being executed by a computer Access any other medium without limitation.
  • the memory can exist independently and be connected to the processor through a bus.
  • the memory can also be integrated with the processor.
  • the memory 602 is used for storing the application code for executing the above solution, and the execution is controlled by the processor 601 .
  • the processor 601 is configured to execute the application code stored in the memory 602 .
  • the code stored in the memory 602 can execute part or all of the steps of the file sharing method described in FIG. 3 to FIG. 10 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

Embodiments of the present application relates to the technical field of communications. Disclosed are a file sharing method and device. The file sharing method comprises: in response to a request for sharing a file of a first user to a second user, obtaining the file of the first user, the file comprising propagation chain data, and the propagation chain data being data formed when the file is propagated among users; obtaining propagation rules from the propagation chain data, the propagation rules are sharing rules set by each user for sharing a file; and using the propagation rules in the file to control file sharing of the first user to the second user. Thus, by adoption of the embodiments of the present application, a file sharing range can be controlled to avoid malicious or illegal propagation of the file.

Description

文件分享方法和装置File sharing method and device
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本申请要求于2021年3月18日提交中国专利局、申请号为202110291947.2、申请名称为“文件分享方法和装置”的中国专利的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent with the application number 202110291947.2 and the application title "File Sharing Method and Apparatus" filed with the Chinese Patent Office on March 18, 2021, the entire contents of which are incorporated into this application by reference.
技术领域technical field
本申请实施例涉及通信技术领域,尤其涉及一种文件分享方法和装置。The embodiments of the present application relate to the field of communication technologies, and in particular, to a file sharing method and apparatus.
背景技术Background technique
随着互联网技术的发展,文件分享已经成为一种常见的业务形式,用户可以基于社交类应用中的关系链来传播分享文件,例如基于好友关系的照片分享,基于同事关系的文档分享。With the development of Internet technology, file sharing has become a common business form. Users can spread and share files based on the relationship chain in social applications, such as photo sharing based on friend relationships and document sharing based on coworker relationships.
在实际应用中,文件在被分享给其他用户后,接收者可以下载和阅览该文件的内容,同时接收者还可以通过一些方式将文件再次分享给其他接收者,例如复制后分享以及下载再上传后再次分享。上述这些分享行为可能会导致文件分享范围被扩大的风险。在文件分享后,用户无法控制文件的后续传播和转发。In practical applications, after the file is shared with other users, the recipient can download and view the content of the file, and the recipient can also share the file with other recipients in some ways, such as copying and sharing and downloading and uploading Share again later. The above sharing behaviors may lead to the risk that the scope of file sharing will be expanded. After the file is shared, the user cannot control the subsequent dissemination and forwarding of the file.
发明内容SUMMARY OF THE INVENTION
本申请实施例提供一种文件分享方法和装置,本申请的实施例提出一种可以用于控制文件分享范围的技术方案,可以避免文件被恶意或违规传播。The embodiments of the present application provide a file sharing method and apparatus, and the embodiments of the present application provide a technical solution that can be used to control the scope of file sharing, which can prevent files from being spread maliciously or illegally.
第一方面,本申请的实施例提供一种文件分享方法,所述文件分享方法包括:响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。In a first aspect, an embodiment of the present application provides a file sharing method, the file sharing method comprising: in response to a request for sharing a file of a first user with a second user, acquiring the file of the first user; The file includes propagation chain data, and the propagation chain data is data formed by each user through which the file is propagated; a propagation rule is obtained from the propagation chain data, wherein the propagation rule A sharing rule set for each user when sharing a file; using the propagation rule in the file to control the file sharing of the first user to the second user.
基于这样的设计,可以根据用户设定传播规则,对应控制所述第一用户对所述第二用户的文件分享。由此,本申请的实施例的文件分享方法,可以用于控制文件分享范围,可以避免文件被恶意或违规传播。Based on such a design, the file sharing of the first user to the second user can be controlled correspondingly according to the propagation rules set by the user. Therefore, the file sharing method of the embodiment of the present application can be used to control the file sharing scope, and can prevent the file from being spread maliciously or illegally.
在一种可能的设计中,所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户对文件进行篡改。基于这样的设计,可以避免文件在分享时被恶意地篡改。In a possible design, when the first user shares a file with the second user, the propagation rule is to prohibit the second user from tampering with the file. Based on such a design, malicious tampering of files during sharing can be avoided.
在一种可能的设计中,所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户向第三用户分享文件。基于这样的设计,用户可以控 制文件分享范围,避免被恶意或者违规传播。In a possible design, when the first user shares files with the second user, the propagation rule is to prohibit the second user from sharing files with the third user. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
在一种可能的设计中,所述第一用户在向第二用户进行文件分享时,所述传播规则为限定接收文件的用户数量。基于这样的设计,用户可以控制文件分享范围,避免被恶意或者违规传播。In a possible design, when the first user shares the file with the second user, the propagation rule is to limit the number of users who receive the file. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
在一种可能的设计中,所述第二用户通过用户设备中的应用下载所述文件的内容和传播链数据,将所述文件的内容和传播链数据保存到安全沙箱中。基于这样的设计,保存在安全沙箱中文件,仅限于被其所归属的应用或者该应用授权的其他应用进行访问,由此可以确保包括传播链数据的文件不被第三方应用窃取和篡改。In a possible design, the second user downloads the content of the file and the data of the propagation chain through an application in the user equipment, and saves the content of the file and the data of the propagation chain in a security sandbox. Based on this design, the files stored in the security sandbox can only be accessed by the application to which they belong or other applications authorized by the application, thus ensuring that the files including the transmission chain data are not stolen and tampered with by third-party applications.
在一种可能的设计中,当所述第二用户复制所述文件为一个新文件时,所述应用在所述安全沙箱中复制包括文件内容和所述传播链数据的文件。基于这样的设计,第二用户下载含传播链数据的文件,文件被复制时,传播链数据也被拷贝。In a possible design, when the second user copies the file as a new file, the application copies the file including the file content and the propagation chain data in the security sandbox. Based on this design, the second user downloads the file containing the propagation chain data, and when the file is copied, the propagation chain data is also copied.
在一种可能的设计中,当所述第二用户上传所述新文件至服务器时,所述应用将所述文件内容和所述传播链数据均上传至服务器。基于这样的设计,第二用户上传含传播链的文件,文件被复制时,传播链数据也被上传。In a possible design, when the second user uploads the new file to the server, the application uploads both the file content and the propagation chain data to the server. Based on this design, the second user uploads the file containing the propagation chain, and when the file is copied, the data of the propagation chain is also uploaded.
第二方面,本申请的实施例还提供一种文件分享装置,所述文件分享装置包括:获取单元,被配置为响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;所述获取单元还被配置为从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;控制单元,被配置为使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。In a second aspect, an embodiment of the present application further provides a file sharing device, the file sharing device includes: an obtaining unit configured to obtain the first user's file in response to a request to share a second user's file with the second user. The file of a user; wherein the file includes dissemination chain data, and the dissemination chain data is data formed by each user that the file passes through during dissemination; the acquiring unit is further configured to obtain data from the The propagation rules are obtained from the propagation chain data, wherein the propagation rules are the sharing rules set when each user shares files; the control unit is configured to use the propagation rules in the files to control the first The user's file sharing to the second user.
基于这样的设计,可以根据用户设定传播规则,对应控制所述第一用户对所述第二用户的文件分享。由此,本申请的实施例的文件分享方法,可以用于控制文件分享范围,可以避免文件被恶意或违规传播。Based on such a design, the file sharing of the first user to the second user can be controlled correspondingly according to the propagation rules set by the user. Therefore, the file sharing method of the embodiment of the present application can be used to control the file sharing scope, and can prevent the file from being spread maliciously or illegally.
在一种可能的设计中,所述控制单元还被配置为根据所述传播规则禁止第二用户对文件进行篡改。基于这样的设计,可以避免文件在分享时被恶意地篡改。In a possible design, the control unit is further configured to prohibit the second user from tampering with the file according to the propagation rule. Based on such a design, malicious tampering of files during sharing can be avoided.
在一种可能的设计中,所述控制单元还被配置为根据所述传播规则禁止第二用户向第三用户分享文件。基于这样的设计,用户可以控制文件分享范围,避免被恶意或者违规传播。In a possible design, the control unit is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
在一种可能的设计中,所述控制单元还被配置为根据所述传播规则限定接收文件的用户数量。基于这样的设计,用户可以控制文件分享范围,避免被恶意或者违规传播。In a possible design, the control unit is further configured to limit the number of users who receive the file according to the propagation rule. Based on this design, users can control the scope of file sharing to avoid malicious or illegal spread.
本申请实施例中,在接收到响应于将第一用户的文件分享给第二用户的请求时,可以获取所述第一用户的文件,并可以从文件的传播链数据中获取传播规则,然后再使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。这样,可以控制文件分享的范围,可以避免文件被恶意或违规 传播。In this embodiment of the present application, when a request to share the file of the first user with the second user is received, the file of the first user can be obtained, and the propagation rules can be obtained from the propagation chain data of the file, and then Then use the propagation rule in the file to control the file sharing of the first user to the second user. In this way, the scope of file sharing can be controlled, and files can be prevented from being spread maliciously or illegally.
附图说明Description of drawings
图1为本申请实施例提供的一种文件分享的示意图。FIG. 1 is a schematic diagram of a file sharing provided by an embodiment of the present application.
图2为本申请实施例提供的文件分享的另一示意图。FIG. 2 is another schematic diagram of file sharing provided by an embodiment of the present application.
图3为本申请实施例提供的文件分享的另一示意图。FIG. 3 is another schematic diagram of file sharing provided by an embodiment of the present application.
图4为本申请实施例提供的文件分享过程的示意图。FIG. 4 is a schematic diagram of a file sharing process provided by an embodiment of the present application.
图5为本申请实施例提供的一种文件分享方法的流程示意图。FIG. 5 is a schematic flowchart of a file sharing method provided by an embodiment of the present application.
图6为本申请实施例提供的另一种文件分享过程的示意图。FIG. 6 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
图7为本申请实施例提供的另一实施例的文件分享方法的流程示意图。FIG. 7 is a schematic flowchart of a file sharing method according to another embodiment according to an embodiment of the present application.
图8为本申请实施例提供的另一种文件分享过程的示意图。FIG. 8 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
图9为本申请实施例提供的另一种文件分享过程的示意图。FIG. 9 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
图10为本申请实施例提供的另一种文件分享过程的示意图。FIG. 10 is a schematic diagram of another file sharing process provided by an embodiment of the present application.
图11为本申请实施例提供的一种文件分享装置的结构示意图。FIG. 11 is a schematic structural diagram of a file sharing apparatus according to an embodiment of the present application.
图12为本申请实施例提供的另一种文件分享装置的结构示意图。FIG. 12 is a schematic structural diagram of another file sharing apparatus provided by an embodiment of the present application.
主要元件符号说明Description of main component symbols
第一用户              100 First user 100
第二用户              200 Second user 200
服务器                300 Server 300
文件分享装置          500、600 File sharing device 500, 600
获取单元              501Get unit 501
控制单元              502 Control unit 502
处理器                601 Processor 601
存储器                602 Memory 602
通信接口              603 Communication interface 603
如下具体实施方式将结合上述附图进一步详细说明本申请。The following specific embodiments will further describe the present application in detail with reference to the above drawings.
具体实施方式Detailed ways
为使本申请实施例的目的、技术方案和优点更加清楚,下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be described clearly and completely below with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of the present application, but not all of the embodiments.
本申请实施例中,“第一”、“第二”等词汇,仅用于区别不同的对象,不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。例如,第 一应用、第二应用等是用于区别不同的应用,而不是用于描述应用的特定顺序,限定有“第一”、“第二”的特征可以明示或者隐含地包括一个或者更多个该特征。In the embodiments of this application, words such as "first" and "second" are only used to distinguish different objects, and cannot be understood as indicating or implying relative importance, nor can they be understood as indicating or implying order. For example, the first application, the second application, etc. are used to distinguish different applications, rather than to describe the specific order of the applications, and the features defined with "first" and "second" may expressly or implicitly include one or more of this feature.
每个用户可以基于用户的关系链传播分享内容,例如,一个用户将自己的分享内容发布在某个应用中,可以由具有关注关系的其他用户来查看或者获取该分享内容。Each user can disseminate shared content based on the user's relationship chain. For example, a user publishes his shared content in an application, and other users with a follow relationship can view or acquire the shared content.
如图1所示,在一些可能的场景中,分享者可以将自己的文件发起分享。As shown in Figure 1, in some possible scenarios, the sharer can initiate sharing of their own files.
可以理解,分享者可以有两种分享方式,即一种为分享给所有人,任何用户均可访问该文件。另一种为指定用户分享,由服务器保存分享关系,并对接收者进行权限鉴定。It can be understood that the sharer can have two sharing methods, that is, one is to share with everyone, and any user can access the file. The other is to share with a designated user, and the server saves the sharing relationship and authenticates the recipient's authority.
具体而言,在服务器收到分享请求后,可以审核该文件内容。并检查该文件内容的风险程度,例如该文件的内容是否涉及色情内容、恐怖内容、暴力内容等触犯法律的内容,然后再根据文件的内容评估出文件的分级或者风险等级。Specifically, after the server receives the sharing request, the content of the file can be reviewed. And check the risk level of the content of the file, such as whether the content of the file involves pornographic content, terrorist content, violent content and other content that violates the law, and then evaluate the classification or risk level of the file according to the content of the file.
由此,服务器可以根据文件的风险等级而设定的规则来阻止或允许该分享者进行文件分享。若该服务器允许该分享者进行文件分享,则该接收者收到分享后即可下载或阅览该文件。Thus, the server can block or allow the sharer to share the file according to the rules set according to the risk level of the file. If the server allows the sharer to share the file, the recipient can download or view the file after receiving the share.
在图1所示的应用场景中,由于对文件内容审核时需要读取文件的内容,服务器需要识别出文件的格式,以便判断文件的内容是否存在违法违规内容。若文件是用户的个人数据,则分享时可能会被第三方不合法窃取。In the application scenario shown in FIG. 1 , since the content of the file needs to be read when reviewing the content of the file, the server needs to identify the format of the file, so as to determine whether the content of the file contains illegal or illegal content. If the file is the user's personal data, it may be illegally stolen by a third party when shared.
若文件被加密,则文件的内容可能因无法解密而无法被读取。由此分享者只能在分享时有限的控制分享范围,却无法控制接受者的二次传播,尤其是被恶意用户对文件进行篡改后传播。If the file is encrypted, the contents of the file may not be readable because it cannot be decrypted. As a result, the sharer can only control the sharing scope in a limited way when sharing, but cannot control the recipient's secondary spread, especially after the file is tampered with by malicious users.
在另一种可能的场景中,如图2中所示,当用户201分享一个文件后,该文件的传播链可以为:用户1→用户2→用户3→用户4和用户1→用户2→用户5→用户6。可以理解,在用户分享给其他用户的过程中,给各个用户进行打分评级。即可以根据内容分级和用户分级所设定的控制规则来对文件进行分享。In another possible scenario, as shown in FIG. 2 , after the user 201 shares a file, the dissemination chain of the file may be: user 1 → user 2 → user 3 → user 4 and user 1 → user 2 → User 5 → User 6. It can be understood that in the process of sharing a user with other users, each user is given a score and rating. That is, the files can be shared according to the control rules set by the content rating and the user rating.
举例说明,当一个用户分享某个文件时,先对文件的内容进行内容审核,以得到内容的分级,然后可以结合内容分级和用户分级,再根据控制规则计算出当前分享的风险等级,以确定是否允许本次分享。For example, when a user shares a file, the content of the file is first reviewed to obtain the content rating, and then the content rating and user rating can be combined to calculate the current sharing risk level according to the control rules to determine Whether to allow this sharing.
若一个用户曾经分享过的违规内容越多并且传播范围越广,那么该用户的风险评分就越高,则对该用户的分享控制就越严格。If a user has shared more illegal content and the spread is wider, the user's risk score will be higher, and the user's sharing control will be stricter.
在图2所示的应用场景中,分享者分享时可能会被第三方不合法窃取,文件的内容可能因无法解密而无法被读取,分享者同样无法有效的控制文件的后续传播和转发。In the application scenario shown in Figure 2, the sharer may be illegally stolen by a third party when sharing, and the content of the file may not be read because it cannot be decrypted. The sharer also cannot effectively control the subsequent dissemination and forwarding of the file.
为此,本申请的实施例提供一种文件分享方法,解决了分享者无法控制文件的后续传播和转发的问题,可以控制文件的分享范围,避免文件被恶意和违规的传播。To this end, the embodiments of the present application provide a file sharing method, which solves the problem that the sharer cannot control the subsequent dissemination and forwarding of the file, can control the sharing scope of the file, and avoid malicious and illegal dissemination of the file.
本申请实施例提供的文件分享方法可以应用于如图3所示的第一用户100和第二用户200基于服务器300进行分享的场景。The file sharing method provided in this embodiment of the present application may be applied to the scenario in which the first user 100 and the second user 200 share based on the server 300 as shown in FIG. 3 .
在图3所示的场景中,第一用户100和第二用户200可以使用各自的用户设备。可以理解,用户设备可以是包括但不限于以下一个或多个:桌面计算机、便携式计算机、平板式计算机、个人数字助理(PDA)、蜂窝电话和智能电话等。可以理解,用户设备上可以存储有用户的信息和数据。In the scenario shown in FIG. 3 , the first user 100 and the second user 200 may use respective user equipments. It will be appreciated that the user equipment may include, but is not limited to, one or more of the following: a desktop computer, a portable computer, a tablet computer, a personal digital assistant (PDA), a cellular phone, a smart phone, and the like. It can be understood that information and data of the user may be stored on the user equipment.
用户请求服务器300的交互接口进行通信,不同的用户之间可以分享信息。为此,不同的设备之间可以彼此通信。设备之间的通信介质可以包括但不限于:网络连接,例如因特网、广域网、局域网;电信通信,例如2G、3G、4G、5G等各代无线电信通信网络;近场通信,例如红外、蓝牙等。The user requests the interactive interface of the server 300 to communicate, and different users can share information. For this purpose, different devices can communicate with each other. Communication media between devices may include but are not limited to: network connection, such as the Internet, wide area network, local area network; telecommunication communication, such as 2G, 3G, 4G, 5G and other wireless telecommunication communication networks of various generations; near field communication, such as infrared, Bluetooth, etc. .
在一个实施例中,服务器300可以与各个用户的用户设备通信,以便控制文件在不同用户之间的分享。根据本申请的实施例,不同用户之间的文件分享可以在所述服务器300的控制下完成。In one embodiment, the server 300 may communicate with the user devices of the respective users in order to control the sharing of files among the different users. According to the embodiment of the present application, file sharing between different users may be completed under the control of the server 300 .
如图3所示,第一用户100可以在用户设备上发起文件分享,第一用户100的用户设备可以安装和文件服务相配的应用。所述服务器300可以提供文件服务的相关接口,例如文件的上传、下载、分享、复制等服务器侧接口,以提供给用户设备调用。As shown in FIG. 3 , the first user 100 may initiate file sharing on the user equipment, and the user equipment of the first user 100 may install an application matching the file service. The server 300 may provide related interfaces of file services, such as server-side interfaces such as uploading, downloading, sharing, and copying of files, so as to be invoked by the user equipment.
所述服务器300还可以进行分享风险的控制,例如文件内容审核、用户分级、分享行为审核等。The server 300 may also control sharing risks, such as file content review, user rating, sharing behavior review, and the like.
在一个实施例中,第一用户100可以作为分享者,第二用户200可以作为接收者。例如,第一用户100的用户设备可以将网页链接、文字、图像、文档、文件夹、视频、音频或者安装的应用等作为待分享的文件发送给第二用户200的用户设备,以实现设备之间的文件分享功能。In one embodiment, the first user 100 may be the sharer, and the second user 200 may be the receiver. For example, the user equipment of the first user 100 can send webpage links, text, images, documents, folders, videos, audios, or installed applications to the user equipment of the second user 200 as the files to be shared, so as to realize the communication between the devices. file sharing function.
举例说明,如图4所示,第一用户100(即分享者)可以通过用户设备的应用(APP)调用服务器300的接口,以发起文件分享,并可以在文件分享时设定文件的传播规则,即第一用户100上传附带有传播规则的文件到所述服务器300。所述服务器300可以管理文件的传播链数据,为文件分享生成一个传播节点,即生成一次传播行为数据,其中,该传播节点可以包括传播规则、文件元数据、分享者等进行分享控制的信息。For example, as shown in FIG. 4 , the first user 100 (ie the sharer) can call the interface of the server 300 through the application (APP) of the user equipment to initiate file sharing, and can set the propagation rules of the file during file sharing , that is, the first user 100 uploads a file with propagation rules to the server 300 . The server 300 can manage the propagation chain data of the file, and generate a propagation node for file sharing, that is, generate a propagation behavior data.
可以理解,本实施例中,文件元数据可以区别于文件内容的数据。在一些可能实现的场景中,所述文件元数据可以用于描述文件的特征,例如文件大小、sha256、文件名、文件类型等。It can be understood that, in this embodiment, the file metadata may be different from the data of the file content. In some possible implementation scenarios, the file metadata may be used to describe the characteristics of the file, such as file size, sha256, file name, file type, and the like.
可以理解,所述服务器300将会对文件内容和传播规则进行审核,即所述服务器300审核该文件内容和分享行为。It can be understood that the server 300 will review the file content and the dissemination rules, that is, the server 300 will review the file content and sharing behavior.
其中,传播规则包括用户设置的传播规则和***配置的传播规则。由此,所述服务器300可以根据传播链数据进行文件分享控制。若确定允许文件分享,则所述服务器300将该次分享的传播节点补充到传播链中。The propagation rules include propagation rules set by the user and propagation rules configured by the system. Thus, the server 300 can perform file sharing control according to the propagation chain data. If it is determined that file sharing is allowed, the server 300 adds the propagation node of the sharing to the propagation chain.
可以理解,所述传播规则为每个用户分享文件时所设定的分享规则。It can be understood that the propagation rule is a sharing rule set when each user shares a file.
在一些可能的实现方式中,第二用户200可以通过用户设备中的APP下载被分享的文件,下载的内容中包括文件的传播链数据,并将下载的文件和传播链数据保存到***的安全沙箱(Sandbox)。In some possible implementation manners, the second user 200 can download the shared file through the APP in the user equipment, the downloaded content includes the propagation chain data of the file, and save the downloaded file and propagation chain data to the security of the system Sandbox.
可以理解,安全沙箱为执行中的程序提供隔离环境的一种安全机制。安全沙箱可以通过严格控制执行的程序所访问的资源,以确保***的安全,应用在安全沙箱中存储的数据(内存及磁盘中的数据),其他应用无法直接访问。It can be understood that the security sandbox provides a security mechanism to isolate the environment for the executing program. The security sandbox can ensure the security of the system by strictly controlling the resources accessed by the executed programs. The data (data in memory and disk) stored by the application in the security sandbox cannot be directly accessed by other applications.
在第二用户200的用户设备中,若第二用户200复制文件,则需要在复制文件内容的同时,应用还需要复制文件的传播链数据。若第二用户200上传文件到所述服务器300,则应用也需要携带传播链数据一起上传。In the user equipment of the second user 200, if the second user 200 copies the file, the application needs to copy the propagation chain data of the file while copying the content of the file. If the second user 200 uploads the file to the server 300, the application also needs to upload the propagation chain data together.
以下实施例中以第一用户100和第二用户200基于服务器300进行分享为例,详细阐述本申请实施例提供的一种文件分享方法,如图5所示,该方法包括:In the following embodiments, a file sharing method provided by the embodiment of the present application is described in detail by taking the sharing of the first user 100 and the second user 200 based on the server 300 as an example. As shown in FIG. 5 , the method includes:
步骤S51,接收将第一用户的文件分享给第二用户的请求。Step S51, receiving a request for sharing the file of the first user with the second user.
在一个实施例中,文件的分享可以由所述第一用户100发起,即所述第一用户100可以将文件分享请求发送给所述服务器300。例如,所述第一用户100可以操作其用户设备,以将指定的文件分享给所述第二用户200。In one embodiment, the file sharing may be initiated by the first user 100 , that is, the first user 100 may send a file sharing request to the server 300 . For example, the first user 100 may operate its user equipment to share the specified file to the second user 200 .
具体地,所述第一用户100可以在终端侧调用所述服务器300的接口,以对文件进行分享,其中分享时可以指定接收者,例如第一用户100,或者可以分享给所有用户。所述第一用户100在进行分享时可以设置传播规则。Specifically, the first user 100 can call the interface of the server 300 on the terminal side to share the file, and can specify a recipient, such as the first user 100, or can share to all users when sharing. The first user 100 may set a propagation rule when sharing.
步骤S52,获取文件的传播链数据。Step S52, acquiring the propagation chain data of the file.
可以理解,本实施例中的所述传播链数据可以是所述文件在进行传播时所经过的各个用户所形成的数据。It can be understood that the dissemination chain data in this embodiment may be data formed by each user that the file passes through during dissemination.
在一个实施例中,所述服务器300在接收到所述第一用户100的分享请求后,将会获取文件的传播链数据。可以理解,所述服务器300可以获取文件中用于传播链的必要数据,例如文件的元数据、分享者、传播规则等,并将这些必要数据补充到传播链数据中,形成一个传播节点。In one embodiment, after receiving the sharing request from the first user 100, the server 300 will acquire the dissemination chain data of the file. It can be understood that the server 300 can obtain necessary data for the propagation chain in the file, such as file metadata, sharer, propagation rules, etc., and supplement these necessary data into the propagation chain data to form a propagation node.
可以理解,本申请实施例中,文件在分享的过程中将会产生传播信息,并可以保存在传播链中。It can be understood that, in the embodiments of the present application, dissemination information will be generated during the file sharing process, and may be stored in the dissemination chain.
举例说明,如图6所示,当一个文件首次被该文件的所有者分享时,服务器将会生成一次传播行为数据S0,并构建一个传播链C0。即C0中包含有一次传播行为数据S0。其中,传播链数据可以保存在文件的元数据信息中。若文件的接收者再次将文件分享给其他用户,这一次的分享也将会生成一次传播行为数据S1,并将S1加入到传播链C0中,新的传播链记做C1。以此类推,当文件被第n个接收者分享给第n+1个接收者时,将得到传播链Cn+1,即Cn+1=Cn+Sn+1。传播链Cn+1中包含了S0,S1,…,Sn+1这些传播行为数据。For example, as shown in Figure 6, when a file is shared by the owner of the file for the first time, the server will generate a propagation behavior data S0, and build a propagation chain C0. That is, C0 contains one-time propagation behavior data S0. Among them, the propagation chain data can be saved in the metadata information of the file. If the recipient of the file shares the file with other users again, this sharing will also generate a propagation behavior data S1, and add S1 to the propagation chain C0, and the new propagation chain will be recorded as C1. By analogy, when the file is shared by the nth recipient to the n+1th recipient, a propagation chain Cn+1 will be obtained, that is, Cn+1=Cn+Sn+1. The propagation chain Cn+1 contains the propagation behavior data of S0, S1, ..., Sn+1.
步骤S53,对文件进行分享控制。In step S53, sharing control is performed on the file.
在一个实施例中,所述服务器300可以根据传播链数据进行文件分享控制。In one embodiment, the server 300 may perform file sharing control according to the propagation chain data.
可以理解,文件分享控制可以为所述服务器300根据文件内容、用户特征、传播特征,并结合***设置的规则和传播链上的传播规则,对分享进行阻止或者允许的控制。其中,传播规则可以由分享者在分享时指定(并保存于传播链的传播行为数据中),也可以由***配置指定(保存在服务器中)。It can be understood that the file sharing control may be the control of the server 300 to block or allow sharing according to the file content, user characteristics, and propagation characteristics, in combination with the rules set by the system and the propagation rules on the propagation chain. Among them, the propagation rules can be specified by the sharer when sharing (and saved in the propagation behavior data of the propagation chain), or can be specified by the system configuration (saved in the server).
举例说明,所述服务器300可以根据传播链数据允许所述第一用户100向 所述第二用户200进行文件分享,或者所述服务器300可以根据传播链数据阻止所述第一用户100向所述第二用户200进行文件分享。For example, the server 300 may allow the first user 100 to share files with the second user 200 according to the propagation chain data, or the server 300 may prevent the first user 100 from sharing files with the second user 200 according to the propagation chain data The second user 200 performs file sharing.
请一并参阅图7,其为步骤S53的细化流程示意图。本申请的一个实施例中,所述服务器300对文件进行分享控制可以包括:Please also refer to FIG. 7 , which is a schematic diagram of the refinement process of step S53 . In an embodiment of the present application, the server 300 performing file sharing control may include:
步骤S71,对文件的内容进行审核。In step S71, the content of the file is checked.
所述服务器300可以对所述第一用户100上传的文件的内容进行内容审核,从而得到文件的内容分级。The server 300 may perform content audit on the content of the file uploaded by the first user 100, so as to obtain the content rating of the file.
步骤S72,从文件中获取传播链数据。Step S72, acquiring the propagation chain data from the file.
举例说明,当所述第一用户100上传文件到所述服务器300时,所述服务器300可以从文件中获取传播链数据。For example, when the first user 100 uploads a file to the server 300, the server 300 can obtain the propagation chain data from the file.
步骤S73,从传播链数据中获取传播规则。In step S73, the propagation rules are acquired from the propagation chain data.
在一个实施例中,所述服务器300可以获取传播链数据中用户所设定的传播规则,例如,所述服务器300可以获取传播链数据中所述第一用户100所设定的传播规则。可以理解,每个用户在分享文件时都可以设定该次分享时的传播规则。In one embodiment, the server 300 may obtain the propagation rules set by the user in the propagation chain data, for example, the server 300 may obtain the propagation rules set by the first user 100 in the propagation chain data. It is understandable that each user can set a propagation rule when sharing a file.
步骤S74,依次检查传播规则。Step S74, check the propagation rules in turn.
在一个实施例中,所述服务器300可以依次检查这些传播规则,并可以根据传播规则进行分享控制。In one embodiment, the server 300 may check these propagation rules in turn, and may perform sharing control according to the propagation rules.
可以理解,在一种可能的应用场景中,用户设置的传播规则可以为:禁止接收者对文件进行篡改(例如著作权保护)。It can be understood that, in a possible application scenario, the dissemination rule set by the user may be: prohibiting the recipient from tampering with the file (for example, copyright protection).
举例说明,如图8所示,所述第一用户100在进行文件分享时,在传播规则(P0)中设定禁止接收者对文件进行修改,并且该传播规则(P0)保存在传播链中。此时,第二用户200从所述服务器300下载文件后对该文件进行修改,并将该文件分享给第三用户。For example, as shown in FIG. 8 , when the first user 100 shares a file, it is set in the dissemination rule (P0) that the recipient is prohibited from modifying the file, and the dissemination rule (P0) is stored in the dissemination chain . At this time, the second user 200 modifies the file after downloading the file from the server 300, and shares the file with the third user.
此时,所述服务器300根据传播链进行检查,并检查到当前传播行为数据S1中文件的哈希(Hash)值和传播行为数据S0中文件的哈希值不一致,此时所述服务器300可以确认文件已经被篡改,从而可以阻止第二用户将该文件分享给第三用户。At this time, the server 300 checks according to the propagation chain, and checks that the hash value of the file in the current propagation behavior data S1 is inconsistent with the hash value of the file in the propagation behavior data S0, and the server 300 can It is confirmed that the file has been tampered with, thereby preventing the second user from sharing the file with the third user.
采用这样的设计,在用户进行分享时,用户可以设定分享的传播规则,服务器根据用户设定的传播规则进行控制,从而保护自身的隐私数据、著作权等合法权益。With such a design, when a user shares, the user can set the sharing dissemination rules, and the server controls according to the dissemination rules set by the user, thereby protecting its own private data, copyright and other legitimate rights and interests.
可以理解,在一种可能的应用场景中,用户设置的传播规则可以为:禁止二次分享。It can be understood that, in a possible application scenario, the propagation rule set by the user may be: secondary sharing is prohibited.
举例说明,所述第一用户100在进行文件分享时,在传播规则中设定仅被分享的用户对文件可见,并限制接收者将文件再次分享,可以在分享时设定禁止二次分享。接着,当所述第二用户200再次分享该文件时,所述服务器300可以根据传播链上的传播规则(即禁止二次分享)阻止此次分享。For example, when the first user 100 is sharing a file, it is set in the dissemination rule that only the shared user can see the file, and the recipient is restricted from sharing the file again, and the second sharing can be prohibited when sharing. Then, when the second user 200 shares the file again, the server 300 can prevent this sharing according to the propagation rules on the propagation chain (ie, prohibiting secondary sharing).
可以理解,本申请的实施例可以限制接收者对分享文件的可操作的权限,并且上述可操作的权限可以包括修改、复制、分享、下载等。It can be understood that the embodiments of the present application may limit the operable permissions of the recipient to the shared files, and the foregoing operable permissions may include modification, copying, sharing, downloading, and the like.
在一种可能的应用场景中,用户设置的传播规则可以为:限定接收文件的总用户数或者传播次数。In a possible application scenario, the spreading rule set by the user may be: limiting the total number of users who receive the file or the number of spreading times.
举例说明,如图9所示,分享者可以在传播规则上限定文件的可接收者的数量,服务器可以从传播链上获取文件的来源,并从该传播链或者源文件的其他传播链上获取文件的接收者数据,由此所述服务器可以得出文件接收者的总数量。当文件接收者的总数量超过传播规则中接收文件的总用户数时,则阻止该分享。For example, as shown in Figure 9, the sharer can limit the number of recipients of the file in the dissemination rule, and the server can obtain the source of the file from the dissemination chain, and obtain it from the dissemination chain or other dissemination chains of the source file. The recipient data of the file, from which the server can derive the total number of recipients of the file. When the total number of file recipients exceeds the total number of users receiving files in the propagation rule, the sharing is blocked.
由此,在上述场景中,用户可以控制文件分享的传播范围,具体包括接收者数量、传播次数以及接收者的用户特征等。Therefore, in the above scenario, the user can control the dissemination scope of the file sharing, which specifically includes the number of recipients, the number of times of dissemination, and the user characteristics of the recipients.
可以理解,在一种可能的应用场景中,***设置的传播规则可以为:限定分享的风险等级低于预设指标。It can be understood that, in a possible application scenario, the propagation rule set by the system may be: limit the risk level of sharing to be lower than the preset index.
本申请的一个实施例中,所述服务器300可以根据文件内容的风险等级、传播的接收者数量、传播次数、接收者风险等级、投诉的次数等参数进行综合评估,进而可以得到分享的风险等级。In an embodiment of the present application, the server 300 may perform a comprehensive evaluation according to parameters such as the risk level of the file content, the number of recipients of the transmission, the number of transmissions, the recipient's risk level, and the number of complaints, and then the shared risk level may be obtained. .
可以理解,本申请实施例可以通过检查文件内容的风险程度,例如涉及黄色内容、恐怖内容、暴力内容等触犯法律的内容,根据文件的内容评估出文件的内容分级或者风险等级。若无法对文件进行内容审核,则使用***配置的默认值。本申请实施例可以从出现过的“违规”文件的传播路径中获取传播路径上的用户,并通过这些用户的分享给其他用户的过程,对用户风险评估来得到接收者风险等级。It can be understood that in this embodiment of the present application, the content level or risk level of the file can be evaluated according to the content of the file by checking the risk level of the file content, for example, the content that violates the law, such as pornographic content, terrorist content, and violent content. If content auditing of the file is not possible, the default value of the system configuration is used. In this embodiment of the present application, users on the propagation path can be obtained from the propagation paths of the "violating" files that have occurred, and through the process of sharing these users with other users, the risk level of the receivers can be obtained by evaluating the risks of the users.
例如,当所述第一用户100将要分享文件时,若所述服务器300检测出所述第一用户100的分享的风险等级大于预设指标时,所述服务器300将会阻止此次分享。For example, when the first user 100 is about to share a file, if the server 300 detects that the risk level of the first user 100's sharing is greater than a preset index, the server 300 will prevent the sharing.
采用这样的设计,当无法审核文件的内容时,本申请实施例可以根据文件在分享传播过程中的信息,如文件的来源、分享者、接收者、投诉信息等,使用传播特征对分享行为进行控制。With such a design, when the content of the file cannot be reviewed, the embodiment of the present application can use the communication feature to carry out the sharing behavior according to the information in the process of sharing and disseminating the file, such as the source of the file, the sharer, the receiver, the complaint information, etc. control.
步骤S54,第二用户通过用户设备中的应用下载被分享的文件,并将文件和传播链数据保存到安全沙箱中。Step S54, the second user downloads the shared file through the application in the user equipment, and saves the file and the propagation chain data in the security sandbox.
可以理解,分享者可以通过复制或者先下载再重新上传为另一个文件,以将原有的文件变成新文件,此时传播链数据并不在新文件中。由此,若要避免用户的文件不被篡改、窃取和恶意传播,则需要对传播链数据进行保护。It is understandable that the sharer can change the original file into a new file by copying or downloading it first and then re-uploading it as another file. At this time, the transmission chain data is not in the new file. Therefore, in order to prevent the user's files from being tampered with, stolen and maliciously spread, it is necessary to protect the transmission chain data.
当所述服务器300确认允许所述第一用户100的文件分享时,所述第二用户200可以通过其用户设备中的应用,从所述服务器300下载被分享的文件。其中,所述第二用户200下载的内容可以包括文件的传播链数据。由此,所述第二用户200可以将文件和传播链数据保存至操作***的安全沙箱中。When the server 300 confirms that the file sharing of the first user 100 is allowed, the second user 200 can download the shared file from the server 300 through an application in his user equipment. Wherein, the content downloaded by the second user 200 may include the propagation chain data of the file. Thus, the second user 200 can save the file and the propagation chain data in the security sandbox of the operating system.
可以理解,若所述第二用户200复制文件,则应用需要控制在复制文件内容的同时,还需要复制文件的传播链数据。若所述第二用户200上传文件到所述服务器300,则应用也需要将携带传播链数据的文件上传。It can be understood that if the second user 200 copies the file, the application needs to control the copying of the content of the file and also copy the propagation chain data of the file. If the second user 200 uploads the file to the server 300, the application also needs to upload the file carrying the propagation chain data.
本实施例中,当所述第二用户200下载被分享的文件时,操作***的安全沙箱的保护机制可以用来对传播链数据进行保护。In this embodiment, when the second user 200 downloads the shared file, the protection mechanism of the security sandbox of the operating system can be used to protect the propagation chain data.
可以理解,保存在安全沙箱中文件,仅限于被其所归属的应用或者该应用授权的其他应用进行访问,由此可以确保包括传播链数据的文件不被第三方应用窃取和篡改。It can be understood that the files stored in the security sandbox can only be accessed by the application to which they belong or other applications authorized by the application, thereby ensuring that the files including the transmission chain data are not stolen and tampered with by third-party applications.
举例说明,如图10所示,当第二用户200在用户设备中下载查看第一用户100分享的文件时,所述第二用户200可以操作该应用来调用所述服务器300的接口,以从所述服务器300中下载所述第一用户100分享的文件。所述服务器300将文件内容和传播链数据传输给该应用,该应用将从所述服务器300下载到的文件保存到***的安全沙箱中。可以理解,该文件包括文件内容和传播链数据。For example, as shown in FIG. 10 , when the second user 200 downloads and views the file shared by the first user 100 in the user equipment, the second user 200 can operate the application to call the interface of the server 300 to download the file from the server 300 . The server 300 downloads the file shared by the first user 100 . The server 300 transmits the file content and the dissemination chain data to the application, and the application saves the file downloaded from the server 300 in the security sandbox of the system. It will be appreciated that the file includes file content and propagation chain data.
当第二用户200复制一个文件为新文件时,该应用还需要在该安全沙箱中复制该文件,复制的文件中包括文件内容和传播链数据,确保传播链数据从源文件维持到目标文件。当第二用户200将复制的新文件上传到所述服务器300时,该应用需要将文件内容和传播链数据均上传到所述服务器300,由此来确保在该文件被复制的情况下,传播链数据继续被保留在该文件中。可以理解,若所述服务器300复制该文件为一个新文件时,将复制并保留源文件中的传播链数据。When the second user 200 copies a file as a new file, the application also needs to copy the file in the security sandbox, and the copied file includes the file content and the propagation chain data to ensure that the propagation chain data is maintained from the source file to the target file . When the second user 200 uploads the copied new file to the server 300, the application needs to upload both the file content and the dissemination chain data to the server 300, so as to ensure that when the file is copied, the Chain data continues to be retained in this file. It can be understood that if the server 300 copies the file as a new file, it will copy and retain the propagation chain data in the source file.
基于这样的设计,通过***的安全沙箱机制,可以保护文件在下载、复制、修改和上传过程中,文件的传播链数据不被篡改和丢失。Based on this design, through the security sandbox mechanism of the system, the file transmission chain data can be protected from tampering and loss during the process of downloading, copying, modifying and uploading.
请参阅图11,图11是本申请实施例公开的一种文件分享装置的结构示意图。其中,该文件分享装置500可以用于执行图3至图10中所描述的文件分享方法的部分或全部步骤,具体请参见图3至图10中的相关描述,在此不再赘述。Please refer to FIG. 11. FIG. 11 is a schematic structural diagram of a file sharing apparatus disclosed in an embodiment of the present application. The file sharing apparatus 500 may be used to execute some or all of the steps of the file sharing method described in FIG. 3 to FIG. 10 . For details, please refer to the relevant descriptions in FIG. 3 to FIG. 10 , which will not be repeated here.
在一种可能的实现方式中,所述文件分享装置500可以为服务器。In a possible implementation manner, the file sharing apparatus 500 may be a server.
如图11所示,本申请实施例提供的文件分享装置500可以包括:获取单元501和控制单元502。As shown in FIG. 11 , the file sharing apparatus 500 provided in this embodiment of the present application may include: an acquisition unit 501 and a control unit 502 .
所述获取单元501被配置为响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件。The obtaining unit 501 is configured to obtain the file of the first user in response to a request to share the file of the first user with the second user.
可以理解,所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据。It can be understood that the file includes propagation chain data, and the propagation chain data is data formed by each user that the file passes through when the file is propagated.
所述获取单元501也被配置为从所述传播链数据中获取传播规则。其中,所述传播规则为所述第一用户向所述第二用户分享所述文件时所设定的分享规则。The obtaining unit 501 is also configured to obtain propagation rules from the propagation chain data. The dissemination rule is a sharing rule set when the first user shares the file with the second user.
所述控制单元502被配置为使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。The control unit 502 is configured to control file sharing by the first user to the second user using the propagation rules in the file.
在一种可能的设计中,所述控制单元502还被配置为根据所述传播规则禁止第二用户对文件进行篡改。In a possible design, the control unit 502 is further configured to prohibit the second user from tampering with the file according to the propagation rule.
在一种可能的设计中,所述控制单元502还被配置为根据所述传播规则禁止第二用户向第三用户分享文件。In a possible design, the control unit 502 is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule.
在一种可能的设计中,所述控制单元502还被配置为根据所述传播规则限定接收文件的用户数量。In a possible design, the control unit 502 is further configured to limit the number of users who receive the file according to the propagation rule.
可以理解的是,上述文件分享装置中各个模块的划分仅用于举例说明,在其他的实施例中,可将文件分享装置按照需要划分为不同的模块,以完成上述文件分享装置的全部或部分功能。It can be understood that the division of each module in the above-mentioned file sharing device is only used for illustration. In other embodiments, the file sharing device can be divided into different modules as required to complete all or part of the above-mentioned file sharing device. Function.
在本申请实施例中各个单元的具体实现还可以对应参照图3至图10所示的方法实施例的相应描述。在图11所描述的文件分享装置中,可以控制文件分享范围,可以避免文件被恶意或违规传播。具体内容可以参见上述文件分享方法的具体实施例,在此不再详述。The specific implementation of each unit in the embodiments of the present application may also correspond to the corresponding descriptions of the method embodiments shown in FIG. 3 to FIG. 10 . In the file sharing device described in FIG. 11 , the file sharing scope can be controlled, and the malicious or illegal spreading of files can be avoided. For specific content, reference may be made to the specific embodiments of the above-mentioned file sharing method, which will not be described in detail here.
本实施例中,所述文件分享装置500是以单元的形式来呈现。这里的“单元”可以指特定应用集成电路(application-specific integrated circuit,ASIC),执行一个或多个软件或固件程序的处理器和存储器,集成逻辑电路,和/或其他可以提供上述功能的器件。此外,获取单元501和控制单元502可以通过图12所示的文件分享装置的处理器601来实现。In this embodiment, the file sharing apparatus 500 is presented in the form of a unit. A "unit" here may refer to an application-specific integrated circuit (ASIC), a processor and memory executing one or more software or firmware programs, an integrated logic circuit, and/or other devices that can provide the above-described functions . In addition, the acquisition unit 501 and the control unit 502 may be implemented by the processor 601 of the file sharing apparatus shown in FIG. 12 .
如图12所示,文件分享装置600可以以图12中的结构来实现,该文件分享装置600包括至少一个处理器601、至少一个存储器602、至少一个通信接口603。As shown in FIG. 12 , the file sharing apparatus 600 can be implemented with the structure in FIG. 12 , and the file sharing apparatus 600 includes at least one processor 601 , at least one memory 602 , and at least one communication interface 603 .
所述处理器601、所述存储器602和所述通信接口603可以通过通信总线连接并完成相互间的通信。The processor 601 , the memory 602 and the communication interface 603 may be connected through a communication bus and communicate with each other.
所述处理器601可以是通用中央处理器(CPU)、微处理器、特定应用集成电路(application-specific integrated circuit,ASIC)、或一个或多个用于控制以上方案程序执行的集成电路。The processor 601 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the above programs.
通信接口603,用于与其他设备或通信网络通信,如以太网,无线接入网(RAN),无线局域网(Wireless Local Area Networks,WLAN)等。The communication interface 603 is used to communicate with other devices or communication networks, such as Ethernet, radio access network (RAN), wireless local area network (Wireless Local Area Networks, WLAN) and the like.
存储器602可以是只读存储器(read-only memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(random access memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以是电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、只读光盘(Compact Disc Read-Only Memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立存在,通过总线与处理器相连接。存储器也可以和处理器集成在一起。The memory 602 may be read-only memory (ROM) or other type of static storage device that can store static information and instructions, random access memory (RAM) or other type of static storage device that can store information and instructions It can also be an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or capable of carrying or storing desired program code in the form of instructions or data structures and capable of being executed by a computer Access any other medium without limitation. The memory can exist independently and be connected to the processor through a bus. The memory can also be integrated with the processor.
其中,所述存储器602用于存储执行以上方案的应用程序代码,并由处理器601来控制执行。所述处理器601用于执行所述存储器602中存储的应用程序代码。所述存储器602存储的代码可执行图3至图10中所描述的文件分享方法的部分或全部步骤。Wherein, the memory 602 is used for storing the application code for executing the above solution, and the execution is controlled by the processor 601 . The processor 601 is configured to execute the application code stored in the memory 602 . The code stored in the memory 602 can execute part or all of the steps of the file sharing method described in FIG. 3 to FIG. 10 .
对于本领域的技术人员而言,显然本申请不限于上述示范性实施例的细节, 而且在不背离本申请的精神或基本特征的情况下,能够以其他具体形式实现本申请。因此,只要在本申请的实质精神范围之内,对以上实施例所作的适当改变和变化都应该落在本申请要求保护的范围之内。It will be apparent to those skilled in the art that the present application is not limited to the details of the above-described exemplary embodiments, but can be implemented in other specific forms without departing from the spirit or essential characteristics of the present application. Therefore, as long as they are within the spirit and scope of the present application, appropriate changes and changes made to the above embodiments should fall within the scope of protection of the present application.

Claims (11)

  1. 一种文件分享方法,其特征在于,所述文件分享方法包括:A file sharing method, characterized in that the file sharing method comprises:
    响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;In response to a request for sharing the file of the first user with the second user, obtain the file of the first user; wherein the file includes propagation chain data, and the propagation chain data is when the file is propagated The data formed by each user passing through;
    从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;Obtaining a propagation rule from the propagation chain data, wherein the propagation rule is a sharing rule set when each user shares a file;
    使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。File sharing by the first user to the second user is controlled using the propagation rules in the file.
  2. 如权利要求1所述的文件分享方法,其特征在于,The file sharing method according to claim 1, wherein,
    所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户对文件进行篡改。When the first user shares the file with the second user, the propagation rule is to prohibit the second user from tampering with the file.
  3. 如权利要求1或2所述的文件分享方法,其特征在于,The file sharing method according to claim 1 or 2, wherein,
    所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户向第三用户分享文件。When the first user shares files with the second user, the propagation rule is to prohibit the second user from sharing files with the third user.
  4. 如权利要求1-3任意一项所述的文件分享方法,其特征在于,The file sharing method according to any one of claims 1-3, wherein,
    所述第一用户在向第二用户进行文件分享时,所述传播规则为限定接收文件的用户数量。When the first user shares the file with the second user, the propagation rule is to limit the number of users who receive the file.
  5. 如权利要求1-4任意一项所述的文件分享方法,其特征在于,所述方法还包括:The file sharing method according to any one of claims 1-4, wherein the method further comprises:
    所述第二用户通过用户设备中的应用下载所述文件的内容和传播链数据,将所述文件的内容和传播链数据保存到安全沙箱中。The second user downloads the content of the file and the propagation chain data through the application in the user equipment, and saves the content of the file and the propagation chain data in a security sandbox.
  6. 如权利要求5所述的文件分享方法,其特征在于,The file sharing method according to claim 5, wherein,
    当所述第二用户复制所述文件为一个新文件时,所述应用在所述安全沙箱中复制包括文件内容和所述传播链数据的文件。When the second user copies the file as a new file, the application copies the file including the file content and the propagation chain data in the security sandbox.
  7. 如权利要求6所述的文件分享方法,其特征在于,The file sharing method of claim 6, wherein,
    当所述第二用户上传所述新文件至服务器时,所述应用将所述文件内容和所述传播链数据均上传至服务器。When the second user uploads the new file to the server, the application uploads both the file content and the propagation chain data to the server.
  8. 一种文件分享装置,其特征在于,所述文件分享装置包括:A file sharing device, characterized in that the file sharing device comprises:
    获取单元,被配置为响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;The obtaining unit is configured to obtain the file of the first user in response to a request for sharing the file of the first user with the second user; wherein the file includes propagation chain data, and the propagation chain data is all The data formed by each user through which the file is disseminated;
    所述获取单元还被配置为从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;The obtaining unit is further configured to obtain a propagation rule from the propagation chain data, wherein the propagation rule is a sharing rule set when each user shares a file;
    控制单元,被配置为使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。A control unit configured to use the propagation rule in the file to control file sharing by the first user to the second user.
  9. 如权利要求8所述的文件分享装置,其特征在于,The file sharing device according to claim 8, wherein,
    所述控制单元还被配置为根据所述传播规则禁止第二用户对文件进行篡改。The control unit is further configured to prohibit the second user from tampering with the file according to the propagation rule.
  10. 如权利要求8或9所述的文件分享装置,其特征在于,The file sharing device according to claim 8 or 9, wherein,
    所述控制单元还被配置为根据所述传播规则禁止第二用户向第三用户分享文件。The control unit is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule.
  11. 如权利要求8-10任意一项所述的文件分享装置,其特征在于,The file sharing device according to any one of claims 8-10, wherein,
    所述控制单元还被配置为根据所述传播规则限定接收文件的用户数量。The control unit is further configured to limit the number of users who receive the file according to the propagation rule.
PCT/CN2022/081009 2021-03-18 2022-03-15 File sharing method and device WO2022194167A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110291947.2 2021-03-18
CN202110291947.2A CN115114252A (en) 2021-03-18 2021-03-18 File sharing method and device

Publications (1)

Publication Number Publication Date
WO2022194167A1 true WO2022194167A1 (en) 2022-09-22

Family

ID=83321721

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/081009 WO2022194167A1 (en) 2021-03-18 2022-03-15 File sharing method and device

Country Status (2)

Country Link
CN (1) CN115114252A (en)
WO (1) WO2022194167A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101778352A (en) * 2009-12-25 2010-07-14 中兴通讯股份有限公司 Realization method and system of technology for protecting multimedia message contents
CN102801640A (en) * 2011-05-23 2012-11-28 腾讯科技(深圳)有限公司 Information auditing method and device
CN108924666A (en) * 2018-07-31 2018-11-30 成都华栖云科技有限公司 A kind of method that the video content of enhancing propagates analysis
CN110798819A (en) * 2018-08-01 2020-02-14 华为技术有限公司 Message propagation method and device
CN111339543A (en) * 2020-02-27 2020-06-26 深信服科技股份有限公司 File processing method and device, equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101778352A (en) * 2009-12-25 2010-07-14 中兴通讯股份有限公司 Realization method and system of technology for protecting multimedia message contents
CN102801640A (en) * 2011-05-23 2012-11-28 腾讯科技(深圳)有限公司 Information auditing method and device
CN108924666A (en) * 2018-07-31 2018-11-30 成都华栖云科技有限公司 A kind of method that the video content of enhancing propagates analysis
CN110798819A (en) * 2018-08-01 2020-02-14 华为技术有限公司 Message propagation method and device
CN111339543A (en) * 2020-02-27 2020-06-26 深信服科技股份有限公司 File processing method and device, equipment and storage medium

Also Published As

Publication number Publication date
CN115114252A (en) 2022-09-27

Similar Documents

Publication Publication Date Title
US10545884B1 (en) Access files
US10587415B2 (en) Systems and methods for controlling email access
US10157286B2 (en) Platform for adopting settings to secure a protected file
US9516066B2 (en) Rights management services integration with mobile device management
US8978110B2 (en) Systems and methods for controlling email access
US10084789B2 (en) Peer to peer enterprise file sharing
BR112013004345B1 (en) system and method to avoid malware attached to a server
WO2014132246A1 (en) System and method for conflict-free cloud storage encryption
US9779250B1 (en) Intelligent application wrapper
US8739291B2 (en) System and method for providing access to OMA DRM protected files from java application
JP2023527713A (en) Filtering blockchain transactions
US20220092193A1 (en) Encrypted file control
WO2022194167A1 (en) File sharing method and device
US20150347365A1 (en) System and method for distributing censored and encrypted versions of a document
US10931446B2 (en) Method and system for protecting sharing information
JP2015133087A (en) File management device, file management system, and program
US8495749B2 (en) Method, apparatus and computer program product for a content protection system for protecting personal content
US20220414244A1 (en) Sender-based consent mechanism for sharing images
TR2023006911T2 (en) ENCRYPTED FILE CONTROL
KR20190061251A (en) Data transmission method
Kang et al. RAPPD: A language and prototype for recipient-accountable private personal data
FR2890810A1 (en) TRANSFER OF A LICENSE OF DIGITAL CONTENT INTO LICENSES

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22770520

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22770520

Country of ref document: EP

Kind code of ref document: A1