[go: up one dir, main page]

CN106791168A - Information of mobile terminal guard method, device and mobile terminal - Google Patents

Information of mobile terminal guard method, device and mobile terminal Download PDF

Info

Publication number
CN106791168A
CN106791168A CN201710025477.9A CN201710025477A CN106791168A CN 106791168 A CN106791168 A CN 106791168A CN 201710025477 A CN201710025477 A CN 201710025477A CN 106791168 A CN106791168 A CN 106791168A
Authority
CN
China
Prior art keywords
caller
identity
mobile terminal
application
screen capture
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710025477.9A
Other languages
Chinese (zh)
Inventor
李翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Anyun Century Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201710025477.9A priority Critical patent/CN106791168A/en
Publication of CN106791168A publication Critical patent/CN106791168A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72463User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions to restrict the functionality of the device

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephone Function (AREA)

Abstract

本发明提供一种移动终端信息保护方法和装置,监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;依据调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。该方法和装置有效避免不法应用偷偷截屏等操作,从而减少信息泄露和资金被盗风险,可以有效提高系统安全性。此外还提供了一种移动终端。

The present invention provides a mobile terminal information protection method and device, which monitors the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. The safe space for running resources, which is inaccessible in the normal mode of the system; when the screen capture interface is called, obtain the caller's identity information that calls the screen capture interface; judge whether the caller's identity is legal based on the caller's identity information, when calling When the identity of the caller is illegal, the calling behavior is rejected to prohibit the caller from capturing the screen. The method and device can effectively avoid operations such as stealthy screenshots of illegal applications, thereby reducing the risks of information leakage and fund theft, and can effectively improve system security. In addition, a mobile terminal is provided.

Description

移动终端信息保护方法、装置和移动终端Mobile terminal information protection method, device and mobile terminal

技术领域technical field

本发明涉及移动终端安全技术领域,具体而言,本发明涉及一种移动终端信息保护方法、装置和移动终端。The present invention relates to the technical field of mobile terminal security, in particular, the present invention relates to a mobile terminal information protection method, device and mobile terminal.

背景技术Background technique

一些移动终端出于安全考虑,设置了相应的系统保护模式,以保护用户在网上交易、网上支付、银行查询等等场合的安全。例如,360手机的财产隔离系统,该系统一方面通过内置安全应用商店的方式来防止盗取木马、仿冒应用的入侵,从源头上保证了应用的来源安全;另一方面还通过构建专门网络通道,对账户密码等数据进行加密传输,确保数据在传输过程中的安全。同时,还将金融理财等数据进行系统隔离,禁止恶意应用非法读取,从根本上保障了用户支付环境的安全。For safety considerations, some mobile terminals have set corresponding system protection modes to protect the safety of users in online transactions, online payments, bank inquiries, and the like. For example, the property isolation system of 360 mobile phones. On the one hand, the system prevents the intrusion of Trojan horses and counterfeit applications through the built-in security application store, ensuring the source security of applications from the source; on the other hand, it also builds special network channels , encrypt and transmit data such as account passwords to ensure data security during transmission. At the same time, financial management and other data are systematically isolated to prohibit illegal reading by malicious applications, which fundamentally guarantees the security of the user's payment environment.

传统的移动终端,如果系统保护模式下被用户无意间安装了不法应用,如果不法应用对支付相关、理财相关和银行相关的等等应用的个人信息页面偷偷进行截屏,则网上交易时、网上支付时、银行查询时等等情况下都会存在信息泄露甚至资金被盗的风险,安全性有待提高。For traditional mobile terminals, if an illegal application is unintentionally installed by the user in the system protection mode, and if the illegal application secretly screenshots the personal information pages of payment-related, wealth management-related, and banking-related applications, online transactions, online payments, etc. There will be a risk of information leakage or even fund theft under circumstances such as time, bank inquiries, etc., and the security needs to be improved.

发明内容Contents of the invention

本发明的目的旨在至少能解决上述的技术缺陷之一,特别是安全性较低的技术缺陷。The purpose of the present invention is to at least solve one of the above-mentioned technical defects, especially the technical defect of low security.

本发明提供一种移动终端信息保护方法,包括如下步骤:The present invention provides a mobile terminal information protection method, comprising the following steps:

监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;Monitor the call behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space is configured to provide running resources for the operation of predetermined applications. The security space is in the system normal mode inaccessible under

当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;When the screen capture interface is called, obtain the identity information of the caller who calls the screen capture interface;

依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。Judging whether the identity of the caller is legal according to the identity information of the caller, and rejecting the calling behavior to prohibit the caller from capturing the screen when the identity of the caller is illegal.

在其中一个实施例中,所述预定应用包括支付相关的应用、理财相关的应用和银行相关的应用中的至少其中一种。In one embodiment, the predetermined application includes at least one of a payment-related application, a wealth management-related application, and a bank-related application.

在其中一个实施例中,所述运行资源包括该应用程序本身、该应用配置数据和该应用用户数据其中至少一种,所述安全空间包括存储空间。In one of the embodiments, the running resources include at least one of the application program itself, the application configuration data and the application user data, and the secure space includes storage space.

在其中一个实施例中,所述运行资源包括运行保护策略,所述安全空间包括存储空间及其相应的运行保护策略配置环境。In one of the embodiments, the operation resource includes an operation protection policy, and the security space includes a storage space and a corresponding operation protection policy configuration environment.

在其中一个实施例中,所述屏幕捕捉接口用于截屏或录屏。In one of the embodiments, the screen capture interface is used for taking screenshots or recording screens.

在其中一个实施例中,所述系统为安卓系统,所述屏幕捕捉接口包括adb shellscreencap命令或screenshot()方法。In one of the embodiments, the system is an Android system, and the screen capture interface includes an adb shellscreencap command or a screenshot() method.

在其中一个实施例中,所述调用者身份信息根据登录系统的所述普通用户账号而确定;当所述普通用户账号为预定义的非法用户账户时,判定所述普通用户账号为非法身份,否则判定为合法身份。In one of the embodiments, the caller identity information is determined according to the common user account logged into the system; when the common user account is a predefined illegal user account, it is determined that the common user account is an illegal identity, Otherwise, it is determined to be legal.

在其中一个实施例中,所述系统为安卓系统,所述调用者身份信息包括所述普通用户账号的用户身份证明UID。In one embodiment, the system is an Android system, and the caller identity information includes the user identity certification UID of the common user account.

在其中一个实施例中,所述系统为安卓系统,依据所述调用者身份信息判断调用者身份是否合法的过程包括:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。In one of the embodiments, the system is an Android system, and the process of judging whether the caller's identity is legal based on the caller's identity information includes: judging whether the user identity certificate UID of the ordinary user account is illegal by using the setScreenCaptureDisabled() method Identity's user certifies the UID and refuses to capture the screen when identified.

在其中一个实施例中,所述调用者身份信息根据调用行为的实施者进程所属应用程序而确定。In one of the embodiments, the caller identity information is determined according to the application program to which the implementer process of the calling behavior belongs.

在其中一个实施例中,所述系统为安卓系统,所述调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID;当调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。In one of the embodiments, the system is an Android system, and the caller identity information includes the package name of the calling application or the user identification UID of the calling application; when the package name of the calling application is a predefined illegal package name or calling When the user identification UID of the application is a predefined illegal user identification UID, it is determined that the package name of the calling application or the user identification UID of the calling application is an illegal identity, otherwise it is determined as a legal identity.

在其中一个实施例中,所述获取调用屏幕捕捉接口的调用者身份信息的过程包括:In one of the embodiments, the process of obtaining the identity information of the caller who calls the screen capture interface includes:

获取调用应用的进程识别号PID,然后通过所述调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Obtain the process identification number PID of the calling application, and then obtain the package name of the calling application or the user identification UID of the calling application through the process identification number PID of the calling application.

在其中一个实施例中,通过getCallingPid()方法获取所述调用应用的进程识别号PID。In one of the embodiments, the process identification number PID of the calling application is acquired through a getCallingPid() method.

在其中一个实施例中,依据所述调用者身份信息判断调用者身份是否合法的过程包括:通过预建的白名单或黑名单来判断所述调用应用是否为合法身份或非法身份的应用。In one embodiment, the process of judging whether the caller's identity is legitimate according to the caller's identity information includes: judging whether the calling application is an application with a legal identity or an illegal identity through a pre-built white list or blacklist.

在其中一个实施例中,所述白名单中包含有系统应用。In one of the embodiments, the white list includes system applications.

在其中一个实施例中,所述系统为安卓系统,将用户身份证明UID为1000的应用识别为系统应用列入白名单。In one of the embodiments, the system is an Android system, and an application whose user identity certificate UID is 1000 is identified as a system application and put into a white list.

在其中一个实施例中,所述白名单或黑名单中的信息根据服务器的更新信息而更新。In one of the embodiments, the information in the white list or black list is updated according to the update information of the server.

在其中一个实施例中,若根据历史记录确定所述调用应用被拒绝捕捉屏幕的次数达到预设阈值,则发出警示信息。In one of the embodiments, if it is determined according to the historical record that the number of times the calling application has been rejected to capture the screen reaches a preset threshold, a warning message is issued.

本发明公开一种移动终端信息保护装置,包括:The invention discloses a mobile terminal information protection device, comprising:

监听模块,用于监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;The monitoring module is used to monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space for providing running resources for the operation of predetermined applications is configured. The space is not accessible in the normal mode of the system;

获取模块,用于当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口调用者身份信息;The acquisition module is used to obtain the identity information of the caller who calls the screen capture interface when the screen capture interface is called;

处理模块,依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。The processing module judges whether the caller's identity is legal according to the caller's identity information, and rejects the calling behavior to prohibit the caller from capturing the screen when the caller's identity is illegal.

在其中一个实施例中,所述预定应用包括支付相关的应用、理财相关的应用和银行相关的应用中的至少其中一种。In one embodiment, the predetermined application includes at least one of a payment-related application, a wealth management-related application, and a bank-related application.

在其中一个实施例中,所述运行资源包括该应用程序本身、该应用配置数据和该应用用户数据其中至少一种,所述安全空间包括存储空间。In one of the embodiments, the running resources include at least one of the application program itself, the application configuration data and the application user data, and the secure space includes storage space.

在其中一个实施例中,所述运行资源包括运行保护策略,所述安全空间包括存储空间及其相应的运行保护策略配置环境。In one of the embodiments, the operation resource includes an operation protection policy, and the security space includes a storage space and a corresponding operation protection policy configuration environment.

在其中一个实施例中,所述屏幕捕捉接口用于截屏或录屏。In one of the embodiments, the screen capture interface is used for taking screenshots or recording screens.

在其中一个实施例中,所述系统为安卓系统,所述屏幕捕捉接口包括adb shellscreencap命令或screenshot()方法。In one of the embodiments, the system is an Android system, and the screen capture interface includes an adb shellscreencap command or a screenshot() method.

在其中一个实施例中,所述调用者身份信息根据登录系统的所述普通用户账号而确定;当所述普通用户账号为预定义的非法用户账户时,判定所述普通用户账号为非法身份,否则判定为合法身份。In one of the embodiments, the caller identity information is determined according to the common user account logged into the system; when the common user account is a predefined illegal user account, it is determined that the common user account is an illegal identity, Otherwise, it is determined to be legal.

在其中一个实施例中,所述系统为安卓系统,所述调用者身份信息包括所述普通用户账号的用户身份证明UID。In one embodiment, the system is an Android system, and the caller identity information includes the user identity certification UID of the common user account.

在其中一个实施例中,所述系统为安卓系统,所述处理模块用于:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。In one of the embodiments, the system is an Android system, and the processing module is configured to: determine whether the user identity certification UID of the ordinary user account is an illegal user identity certification UID through the setScreenCaptureDisabled() method, and after determining Refuse to capture screen.

在其中一个实施例中,所述调用者身份信息根据调用行为的实施者进程所属应用程序而确定。In one of the embodiments, the caller identity information is determined according to the application program to which the implementer process of the calling behavior belongs.

在其中一个实施例中,所述系统为安卓系统,所述调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID;当调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。In one of the embodiments, the system is an Android system, and the caller identity information includes the package name of the calling application or the user identification UID of the calling application; when the package name of the calling application is a predefined illegal package name or calling When the user identification UID of the application is a predefined illegal user identification UID, it is determined that the package name of the calling application or the user identification UID of the calling application is an illegal identity, otherwise it is determined as a legal identity.

在其中一个实施例中,所述获取模块用于:In one of the embodiments, the acquisition module is used for:

获取调用应用的进程识别号PID,然后通过所述调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Obtain the process identification number PID of the calling application, and then obtain the package name of the calling application or the user identification UID of the calling application through the process identification number PID of the calling application.

在其中一个实施例中,通过getCallingPid()方法获取所述调用应用的进程识别号PID。In one of the embodiments, the process identification number PID of the calling application is acquired through a getCallingPid() method.

在其中一个实施例中,所述处理模块通过预建的白名单或黑名单来判断所述调用应用是否为合法身份或非法身份的应用。In one of the embodiments, the processing module judges whether the calling application is an application with a legal identity or an illegal identity through a pre-built white list or black list.

在其中一个实施例中,所述白名单中包含有系统应用。In one of the embodiments, the white list includes system applications.

在其中一个实施例中,所述系统为安卓系统,将用户身份证明UID为1000的应用识别为系统应用列入白名单。In one of the embodiments, the system is an Android system, and an application whose user identity certificate UID is 1000 is identified as a system application and put into a white list.

在其中一个实施例中,所述白名单或黑名单中的信息根据服务器的更新信息而更新。In one of the embodiments, the information in the white list or black list is updated according to the update information of the server.

在其中一个实施例中,所述保护装置还包括警示模块;所述警示模块用于:若根据历史记录确定所述调用应用被拒绝捕捉屏幕的次数达到预设阈值,则发出警示信息。In one of the embodiments, the protection device further includes a warning module; the warning module is configured to: send a warning message if it is determined according to the historical record that the number of times the calling application is rejected from capturing the screen reaches a preset threshold.

本发明还提供一种移动终端,其包括:The present invention also provides a mobile terminal, which includes:

触敏显示器;touch-sensitive display;

一个或多个处理器;one or more processors;

存储器;memory;

一个或多个应用程序,其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个程序配置用于执行任一实施例所述的移动终端信息保护方法。one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more program programs are configured to perform any A mobile terminal information protection method described in an embodiment.

上述的移动终端信息保护方法、装置和移动终端,监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;依据调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。当屏幕捕捉接口被调用时,通过判断调用者身份是否合法来确定是否允许调用者捕捉屏幕,能有效避免不法应用偷偷截屏等操作,从而减少信息泄露和资金被盗风险,可以有效提高系统安全性。The above-mentioned mobile terminal information protection method, device and mobile terminal monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. The safe space for running resources, which is inaccessible in the normal mode of the system; when the screen capture interface is called, obtain the caller's identity information that calls the screen capture interface; judge whether the caller's identity is legal based on the caller's identity information, when calling When the identity of the caller is illegal, the calling behavior is rejected to prohibit the caller from capturing the screen. When the screen capture interface is called, determine whether the caller is allowed to capture the screen by judging whether the caller’s identity is legal, which can effectively prevent illegal applications from secretly taking screenshots and other operations, thereby reducing the risk of information leakage and fund theft, and can effectively improve system security. .

例如,当屏幕捕捉接口被调用时,通过判断调用应用是否为合法身份或非法身份的应用(例如可以设置白名单或黑名单)来确定是否允许捕捉屏幕,可以有效避免不法应用偷偷截屏等操作;或者,可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的用户身份证明UID来确定是否允许捕捉屏幕(例如运行在用户身份证明UID=10的普通用户账号下的应用都禁止截屏),也能有效避免不法应用偷偷截屏等操作,从而减少信息泄露和资金被盗风险,可以有效提高系统安全性。For example, when the screen capture interface is called, determine whether to allow screen capture by judging whether the calling application is a legitimate or illegal application (for example, a whitelist or blacklist can be set), which can effectively prevent illegal applications from secretly taking screenshots and other operations; Alternatively, you can set all applications running in the system protection mode to prohibit screenshots, that is, when the screen capture interface is called, determine whether to allow it by judging the user identification UID of the ordinary user account corresponding to the login status of the calling application Capturing the screen (for example, applications running under a common user account whose user identity certificate UID=10 is prohibited from taking screenshots) can also effectively prevent illegal applications from sneaking screenshots and other operations, thereby reducing the risk of information leakage and fund theft, and can effectively improve system security. sex.

本发明附加的方面和优点将在下面的描述中部分给出,这些将从下面的描述中变得明显,或通过本发明的实践了解到。Additional aspects and advantages of the invention will be set forth in part in the description which follows, and will become apparent from the description, or may be learned by practice of the invention.

附图说明Description of drawings

本发明上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解,其中:The above and/or additional aspects and advantages of the present invention will become apparent and easy to understand from the following description of the embodiments in conjunction with the accompanying drawings, wherein:

图1为一个实施例的移动终端信息保护方法流程图;Fig. 1 is a flowchart of a method for protecting mobile terminal information according to an embodiment;

图2为一个实施例的移动终端信息保护装置模块示意图;FIG. 2 is a schematic diagram of a module of a mobile terminal information protection device according to an embodiment;

图3示出的是与本发明实施例提供的终端相关的手机的部分结构的框图。Fig. 3 shows a block diagram of a partial structure of a mobile phone related to a terminal provided by an embodiment of the present invention.

具体实施方式detailed description

下面详细描述本发明的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,仅用于解释本发明,而不能解释为对本发明的限制。Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

本技术领域技术人员可以理解,除非特意声明,这里使用的单数形式“一”、“一个”、“所述”和“该”也可包括复数形式。应该进一步理解的是,本发明的说明书中使用的措辞“包括”是指存在所述特征、整数、步骤、操作、元件和/或组件,但是并不排除存在或添加一个或多个其他特征、整数、步骤、操作、元件、组件和/或它们的组。应该理解,当我们称元件被“连接”或“耦接”到另一元件时,它可以直接连接或耦接到其他元件,或者也可以存在中间元件。此外,这里使用的“连接”或“耦接”可以包括无线连接或无线耦接。这里使用的措辞“和/或”包括一个或更多个相关联的列出项的全部或任一单元和全部组合。Those skilled in the art will understand that unless otherwise stated, the singular forms "a", "an", "said" and "the" used herein may also include plural forms. It should be further understood that the word "comprising" used in the description of the present invention refers to the presence of said features, integers, steps, operations, elements and/or components, but does not exclude the presence or addition of one or more other features, Integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Additionally, "connected" or "coupled" as used herein may include wireless connection or wireless coupling. The expression "and/or" used herein includes all or any elements and all combinations of one or more associated listed items.

本技术领域技术人员可以理解,除非另外定义,这里使用的所有术语(包括技术术语和科学术语),具有与本发明所属领域中的普通技术人员的一般理解相同的意义。还应该理解的是,诸如通用字典中定义的那些术语,应该被理解为具有与现有技术的上下文中的意义一致的意义,并且除非像这里一样被特定定义,否则不会用理想化或过于正式的含义来解释。Those skilled in the art can understand that, unless otherwise defined, all terms (including technical terms and scientific terms) used herein have the same meaning as commonly understood by those of ordinary skill in the art to which this invention belongs. It should also be understood that terms, such as those defined in commonly used dictionaries, should be understood to have meanings consistent with their meaning in the context of the prior art, and unless specifically defined as herein, are not intended to be idealized or overly Formal meaning to explain.

本技术领域技术人员可以理解,这里所使用的“终端”、“终端设备”既包括无线信号接收器的设备,其仅具备无发射能力的无线信号接收器的设备,又包括接收和发射硬件的设备,其具有能够在双向通信链路上,执行双向通信的接收和发射硬件的设备。这种设备可以包括:蜂窝或其他通信设备,其具有单线路显示器或多线路显示器或没有多线路显示器的蜂窝或其他通信设备;PCS(Personal Communications Service,个人通信系统),其可以组合语音、数据处理、传真和/或数据通信能力;PDA(Personal Digital Assistant,个人数字助理),其可以包括射频接收器、寻呼机、互联网/内联网访问、网络浏览器、记事本、日历和/或GPS(Global Positioning System,全球定位系统)接收器;常规膝上型和/或掌上型计算机或其他设备,其具有和/或包括射频接收器的常规膝上型和/或掌上型计算机或其他设备。这里所使用的“终端”、“终端设备”可以是便携式、可运输、安装在交通工具(航空、海运和/或陆地)中的,或者适合于和/或配置为在本地运行,和/或以分布形式,运行在地球和/或空间的任何其他位置运行。这里所使用的“终端”、“终端设备”还可以是通信终端、上网终端、音乐/视频播放终端,例如可以是PDA、MID(Mobile Internet Device,移动互联网设备)和/或具有音乐/视频播放功能的移动电话,也可以是智能电视、机顶盒等设备。Those skilled in the art can understand that the "terminal" and "terminal equipment" used here not only include wireless signal receiver equipment, which only has wireless signal receiver equipment without transmission capabilities, but also include receiving and transmitting hardware. A device having receiving and transmitting hardware capable of performing bi-directional communication over a bi-directional communication link. Such equipment may include: cellular or other communication equipment, which has a single-line display or a multi-line display or a cellular or other communication equipment without a multi-line display; PCS (Personal Communications Service, personal communication system), which can combine voice, data Processing, facsimile and/or data communication capabilities; PDA (Personal Digital Assistant, Personal Digital Assistant), which may include radio frequency receiver, pager, Internet/Intranet access, web browser, notepad, calendar and/or GPS (Global Positioning System (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal", "terminal device" may be portable, transportable, installed in a vehicle (air, sea, and/or land), or adapted and/or configured to operate locally, and/or In distributed form, the operation operates at any other location on Earth and/or in space. The "terminal" and "terminal equipment" used here can also be communication terminals, Internet terminals, music/video playback terminals, such as PDAs, MIDs (Mobile Internet Devices, mobile Internet devices) and/or with music/video playback terminals. Functional mobile phones, smart TVs, set-top boxes and other devices.

本技术领域技术人员可以理解,这里所使用的远端网络设备,其包括但不限于计算机、网络主机、单个网络服务器、多个网络服务器集或多个服务器构成的云。在此,云由基于云计算(Cloud Computing)的大量计算机或网络服务器构成,其中,云计算是分布式计算的一种,由一群松散耦合的计算机集组成的一个超级虚拟计算机。本发明的实施例中,远端网络设备、终端设备与WNS服务器之间可通过任何通信方式实现通信,包括但不限于,基于3GPP、LTE、WIMAX的移动通信、基于TCP/IP、UDP协议的计算机网络通信以及基于蓝牙、红外传输标准的近距无线传输方式。Those skilled in the art can understand that the remote network device used here includes, but is not limited to, a computer, a network host, a single network server, a set of multiple network servers, or a cloud formed by multiple servers. Here, the cloud is composed of a large number of computers or network servers based on cloud computing (Cloud Computing), wherein cloud computing is a kind of distributed computing, a super virtual computer composed of a group of loosely coupled computer sets. In the embodiment of the present invention, the communication between the remote network equipment, the terminal equipment and the WNS server can be realized through any communication method, including but not limited to, mobile communication based on 3GPP, LTE, WIMAX, based on TCP/IP, UDP protocol Computer network communication and short-distance wireless transmission methods based on Bluetooth and infrared transmission standards.

在以下的描述中,系统是移动终端的操作系统,例如安卓系统、iOS移动操作系统等等。在以下的描述中,以安卓系统作为示例性说明,移动终端可以是手机、平板电脑等智能终端。In the following description, the system is the operating system of the mobile terminal, such as Android system, iOS mobile operating system and so on. In the following description, the Android system is used as an example, and the mobile terminal may be a smart terminal such as a mobile phone or a tablet computer.

图1为一个实施例的移动终端信息保护方法流程图。Fig. 1 is a flowchart of a method for protecting information of a mobile terminal according to an embodiment.

本发明提供一种移动终端信息保护方法,包括如下步骤:The present invention provides a mobile terminal information protection method, comprising the following steps:

步骤S100:监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为。其中,该系统保护模式下配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问。Step S100: Monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. Wherein, the system protection mode is configured with a security space for providing running resources for running predetermined applications, and the security space is inaccessible in the normal system mode.

在系统保护模式下,预定应用将会在运行保护策略下进行严格的安全检测,一切有关资金的交易操作、支付操作都会受到严格监控,并且会严密保护用户的个人信息,防止例如聊天记录、短信验证码等等的用户信息泄露。其中,预定应用包括支付相关的应用(例如微信APP、支付宝APP)、理财相关的应用(例如陆金所APP)和银行相关的应用(例如工商银行APP)中的至少其中一种,以保护用户的资金安全和信息安全,当然预定应用还可以包括所有安装于系统保护模式下安全空间的应用。In the system protection mode, the scheduled application will carry out strict security checks under the operation protection strategy, all transaction operations and payment operations related to funds will be strictly monitored, and the user's personal information will be strictly protected, such as chat records, text messages, etc. Leakage of user information such as verification codes. Among them, the predetermined application includes at least one of payment-related applications (such as WeChat APP, Alipay APP), financial management-related applications (such as Lufax APP) and banking-related applications (such as ICBC APP), so as to protect users Fund security and information security, of course, the predetermined application can also include all applications installed in the safe space in the system protection mode.

这里所述的运行资源,既可以是理解为该应用程序本身,也可以理解为该应用配置数据(应用程序的配置数据),还可以理解为该应用用户数据(用户的个人数据),在这些情况下,所述的安全空间就可以理解为存储空间。当然,运行资源还可以理解为运行保护策略,所述的安全空间就可以理解为存储空间及其相应的运行保护策略配置环境,运行保护策略配置环境为:在运行该应用时启动杀毒、查杀木马等等安全保护措施的配置环境。The running resources mentioned here can be understood as the application itself, the application configuration data (application configuration data), or the application user data (user's personal data). In this case, the security space mentioned above can be understood as a storage space. Of course, the running resource can also be understood as the running protection policy, and the security space can be understood as the storage space and its corresponding running protection policy configuration environment. Configuration environment for security protection measures such as Trojan horses.

在传统的技术中,系统保护模式可以是以常规“沙箱”隔离技术实现。但是在本实施例中,是以多用户模式来实现的。安卓系统中支持多用户模式,与WINDOWS系统的多用户模式类似,不同用户登陆下的系统中的用户数据相互独立,相互间不受影响。因此,系统处于管理员账号(通常用户身份证明UID=0)登陆时为系统普通模式,系统处于普通用户账号(例如用户身份证明UID=10)登录时为系统保护模式,系统从系统普通模式进入系统保护模式即相当于系统从管理员模式切换到普通用户模式。由于多用户模式可以实现用户间一定的数据隔离,从而可以实现用户在保护模式下的系统安全(应用安装安全、交易安全、用户信息安全),实现安全隔离,在一定情况下比“沙箱”隔离技术更加安全。In traditional technology, the system protection mode can be implemented with conventional "sandbox" isolation technology. But in this embodiment, it is implemented in multi-user mode. The Android system supports multi-user mode, which is similar to the multi-user mode of the WINDOWS system. The user data in the system logged in by different users is independent of each other and will not be affected by each other. Therefore, when the system is in the system normal mode when the administrator account (usually user identity certificate UID=0) logs in, the system is in the system protection mode when the system is in the common user account (such as user identity certificate UID=10) and logs in, and the system enters from the system normal mode The system protection mode is equivalent to switching the system from the administrator mode to the normal user mode. Since the multi-user mode can achieve a certain data isolation between users, it can realize the system security (application installation security, transaction security, user information security) of the user in the protection mode, and realize security isolation, which is better than the "sandbox" under certain circumstances. Isolation technology is much safer.

因此,该系统从普通模式切换到保护模式的过程相当于该系统从管理员账号切换到普通用户账号。在安卓系统中,通过调用ActivityManager类中的switchUser()方法以从管理员账号切换到普通用户账号。在系统处于系统保护模式相对应的普通用户账号登录状态时,监听屏幕捕捉接口。Therefore, the process of switching the system from the normal mode to the protected mode is equivalent to switching the system from an administrator account to a common user account. In the Android system, switch from an administrator account to an ordinary user account by calling the switchUser() method in the ActivityManager class. When the system is in the normal user account login state corresponding to the system protection mode, monitor the screen capture interface.

屏幕捕捉接口用于截屏或录屏,例如可以是一个命令或者一个方法。在本实施例中,屏幕捕捉接口包括adb shell screencap命令或screenshot()方法,它们都可以用于截屏。在安卓系统中,adb shell screencap命令通常是在PC连接移动终端进行截屏时用到的命令,因此如果移动终端在连接PC时,通过监听adb shell screencap命令可以防止PC端对移动终端的系统保护模式下的应用进行非法截屏。而screenshot()方法则通常是在移动终端一端截屏时用到的方法,这个方法属于SurfaceControl类中。The screen capture interface is used to take screenshots or record screens, for example, it can be a command or a method. In this embodiment, the screen capture interface includes an adb shell screencap command or a screenshot() method, both of which can be used for screenshots. In the Android system, the adb shell screencap command is usually used when the PC is connected to the mobile terminal to take a screenshot. Therefore, if the mobile terminal is connected to the PC, the system protection mode of the PC terminal to the mobile terminal can be prevented by listening to the adb shell screencap command. Illegal screenshots of the apps below. The screenshot() method is usually used when capturing a screen at one end of the mobile terminal, and this method belongs to the SurfaceControl class.

而在安卓5.0以上系统,MediaProjection可以用来捕捉屏幕,具体来说可以截屏和录屏。MediaProjection由MediaProjectionManager来管理和获取。截屏需要用到ImageReader类,这个类的getSurface()方法获取到surface直接传入MediaProjection.createVirtualDisplay()方法中,此时就可以执行截取。通过ImageReader.acquireLatestImage()方法即可获取当前屏幕的Image,经过简单处理之后即可保存为Bitmap文件。录屏需要用到MediaCodec类,这个类将原始的屏幕数据编码,再通过MediaMuxer类封装为mp4格式文件保存。MediaCodec.createInputSurface()获取一个surface对象将其传入MediaProjection.createVirtualDisplay()即可获取屏幕原始多媒体数据,之后读取MediaCodec编码输出数据经过MediaMuxer封装处理为mp4即可播放,从而实现录屏。因此,屏幕捕捉接口还可以是上述ImageReader.acquireLatestImage()、MediaProjection.createVirtualDisplay()等等方法。In Android 5.0 and above systems, MediaProjection can be used to capture the screen, specifically, it can take screenshots and record screens. MediaProjection is managed and acquired by MediaProjectionManager. Screen capture requires the ImageReader class. The getSurface() method of this class obtains the surface and directly passes it to the MediaProjection.createVirtualDisplay() method. At this time, the interception can be performed. The Image of the current screen can be acquired through the ImageReader.acquireLatestImage() method, and can be saved as a Bitmap file after simple processing. Screen recording needs to use the MediaCodec class, which encodes the original screen data, and then encapsulates it into an mp4 format file through the MediaMuxer class and saves it. MediaCodec.createInputSurface() obtains a surface object and passes it to MediaProjection.createVirtualDisplay() to obtain the original multimedia data on the screen, and then reads the encoded output data of MediaCodec and then encapsulates it in MediaMuxer and converts it into mp4 for playback, thereby realizing screen recording. Therefore, the screen capture interface can also be the above-mentioned ImageReader.acquireLatestImage(), MediaProjection.createVirtualDisplay() and other methods.

在以下的描述中,捕捉屏幕以截屏为例。In the following description, screen capture is taken as an example.

步骤S200:当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息。Step S200: When the screen capture interface is called, obtain the identity information of the caller who calls the screen capture interface.

调用者身份信息可以是调用应用信息或普通用户账号的用户身份证明UID(USERIdentifier,用户ID),而调用应用信息可以包括调用应用的包名或调用应用的用户身份证明UID。即所述调用者身份信息根据登录系统的用户账户(即该普通用户账号)而确定,也可以根据调用行为的实施者进程(例如安卓系统中的进程识别号PID)所属应用程序而确定。在这里,对于禁止哪些应用获取屏幕,介绍两种方案。The caller identity information may be calling application information or a user identity certification UID (USERIdentifier, user ID) of a common user account, and the calling application information may include a package name of the calling application or a user identity certification UID of the calling application. That is, the caller identity information is determined according to the user account logged into the system (that is, the common user account), and may also be determined according to the application program to which the implementer process of the calling behavior (such as the process identification number PID in the Android system) belongs. Here, two solutions are introduced for which applications are prohibited from obtaining the screen.

第一种方案:通过判断该调用应用是否为合法身份或非法身份的应用(例如可以设置白名单或黑名单)来确定是否允许捕捉屏幕。即可以通过白名单机制来允许部分应用截屏,或者通过黑名单机制来禁止部分应用截屏,或者通过白名单和黑名单相结合的方式,因而需要获取调用应用信息来判断是禁止捕捉屏幕的应用还是允许捕捉屏幕的应用。The first solution: determine whether to allow screen capture by judging whether the calling application is an application with a legal identity or an illegal identity (for example, a whitelist or a blacklist can be set). That is, you can allow some applications to take screenshots through the whitelist mechanism, or prohibit some applications from taking screenshots through the blacklist mechanism, or use a combination of whitelist and blacklist. Therefore, it is necessary to obtain the information of the calling application to determine whether to prohibit the application that captures the screen or Apps that allow screen capture.

该调用应用信息可以包括调用应用的包名(Package Name)或调用应用的用户身份证明UID。在安卓系统,获取调用屏幕捕捉接口的调用应用信息的过程包括:获取调用应用的进程识别号PID(PROCESS Identifier,进程ID),然后通过调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Binder.getCallingPid()方法用于获取当前调用应用的进程识别号PID,因此可以通过Binder.getCallingPid()方法获取调用应用的进程识别号PID。Binder是Android中的一个类,它继承了IBinder接口,它是Android系统进程间通信(IPC)方式之一,而getCallingPid()方法是Binder类下获取当前调用应用的进程识别号PID的方法。The calling application information may include the calling application's package name (Package Name) or the calling application's user identification UID. In the Android system, the process of obtaining the information of the calling application that calls the screen capture interface includes: obtaining the process identification number PID (PROCESS Identifier, process ID) of the calling application, and then obtaining the package name or calling the calling application through the process identification number PID of the calling application. The application's user identification UID. The Binder.getCallingPid() method is used to obtain the process identification number PID of the currently calling application, so the process identification number PID of the calling application can be obtained through the Binder.getCallingPid() method. Binder is a class in Android, which inherits the IBinder interface, which is one of the Android system inter-process communication (IPC) methods, and the getCallingPid() method is a method for obtaining the process identification number PID of the currently calling application under the Binder class.

以下提供一段通过该调用应用的进程识别号PID获取调用应用的包名实现代码:The following provides a piece of implementation code for obtaining the package name of the calling application through the process identification number PID of the calling application:

第二种方案:可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的用户身份证明UID来确定是否允许捕捉屏幕(例如运行在用户身份证明UID=10的普通用户账号下的应用都禁止截屏)。因而需要获取当前系统保护模式相对应的普通用户账号的用户身份证明UID,从而将该普通用户账号下安装或运行的应用全部都禁止截屏操作。登录系统的用户账户的用户身份证明UID符合条件,则安装在该用户账号下的应用就是合法的调用者,否则就是非法的调用者。The second solution: you can set all applications running in the system protection mode to prohibit screenshots, that is, when the screen capture interface is called, the user identification UID of the ordinary user account corresponding to the login status of the calling application is determined. Determine whether to allow screen capture (for example, applications running under a common user account whose user identity certificate UID=10 are prohibited from capturing screens). Therefore, it is necessary to obtain the user identification UID of the common user account corresponding to the current system protection mode, so that all applications installed or running under the common user account are prohibited from taking screenshots. If the user identity certificate UID of the user account that logs in to the system meets the conditions, the application installed under the user account is a legal caller, otherwise it is an illegal caller.

获取调用屏幕捕捉接口的调用者身份信息后,执行步骤S300。After the identity information of the caller who calls the screen capture interface is acquired, step S300 is executed.

步骤S300:依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。拒绝该调用行为,可以理解为拒绝调用屏幕捕捉接口,或者拒绝执行调用的指令,或者显示提示用户的“错误”信息或“无权”信息,或者直接显示空白页面,此处不做限定。继续以截屏为例,在以下描述,通过白名单或黑名单的方式来实现上述判断调用者身份。Step S300: Judging whether the identity of the caller is legal according to the information of the identity of the caller. If the identity of the caller is illegal, reject the calling behavior so as to prohibit the caller from capturing the screen. Rejecting the calling behavior can be understood as refusing to call the screen capture interface, or refusing to execute the calling command, or displaying an "error" message or "no right" message prompting the user, or directly displaying a blank page, which is not limited here. Continuing to take screenshots as an example, in the following description, the above identification of caller identity is realized by means of whitelist or blacklist.

例如系统建立一个白名单,在白名单中预先添加了系统应用。由于在安卓系统中系统应用的用户身份证明UID都是1000,因此将用户身份证明UID为1000的应用识别为系统应用列入白名单。这样,在获取调用屏幕捕捉接口的调用应用的用户身份证明UID后即可判断调用应用是否系统应用。运行系统应用截屏是因为系统应用足够安全,本发明只是为了防止非法应用偷偷截屏行为,而不防止系统应用的截屏行为,例如用户通过物理按键(例如音量下键+电源键)、下拉托盘截屏按钮和手势截屏(例如三指截屏或者指关节截屏)等等通过用户手动操作实现的截屏,这些截屏方式最终都需要通过SystemUI实现截屏,而SystemUI属于系统应用,其用户身份证明UID为1000。当然,白名单中可以添加系统设计方认为安全的第三方应用,还可以由用户自行添加其认为安全的第三方应用,从而在这些用户添加的第三方应用进行截屏时放行。黑名单还可以连接服务器进行数据更新,即黑名单的信息可以根据服务器的更新信息而更新。这些列入白名单的应用就是具有合法身份的调用者。For example, the system establishes a white list, and system applications are pre-added in the white list. Since the user identity certificate UID of the system application in the Android system is 1000, the application with the user identity certificate UID of 1000 is identified as a system application and included in the whitelist. In this way, it can be determined whether the calling application is a system application after obtaining the user identification UID of the calling application that calls the screen capture interface. The screen capture of the running system application is because the system application is safe enough. The present invention is only to prevent the illegal application from secretly capturing the screen, but not to prevent the screen capture of the system application. And gesture screenshots (such as three-finger screenshots or knuckle screenshots) and other screenshots that are realized through manual operations by the user. These screenshot methods ultimately need to be captured through SystemUI, and SystemUI belongs to the system application, and its user identification UID is 1000. Of course, third-party applications considered safe by the system designer can be added to the white list, and third-party applications considered safe by the user can also be added by the user, so that the third-party applications added by these users will be allowed when taking screenshots. The blacklist can also be connected to the server for data update, that is, the information of the blacklist can be updated according to the update information of the server. These whitelisted apps are legitimate callers.

又例如系统建立一个黑名单,在黑名单中添加系统设计方认为不安全的第三方应用,还可以由用户自行添加其认为不安全的第三方应用,从而在这些第三方应用请求截屏时拒绝截屏,进一步的,系统还可以发出用于提示用户的提示信息。黑名单还可以连接服务器进行数据更新,即黑名单的信息也可以根据服务器的更新信息而更新。这些列入黑名单的应用就是非法身份的调用者。进一步的,如果某些第三方应用经常请求截屏,则可以向用户发出警示信息,例如建议用户从系统保护模式下的安全空间卸载该应用。因此,若根据历史记录确定调用应用被拒绝捕捉屏幕的次数达到预设阈值(例如10次),则发出警示信息。Another example is that the system establishes a blacklist, adding third-party applications that the system designer considers unsafe to the blacklist, and users can also add third-party applications that they consider unsafe, so that when these third-party applications request screenshots, they refuse to take screenshots , further, the system may also issue prompt information for prompting the user. The blacklist can also be connected to the server for data update, that is, the information of the blacklist can also be updated according to the update information of the server. These blacklisted applications are callers with illegal identities. Further, if some third-party applications often request screenshots, a warning message may be sent to the user, for example, the user is advised to uninstall the application from the safe space in the system protection mode. Therefore, if it is determined according to the historical records that the number of times the application is rejected to capture the screen reaches a preset threshold (for example, 10 times), a warning message is issued.

因此,依据所述调用者身份信息判断调用者身份是否合法的过程可以是:通过预建的白名单或黑名单来判断所述调用应用是否是合法身份或非法身份的应用。该调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID。当该调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。例如,预定义的非法包名或预定义的非法用户身份证明UID可以是上述的设计方认为不安全的第三方应用的包名或用户身份证明UID,预先列入黑名单中,且黑名单可以连接服务器进行数据更新。Therefore, the process of judging whether the caller's identity is legitimate according to the caller's identity information may be: judging whether the calling application is a legitimate or illegal application through a pre-built white list or blacklist. The caller identity information includes the package name of the calling application or the user identification UID of the calling application. When the package name of the calling application is a predefined illegal package name or the UID of the user identification certificate of the calling application is a predefined illegal user identification UID, it is determined that the package name of the calling application or the user identification UID of the calling application is illegal identity, otherwise it is determined to be a legal identity. For example, the predefined illegal package name or the predefined illegal user identification UID can be the package name or user identification UID of the above-mentioned third-party application that the designer considers unsafe, and it is pre-listed in the blacklist, and the blacklist can be Connect to the server for data update.

又例如,可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的用户身份证明UID来确定是否允许捕捉屏幕(例如运行在用户身份证明UID=10的普通用户账号下的应用都禁止截屏)。For another example, it can be set that all applications running in the system protection mode are prohibited from taking screenshots, that is, when the screen capture interface is invoked, it is determined by judging the user identification UID of the ordinary user account corresponding to the login status of the calling application. Screen capture is allowed (for example, applications running under a common user account whose user identity certificate UID=10 are prohibited from taking screen captures).

系统为安卓系统时,可以通过setScreenCaptureDisabled()方法判断普通用户账号的用户身份证明UID是否是被禁止捕捉屏幕的用户身份证明UID并在确定后拒绝捕捉屏幕。例如当前系统保护模式所对应的该普通用户账号的用户身份证明UID=10,则可以通过public void setScreenCaptureDisabled(int userId,boolean disabled)来实现系统保护模式下的全部应用禁止截屏。其中括号内的第一个参数userId为参数域的ID,第二个参数disabled是状态。可以在该方法中设置userId=10的应用都禁止截屏。When the system is an Android system, you can use the setScreenCaptureDisabled() method to determine whether the user identification UID of the ordinary user account is the user identification UID that is prohibited from capturing the screen and refuse to capture the screen after confirmation. For example, if the user identity certificate UID of the ordinary user account corresponding to the current system protection mode is 10, then public void setScreenCaptureDisabled(int userId, boolean disabled) can be used to prohibit all applications in the system protection mode from taking screenshots. The first parameter userId in the brackets is the ID of the parameter field, and the second parameter disabled is the status. All applications that can set userId=10 in this method are prohibited from taking screenshots.

因此,依据所述调用者身份信息判断调用者身份是否合法的过程还可以是:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。该调用者身份信息可以根据登录系统的该普通用户账号而确定,当该普通用户账号为预定义的非法用户账户时,判定该普通用户账号为非法身份,否则判定为合法身份。Therefore, the process of judging whether the caller's identity is legal based on the caller's identity information may also be: judge whether the user identity certificate UID of the ordinary user account is an illegal user identity certificate UID through the setScreenCaptureDisabled() method, and after determining Refuse to capture screen. The identity information of the caller may be determined according to the common user account logged into the system. When the common user account is a predefined illegal user account, the common user account is determined to be an illegal identity, otherwise it is determined to be a legal identity.

至此,通过对系统保护模式下的应用进行截屏监听和把关,可以避免某些非法应用偷偷截屏,提高了系统安全性。So far, by monitoring and checking the screenshots of the applications in the system protection mode, some illegal applications can be prevented from secretly taking screenshots, and the system security is improved.

图2为一个实施例的移动终端信息保护装置模块示意图。Fig. 2 is a schematic diagram of modules of a mobile terminal information protection device according to an embodiment.

与上述的移动终端信息保护方法相对应,本发明还提供一种移动终端信息保护装置,其包括:监听模块100、获取模块200和处理模块300。Corresponding to the above mobile terminal information protection method, the present invention also provides a mobile terminal information protection device, which includes: a monitoring module 100 , an acquisition module 200 and a processing module 300 .

监听模块100用于监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为。其中,该系统保护模式下配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;获取模块200用于当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;处理模块300用于依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。The monitoring module 100 is configured to monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. Wherein, the system protection mode is configured with a security space for providing running resources for the running of predetermined applications, and the security space is inaccessible in the normal mode of the system; the acquisition module 200 is used to acquire and call the screen capture interface when the screen capture interface is called. The identity information of the caller of the interface; the processing module 300 is used to judge whether the identity of the caller is legal according to the identity information of the caller, and when the identity of the caller is illegal, reject the calling behavior so as to prohibit the caller from capturing the screen.

在系统处于系统保护模式相对应的普通用户账号登录状态时,监听模块100监听屏幕捕捉接口。其中,该系统保护模式配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问。When the system is in the login status of a common user account corresponding to the system protection mode, the monitoring module 100 monitors the screen capture interface. Wherein, the system protection mode is configured with a security space for providing running resources for running predetermined applications, and the security space is inaccessible in the normal system mode.

在系统保护模式下,预定应用将会在运行保护策略下进行严格的安全检测,一切有关资金的交易操作、支付操作都会受到严格监控,并且会严密保护用户的个人信息,防止例如聊天记录、短信验证码等等的用户信息泄露。其中,预定应用包括支付相关的应用(例如微信APP、支付宝APP)、理财相关的应用(例如陆金所APP)和银行相关的应用(例如工商银行APP)中的至少其中一种,以保护用户的资金安全和信息安全,当然预定应用还可以包括所有安装于系统保护模式下安全空间的应用。In the system protection mode, the scheduled application will carry out strict security checks under the operation protection strategy, all transaction operations and payment operations related to funds will be strictly monitored, and the user's personal information will be strictly protected, such as chat records, text messages, etc. Leakage of user information such as verification codes. Among them, the predetermined application includes at least one of payment-related applications (such as WeChat APP, Alipay APP), financial management-related applications (such as Lufax APP) and banking-related applications (such as ICBC APP), so as to protect users Fund security and information security, of course, the predetermined application can also include all applications installed in the safe space in the system protection mode.

这里所述的运行资源,既可以是理解为该应用程序本身,也可以理解为该应用配置数据(应用程序的配置数据),还可以理解为该应用用户数据(用户的个人数据),在这些情况下,所述的安全空间就可以理解为存储空间。当然,运行资源还可以理解为运行保护策略,所述的安全空间就可以理解为存储空间及其相应的运行保护策略配置环境,运行保护策略配置环境为:在运行该应用时启动杀毒、查杀木马等等安全保护措施的配置环境。The running resources mentioned here can be understood as the application itself, the application configuration data (application configuration data), or the application user data (user's personal data). In this case, the security space mentioned above can be understood as a storage space. Of course, the running resource can also be understood as the running protection policy, and the security space can be understood as the storage space and its corresponding running protection policy configuration environment. Configuration environment for security protection measures such as Trojan horses.

在传统的技术中,系统保护模式可以是以常规“沙箱”隔离技术实现。但是在本实施例中,是以多用户模式来实现的。安卓系统中支持多用户模式,与WINDOWS系统的多用户模式类似,不同用户登陆下的系统中的用户数据相互独立,相互间不受影响。因此,系统处于管理员账号(通常用户身份证明UID=0)登陆时为系统普通模式,系统处于普通用户账号(例如用户身份证明UID=10)登录时为系统保护模式,系统从系统普通模式进入系统保护模式即相当于系统从管理员模式切换到普通用户模式。由于多用户模式可以实现用户间一定的数据隔离,从而可以实现用户在保护模式下的系统安全(应用安装安全、交易安全、用户信息安全),实现安全隔离,在一定情况下比“沙箱”隔离技术更加安全。In traditional technology, the system protection mode can be implemented with conventional "sandbox" isolation technology. But in this embodiment, it is implemented in multi-user mode. The Android system supports multi-user mode, which is similar to the multi-user mode of the WINDOWS system. The user data in the system logged in by different users is independent of each other and will not be affected by each other. Therefore, when the system is in the system normal mode when the administrator account (usually user identity certificate UID=0) logs in, the system is in the system protection mode when the system is in the common user account (such as user identity certificate UID=10) and logs in, and the system enters from the system normal mode The system protection mode is equivalent to switching the system from the administrator mode to the normal user mode. Since the multi-user mode can achieve a certain data isolation between users, it can realize the system security (application installation security, transaction security, user information security) of the user in the protection mode, and realize security isolation, which is better than the "sandbox" under certain circumstances. Isolation technology is much safer.

因此,该系统从普通模式切换到保护模式的过程相当于该系统从管理员账号切换到普通用户账号。在安卓系统中,通过调用ActivityManager类中的switchUser()方法以从管理员账号切换到普通用户账号。在系统处于系统保护模式相对应的普通用户账号登录状态时,监听模块100则监听屏幕捕捉接口。Therefore, the process of switching the system from the normal mode to the protected mode is equivalent to switching the system from an administrator account to a common user account. In the Android system, switch from an administrator account to an ordinary user account by calling the switchUser() method in the ActivityManager class. When the system is in the normal user account login state corresponding to the system protection mode, the monitoring module 100 monitors the screen capture interface.

屏幕捕捉接口用于截屏或录屏,例如可以是一个命令或者一个方法。在本实施例中,屏幕捕捉接口包括adb shell screencap命令或screenshot()方法,它们都可以用于截屏。在安卓系统中,adb shell screencap命令通常是在PC连接移动终端进行截屏时用到的命令,因此如果移动终端在连接PC时,通过监听adb shell screencap命令可以防止PC端对移动终端的系统保护模式下的应用进行非法截屏。而screenshot()方法则通常是在移动终端一端截屏时用到的方法,这个方法属于SurfaceControl类中。The screen capture interface is used to take screenshots or record screens, for example, it can be a command or a method. In this embodiment, the screen capture interface includes an adb shell screencap command or a screenshot() method, both of which can be used for screenshots. In the Android system, the adb shell screencap command is usually used when the PC is connected to the mobile terminal to take a screenshot. Therefore, if the mobile terminal is connected to the PC, the system protection mode of the PC terminal to the mobile terminal can be prevented by listening to the adb shell screencap command. Illegal screenshots of the apps below. The screenshot() method is usually used when capturing a screen at one end of the mobile terminal, and this method belongs to the SurfaceControl class.

而在安卓5.0以上系统,MediaProjection可以用来捕捉屏幕,具体来说可以截屏和录屏。MediaProjection由MediaProjectionManager来管理和获取。截屏需要用到ImageReader类,这个类的getSurface()方法获取到surface直接传入MediaProjection.createVirtualDisplay()方法中,此时就可以执行截取。通过ImageReader.acquireLatestImage()方法即可获取当前屏幕的Image,经过简单处理之后即可保存为Bitmap文件。录屏需要用到MediaCodec类,这个类将原始的屏幕数据编码,再通过MediaMuxer类封装为mp4格式文件保存。MediaCodec.createInputSurface()获取一个surface对象将其传入MediaProjection.createVirtualDisplay()即可获取屏幕原始多媒体数据,之后读取MediaCodec编码输出数据经过MediaMuxer封装处理为mp4即可播放,从而实现录屏。因此,屏幕捕捉接口还可以是上述ImageReader.acquireLatestImage()、MediaProjection.createVirtualDisplay()等等方法。In Android 5.0 and above systems, MediaProjection can be used to capture the screen, specifically, it can take screenshots and record screens. MediaProjection is managed and acquired by MediaProjectionManager. Screen capture requires the ImageReader class. The getSurface() method of this class obtains the surface and directly passes it to the MediaProjection.createVirtualDisplay() method. At this time, the interception can be performed. The Image of the current screen can be acquired through the ImageReader.acquireLatestImage() method, and can be saved as a Bitmap file after simple processing. Screen recording needs to use the MediaCodec class, which encodes the original screen data, and then encapsulates it into an mp4 format file through the MediaMuxer class and saves it. MediaCodec.createInputSurface() obtains a surface object and passes it to MediaProjection.createVirtualDisplay() to obtain the original multimedia data on the screen, and then reads the encoded output data of MediaCodec and then encapsulates it in MediaMuxer and converts it into mp4 for playback, thereby realizing screen recording. Therefore, the screen capture interface can also be the above-mentioned ImageReader.acquireLatestImage(), MediaProjection.createVirtualDisplay() and other methods.

在以下的描述中,捕捉屏幕以截屏为例。In the following description, screen capture is taken as an example.

当屏幕捕捉接口被调用时,获取模块200获取调用屏幕捕捉接口的调用者身份信息。When the screen capture interface is called, the obtaining module 200 obtains the identity information of the caller who calls the screen capture interface.

调用者身份信息可以是调用应用信息或普通用户账号的用户身份证明UID(USERIdentifier,用户ID),而调用应用信息可以包括调用应用的包名或调用应用的用户身份证明UID。即所述调用者身份信息根据登录系统的用户账户(即该普通用户账号)而确定,也可以根据调用行为的实施者进程(例如安卓系统中的进程识别号PID)所属应用程序而确定。在这里,对于禁止哪些应用获取屏幕,介绍两种方案。The caller identity information may be calling application information or a user identity certification UID (USERIdentifier, user ID) of a common user account, and the calling application information may include a package name of the calling application or a user identity certification UID of the calling application. That is, the caller identity information is determined according to the user account logged into the system (that is, the common user account), and may also be determined according to the application program to which the implementer process of the calling behavior (such as the process identification number PID in the Android system) belongs. Here, two solutions are introduced for which applications are prohibited from obtaining the screen.

第一种方案:处理模块300通过判断该调用应用是否为合法身份或非法身份的应用(例如可以设置白名单或黑名单)来确定是否允许捕捉屏幕。即处理模块300可以通过白名单机制来允许部分应用截屏,或者通过黑名单机制来禁止部分应用截屏,或者通过白名单和黑名单相结合的方式,因而需要获取调用应用信息来判断是禁止捕捉屏幕的应用还是允许捕捉屏幕的应用。The first solution: the processing module 300 determines whether to allow screen capture by judging whether the calling application is an application with a legal identity or an illegal identity (for example, a whitelist or a blacklist can be set). That is, the processing module 300 can allow some applications to take screenshots through a whitelist mechanism, or prohibit some applications from taking screenshots through a blacklist mechanism, or use a combination of whitelist and blacklist, so it is necessary to obtain calling application information to determine whether to prohibit screenshots is still an app that allows screen capture.

该调用应用信息可以包括调用应用的包名(Package Name)或调用应用的用户身份证明UID。在安卓系统,获取模块200获取调用屏幕捕捉接口的调用应用信息的过程包括:获取调用应用的进程识别号PID(PROCESS Identifier,进程ID),然后通过调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Binder.getCallingPid()方法用于获取当前调用应用的进程识别号PID,因此获取模块200可以通过Binder.getCalling进程识别号PID()方法获取调用应用的进程识别号PID。Binder是Android中的一个类,它继承了IBinder接口,它是Android系统进程间通信(IPC)方式之一,而getCallingPid()方法是Binder类下获取当前调用应用的进程识别号PID的方法。The calling application information may include the calling application's package name (Package Name) or the calling application's user identification UID. In the Android system, the process of obtaining module 200's information of the calling application that calls the screen capture interface includes: obtaining the process identification number PID (PROCESS Identifier, process ID) of the calling application, and then obtaining the package of the calling application through the process identification number PID of the calling application. name or the UID of the user who invoked the application. The Binder.getCallingPid() method is used to obtain the process identification number PID of the currently calling application, so the obtaining module 200 can obtain the process identification number PID of the calling application through the Binder.getCalling process identification number PID() method. Binder is a class in Android, which inherits the IBinder interface, which is one of the Android system inter-process communication (IPC) methods, and the getCallingPid() method is a method for obtaining the process identification number PID of the currently calling application under the Binder class.

以下提供一段通过该调用应用的进程识别号PID获取调用应用的包名实现代码:The following provides a piece of implementation code for obtaining the package name of the calling application through the process identification number PID of the calling application:

第二种方案:处理模块300可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的用户身份证明UID来确定是否允许捕捉屏幕(例如运行在用户身份证明UID=10的普通用户账号下的应用都禁止截屏)。因而获取模块200需要获取当前系统保护模式相对应的普通用户账号的用户身份证明UID,从而处理模块300可以将该普通用户账号下安装或运行的应用全部都禁止截屏操作。登录系统的用户账户的用户身份证明UID符合条件,则安装在该用户账号下的应用就是合法的调用者,否则就是非法的调用者。The second solution: the processing module 300 can set all applications running in the system protection mode to prohibit screenshots, that is, when the screen capture interface is called, the user identity of the ordinary user account corresponding to the login status of the calling application is judged. Prove the UID to determine whether to allow screen capture (for example, applications running under a common user account with user identity certificate UID=10 are prohibited from taking screen capture). Therefore, the acquiring module 200 needs to acquire the user identity certificate UID of the common user account corresponding to the current system protection mode, so that the processing module 300 can prohibit all applications installed or running under the common user account from taking screenshots. If the user identity certificate UID of the user account that logs in to the system meets the conditions, the application installed under the user account is a legal caller, otherwise it is an illegal caller.

获取模块200获取调用应用信息或普通用户账号的用户身份证明UID后,处理模块300依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。拒绝该调用行为,可以理解为拒绝调用屏幕捕捉接口,或者拒绝执行调用的指令,或者显示提示用户的“错误”信息或“无权”信息,或者直接显示空白页面,此处不做限定。继续以截屏为例,在以下描述,通过白名单或黑名单的方式来实现上述判断调用者身份。After the obtaining module 200 obtains the calling application information or the user identity certificate UID of the common user account, the processing module 300 judges whether the identity of the caller is legal according to the identity information of the caller. The caller captures the screen. Rejecting the calling behavior can be understood as refusing to call the screen capture interface, or refusing to execute the calling command, or displaying an "error" message or "no right" message prompting the user, or directly displaying a blank page, which is not limited here. Continuing to take screenshots as an example, in the following description, the above identification of caller identity is realized by means of whitelist or blacklist.

例如系统建立一个白名单,在白名单中预先添加了系统应用。由于在安卓系统中系统应用的用户身份证明UID都是1000,因此将用户身份证明UID为1000的应用识别为系统应用列入白名单。这样,获取模块200在获取调用屏幕捕捉接口的调用应用的用户身份证明UID后,处理模块300即可判断调用应用是否系统应用。运行系统应用截屏是因为系统应用足够安全,本发明只是为了防止非法应用偷偷截屏行为,而不防止系统应用的截屏行为,例如用户通过物理按键(例如音量下键+电源键)、下拉托盘截屏按钮和手势截屏(例如三指截屏或者指关节截屏)等等通过用户手动操作实现的截屏,这些截屏方式最终都需要通过SystemUI实现截屏,而SystemUI属于系统应用,其用户身份证明UID为1000。当然,白名单中可以添加系统设计方认为安全的第三方应用,还可以由用户自行添加其认为安全的第三方应用,从而在这些用户添加的第三方应用进行截屏时放行。黑名单还可以连接服务器进行数据更新,即黑名单的信息可以根据服务器的更新信息而更新。这些列入白名单的应用就是具有合法身份的调用者。For example, the system establishes a white list, and system applications are pre-added in the white list. Since the user identity certificate UID of the system application in the Android system is 1000, the application with the user identity certificate UID of 1000 is identified as a system application and included in the whitelist. In this way, after the obtaining module 200 obtains the UID of the user identity certificate of the calling application that calls the screen capture interface, the processing module 300 can determine whether the calling application is a system application. The screen capture of the running system application is because the system application is safe enough. The present invention is only to prevent the illegal application from secretly capturing the screen, but not to prevent the screen capture of the system application. And gesture screenshots (such as three-finger screenshots or knuckle screenshots) and other screenshots that are realized through manual operations by the user. These screenshot methods ultimately need to be captured through SystemUI, and SystemUI belongs to the system application, and its user identification UID is 1000. Of course, third-party applications considered safe by the system designer can be added to the white list, and third-party applications considered safe by the user can also be added by the user, so that the third-party applications added by these users will be allowed when taking screenshots. The blacklist can also be connected to the server for data update, that is, the information of the blacklist can be updated according to the update information of the server. These whitelisted apps are legitimate callers.

又例如系统建立一个黑名单,在黑名单中添加系统设计方认为不安全的第三方应用,还可以由用户自行添加其认为不安全的第三方应用,从而处理模块300在这些第三方应用请求截屏时拒绝截屏,进一步的,系统还可以发出用于提示用户的提示信息。黑名单还可以连接服务器进行数据更新,即黑名单的信息也可以根据服务器的更新信息而更新。这些列入黑名单的应用就是非法身份的调用者。进一步的,移动终端信息保护装置还可以包括警示模块(图未示出)。如果某些第三方应用经常请求截屏,则警示模块可以向用户发出警示信息,例如建议用户从系统保护模式下的安全空间卸载该应用。因此,若根据历史记录确定调用应用被拒绝捕捉屏幕的次数达到预设阈值(例如10次),警示模块则发出警示信息。Another example is that the system establishes a blacklist, and adds third-party applications that the system designer thinks are unsafe to the blacklist, and users can also add third-party applications that they think are unsafe, so that the processing module 300 requests screenshots in these third-party applications. When rejecting the screenshot, further, the system can also issue a prompt message for prompting the user. The blacklist can also be connected to the server for data update, that is, the information of the blacklist can also be updated according to the update information of the server. These blacklisted applications are callers with illegal identities. Further, the mobile terminal information protection device may also include a warning module (not shown in the figure). If some third-party applications frequently request screenshots, the warning module may send a warning message to the user, for example, suggesting that the user uninstall the application from the safe space in the system protection mode. Therefore, if it is determined according to the historical records that the number of times the application is rejected to capture the screen reaches a preset threshold (for example, 10 times), the warning module sends a warning message.

因此,依据所述调用者身份信息判断调用者身份是否合法的过程可以是:通过预建的白名单或黑名单来判断所述调用应用是否是合法身份或非法身份的应用。该调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID。当该调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。例如,预定义的非法包名或预定义的非法用户身份证明UID可以是上述的设计方认为不安全的第三方应用的包名或用户身份证明UID,预先列入黑名单中,且黑名单可以连接服务器进行数据更新。Therefore, the process of judging whether the caller's identity is legitimate according to the caller's identity information may be: judging whether the calling application is a legitimate or illegal application through a pre-built white list or blacklist. The caller identity information includes the package name of the calling application or the user identification UID of the calling application. When the package name of the calling application is a predefined illegal package name or the UID of the user identification certificate of the calling application is a predefined illegal user identification UID, it is determined that the package name of the calling application or the user identification UID of the calling application is illegal identity, otherwise it is determined to be a legal identity. For example, the predefined illegal package name or the predefined illegal user identification UID can be the package name or user identification UID of the above-mentioned third-party application that the designer considers unsafe, and it is pre-listed in the blacklist, and the blacklist can be Connect to the server for data update.

又例如,处理模块300可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的用户身份证明UID来确定是否允许捕捉屏幕(例如运行在用户身份证明UID=10的普通用户账号下的应用都禁止截屏)。For another example, the processing module 300 can set all applications running in the system protection mode to prohibit screenshots, that is, when the screen capture interface is invoked, the user identification UID of the ordinary user account corresponding to the login status of the invoking application is judged. To determine whether to allow screen capture (for example, applications running under a common user account whose user identity certificate UID=10 are prohibited from capturing screens).

系统为安卓系统时,处理模块300可以通过setScreenCaptureDisabled()方法判断普通用户账号的用户身份证明UID是否是被禁止捕捉屏幕的用户身份证明UID并在确定后拒绝捕捉屏幕。例如当前系统保护模式所对应的该普通用户账号的用户身份证明UID=10,则可以通过public void setScreenCaptureDisabled(int userId,booleandisabled)来实现系统保护模式下的全部应用禁止截屏。其中括号内的第一个参数userId为参数域的ID,第二个参数disabled是状态。可以在该方法中设置userId=10的应用都禁止截屏。When the system is an Android system, the processing module 300 can judge whether the user identity certificate UID of the common user account is the user identity certificate UID prohibited from capturing the screen through the setScreenCaptureDisabled() method and refuse to capture the screen after determination. For example, if the user identity certificate UID of the ordinary user account corresponding to the current system protection mode is 10, then public void setScreenCaptureDisabled(int userId, booleandisabled) can be used to realize that all applications in the system protection mode are prohibited from taking screenshots. The first parameter userId in the brackets is the ID of the parameter field, and the second parameter disabled is the status. All applications that can set userId=10 in this method are prohibited from taking screenshots.

因此,依据所述调用者身份信息判断调用者身份是否合法的过程还可以是:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。该调用者身份信息可以根据登录系统的该普通用户账号而确定,当该普通用户账号为预定义的非法用户账户时,判定该普通用户账号为非法身份,否则判定为合法身份。Therefore, the process of judging whether the caller's identity is legal based on the caller's identity information may also be: judge whether the user identity certificate UID of the ordinary user account is an illegal user identity certificate UID through the setScreenCaptureDisabled() method, and after determining Refuse to capture screen. The identity information of the caller may be determined according to the common user account logged into the system. When the common user account is a predefined illegal user account, the common user account is determined to be an illegal identity, otherwise it is determined to be a legal identity.

本发明实施例还提供了移动终端,如图3所示,为了便于说明,仅示出了与本发明实施例相关的部分,具体技术细节未揭示的,请参照本发明实施例方法部分。该终端可以为包括手机、平板电脑、PDA(Personal DigitalAssistant,个人数字助理)、POS(Point ofSales,销售终端)、车载电脑等任意终端设备,以终端为手机为例:The embodiment of the present invention also provides a mobile terminal. As shown in FIG. 3 , for convenience of description, only the parts related to the embodiment of the present invention are shown. For specific technical details not disclosed, please refer to the method part of the embodiment of the present invention. The terminal can be any terminal device including mobile phone, tablet computer, PDA (Personal Digital Assistant, personal digital assistant), POS (Point of Sales, sales terminal), vehicle-mounted computer, etc. Taking the terminal as a mobile phone as an example:

图3示出的是与本发明实施例提供的终端相关的手机的部分结构的框图。参考图3,手机包括:射频(Radio Frequency,RF)电路1510、存储器1520、输入单元1530、显示单元1540、传感器1550、音频电路1560、无线保真(wireless fidelity,Wi-Fi)模块1570、处理器1580、以及电源1590等部件。本领域技术人员可以理解,图3中示出的手机结构并不构成对手机的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。Fig. 3 shows a block diagram of a partial structure of a mobile phone related to a terminal provided by an embodiment of the present invention. Referring to FIG. 3 , the mobile phone includes: a radio frequency (Radio Frequency, RF) circuit 1510, a memory 1520, an input unit 1530, a display unit 1540, a sensor 1550, an audio circuit 1560, a wireless fidelity (wireless fidelity, Wi-Fi) module 1570, a processing Device 1580, and power supply 1590 and other components. Those skilled in the art can understand that the structure of the mobile phone shown in FIG. 3 does not constitute a limitation to the mobile phone, and may include more or less components than shown in the figure, or combine some components, or arrange different components.

下面结合图3对手机的各个构成部件进行具体的介绍:The following is a specific introduction to each component of the mobile phone in conjunction with Figure 3:

RF电路1510可用于收发信息或通话过程中,信号的接收和发送,特别地,将基站的下行信息接收后,给处理器1580处理;另外,将设计上行的数据发送给基站。通常,RF电路1510包括但不限于天线、至少一个放大器、收发信机、耦合器、低噪声放大器(Low NoiseAmplifier,LNA)、双工器等。此外,RF电路1510还可以通过无线通信与网络和其他设备通信。上述无线通信可以使用任一通信标准或协议,包括但不限于全球移动通讯系统(GlobalSystem of Mobile communication,GSM)、通用分组无线服务(General Packet RadioService,GPRS)、码分多址(Code Division Multiple Access,CDMA)、宽带码分多址(Wideband Code Division Multiple Access,WCDMA)、长期演进(Long Term Evolution,LTE)、电子邮件、短消息服务(Short Messaging Service,SMS)等。The RF circuit 1510 can be used for sending and receiving information or receiving and sending signals during a call. In particular, after receiving the downlink information from the base station, it is processed by the processor 1580; in addition, the designed uplink data is sent to the base station. Generally, the RF circuit 1510 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier (Low Noise Amplifier, LNA), a duplexer, and the like. In addition, RF circuitry 1510 may also communicate with networks and other devices via wireless communications. The above-mentioned wireless communication can use any communication standard or protocol, including but not limited to Global System of Mobile Communication (Global System of Mobile communication, GSM), General Packet Radio Service (General Packet Radio Service, GPRS), Code Division Multiple Access (Code Division Multiple Access) , CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (Long Term Evolution, LTE), email, Short Messaging Service (Short Messaging Service, SMS), etc.

存储器1520可用于存储软件程序以及模块,处理器1580通过运行存储在存储器1520的软件程序以及模块,从而执行手机的各种功能应用以及数据处理。存储器1520可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据手机的使用所创建的数据(比如音频数据、电话本等)等。此外,存储器1520可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The memory 1520 can be used to store software programs and modules, and the processor 1580 executes various functional applications and data processing of the mobile phone by running the software programs and modules stored in the memory 1520 . Memory 1520 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, at least one application program required by a function (such as a sound playback function, an image playback function, etc.) and the like; Data created by the use of mobile phones (such as audio data, phonebook, etc.), etc. In addition, the memory 1520 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage devices.

输入单元1530可用于接收输入的数字或字符信息,以及产生与手机的用户设置以及功能控制有关的键信号输入。具体地,输入单元1530可包括触控面板1531以及其他输入设备1532。触控面板1531,也称为触摸屏,可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触控面板1531上或在触控面板1531附近的操作),并根据预先设定的程式驱动相应的连接装置。可选的,触控面板1531可包括触摸检测装置和触摸控制器两个部分。其中,触摸检测装置检测用户的触摸方位,并检测触摸操作带来的信号,将信号传送给触摸控制器;触摸控制器从触摸检测装置上接收触摸信息,并将它转换成触点坐标,再送给处理器1580,并能接收处理器1580发来的命令并加以执行。此外,可以采用电阻式、电容式、红外线以及表面声波等多种类型实现触控面板1531。除了触控面板1531,输入单元1530还可以包括其他输入设备1532。具体地,其他输入设备1532可以包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。The input unit 1530 can be used to receive input numbers or character information, and generate key signal input related to user settings and function control of the mobile phone. Specifically, the input unit 1530 may include a touch panel 1531 and other input devices 1532 . The touch panel 1531, also referred to as a touch screen, can collect touch operations of the user on or near it (for example, the user uses any suitable object or accessory such as a finger or a stylus on the touch panel 1531 or near the touch panel 1531). operation), and drive the corresponding connection device according to the preset program. Optionally, the touch panel 1531 may include two parts, a touch detection device and a touch controller. Among them, the touch detection device detects the user's touch orientation, and detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and sends it to the to the processor 1580, and can receive and execute commands sent by the processor 1580. In addition, the touch panel 1531 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic wave. In addition to the touch panel 1531 , the input unit 1530 may also include other input devices 1532 . Specifically, other input devices 1532 may include but not limited to one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), trackball, mouse, joystick, and the like.

显示单元1540可用于显示由用户输入的信息或提供给用户的信息以及手机的各种菜单。显示单元1540可包括显示面板1541,可选的,可以采用液晶显示器(LiquidCrystal Display,LCD)、有机发光二极管(Organic Light-Emitting Diode,OLED)等形式来配置显示面板1541。进一步的,触控面板1531可覆盖显示面板1541,当触控面板1531检测到在其上或附近的触摸操作后,传送给处理器1580以确定触摸事件的类型,随后处理器1580根据触摸事件的类型在显示面板1541上提供相应的视觉输出。虽然在图3中,触控面板1531与显示面板1541是作为两个独立的部件来实现手机的输入和输入功能,但是在某些实施例中,可以将触控面板1531与显示面板1541集成而实现手机的输入和输出功能。The display unit 1540 may be used to display information input by or provided to the user and various menus of the mobile phone. The display unit 1540 may include a display panel 1541. Optionally, the display panel 1541 may be configured in the form of a liquid crystal display (Liquid Crystal Display, LCD), an organic light-emitting diode (Organic Light-Emitting Diode, OLED), or the like. Furthermore, the touch panel 1531 may cover the display panel 1541, and when the touch panel 1531 detects a touch operation on or near it, it transmits to the processor 1580 to determine the type of the touch event, and then the processor 1580 determines the type of the touch event according to the The type provides a corresponding visual output on the display panel 1541 . Although in FIG. 3 , the touch panel 1531 and the display panel 1541 are used as two independent components to realize the input and input functions of the mobile phone, in some embodiments, the touch panel 1531 and the display panel 1541 can be integrated to form a mobile phone. Realize the input and output functions of the mobile phone.

手机还可包括至少一种传感器1550,比如光传感器、运动传感器以及其他传感器。具体地,光传感器可包括环境光传感器及接近传感器,其中,环境光传感器可根据环境光线的明暗来调节显示面板1541的亮度,接近传感器可在手机移动到耳边时,关闭显示面板1541和/或背光。作为运动传感器的一种,加速计传感器可检测各个方向上(一般为三轴)加速度的大小,静止时可检测出重力的大小及方向,可用于识别手机姿态的应用(比如横竖屏切换、相关游戏、磁力计姿态校准)、振动识别相关功能(比如计步器、敲击)等;至于手机还可配置的陀螺仪、气压计、湿度计、温度计、红外线传感器等其他传感器,在此不再赘述。The handset may also include at least one sensor 1550, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 1541 according to the brightness of the ambient light, and the proximity sensor may turn off the display panel 1541 and/or when the mobile phone is moved to the ear. or backlight. As a kind of motion sensor, the accelerometer sensor can detect the magnitude of acceleration in various directions (generally three axes), and can detect the magnitude and direction of gravity when it is stationary, and can be used to identify the application of mobile phone posture (such as horizontal and vertical screen switching, related Games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tap), etc.; as for other sensors such as gyroscope, barometer, hygrometer, thermometer, infrared sensor, etc. repeat.

音频电路1560、扬声器1561,传声器1562可提供用户与手机之间的音频接口。音频电路1560可将接收到的音频数据转换后的电信号,传输到扬声器1561,由扬声器1561转换为声音信号输出;另一方面,传声器1562将收集的声音信号转换为电信号,由音频电路1560接收后转换为音频数据,再将音频数据输出处理器1580处理后,经RF电路1510以发送给比如另一手机,或者将音频数据输出至存储器1520以便进一步处理。The audio circuit 1560, the speaker 1561, and the microphone 1562 can provide an audio interface between the user and the mobile phone. The audio circuit 1560 can transmit the electrical signal converted from the received audio data to the speaker 1561, and the speaker 1561 converts it into an audio signal for output; After being received, it is converted into audio data, and then the audio data is processed by the output processor 1580, and then sent to another mobile phone through the RF circuit 1510, or the audio data is output to the memory 1520 for further processing.

Wi-Fi属于短距离无线传输技术,手机通过Wi-Fi模块1570可以帮助用户收发电子邮件、浏览网页和访问流式媒体等,它为用户提供了无线的宽带互联网访问。虽然图3示出了Wi-Fi模块1570,但是可以理解的是,其并不属于手机的必须构成,完全可以根据需要在不改变发明的本质的范围内而省略。Wi-Fi is a short-distance wireless transmission technology. Through the Wi-Fi module 1570, mobile phones can help users send and receive emails, browse web pages, and access streaming media. It provides users with wireless broadband Internet access. Although Fig. 3 shows the Wi-Fi module 1570, it can be understood that it is not an essential component of the mobile phone, and can be completely omitted as required without changing the essence of the invention.

处理器1580是手机的控制中心,利用各种接口和线路连接整个手机的各个部分,通过运行或执行存储在存储器1520内的软件程序和/或模块,以及调用存储在存储器1520内的数据,执行手机的各种功能和处理数据,从而对手机进行整体监控。可选的,处理器1580可包括一个或多个处理单元;优选的,处理器1580可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器1580中。The processor 1580 is the control center of the mobile phone. It uses various interfaces and lines to connect various parts of the entire mobile phone. By running or executing software programs and/or modules stored in the memory 1520, and calling data stored in the memory 1520, execution Various functions and processing data of the mobile phone, so as to monitor the mobile phone as a whole. Optionally, the processor 1580 may include one or more processing units; preferably, the processor 1580 may integrate an application processor and a modem processor, wherein the application processor mainly processes operating systems, user interfaces, and application programs, etc. , the modem processor mainly handles wireless communications. It can be understood that the foregoing modem processor may not be integrated into the processor 1580 .

手机还包括给各个部件供电的电源1590(比如电池),优选的,电源可以通过电源管理系统与处理器1580逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。The mobile phone also includes a power supply 1590 (such as a battery) for supplying power to various components. Preferably, the power supply can be logically connected to the processor 1580 through the power management system, so that functions such as charging, discharging, and power consumption management can be realized through the power management system.

尽管未示出,手机还可以包括摄像头、蓝牙模块等,在此不再赘述。Although not shown, the mobile phone may also include a camera, a Bluetooth module, etc., which will not be repeated here.

在本发明实施例中,该终端所包括的处理器1580还具有以下功能:监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;依据调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。也即处理器1580具备执行上述的移动终端信息保护方法,在此不再赘述。In the embodiment of the present invention, the processor 1580 included in the terminal also has the following functions: monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, the configuration is useful To provide a safe space for running resources for the operation of the scheduled application, the safe space is not accessible in the normal mode of the system; when the screen capture interface is called, obtain the caller's identity information that calls the screen capture interface; judge the call based on the caller's identity information Whether the identity of the caller is legal. When the identity of the caller is illegal, the calling behavior is rejected to prohibit the caller from capturing the screen. That is, the processor 1580 is capable of executing the above-mentioned mobile terminal information protection method, which will not be repeated here.

上述的移动终端信息保护方法、装置和移动终端,监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;依据调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。当屏幕捕捉接口被调用时,通过判断调用者身份是否合法来确定是否允许调用者捕捉屏幕,能有效避免不法应用偷偷截屏等操作,从而减少信息泄露和资金被盗风险,可以有效提高系统安全性。The above-mentioned mobile terminal information protection method, device and mobile terminal monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. The safe space for running resources, which is inaccessible in the normal mode of the system; when the screen capture interface is called, obtain the caller's identity information that calls the screen capture interface; judge whether the caller's identity is legal based on the caller's identity information, when calling When the identity of the caller is illegal, the calling behavior is rejected to prohibit the caller from capturing the screen. When the screen capture interface is called, determine whether the caller is allowed to capture the screen by judging whether the caller’s identity is legal, which can effectively prevent illegal applications from secretly taking screenshots and other operations, thereby reducing the risk of information leakage and fund theft, and can effectively improve system security. .

例如,当屏幕捕捉接口被调用时,通过判断调用应用是否为合法身份或非法身份的应用(例如可以设置白名单或黑名单)来确定是否允许捕捉屏幕,可以有效避免不法应用偷偷截屏等操作;或者,可以设置所有运行于系统保护模式下的应用都禁止截屏,即当屏幕捕捉接口被调用时,通过判断调用应用所处的登录状态所对应的普通用户账号的UID来确定是否允许捕捉屏幕(例如运行在UID=10的普通用户账号下的应用都禁止截屏),也能有效避免不法应用偷偷截屏等操作,从而减少信息泄露和资金被盗风险,可以有效提高系统安全性。For example, when the screen capture interface is called, determine whether to allow screen capture by judging whether the calling application is a legitimate or illegal application (for example, a whitelist or blacklist can be set), which can effectively prevent illegal applications from secretly taking screenshots and other operations; Alternatively, you can set all applications running in the system protection mode to prohibit screenshots, that is, when the screen capture interface is called, determine whether to allow screen capture by judging the UID of the ordinary user account corresponding to the login status of the calling application ( For example, applications running under a common user account with UID=10 are prohibited from taking screenshots), which can also effectively prevent illegal applications from sneaking screenshots and other operations, thereby reducing the risk of information leakage and fund theft, and can effectively improve system security.

本发明公开了如下方案:The invention discloses the following scheme:

A1、一种移动终端信息保护方法,包括如下步骤:A1, a mobile terminal information protection method, comprising the steps of:

监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;Monitor the call behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space is configured to provide running resources for the operation of predetermined applications. The security space is in the system normal mode inaccessible under

当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;When the screen capture interface is called, obtain the identity information of the caller who calls the screen capture interface;

依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。Judging whether the identity of the caller is legal according to the identity information of the caller, and rejecting the calling behavior to prohibit the caller from capturing the screen when the identity of the caller is illegal.

A2、根据A1所述的移动终端信息保护方法,所述预定应用包括支付相关的应用、理财相关的应用和银行相关的应用中的至少其中一种。A2. According to the mobile terminal information protection method described in A1, the predetermined application includes at least one of payment-related applications, wealth management-related applications, and bank-related applications.

A3、根据A1所述的移动终端信息保护方法,所述运行资源包括该应用程序本身、该应用配置数据和该应用用户数据其中至少一种,所述安全空间包括存储空间。A3. According to the mobile terminal information protection method described in A1, the running resources include at least one of the application program itself, the application configuration data and the application user data, and the secure space includes storage space.

A4、根据A1所述的移动终端信息保护方法,所述运行资源包括运行保护策略,所述安全空间包括存储空间及其相应的运行保护策略配置环境。A4. According to the mobile terminal information protection method described in A1, the operation resource includes an operation protection policy, and the security space includes a storage space and a corresponding operation protection policy configuration environment.

A5、根据A1所述的移动终端信息保护方法,所述屏幕捕捉接口用于截屏或录屏。A5. According to the mobile terminal information protection method described in A1, the screen capture interface is used for taking screenshots or recording screens.

A6、根据A1所述的移动终端信息保护方法,所述系统为安卓系统,所述屏幕捕捉接口包括adb shell screencap命令或screenshot()方法。A6, according to the mobile terminal information protection method described in A1, the system is an Android system, and the screen capture interface includes an adb shell screencap command or a screenshot () method.

A7、根据A1所述的移动终端信息保护方法,所述调用者身份信息根据登录系统的所述普通用户账号而确定;当所述普通用户账号为预定义的非法用户账户时,判定所述普通用户账号为非法身份,否则判定为合法身份。A7. According to the mobile terminal information protection method described in A1, the caller identity information is determined according to the ordinary user account logged into the system; when the ordinary user account is a predefined illegal user account, it is determined that the ordinary user account The user account is an illegal identity, otherwise it is determined to be a legal identity.

A8、根据A7所述的移动终端信息保护方法,所述系统为安卓系统,所述调用者身份信息包括所述普通用户账号的用户身份证明UID。A8. According to the mobile terminal information protection method described in A7, the system is an Android system, and the caller identity information includes the user identity certification UID of the common user account.

A9、根据A8所述的移动终端信息保护方法,所述系统为安卓系统,依据所述调用者身份信息判断调用者身份是否合法的过程包括:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。A9, according to the mobile terminal information protection method described in A8, the system is an Android system, and the process of judging whether the caller's identity is legal according to the caller's identity information includes: judging the user of the common user account by the setScreenCaptureDisabled() method Whether the identification UID is the user identification UID of an illegal identity and refuses to capture the screen after determination.

A10、根据A1所述的移动终端信息保护方法,所述调用者身份信息根据调用行为的实施者进程所属应用程序而确定。A10. According to the mobile terminal information protection method described in A1, the caller identity information is determined according to the application program to which the caller process belongs.

A11、根据A10所述的移动终端信息保护方法,所述系统为安卓系统,所述调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID;当调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。A11, according to the mobile terminal information protection method described in A10, the system is an Android system, and the caller identity information includes the package name of the calling application or the user identity certificate UID of the calling application; when the package name of the calling application is predefined When the illegal package name of the calling application or the user identification UID of the calling application is a predefined illegal user identification UID, the package name of the calling application or the user identification UID of the calling application is determined to be illegal, otherwise it is determined to be legal.

A12、根据A11所述的移动终端信息保护方法,所述获取调用屏幕捕捉接口的调用者身份信息的过程包括:A12, according to the mobile terminal information protection method described in A11, the process of obtaining the identity information of the caller who calls the screen capture interface includes:

获取调用应用的进程识别号PID,然后通过所述调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Obtain the process identification number PID of the calling application, and then obtain the package name of the calling application or the user identification UID of the calling application through the process identification number PID of the calling application.

A13、根据A12所述的移动终端信息保护方法,通过getCallingPid()方法获取所述调用应用的进程识别号PID。A13. According to the mobile terminal information protection method described in A12, the process identification number PID of the calling application is acquired through the getCallingPid() method.

A14、根据A1所述的移动终端信息保护方法,依据所述调用者身份信息判断调用者身份是否合法的过程包括:通过预建的白名单或黑名单来判断所述调用应用是否为合法身份或非法身份的应用。A14. According to the mobile terminal information protection method described in A1, the process of judging whether the caller’s identity is legal according to the caller’s identity information includes: judging whether the calling application is a legal identity or a pre-built white list or blacklist Application of illegal identity.

A15、根据A14所述的移动终端信息保护方法,所述白名单中包含有系统应用。A15. According to the mobile terminal information protection method described in A14, the white list includes system applications.

A16、根据A15所述的移动终端信息保护方法,所述系统为安卓系统,将用户身份证明UID为1000的应用识别为系统应用列入白名单。A16. According to the mobile terminal information protection method described in A15, the system is an Android system, and an application whose user identity certificate UID is 1000 is identified as a system application and included in the whitelist.

A17、根据A14所述的移动终端信息保护方法,所述白名单或黑名单中的信息根据服务器的更新信息而更新。A17. According to the mobile terminal information protection method described in A14, the information in the white list or black list is updated according to the update information of the server.

A18、根据A14所述的移动终端信息保护方法,若根据历史记录确定所述调用应用被拒绝捕捉屏幕的次数达到预设阈值,则发出警示信息。A18. According to the mobile terminal information protection method described in A14, if it is determined according to historical records that the number of times that the calling application is rejected to capture the screen reaches a preset threshold, a warning message is issued.

B19、一种移动终端信息保护装置,包括:B19. A mobile terminal information protection device, comprising:

监听模块,用于监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;The monitoring module is used to monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space for providing running resources for the operation of predetermined applications is configured. The space is not accessible in the normal mode of the system;

获取模块,用于当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口调用者身份信息;The acquisition module is used to obtain the identity information of the caller who calls the screen capture interface when the screen capture interface is called;

处理模块,依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。The processing module judges whether the caller's identity is legal according to the caller's identity information, and rejects the calling behavior to prohibit the caller from capturing the screen when the caller's identity is illegal.

B20、根据B19所述的移动终端信息保护装置,所述预定应用包括支付相关的应用、理财相关的应用和银行相关的应用中的至少其中一种。B20. According to the mobile terminal information protection device described in B19, the predetermined application includes at least one of payment-related applications, wealth management-related applications and bank-related applications.

B21、根据B19所述的移动终端信息保护装置,所述运行资源包括该应用程序本身、该应用配置数据和该应用用户数据其中至少一种,所述安全空间包括存储空间。B21. According to the mobile terminal information protection device described in B19, the running resources include at least one of the application program itself, the application configuration data and the application user data, and the secure space includes storage space.

B22、根据B19所述的移动终端信息保护装置,所述运行资源包括运行保护策略,所述安全空间包括存储空间及其相应的运行保护策略配置环境。B22. According to the mobile terminal information protection device described in B19, the operation resource includes an operation protection policy, and the security space includes a storage space and a corresponding operation protection policy configuration environment.

B23、根据B19所述的移动终端信息保护装置,所述屏幕捕捉接口用于截屏或录屏。B23. According to the mobile terminal information protection device described in B19, the screen capture interface is used for taking screenshots or recording screens.

B24、根据B19所述的移动终端信息保护装置,所述系统为安卓系统,所述屏幕捕捉接口包括adb shell screencap命令或screenshot()方法。B24, according to the mobile terminal information protection device described in B19, the system is an Android system, and the screen capture interface includes an adb shell screencap command or a screenshot () method.

B25、根据B19所述的移动终端信息保护装置,所述调用者身份信息根据登录系统的所述普通用户账号而确定;当所述普通用户账号为预定义的非法用户账户时,判定所述普通用户账号为非法身份,否则判定为合法身份。B25. According to the mobile terminal information protection device described in B19, the caller identity information is determined according to the ordinary user account logged into the system; when the ordinary user account is a predefined illegal user account, it is determined that the ordinary user account The user account is an illegal identity, otherwise it is determined to be a legal identity.

B26、根据B25所述的移动终端信息保护装置,所述系统为安卓系统,所述调用者身份信息包括所述普通用户账号的用户身份证明UID。B26. According to the mobile terminal information protection device described in B25, the system is an Android system, and the caller identity information includes the user identity certification UID of the common user account.

B27、根据B26所述的移动终端信息保护装置,所述系统为安卓系统,所述处理模块用于:通过setScreenCaptureDisabled()方法判断所述普通用户账号的用户身份证明UID是否是非法身份的用户身份证明UID并在确定后拒绝捕捉屏幕。B27, according to the mobile terminal information protection device described in B26, the system is an Android system, and the processing module is used for: judging whether the user identity certification UID of the common user account is an illegal user identity by the setScreenCaptureDisabled () method Certify the UID and refuse to capture the screen when identified.

B28、根据B19所述的移动终端信息保护装置,所述调用者身份信息根据调用行为的实施者进程所属应用程序而确定。B28. According to the mobile terminal information protection device described in B19, the caller identity information is determined according to the application program to which the implementer process of the calling behavior belongs.

B29、根据B18所述的移动终端信息保护装置,所述系统为安卓系统,所述调用者身份信息包括调用应用的包名或调用应用的用户身份证明UID;当调用应用的包名为预定义的非法包名或调用应用的用户身份证明UID为预定义的非法用户身份证明UID时,判定该调用应用的包名或调用应用的用户身份证明UID为非法身份,否则判定为合法身份。B29, according to the mobile terminal information protection device described in B18, the system is an Android system, and the caller identity information includes calling the package name of the application or calling the user identity certificate UID of the application; when the package name of the calling application is predefined When the illegal package name of the calling application or the user identification UID of the calling application is a predefined illegal user identification UID, the package name of the calling application or the user identification UID of the calling application is determined to be illegal, otherwise it is determined to be legal.

B30、根据B29所述的移动终端信息保护装置,所述获取模块用于:B30. According to the mobile terminal information protection device described in B29, the acquisition module is used for:

获取调用应用的进程识别号PID,然后通过所述调用应用的进程识别号PID获取调用应用的包名或调用应用的用户身份证明UID。Obtain the process identification number PID of the calling application, and then obtain the package name of the calling application or the user identification UID of the calling application through the process identification number PID of the calling application.

B31、根据B30所述的移动终端信息保护装置,通过getCallingPid()方法获取所述调用应用的进程识别号PID。B31. According to the mobile terminal information protection device described in B30, obtain the process identification number PID of the calling application through the getCallingPid() method.

B32、根据B19所述的移动终端信息保护装置,所述处理模块通过预建的白名单或黑名单来判断所述调用应用是否为合法身份或非法身份的应用。B32. According to the mobile terminal information protection device described in B19, the processing module judges whether the calling application is an application with a legal identity or an illegal identity through a pre-built white list or black list.

B33、根据B32所述的移动终端信息保护装置,所述白名单中包含有系统应用。B33. According to the mobile terminal information protection device described in B32, the white list includes system applications.

B34、根据B33所述的移动终端信息保护装置,所述系统为安卓系统,将用户身份证明UID为1000的应用识别为系统应用列入白名单。B34. According to the mobile terminal information protection device described in B33, the system is an Android system, and an application whose user identity certificate UID is 1000 is identified as a system application and is included in the whitelist.

B35、根据B32所述的移动终端信息保护装置,所述白名单或黑名单中的信息根据服务器的更新信息而更新。B35. According to the mobile terminal information protection device described in B32, the information in the white list or black list is updated according to the update information of the server.

B36、根据B32所述的移动终端信息保护装置,所述保护装置还包括警示模块;所述警示模块用于:若根据历史记录确定所述调用应用被拒绝捕捉屏幕的次数达到预设阈值,则发出警示信息。B36, according to the mobile terminal information protection device described in B32, the protection device also includes a warning module; the warning module is used to: if it is determined according to historical records that the number of times that the calling application is rejected to capture the screen reaches a preset threshold, then Issue a warning message.

C37、一种移动终端,其包括:C37, a kind of mobile terminal, it comprises:

触敏显示器;touch-sensitive display;

一个或多个处理器;one or more processors;

存储器;memory;

一个或多个应用程序,其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个程序配置用于执行如A1至A18任一所述的移动终端信息保护方法。one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs are configured to perform as The mobile terminal information protection method described in any one of A1 to A18.

应该理解的是,虽然图1的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,其可以以其他的顺序执行。而且,图1中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,其执行顺序也不必然是依次进行,而是可以与其他步骤或者其他步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。It should be understood that although the various steps in the flow chart of FIG. 1 are displayed sequentially according to the arrows, these steps are not necessarily executed sequentially in the order indicated by the arrows. Unless otherwise specified herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some of the steps in Fig. 1 may include multiple sub-steps or multiple stages, these sub-steps or stages are not necessarily executed at the same time, but may be executed at different times, and the execution order is not necessarily performed sequentially, but may be performed alternately or alternately with at least a part of other steps or sub-steps or stages of other steps.

以上所述仅是本发明的部分实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本发明的保护范围。The above descriptions are only part of the embodiments of the present invention. It should be pointed out that those skilled in the art can make some improvements and modifications without departing from the principles of the present invention. It should be regarded as the protection scope of the present invention.

Claims (10)

1.一种移动终端信息保护方法,其特征在于,包括如下步骤:1. A mobile terminal information protection method, is characterized in that, comprises the steps: 监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;Monitor the call behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space is configured to provide running resources for the operation of predetermined applications. The security space is in the system normal mode inaccessible under 当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口的调用者身份信息;When the screen capture interface is called, obtain the identity information of the caller who calls the screen capture interface; 依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。Judging whether the identity of the caller is legal according to the identity information of the caller, and rejecting the calling behavior to prohibit the caller from capturing the screen when the identity of the caller is illegal. 2.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述预定应用包括支付相关的应用、理财相关的应用和银行相关的应用中的至少其中一种。2 . The method for protecting mobile terminal information according to claim 1 , wherein the predetermined application includes at least one of payment-related applications, wealth management-related applications and bank-related applications. 3 . 3.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述运行资源包括该应用程序本身、该应用配置数据和该应用用户数据其中至少一种,所述安全空间包括存储空间。3. The mobile terminal information protection method according to claim 1, wherein the running resources include at least one of the application program itself, the application configuration data and the application user data, and the secure space includes storage space . 4.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述运行资源包括运行保护策略,所述安全空间包括存储空间及其相应的运行保护策略配置环境。4. The method for protecting information of a mobile terminal according to claim 1, wherein the operation resource includes an operation protection policy, and the security space includes a storage space and a corresponding operation protection policy configuration environment. 5.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述屏幕捕捉接口用于截屏或录屏。5. The method for protecting mobile terminal information according to claim 1, wherein the screen capture interface is used for taking screenshots or recording screens. 6.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述系统为安卓系统,所述屏幕捕捉接口包括adb shell screencap命令或screenshot()方法。6. The mobile terminal information protection method according to claim 1, wherein the system is an Android system, and the screen capture interface includes an adb shell screencap command or a screenshot () method. 7.根据权利要求1所述的移动终端信息保护方法,其特征在于,所述调用者身份信息根据登录系统的所述普通用户账号而确定;当所述普通用户账号为预定义的非法用户账户时,判定所述普通用户账号为非法身份,否则判定为合法身份。7. The mobile terminal information protection method according to claim 1, wherein the identity information of the caller is determined according to the common user account logged into the system; when the common user account is a predefined illegal user account , it is determined that the common user account is an illegal identity, otherwise it is determined that it is a legal identity. 8.根据权利要求7所述的移动终端信息保护方法,其特征在于,所述系统为安卓系统,所述调用者身份信息包括所述普通用户账号的用户身份证明UID。8. The method for protecting mobile terminal information according to claim 7, wherein the system is an Android system, and the caller identity information includes the user identity certification UID of the common user account. 9.一种移动终端信息保护装置,其特征在于,包括:9. A mobile terminal information protection device, characterized in that it comprises: 监听模块,用于监听在以普通用户账户身份登录的系统保护模式下触发的对屏幕捕捉接口的调用行为,系统保护模式下,配置有用于为预定应用的运行提供运行资源的安全空间,该安全空间在系统普通模式下不可访问;The monitoring module is used to monitor the calling behavior of the screen capture interface triggered in the system protection mode logged in as an ordinary user account. In the system protection mode, a security space for providing running resources for the operation of predetermined applications is configured. The space is not accessible in the normal mode of the system; 获取模块,用于当屏幕捕捉接口被调用时,获取调用屏幕捕捉接口调用者身份信息;The acquisition module is used to obtain the identity information of the caller who calls the screen capture interface when the screen capture interface is called; 处理模块,依据所述调用者身份信息判断调用者身份是否合法,当调用者为非法身份时,拒绝该调用行为从而禁止该调用者捕捉屏幕。The processing module judges whether the caller's identity is legal according to the caller's identity information, and rejects the calling behavior to prohibit the caller from capturing the screen when the caller's identity is illegal. 10.一种移动终端,其特征在于,其包括:10. A mobile terminal, characterized in that it comprises: 触敏显示器;touch-sensitive display; 一个或多个处理器;one or more processors; 存储器;memory; 一个或多个应用程序,其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个程序配置用于执行如权利要求1至8任一所述的移动终端信息保护方法。one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs are configured to perform as The mobile terminal information protection method described in any one of claims 1 to 8.
CN201710025477.9A 2017-01-13 2017-01-13 Information of mobile terminal guard method, device and mobile terminal Pending CN106791168A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710025477.9A CN106791168A (en) 2017-01-13 2017-01-13 Information of mobile terminal guard method, device and mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710025477.9A CN106791168A (en) 2017-01-13 2017-01-13 Information of mobile terminal guard method, device and mobile terminal

Publications (1)

Publication Number Publication Date
CN106791168A true CN106791168A (en) 2017-05-31

Family

ID=58946715

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710025477.9A Pending CN106791168A (en) 2017-01-13 2017-01-13 Information of mobile terminal guard method, device and mobile terminal

Country Status (1)

Country Link
CN (1) CN106791168A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682892A (en) * 2017-09-30 2018-02-09 广东欧珀移动通信有限公司 Flow control method and device, computer equipment, computer-readable storage medium
CN108520186A (en) * 2018-03-09 2018-09-11 广东欧珀移动通信有限公司 Screen recording method, mobile terminal and computer readable storage medium
CN110413366A (en) * 2019-07-30 2019-11-05 深圳市乘法信息技术有限公司 A kind of screenshotss method, apparatus, equipment and storage medium based on block chain
CN110414224A (en) * 2019-07-15 2019-11-05 维沃移动通信有限公司 A kind of data processing method and mobile terminal
CN110430315A (en) * 2019-06-20 2019-11-08 努比亚技术有限公司 A kind of method of controlling security, terminal and computer readable storage medium
CN111340808A (en) * 2020-05-20 2020-06-26 北京小米移动软件有限公司 Screen display monitoring method and device, electronic device, storage medium
CN111796989A (en) * 2020-09-09 2020-10-20 北京志翔科技股份有限公司 Method for preventing screen capture in Linux system and computer readable storage medium
CN112131597A (en) * 2019-10-22 2020-12-25 刘高峰 Method and device for generating encrypted information and intelligent equipment
CN112149104A (en) * 2020-09-30 2020-12-29 腾讯科技(深圳)有限公司 Screen capture control method and device, computer readable medium and electronic equipment
CN113836547A (en) * 2021-08-30 2021-12-24 济南浪潮数据技术有限公司 Method and system for limiting common user to log in monitoring platform and monitoring platform
CN114547632A (en) * 2020-11-19 2022-05-27 成都鼎桥通信技术有限公司 Information protection method, device, equipment and storage medium
CN115167747A (en) * 2021-03-18 2022-10-11 华为技术有限公司 Screen capturing method, electronic device and storage medium
WO2024128679A1 (en) * 2022-12-16 2024-06-20 주식회사 안랩 Remote control app detection method and device

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101310254A (en) * 2005-10-17 2008-11-19 法国电信公司 Method and system for managing applications in mobile terminals
CN102622558A (en) * 2012-03-01 2012-08-01 北京邮电大学 Excavating device and excavating method of binary system program loopholes
CN103123602A (en) * 2011-11-18 2013-05-29 阿里巴巴集团控股有限公司 Abnormal alarming monitoring method based on java and device thereof
CN103699835A (en) * 2013-12-11 2014-04-02 西安交通大学 Access control method of resources of Android system
CN104239764A (en) * 2014-10-15 2014-12-24 北京奇虎科技有限公司 Terminal device and system function management and control method and device of terminal device
CN105335631A (en) * 2015-09-25 2016-02-17 宇龙计算机通信科技(深圳)有限公司 Method and device for configuring login information, and mobile terminal
CN105550584A (en) * 2015-12-31 2016-05-04 北京工业大学 RBAC based malicious program interception and processing method in Android platform
EP3098794A1 (en) * 2014-01-20 2016-11-30 Dr. Security S.L. Security and surveillance system based on intelligent mobile devices
CN106201468A (en) * 2016-06-28 2016-12-07 北京金山安全软件有限公司 Screen capture processing method and device and electronic equipment

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101310254A (en) * 2005-10-17 2008-11-19 法国电信公司 Method and system for managing applications in mobile terminals
CN103123602A (en) * 2011-11-18 2013-05-29 阿里巴巴集团控股有限公司 Abnormal alarming monitoring method based on java and device thereof
CN102622558A (en) * 2012-03-01 2012-08-01 北京邮电大学 Excavating device and excavating method of binary system program loopholes
CN103699835A (en) * 2013-12-11 2014-04-02 西安交通大学 Access control method of resources of Android system
EP3098794A1 (en) * 2014-01-20 2016-11-30 Dr. Security S.L. Security and surveillance system based on intelligent mobile devices
CN104239764A (en) * 2014-10-15 2014-12-24 北京奇虎科技有限公司 Terminal device and system function management and control method and device of terminal device
CN105335631A (en) * 2015-09-25 2016-02-17 宇龙计算机通信科技(深圳)有限公司 Method and device for configuring login information, and mobile terminal
CN105550584A (en) * 2015-12-31 2016-05-04 北京工业大学 RBAC based malicious program interception and processing method in Android platform
CN106201468A (en) * 2016-06-28 2016-12-07 北京金山安全软件有限公司 Screen capture processing method and device and electronic equipment

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682892B (en) * 2017-09-30 2021-06-25 Oppo广东移动通信有限公司 Flow control method and apparatus, computer equipment, computer readable storage medium
CN107682892A (en) * 2017-09-30 2018-02-09 广东欧珀移动通信有限公司 Flow control method and device, computer equipment, computer-readable storage medium
CN108520186A (en) * 2018-03-09 2018-09-11 广东欧珀移动通信有限公司 Screen recording method, mobile terminal and computer readable storage medium
CN110430315A (en) * 2019-06-20 2019-11-08 努比亚技术有限公司 A kind of method of controlling security, terminal and computer readable storage medium
CN110414224A (en) * 2019-07-15 2019-11-05 维沃移动通信有限公司 A kind of data processing method and mobile terminal
CN110413366B (en) * 2019-07-30 2023-10-31 深圳市乘法信息技术有限公司 Screen capturing method, device, equipment and storage medium based on blockchain
CN110413366A (en) * 2019-07-30 2019-11-05 深圳市乘法信息技术有限公司 A kind of screenshotss method, apparatus, equipment and storage medium based on block chain
CN112131597A (en) * 2019-10-22 2020-12-25 刘高峰 Method and device for generating encrypted information and intelligent equipment
CN112131597B (en) * 2019-10-22 2025-06-03 刘高峰 A method, device and intelligent device for generating encrypted information
CN111340808A (en) * 2020-05-20 2020-06-26 北京小米移动软件有限公司 Screen display monitoring method and device, electronic device, storage medium
CN111796989A (en) * 2020-09-09 2020-10-20 北京志翔科技股份有限公司 Method for preventing screen capture in Linux system and computer readable storage medium
CN112149104A (en) * 2020-09-30 2020-12-29 腾讯科技(深圳)有限公司 Screen capture control method and device, computer readable medium and electronic equipment
CN114547632B (en) * 2020-11-19 2023-10-13 成都鼎桥通信技术有限公司 Information protection method, device, equipment and storage medium
CN114547632A (en) * 2020-11-19 2022-05-27 成都鼎桥通信技术有限公司 Information protection method, device, equipment and storage medium
CN115167747A (en) * 2021-03-18 2022-10-11 华为技术有限公司 Screen capturing method, electronic device and storage medium
CN115167747B (en) * 2021-03-18 2025-03-11 华为技术有限公司 Screen capture method, electronic device and storage medium
CN113836547A (en) * 2021-08-30 2021-12-24 济南浪潮数据技术有限公司 Method and system for limiting common user to log in monitoring platform and monitoring platform
CN113836547B (en) * 2021-08-30 2023-12-22 济南浪潮数据技术有限公司 Method, system and monitoring platform for limiting common user to log on monitoring platform
KR20240094918A (en) * 2022-12-16 2024-06-25 주식회사 안랩 Methdo and apparatus for detecting remote-control application program
WO2024128679A1 (en) * 2022-12-16 2024-06-20 주식회사 안랩 Remote control app detection method and device
KR102828251B1 (en) * 2022-12-16 2025-07-04 주식회사 안랩 Methdo and apparatus for detecting remote-control application program

Similar Documents

Publication Publication Date Title
CN106791168A (en) Information of mobile terminal guard method, device and mobile terminal
TWI606360B (en) Method, apparatus and system for detecting webpages
US9703971B2 (en) Sensitive operation verification method, terminal device, server, and verification system
CN109918930A (en) A kind of information protecting method and terminal device
CN107635262A (en) Switching method, device, electronic device and storage medium for connecting terminal to network
CN107885985A (en) A kind of application program account sharing method and terminal
CN109416800B (en) Authentication method of mobile terminal and mobile terminal
CN108536783A (en) Data processing method and device, terminal and computer readable storage medium
US11017066B2 (en) Method for associating application program with biometric feature, apparatus, and mobile terminal
CN106570358A (en) Application permission setting method and device
WO2017118436A1 (en) Key storing method, key managing method and device
CN108075899B (en) An authentication method, mobile terminal and computer-readable storage medium
CN110941821A (en) Data processing method, device and storage medium
WO2019007371A1 (en) Method for preventing information from being stolen, storage device, and mobile terminal
CN106096393A (en) Application program control method and device
CN106534093B (en) Terminal data processing method, device and system
CN108270757B (en) User account switching method, device, client and system
CN107153792B (en) A data security processing method, device and mobile terminal
CN107343279A (en) Network connection method, device, terminal equipment and storage medium
CN108632454A (en) Information processing method and device, computer readable storage medium, terminal
CN106407771A (en) Message management method and device
CN106874751A (en) Input method, device and mobile terminal under system protection pattern
CN106933633A (en) Right management method, device and mobile terminal
CN106897608A (en) A kind of authority processing method of application program, device and mobile terminal
CN107102913A (en) Data backup method and device and computer equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20170719

Address after: 100102, 18 floor, building 2, Wangjing street, Beijing, Chaoyang District, 1801

Applicant after: BEIJING ANYUN SHIJI SCIENCE AND TECHNOLOGY CO., LTD.

Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park)

Applicant before: Beijing Qihu Technology Co., Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531