CN104268454A - Management method and device of application program of terminal - Google Patents
Management method and device of application program of terminal Download PDFInfo
- Publication number
- CN104268454A CN104268454A CN201410507816.3A CN201410507816A CN104268454A CN 104268454 A CN104268454 A CN 104268454A CN 201410507816 A CN201410507816 A CN 201410507816A CN 104268454 A CN104268454 A CN 104268454A
- Authority
- CN
- China
- Prior art keywords
- application program
- application
- private data
- user
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 35
- 238000009434 installation Methods 0.000 claims abstract description 77
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 17
- 230000005012 migration Effects 0.000 claims description 6
- 238000013508 migration Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 6
- 238000000034 method Methods 0.000 description 32
- 238000010586 diagram Methods 0.000 description 12
- 230000002155 anti-virotic effect Effects 0.000 description 8
- 241000700605 Viruses Species 0.000 description 6
- 230000004069 differentiation Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000011900 installation process Methods 0.000 description 4
- 230000001737 promoting effect Effects 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 238000013475 authorization Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6281—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a management method and device of an application program of a terminal. The terminal comprises a first system and a second system. The management method of the application program includes: when receiving orders to start the application program in the terminal, determining the installation position of the application program; when determining that the application program is installed in the first system, starting the application program in the first system and forbidding the application program to access private data; when determining that the application program is installed in the second system, starting the application program in the second system and allowing the application program to access the private data. The management method and device solve the problem of inquiring whether to allow the application program to access the private data each time opening the application program and improve the user experience on the premise of preventing the private data of users from being stolen by malicious application programs and ensuring to authorize the application program to normally access the private data.
Description
Technical field
The present invention relates to field of terminal technology, in particular to the management devices of a kind of management method of the application program for terminal and the application program for terminal.
Background technology
Along with the development of terminal technology and Internet technology and universal, end application also becomes more and more abundanter, and diversified end application also brings great security risk to us while bringing colourful life to us.The such as end application of Malware, fee suction software and so on not only can make us suffer huge economic loss, more may reveal our privacy.
In correlation technique, prevent the method for the end application of Malware, fee suction software and so on from normally adopting the way of similar software such as installation mobile phone antivirus software or mobile phone house keeper etc. to carry out killing virus and control of authority, but this type of software cannot ensure to identify whole Malwares and fee suction software, and antivirus software and mobile phone house keeper inherently exist the risk revealing privacy of user.In addition, the Based Intelligent Control of antivirus software and mobile phone house keeper application programs is intelligent not, and such as, mobile phone house keeper monitor terminal application program exists following defect:
1) accurately cannot judge that the behavior of the private data obtained in terminal is the behavior of subscriber authorisation, or the malicious act of end application;
2) when end application accesses private data at every turn, all point out user whether to agree to, affect the experience of user.But, if the behavior of acquiescence refusal application program access private data, some function of application can be caused again to realize, and the application program as map class needs access geographical location information, micro-letter to need access sound-recording function etc., makes the condition that user faces a difficult selection.
And also there is following defect in antivirus software:
1) Malware that antivirus software None-identified is all;
2) there is insecurity in antivirus software itself, and they can accesses network, and to keep software upgrading, and antivirus software runs without interruption on backstage, the various information of scanning user, likely can the private data of upload user, causes privacy of user to be revealed.
Therefore, how can be stolen by malicious application preventing the private data of user, under ensureing that authorized applications normally accesses the prerequisite of private data simultaneously, avoid opening application program at every turn and all inquire whether user allows access private data to become technical matters urgently to be resolved hurrily.
Summary of the invention
The present invention just based on above-mentioned technical matters one of at least, propose a kind of Managed Solution of the application program for terminal newly, can be stolen by malicious application preventing the private data of user, under ensureing that authorized applications normally accesses the prerequisite of private data simultaneously, avoid and open application program at every turn and all inquire whether user allows to access the problem of private data, improves the experience of user.
In view of this, the present invention proposes a kind of management method of the application program for terminal, described terminal comprises the first system and second system, the management method of described application program, comprise: when receiving the instruction of the application program started in described terminal, determine the installation site of described application program; When determining that described application program is arranged in described the first system, in described the first system, start described application program, and forbid described application program access private data; And when determining that described application program is arranged in described second system, in described second system, start described application program, and described application program is allowed to access described private data.
In this technical scheme, by judging the installation site of application program to be launched, with when application program to be launched is arranged in the first system, in the first system, start this application program, and forbid this application program access private data, and when application program to be launched is arranged in second system, this application program is started in second system, and allow this application program to access private data, make it possible to carry out differentiation management to the application program in terminal, and then can by the unauthorized application of user (as user forbids the application obtaining private data, the malicious application etc. that user installs in unwitting situation) be arranged on the first system, to forbid the private data of unauthorized application access user, prevent the private data of user by Malware, the malicious application such as fee suction software obtain, thus the personal secrets of protection user, simultaneously, also the mandate of user can be applied (as map class application, micro-letter etc.) is arranged in second system, with when starting mandate application, authorize application directly can access private data, without the need to pointing out user, avoid in correlation technique the troublesome operation all must inquiring user when at every turn opening application program, be conducive to the experience promoting user.
In technique scheme, preferably, also comprise: when receiving the instruction of installing specified application, prompting user selects the installation site of described specified application; Receive user to the selection instruction of the installation site of described specified application, and according to described selection instruction, described specified application is arranged in described the first system or described second system.
In this technical scheme, by when installing specified application, prompting user selects the installation site of specified application, can the installation site of reminding user careful selection application program, avoid the malicious application may invading privacy of user data to be installed to as much as possible and forbid obtaining in the system (i.e. the first system) of privacy of user, and normal application program is installed in the system (i.e. second system) allowing to obtain privacy of user data, and then after application program is installed, such as Malware can be effectively prevented while not affecting Consumer's Experience, the loss that the malicious application such as fee suction software are invaded privacy of user and caused.
In technique scheme, preferably, also comprise: if be arranged in described second system by described specified application, then on the display interface of described the first system, create the icon of described specified application; When receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
In this technical scheme, under normal circumstances, the operating system of user's acquiescence is the first system, therefore by creating the icon being installed on the specified application of second system on the display interface of the first system, and when receiving the specific operation to the icon of above-mentioned specified application, automatically switch in second system and start this application program, when user being rested in the interface of the first system and needs the application of opening in second system, without the need to manual switchover to second system, and then in second system, start the troublesome operation of above-mentioned specified application, simplify the operation of user, improve the experience of user.Wherein, can be clicking operation etc. to the specific operation of icon.
In technique scheme, preferably, the step that described specified application is arranged in described second system is specially: directly described specified application is arranged in described second system; Or described specified application is arranged in described the first system, and run described specified application, detect described specified application the need of the described private data of access, if so, then whether allow described specified application to access described private data to user's prompting; When receiving the described specified application of permission that described user sends and accessing the instruction of described private data, the installation site of described specified application is migrated to described second system.
In this technical scheme, when user selects application program to be arranged on second system, have following two kinds of modes: mode one, is directly arranged in second system by specified application, the installation process of this mode is simply efficient, mode two, first application program is arranged on the first system, and directly open this application program after the installation is complete, and this application program is detected the need of access private data, if detect this application program need access private data and obtain user agree to after, again the installation site of this application program can be migrated to second system, this mode also effectively can prevent from being directly installed on the problem that second system causes privacy of user leaking data when whether the uncertain application program of user is and comprises virus in rogue program or application program, further increase the security of private data.
In technique scheme, preferably, also comprise: detect and be arranged on arbitrary application program in described the first system the need of the described private data of access, if so, then whether allow described arbitrary application program to access described private data to user's prompting; When receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, the installation site of described arbitrary application program is migrated to described second system.
In this technical scheme, by when detecting that the arbitrary application program in the first system needs access private data, whether allow to access private data to user's prompting, and when receiving the instruction that user allows, the installation site of above-mentioned arbitrary application program is migrated in second system, when making this user again need access private data, directly can conduct interviews without the need to again inquiring user, avoiding and at every turn all inquiring user and the operating experience that affects user.
According to a second aspect of the invention, also proposed a kind of management devices of the application program for terminal, described terminal comprises the first system and second system, the management devices of described application program, comprise: determining unit, for when receiving the instruction of the application program started in described terminal, determine the installation site of described application program; Processing unit, for when described determining unit determines that described application program is arranged in described the first system, described application program is started in described the first system, and forbid described application program access private data, and for when described determining unit determines that described application program is arranged in described second system, in described second system, start described application program, and allow described application program to access described private data.
In this technical scheme, by judging the installation site of application program to be launched, with when application program to be launched is arranged in the first system, in the first system, start this application program, and forbid this application program access private data, and when application program to be launched is arranged in second system, this application program is started in second system, and allow this application program to access private data, make it possible to carry out differentiation management to the application program in terminal, and then can by the unauthorized application of user (as user forbids the application obtaining private data, the malicious application etc. that user installs in unwitting situation) be arranged on the first system, to forbid the private data of unauthorized application access user, prevent the private data of user by Malware, the malicious application such as fee suction software obtain, thus the personal secrets of protection user, simultaneously, also the mandate of user can be applied (as map class application, micro-letter etc.) is arranged in second system, with when starting mandate application, authorize application directly can access private data, without the need to pointing out user, avoid in correlation technique the troublesome operation all must inquiring user when at every turn opening application program, be conducive to the experience promoting user.
In technique scheme, preferably, also comprise: the first Tip element, for when receiving the instruction of installing specified application, prompting user selects the installation site of described specified application; Receiving element, for receiving the selection instruction of user to the installation site of described specified application; Installation unit, for according to described selection instruction, is arranged on described specified application in described the first system or described second system.
In this technical scheme, by when installing specified application, prompting user selects the installation site of specified application, can the installation site of reminding user careful selection application program, avoid the malicious application may invading privacy of user data to be installed to as much as possible and forbid obtaining in the system (i.e. the first system) of privacy of user, and normal application program is installed in the system (i.e. second system) allowing to obtain privacy of user data, and then after application program is installed, such as Malware can be effectively prevented while not affecting Consumer's Experience, the loss that the malicious application such as fee suction software are invaded privacy of user and caused.
In technique scheme, preferably, also comprise: creating unit, for when described specified application is arranged in described second system by described installation unit, the display interface of described the first system creates the icon of described specified application; Described processing unit also for, when receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
In this technical scheme, under normal circumstances, the operating system of user's acquiescence is the first system, therefore by creating the icon being installed on the specified application of second system on the display interface of the first system, and when receiving the specific operation to the icon of above-mentioned specified application, automatically switch in second system and start this application program, when user being rested in the interface of the first system and needs the application of opening in second system, without the need to manual switchover to second system, and then in second system, start the troublesome operation of above-mentioned specified application, simplify the operation of user, improve the experience of user.Wherein, can be clicking operation etc. to the specific operation of icon.
In technique scheme, preferably, described installation unit comprises: first installs subelement, for being directly arranged in described second system by described specified application; Or second installs subelement, for described specified application being arranged in described the first system, and runs described specified application; First detecting unit, for detecting described specified application the need of the described private data of access; Whether the second Tip element, for when described first detecting unit detects that described specified application needs to access described private data, allow described specified application to access described private data to user's prompting; First migration units, for when receiving the described specified application of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described specified application.
In this technical scheme, when user selects application program to be arranged on second system, have following two kinds of modes: mode one, is directly arranged in second system by specified application, the installation process of this mode is simply efficient, mode two, first application program is arranged on the first system, and directly open this application program after the installation is complete, and this application program is detected the need of access private data, if detect this application program need access private data and obtain user agree to after, again the installation site of this application program can be migrated to second system, this mode also effectively can prevent from being directly installed on the problem that second system causes privacy of user leaking data when whether the uncertain application program of user is and comprises virus in rogue program or application program, further increase the security of private data.
In technique scheme, preferably, also comprising: the second detecting unit, being arranged on arbitrary application program in described the first system the need of the described private data of access for detecting; Whether the 3rd Tip element, for when described second detecting unit detects that described arbitrary application program needs to access described private data, allow described arbitrary application program to access described private data to user's prompting; Second migration units, for when receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described arbitrary application program.
In this technical scheme, by when detecting that the arbitrary application program in the first system needs access private data, whether allow to access private data to user's prompting, and when receiving the instruction that user allows, the installation site of above-mentioned arbitrary application program is migrated in second system, when making this user again need access private data, directly can conduct interviews without the need to again inquiring user, avoiding and at every turn all inquiring user and the operating experience that affects user.
The invention allows for a kind of terminal, comprising: the first system and second system, and the management devices of the application program for terminal according to any one of technique scheme.
By above technical scheme, can be stolen by malicious application preventing the private data of user, under ensureing that authorized applications normally accesses the prerequisite of private data simultaneously, avoid and open application program at every turn and all inquire whether user allows to access the problem of private data, improves the experience of user.
Accompanying drawing explanation
Fig. 1 shows the schematic flow diagram of the management method of the application program for terminal according to an embodiment of the invention;
Fig. 2 shows the schematic block diagram of the management devices of the application program for terminal according to an embodiment of the invention;
Fig. 3 shows the schematic block diagram of terminal according to an embodiment of the invention;
Fig. 4 shows the schematic flow diagram of the installation method of end application according to an embodiment of the invention;
Fig. 5 shows the schematic flow diagram of the installation method of end application according to another embodiment of the invention;
Fig. 6 shows the schematic flow diagram of the deployment method of application program according to an embodiment of the invention.
Embodiment
In order to more clearly understand above-mentioned purpose of the present invention, feature and advantage, below in conjunction with the drawings and specific embodiments, the present invention is further described in detail.It should be noted that, when not conflicting, the feature in the embodiment of the application and embodiment can combine mutually.
Set forth a lot of detail in the following description so that fully understand the present invention; but; the present invention can also adopt other to be different from other modes described here and implement, and therefore, protection scope of the present invention is not by the restriction of following public specific embodiment.
Fig. 1 shows the schematic flow diagram of the management method of the application program for terminal according to an embodiment of the invention.
Terminal of the present invention comprises the first system and second system, as shown in Figure 1, the management method of the application program for terminal according to an embodiment of the invention, comprise: step 102, when receiving the instruction of the application program started in described terminal, determine the installation site of described application program; Step 104, when determining that described application program is arranged in described the first system, starts described application program in described the first system, and forbids described application program access private data; And when determining that described application program is arranged in described second system, in described second system, start described application program, and described application program is allowed to access described private data.
In this technical scheme, by judging the installation site of application program to be launched, with when application program to be launched is arranged in the first system, in the first system, start this application program, and forbid this application program access private data, and when application program to be launched is arranged in second system, this application program is started in second system, and allow this application program to access private data, make it possible to carry out differentiation management to the application program in terminal, and then can by the unauthorized application of user (as user forbids the application obtaining private data, the malicious application etc. that user installs in unwitting situation) be arranged on the first system, to forbid the private data of unauthorized application access user, prevent the private data of user by Malware, the malicious application such as fee suction software obtain, thus the personal secrets of protection user, simultaneously, also the mandate of user can be applied (as map class application, micro-letter etc.) is arranged in second system, with when starting mandate application, authorize application directly can access private data, without the need to pointing out user, avoid in correlation technique the troublesome operation all must inquiring user when at every turn opening application program, be conducive to the experience promoting user.
In technique scheme, preferably, also comprise: when receiving the instruction of installing specified application, prompting user selects the installation site of described specified application; Receive user to the selection instruction of the installation site of described specified application, and according to described selection instruction, described specified application is arranged in described the first system or described second system.
In this technical scheme, by when installing specified application, prompting user selects the installation site of specified application, can the installation site of reminding user careful selection application program, avoid the malicious application may invading privacy of user data to be installed to as much as possible and forbid obtaining in the system (i.e. the first system) of privacy of user, and normal application program is installed in the system (i.e. second system) allowing to obtain privacy of user data, and then after application program is installed, such as Malware can be effectively prevented while not affecting Consumer's Experience, the loss that the malicious application such as fee suction software are invaded privacy of user and caused.
In technique scheme, preferably, also comprise: if be arranged in described second system by described specified application, then on the display interface of described the first system, create the icon of described specified application; When receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
In this technical scheme, under normal circumstances, the operating system of user's acquiescence is the first system, therefore by creating the icon being installed on the specified application of second system on the display interface of the first system, and when receiving the specific operation to the icon of above-mentioned specified application, automatically switch in second system and start this application program, when user being rested in the interface of the first system and needs the application of opening in second system, without the need to manual switchover to second system, and then in second system, start the troublesome operation of above-mentioned specified application, simplify the operation of user, improve the experience of user.Wherein, can be clicking operation etc. to the specific operation of icon.
In technique scheme, preferably, the step that described specified application is arranged in described second system is specially: directly described specified application is arranged in described second system; Or described specified application is arranged in described the first system, and run described specified application, detect described specified application the need of the described private data of access, if so, then whether allow described specified application to access described private data to user's prompting; When receiving the described specified application of permission that described user sends and accessing the instruction of described private data, the installation site of described specified application is migrated to described second system.
In this technical scheme, when user selects application program to be arranged on second system, have following two kinds of modes: mode one, is directly arranged in second system by specified application, the installation process of this mode is simply efficient, mode two, first application program is arranged on the first system, and directly open this application program after the installation is complete, and this application program is detected the need of access private data, if detect this application program need access private data and obtain user agree to after, again the installation site of this application program can be migrated to second system, this mode also effectively can prevent from being directly installed on the problem that second system causes privacy of user leaking data when whether the uncertain application program of user is and comprises virus in rogue program or application program, further increase the security of private data.
In technique scheme, preferably, also comprise: detect and be arranged on arbitrary application program in described the first system the need of the described private data of access, if so, then whether allow described arbitrary application program to access described private data to user's prompting; When receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, the installation site of described arbitrary application program is migrated to described second system.
In this technical scheme, by when detecting that the arbitrary application program in the first system needs access private data, whether allow to access private data to user's prompting, and when receiving the instruction that user allows, the installation site of above-mentioned arbitrary application program is migrated in second system, when making this user again need access private data, directly can conduct interviews without the need to again inquiring user, avoiding and at every turn all inquiring user and the operating experience that affects user.
Fig. 2 shows the schematic block diagram of the management devices of the application program for terminal according to an embodiment of the invention.
Described terminal comprises the first system and second system, as shown in Figure 2, the management devices 200 of the application program for terminal according to an embodiment of the invention, comprise: determining unit 202, for when receiving the instruction of the application program started in described terminal, determine the installation site of described application program; Processing unit 204, for when described determining unit 202 determines that described application program is arranged in described the first system, described application program is started in described the first system, and forbid described application program access private data, and for when described determining unit 202 determines that described application program is arranged in described second system, in described second system, start described application program, and allow described application program to access described private data.
In this technical scheme, by judging the installation site of application program to be launched, with when application program to be launched is arranged in the first system, in the first system, start this application program, and forbid this application program access private data, and when application program to be launched is arranged in second system, this application program is started in second system, and allow this application program to access private data, make it possible to carry out differentiation management to the application program in terminal, and then can by the unauthorized application of user (as user forbids the application obtaining private data, the malicious application etc. that user installs in unwitting situation) be arranged on the first system, to forbid the private data of unauthorized application access user, prevent the private data of user by Malware, the malicious application such as fee suction software obtain, thus the personal secrets of protection user, simultaneously, also the mandate of user can be applied (as map class application, micro-letter etc.) is arranged in second system, with when starting mandate application, authorize application directly can access private data, without the need to pointing out user, avoid in correlation technique the troublesome operation all must inquiring user when at every turn opening application program, be conducive to the experience promoting user.
In technique scheme, preferably, also comprise: the first Tip element 206, for when receiving the instruction of installing specified application, prompting user selects the installation site of described specified application; Receiving element 208, for receiving the selection instruction of user to the installation site of described specified application; Installation unit 210, for according to described selection instruction, is arranged on described specified application in described the first system or described second system.
In this technical scheme, by when installing specified application, prompting user selects the installation site of specified application, can the installation site of reminding user careful selection application program, avoid the malicious application may invading privacy of user data to be installed to as much as possible and forbid obtaining in the system (i.e. the first system) of privacy of user, and normal application program is installed in the system (i.e. second system) allowing to obtain privacy of user data, and then after application program is installed, such as Malware can be effectively prevented while not affecting Consumer's Experience, the loss that the malicious application such as fee suction software are invaded privacy of user and caused.
In technique scheme, preferably, also comprise: creating unit 212, for when described specified application is arranged in described second system by described installation unit 210, the display interface of described the first system creates the icon of described specified application; Described processing unit 204 also for, when receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
In this technical scheme, under normal circumstances, the operating system of user's acquiescence is the first system, therefore by creating the icon being installed on the specified application of second system on the display interface of the first system, and when receiving the specific operation to the icon of above-mentioned specified application, automatically switch in second system and start this application program, when user being rested in the interface of the first system and needs the application of opening in second system, without the need to manual switchover to second system, and then in second system, start the troublesome operation of above-mentioned specified application, simplify the operation of user, improve the experience of user.Wherein, can be clicking operation etc. to the specific operation of icon.
In technique scheme, preferably, described installation unit 210 comprises: first installs subelement 2102, for being directly arranged in described second system by described specified application; Or second installs subelement 2104, for described specified application being arranged in described the first system, and runs described specified application; First detecting unit 2106, for detecting described specified application the need of the described private data of access; Whether the second Tip element 2108, for when described first detecting unit 2106 detects that described specified application needs to access described private data, allow described specified application to access described private data to user's prompting; First migration units 2110, for when receiving the described specified application of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described specified application.
In this technical scheme, when user selects application program to be arranged on second system, have following two kinds of modes: mode one, is directly arranged in second system by specified application, the installation process of this mode is simply efficient, mode two, first application program is arranged on the first system, and directly open this application program after the installation is complete, and this application program is detected the need of access private data, if detect this application program need access private data and obtain user agree to after, again the installation site of this application program can be migrated to second system, this mode also effectively can prevent from being directly installed on the problem that second system causes privacy of user leaking data when whether the uncertain application program of user is and comprises virus in rogue program or application program, further increase the security of private data.
In technique scheme, preferably, also comprising: the second detecting unit 214, being arranged on arbitrary application program in described the first system the need of the described private data of access for detecting; Whether the 3rd Tip element 216, for when described second detecting unit 214 detects that described arbitrary application program needs to access described private data, allow described arbitrary application program to access described private data to user's prompting; Second migration units 218, for when receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described arbitrary application program.
In this technical scheme, by when detecting that the arbitrary application program in the first system needs access private data, whether allow to access private data to user's prompting, and when receiving the instruction that user allows, the installation site of above-mentioned arbitrary application program is migrated in second system, when making this user again need access private data, directly can conduct interviews without the need to again inquiring user, avoiding and at every turn all inquiring user and the operating experience that affects user.
Fig. 3 shows the schematic block diagram of terminal according to an embodiment of the invention.
As shown in Figure 3, terminal 300 according to an embodiment of the invention, comprising: the first system 302 and second system 304, and the management devices 200 of the application program for terminal shown in Fig. 2.
Using conventional system as the first system 302 in above-described embodiment in following examples, security system elaborates technical scheme of the present invention as second system 304.
Terminal 300 of the present invention adopts dual system framework, an i.e. conventional system and a security system, after terminal 300 (as mobile phone) start, two systems are run simultaneously and mutually independently, by some communication mechanisms (as the interactive information such as shared drive, RPC), conventional system and security system can be switched mutually.The display of terminal acquiescence be the interface of conventional system, therefore user operates usually under conventional system.
When user installation application program, can eject an Option Box, prompting user application is installed to conventional system and is still installed to security system.Certainly, application program acquiescence can be set and be installed to conventional system.
When application program is installed to conventional system, the privacy of user data messages such as this application access contact person, note, dial (of a telephone), schedule, camera and picture library are by limited.Important private data information is stored in security system, and application program cannot obtain these private data information.
When user installation application program trusty, can select to be installed to security system, on the display interface of conventional system, at this moment create the shortcut icon of this application program.User clicks this icon on the display interface of conventional system, can automatically switch to security system, and opens this application in security system.
When set up applications, kind of the mounting means of two shown in Fig. 4 and Fig. 5 can be had, be described respectively below:
Fig. 4 shows the schematic flow diagram of the installation method of end application according to an embodiment of the invention.
As shown in Figure 4, the concrete steps of the installation method of end application according to an embodiment of the invention, comprising:
Step 402, user installation application program, namely receives the instruction of user installation application program.
Step 404, ejects prompting frame, and application program is installed to security system or conventional system by prompting user.
Step 406, judges that application program is the need of being installed to security system, if so, then performs step 410; Otherwise, perform step 408.
Step 408, when judging not need application program to be installed to security system, is installed to conventional system by application program.
Step 410, when judging to need application program to be installed to security system, ejects security warning frame, to point out the information such as user " as Malware is installed to security system, may cause privacy leakage or economic loss ".
Step 412, judges whether to continue application program to be installed to security system, if so, then performs step 414; Otherwise, return step 404.
Step 414, when judging to need to continue application program to be installed to security system, being installed to security system by application program, and creating shortcut icon on the interface of conventional system.
Fig. 5 shows the schematic flow diagram of the installation method of end application according to another embodiment of the invention.
As shown in Figure 5, the concrete steps of the installation method of end application according to another embodiment of the invention, comprising:
Step 502, user installation application program, namely receives the instruction of user installation application program.
Step 504, ejects prompting frame, and application program is installed to security system or conventional system by prompting user.
Step 506, judges that application program is the need of being installed to security system, if so, then performs step 510; Otherwise, perform step 508.
Step 508, when judging not need application program to be installed to security system, is installed to conventional system by application program.
Step 510, when judging to need application program to be installed to security system, ejects security warning frame, to point out the information such as user " as Malware is installed to security system, may cause privacy leakage or economic loss ".
Step 512, judges whether to continue application program to be installed to security system, if so, then performs step 514; Otherwise, return step 504.
Step 514, when judging to need to continue application program to be installed to security system, being first installed to conventional system by application program and running.
Step 516, judges that application program is the need of acquisition private data, if so, then performs step 518; Otherwise, perform step 520.
Step 518, when judging that application program needs to obtain private data, whether inquiry user allows the acquisition behavior of this application program, if so, then performs step 520; Otherwise, perform step 508.
Step 520, when judging that user allows the acquisition behavior of this application program, moving to security system by application program, and create shortcut icon on the interface of conventional system.
Fig. 6 shows the schematic flow diagram of the deployment method of application program according to an embodiment of the invention.
As shown in Figure 6, the deployment method concrete steps of application program comprise according to an embodiment of the invention:
Step 602, opens application program in conventional system.
Step 604, judges whether this application program is arranged on security system, if so, then performs step 608; If not, then step 606 is performed.
Step 606, when judging that application program is arranged on conventional system, directly opens this application program in conventional system.
Step 608, the pattern of the password or input that receive user's input unlocks.
Step 610, judges to unlock whether success is correct, if success, then perform step 612, if unsuccessful, then perform step 614.
Step 612, when judging to unlock successfully, being switched to security system and opening corresponding application program.
Step 614, when judging to unlock unsuccessfully, prompting unlocks unsuccessfully, and application program cannot be opened.
More than be described with reference to the accompanying drawings technical scheme of the present invention, consider that current intelligent terminal (as smart mobile phone) is when preventing the malicious application such as Malware, fee suction software, application software normally by installing antivirus software or mobile phone house keeper one class carries out killing virus and control of authority, but the whole malicious application of above-mentioned software None-identified, also exists and cannot distinguish user behavior and the defect such as application behavior and the normal function limiting certain applications program simultaneously.Therefore, the present invention proposes a kind of Managed Solution of the application program for terminal newly, can be stolen by malicious application preventing the private data of user, under ensureing that authorized applications normally accesses the prerequisite of private data simultaneously, avoid and open application program at every turn and all inquire whether user allows to access the problem of private data, improves the experience of user.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. for a management method for the application program of terminal, described terminal comprises the first system and second system, it is characterized in that, the management method of described application program, comprising:
When receiving the instruction of the application program started in described terminal, determine the installation site of described application program;
When determining that described application program is arranged in described the first system, in described the first system, start described application program, and forbid described application program access private data; And
When determining that described application program is arranged in described second system, in described second system, start described application program, and allow described application program to access described private data.
2. the management method of the application program for terminal according to claim 1, is characterized in that, also comprise:
When receiving the instruction of installing specified application, prompting user selects the installation site of described specified application;
Receive user to the selection instruction of the installation site of described specified application, and according to described selection instruction, described specified application is arranged in described the first system or described second system.
3. the management method of the application program for terminal according to claim 2, is characterized in that, also comprise:
If described specified application be arranged in described second system, then on the display interface of described the first system, create the icon of described specified application;
When receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
4. the management method of the application program for terminal according to claim 2, is characterized in that, the step that described specified application is arranged in described second system is specially:
Directly described specified application is arranged in described second system; Or
Described specified application is arranged in described the first system, and run described specified application, detect described specified application the need of the described private data of access, if so, then whether allow described specified application to access described private data to user's prompting;
When receiving the described specified application of permission that described user sends and accessing the instruction of described private data, the installation site of described specified application is migrated to described second system.
5. the management method of the application program for terminal according to any one of claim 1 to 4, is characterized in that, also comprise:
Detect and be arranged on arbitrary application program in described the first system the need of the described private data of access, if so, then whether allow described arbitrary application program to access described private data to user's prompting;
When receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, the installation site of described arbitrary application program is migrated to described second system.
6. for a management devices for the application program of terminal, described terminal comprises the first system and second system, it is characterized in that, the management devices of described application program, comprising:
Determining unit, for when receiving the instruction of the application program started in described terminal, determines the installation site of described application program;
Processing unit, for when described determining unit determines that described application program is arranged in described the first system, described application program is started in described the first system, and forbid described application program access private data, and for when described determining unit determines that described application program is arranged in described second system, in described second system, start described application program, and allow described application program to access described private data.
7. the management devices of the application program for terminal according to claim 6, is characterized in that, also comprise:
First Tip element, for when receiving the instruction of installing specified application, prompting user selects the installation site of described specified application;
Receiving element, for receiving the selection instruction of user to the installation site of described specified application;
Installation unit, for according to described selection instruction, is arranged on described specified application in described the first system or described second system.
8. the management devices of the application program for terminal according to claim 7, is characterized in that, also comprise:
Creating unit, for when described specified application is arranged in described second system by described installation unit, the display interface of described the first system creates the icon of described specified application;
Described processing unit also for, when receiving the specific operation to the icon of described specified application in described the first system, switching to described second system and starting described specified application.
9. the management devices of the application program for terminal according to claim 7, is characterized in that, described installation unit comprises:
First installs subelement, for being directly arranged in described second system by described specified application; Or
Second installs subelement, for described specified application being arranged in described the first system, and runs described specified application; First detecting unit, for detecting described specified application the need of the described private data of access; Whether the second Tip element, for when described first detecting unit detects that described specified application needs to access described private data, allow described specified application to access described private data to user's prompting; First migration units, for when receiving the described specified application of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described specified application.
10. the management devices of the application program for terminal according to any one of claim 6 to 9, is characterized in that, also comprise:
Second detecting unit, is arranged on arbitrary application program in described the first system the need of the described private data of access for detecting;
Whether the 3rd Tip element, for when described second detecting unit detects that described arbitrary application program needs to access described private data, allow described arbitrary application program to access described private data to user's prompting;
Second migration units, for when receiving the described arbitrary application program of permission that described user sends and accessing the instruction of described private data, migrates to described second system by the installation site of described arbitrary application program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410507816.3A CN104268454A (en) | 2014-09-28 | 2014-09-28 | Management method and device of application program of terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410507816.3A CN104268454A (en) | 2014-09-28 | 2014-09-28 | Management method and device of application program of terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104268454A true CN104268454A (en) | 2015-01-07 |
Family
ID=52159975
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410507816.3A Pending CN104268454A (en) | 2014-09-28 | 2014-09-28 | Management method and device of application program of terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104268454A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104680090A (en) * | 2015-02-06 | 2015-06-03 | 西安酷派软件科技有限公司 | Application hiding control method, device and mobile terminal |
| CN104732165A (en) * | 2015-03-06 | 2015-06-24 | 西安酷派软件科技有限公司 | Management method of applications and terminal |
| CN105426202A (en) * | 2015-10-31 | 2016-03-23 | 东莞酷派软件技术有限公司 | A method for managing application programs in a terminal and the terminal |
| WO2016112569A1 (en) * | 2015-01-14 | 2016-07-21 | 宇龙计算机通信科技(深圳)有限公司 | Terminal contact management method, management device and terminal |
| WO2016127447A1 (en) * | 2015-02-13 | 2016-08-18 | 宇龙计算机通信科技(深圳)有限公司 | Application installation method and terminal |
| CN105988848A (en) * | 2015-03-06 | 2016-10-05 | 西安酷派软件科技有限公司 | Application installation method of multi-system terminal, application installation apparatus of multi-system terminal and terminal |
| CN106034117A (en) * | 2015-03-13 | 2016-10-19 | 深圳酷派技术有限公司 | Method and device for shifting content between systems and intelligent terminal |
| WO2016192161A1 (en) * | 2015-05-29 | 2016-12-08 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method and device |
| CN106250724A (en) * | 2016-07-25 | 2016-12-21 | 深圳天珑无线科技有限公司 | A kind of application control method, device and mobile device |
| CN106295380A (en) * | 2015-05-14 | 2017-01-04 | 宇龙计算机通信科技(深圳)有限公司 | The guard method of positional information in a kind of multiple operating system terminal, device and terminal |
| CN106548097A (en) * | 2015-09-23 | 2017-03-29 | 深圳市全智达科技有限公司 | The operation method and device of network device software |
| WO2017107380A1 (en) * | 2015-12-24 | 2017-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Method of downloading and installing application and terminal apparatus |
| CN104679558B (en) * | 2015-02-09 | 2018-07-27 | 西安酷派软件科技有限公司 | A kind of switching method between multisystem and terminal |
| CN111182124A (en) * | 2018-11-13 | 2020-05-19 | 奇酷互联网络科技(深圳)有限公司 | Mobile terminal, operation method of double systems of mobile terminal and storage device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101655798A (en) * | 2008-08-18 | 2010-02-24 | 联想(北京)有限公司 | Method for deployment and operation of application in computer and virtual machine environments |
| CN103164260A (en) * | 2011-12-15 | 2013-06-19 | 中国银联股份有限公司 | Application program management system and application program management method used for mobile terminal |
| CN103413089A (en) * | 2013-08-28 | 2013-11-27 | 天翼电信终端有限公司 | Mobile terminal and method thereof for achieving dual system |
| CN103679007A (en) * | 2013-12-19 | 2014-03-26 | 深圳全智达通信股份有限公司 | Method and device for managing application program permission and mobile device |
-
2014
- 2014-09-28 CN CN201410507816.3A patent/CN104268454A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101655798A (en) * | 2008-08-18 | 2010-02-24 | 联想(北京)有限公司 | Method for deployment and operation of application in computer and virtual machine environments |
| CN103164260A (en) * | 2011-12-15 | 2013-06-19 | 中国银联股份有限公司 | Application program management system and application program management method used for mobile terminal |
| CN103413089A (en) * | 2013-08-28 | 2013-11-27 | 天翼电信终端有限公司 | Mobile terminal and method thereof for achieving dual system |
| CN103679007A (en) * | 2013-12-19 | 2014-03-26 | 深圳全智达通信股份有限公司 | Method and device for managing application program permission and mobile device |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3246843A4 (en) * | 2015-01-14 | 2018-07-11 | Yulong Computer Telecommunication Scientific (Shenzhen) Co., Ltd. | Terminal contact management method, management device and terminal |
| WO2016112569A1 (en) * | 2015-01-14 | 2016-07-21 | 宇龙计算机通信科技(深圳)有限公司 | Terminal contact management method, management device and terminal |
| CN104680090A (en) * | 2015-02-06 | 2015-06-03 | 西安酷派软件科技有限公司 | Application hiding control method, device and mobile terminal |
| CN104679558B (en) * | 2015-02-09 | 2018-07-27 | 西安酷派软件科技有限公司 | A kind of switching method between multisystem and terminal |
| WO2016127447A1 (en) * | 2015-02-13 | 2016-08-18 | 宇龙计算机通信科技(深圳)有限公司 | Application installation method and terminal |
| CN104732165B (en) * | 2015-03-06 | 2018-11-06 | 西安酷派软件科技有限公司 | A kind of management method and terminal of application |
| CN104732165A (en) * | 2015-03-06 | 2015-06-24 | 西安酷派软件科技有限公司 | Management method of applications and terminal |
| CN105988848A (en) * | 2015-03-06 | 2016-10-05 | 西安酷派软件科技有限公司 | Application installation method of multi-system terminal, application installation apparatus of multi-system terminal and terminal |
| CN106034117A (en) * | 2015-03-13 | 2016-10-19 | 深圳酷派技术有限公司 | Method and device for shifting content between systems and intelligent terminal |
| CN106295380A (en) * | 2015-05-14 | 2017-01-04 | 宇龙计算机通信科技(深圳)有限公司 | The guard method of positional information in a kind of multiple operating system terminal, device and terminal |
| WO2016192161A1 (en) * | 2015-05-29 | 2016-12-08 | 宇龙计算机通信科技(深圳)有限公司 | Data processing method and device |
| CN106548097A (en) * | 2015-09-23 | 2017-03-29 | 深圳市全智达科技有限公司 | The operation method and device of network device software |
| WO2017071098A1 (en) * | 2015-10-31 | 2017-05-04 | 宇龙计算机通信科技(深圳)有限公司 | Method for managing application program in terminal, and terminal |
| CN105426202A (en) * | 2015-10-31 | 2016-03-23 | 东莞酷派软件技术有限公司 | A method for managing application programs in a terminal and the terminal |
| WO2017107380A1 (en) * | 2015-12-24 | 2017-06-29 | 宇龙计算机通信科技(深圳)有限公司 | Method of downloading and installing application and terminal apparatus |
| CN106250724A (en) * | 2016-07-25 | 2016-12-21 | 深圳天珑无线科技有限公司 | A kind of application control method, device and mobile device |
| CN111182124A (en) * | 2018-11-13 | 2020-05-19 | 奇酷互联网络科技(深圳)有限公司 | Mobile terminal, operation method of double systems of mobile terminal and storage device |
| CN111182124B (en) * | 2018-11-13 | 2021-07-06 | 深圳市知赢科技有限公司 | Mobile terminal, operation method of double systems of mobile terminal and storage device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104268454A (en) | Management method and device of application program of terminal | |
| US11157300B2 (en) | Managing virtual machine security resources | |
| EP2562673B1 (en) | Apparatus and method for securing mobile terminal | |
| EP3610404B1 (en) | Methods and apparatus to monitor permission-controlled hidden sensitive application behavior at run-time | |
| EP2472926B1 (en) | Method and system for controlling an intelligent card remotely | |
| CN103514397A (en) | Server, terminal and authority management and permission method | |
| US9971902B2 (en) | Terminal device, method for protecting terminal device, and terminal management server | |
| CN102880820A (en) | Method for accessing application program of mobile terminal and mobile terminal | |
| CN101432749A (en) | Communication equipment monitoring | |
| CN102855430A (en) | Process blacklist and whitelist control method based on Windows system | |
| CN102722663B (en) | Handheld smart device data security protection method | |
| KR100788256B1 (en) | Web server forgery monitoring system and monitoring method using network | |
| CN105631311A (en) | Application program authority management method and device as well as terminal | |
| CN103559437A (en) | Access control method and system for Android operation system | |
| CN106211164A (en) | Terminal network changing method, terminal network switching device and terminal | |
| CN102509054A (en) | Mobile terminal and application program control method for mobile terminal | |
| CN104573463A (en) | System switching method, system switching device and terminal | |
| KR101416717B1 (en) | System for preventing malicious intrusion based on smart device and method thereof | |
| US10397786B2 (en) | Systems and methods for controlling mobile device use | |
| JP2015038667A (en) | Application manager and network access control system | |
| KR101408276B1 (en) | Security system and method of portable device control with rights management policy in based | |
| CN105635090A (en) | System access method, system access device and terminal | |
| JP2006279321A (en) | Security software and security communication system for mobile terminals | |
| KR101953562B1 (en) | Appratus of mobile device classification for preventing wireless intrusion | |
| Powers et al. | Whitelist malware defense for embedded control system devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150107 |