[go: up one dir, main page]

CN115114252B - File sharing method and device - Google Patents

File sharing method and device Download PDF

Info

Publication number
CN115114252B
CN115114252B CN202110291947.2A CN202110291947A CN115114252B CN 115114252 B CN115114252 B CN 115114252B CN 202110291947 A CN202110291947 A CN 202110291947A CN 115114252 B CN115114252 B CN 115114252B
Authority
CN
China
Prior art keywords
file
user
propagation
sharing
chain data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110291947.2A
Other languages
Chinese (zh)
Other versions
CN115114252A (en
Inventor
高长寿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN202110291947.2A priority Critical patent/CN115114252B/en
Priority to PCT/CN2022/081009 priority patent/WO2022194167A1/en
Publication of CN115114252A publication Critical patent/CN115114252A/en
Application granted granted Critical
Publication of CN115114252B publication Critical patent/CN115114252B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • G06F16/275Synchronous replication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

本申请实施例公开一种文件分享方法和装置,涉及通信技术领域。所述文件分享方法包括:响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。由此,采用本申请的实施例,可以控制文件分享的范围,避免文件被恶意或违规传播。

The embodiments of the present application disclose a file sharing method and device, which relate to the field of communication technology. The file sharing method includes: in response to a request to share a file of a first user with a second user, obtaining the file of the first user; wherein the file includes propagation chain data, and the propagation chain data is data formed by each user through which the file passes when being propagated; obtaining propagation rules from the propagation chain data, wherein the propagation rules are sharing rules set when each user shares a file; and using the propagation rules in the file to control the first user's sharing of the file with the second user. Therefore, by adopting the embodiments of the present application, the scope of file sharing can be controlled to prevent files from being maliciously or illegally propagated.

Description

File sharing method and device
Technical Field
The embodiment of the application relates to the technical field of communication, in particular to a file sharing method and device.
Background
With the development of internet technology, file sharing has become a common business form, and users can propagate shared files based on relationship chains in social applications, such as photo sharing based on friend relationships and document sharing based on colleague relationships.
In practical applications, after the file is shared with other users, the recipient can download and view the content of the file, and meanwhile, the recipient can share the file with other recipients again in some ways, for example, sharing after copying and uploading again after downloading. These sharing actions may lead to a risk of the file sharing scope being enlarged. After the file is shared, the user cannot control the subsequent propagation and forwarding of the file.
Disclosure of Invention
The embodiment of the application provides a file sharing method and device, and provides a technical scheme which can be used for controlling a file sharing range and can avoid malicious or illegal transmission of files.
In a first aspect, an embodiment of the present application provides a file sharing method, where the file sharing method includes obtaining a file of a first user in response to a request for sharing the file of the first user to a second user, where the file includes propagation link data, where the propagation link data is data formed by each user through which the file passes when being propagated, obtaining a propagation rule from the propagation link data, where the propagation rule is a sharing rule set when each user shares the file, and controlling file sharing of the second user by the first user using the propagation rule in the file.
Based on the design, the file sharing of the first user to the second user can be correspondingly controlled according to the user set propagation rule. Therefore, the file sharing method provided by the embodiment of the application can be used for controlling the file sharing range, and can avoid malicious or illegal transmission of the file.
In one possible design, the propagation rule is to prohibit the second user from tampering with the file when the first user shares the file with the second user. Based on the design, the file can be prevented from being tampered maliciously during sharing.
In one possible design, the first user may perform file sharing to the second user, and the propagation rule may prohibit the second user from sharing the file to the third user. Based on the design, the user can control the file sharing range, and malicious or illegal transmission is avoided.
In one possible design, the propagation rule defines a number of users receiving the file when the first user performs file sharing with the second user. Based on the design, the user can control the file sharing range, and malicious or illegal transmission is avoided.
In one possible design, the second user downloads the content and propagation chain data of the file through an application in the user device, saving the content and propagation chain data of the file into a secure sandbox. Based on such design, the files stored in the secure sandbox are limited to access by the application to which they belong or other applications authorized by the application, thereby ensuring that the files including the propagation chain data are not stolen and tampered with by third party applications.
In one possible design, when the second user copies the file as a new file, the application copies the file including file content and the propagation chain data in the secure sandbox. Based on such a design, the second user downloads a file containing the propagation chain data, and when the file is copied, the propagation chain data is also copied.
In one possible design, when the second user uploads the new file to a server, the application uploads both the file content and the propagation chain data to the server. Based on such a design, the second user uploads the file containing the propagation chain, and when the file is copied, the propagation chain data is also uploaded.
In a second aspect, the embodiment of the application further provides a file sharing device, which comprises an acquisition unit and a control unit, wherein the acquisition unit is configured to acquire a file of a first user in response to a request for sharing the file of the first user to a second user, the file comprises propagation chain data, the propagation chain data are data formed by all users passing through when the file propagates, the acquisition unit is further configured to acquire propagation rules from the propagation chain data, the propagation rules are sharing rules set when each user shares the file, and the control unit is configured to control the first user to share the file of the second user by using the propagation rules in the file.
Based on the design, the file sharing of the first user to the second user can be correspondingly controlled according to the user set propagation rule. Therefore, the file sharing method provided by the embodiment of the application can be used for controlling the file sharing range, and can avoid malicious or illegal transmission of the file.
In one possible design, the control unit is further configured to prohibit the second user from tampering with the file according to the propagation rule. Based on the design, the file can be prevented from being tampered maliciously during sharing.
In one possible design, the control unit is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule. Based on the design, the user can control the file sharing range, and malicious or illegal transmission is avoided.
In one possible design, the control unit is further configured to define the number of users receiving the file according to the propagation rule. Based on the design, the user can control the file sharing range, and malicious or illegal transmission is avoided.
In the embodiment of the application, when receiving the request for sharing the file of the first user to the second user, the file of the first user can be acquired, the propagation rule can be acquired from the propagation chain data of the file, and then the first user is controlled to share the file of the second user by using the propagation rule in the file. Thus, the file sharing range can be controlled, and the file can be prevented from being maliciously or illegally transmitted.
Drawings
Fig. 1 is a schematic diagram of file sharing according to an embodiment of the present application.
Fig. 2 is another schematic diagram of file sharing according to an embodiment of the present application.
Fig. 3 is another schematic diagram of file sharing according to an embodiment of the present application.
Fig. 4 is a schematic diagram of a file sharing process according to an embodiment of the present application.
Fig. 5 is a flow chart of a file sharing method according to an embodiment of the present application.
Fig. 6 is a schematic diagram of another file sharing process according to an embodiment of the present application.
Fig. 7 is a flowchart illustrating a file sharing method according to another embodiment of the present application.
Fig. 8 is a schematic diagram of another file sharing process according to an embodiment of the present application.
Fig. 9 is a schematic diagram of another file sharing process according to an embodiment of the present application.
Fig. 10 is a schematic diagram of another file sharing process according to an embodiment of the present application.
Fig. 11 is a schematic structural diagram of a file sharing device according to an embodiment of the present application.
Fig. 12 is a schematic structural diagram of another file sharing device according to an embodiment of the present application.
Description of the main reference signs
First user 100
Second user 200
Server 300
File sharing device 500, 600
Acquisition unit 501
Control unit 502
Processor 601
Memory 602
Communication interface 603
The application will be further described in the following detailed description in conjunction with the above-described figures.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application.
In the embodiments of the present application, the terms "first," "second," and the like are used merely to distinguish between different objects, and are not to be construed as indicating or implying a relative importance or order. For example, a first application, a second application, etc. are intended to distinguish between different applications, rather than to describe a particular order of application, and features defining "first", "second", etc. may explicitly or implicitly include one or more such features.
Each user may propagate shared content based on the user's relationship chain, e.g., one user publishes his own shared content in an application that may be viewed or otherwise acquired by other users having a relationship of interest.
As shown in fig. 1, in some possible scenarios, a sharer may initiate sharing of his own file.
It will be appreciated that the sharer may have two sharing modes, one for sharing to the owner, any user may access the file. And the other is shared by the appointed users, the server stores the sharing relation, and the authority identification is carried out on the receiver.
Specifically, after the server receives the sharing request, the content of the file may be reviewed. And checks the risk level of the content of the document, for example, whether the content of the document relates to legal content such as pornography content, horror content, violence content and the like, and then evaluates the grading or risk level of the document according to the content of the document.
Thus, the server can prevent or allow the sharer to share the file according to the rules set by the risk level of the file. If the server allows the sharer to share the file, the receiver can download or read the file after receiving the sharing.
In the application scenario shown in fig. 1, since the content of the file needs to be read when the content of the file is checked, the server needs to identify the format of the file, so as to determine whether the content of the file has illegal and illegal contents. If the file is personal data of the user, the file may be illegally stolen by a third party during sharing.
If the file is encrypted, the contents of the file may not be readable because it cannot be decrypted. Therefore, the sharer can only control the sharing range in a limited way, but cannot control the secondary transmission of the receiver, and particularly the transmission after the malicious user tampers the file.
In another possible scenario, as shown in FIG. 2, when user 201 shares a file, the propagation chain of the file may be User1→User2→User3→User4 and User1→User2→User5→User6. It will be appreciated that the scoring ratings are given to individual users during their sharing to other users. The files can be shared according to the control rules set by the content ratings and the user ratings.
For example, when a user shares a certain file, content auditing is performed on the content of the file to obtain content classification, then the content classification and the user classification can be combined, and then the risk level of current sharing is calculated according to the control rule to determine whether to allow the current sharing.
If a user has more offending content shared and the spread range is wider, the risk score of the user is higher, and the sharing control of the user is more strict.
In the application scenario shown in fig. 2, the sharer may be illegally stolen by a third party during sharing, the content of the file may not be read because of being unable to decrypt, and the sharer may not be able to effectively control the subsequent transmission and forwarding of the file.
Therefore, the embodiment of the application provides a file sharing method, which solves the problem that a sharer cannot control the subsequent transmission and forwarding of the file, can control the sharing range of the file, and avoids the file from being transmitted maliciously and illegally.
The file sharing method provided by the embodiment of the application can be applied to a scenario in which the first user 100 and the second user 200 share based on the server 300 as shown in fig. 3.
In the scenario shown in fig. 3, the first user 100 and the second user 200 may use respective user devices. It is understood that the user devices may be one or more of a desktop computer, a portable computer, a tablet computer, a Personal Digital Assistant (PDA), a cellular telephone, a smart phone, and the like, including but not limited to. It will be appreciated that the user device may have stored thereon user information and data.
The user requests the interactive interface of the server 300 to communicate, and different users can share information. For this purpose, different devices can communicate with each other. Communication media between devices may include, but is not limited to, network connections such as the Internet, wide area networks, local area networks, telecommunications communications such as various generations of wireless telecommunications networks such as 2G, 3G, 4G, 5G, etc., near field communications such as infrared, bluetooth, etc.
In one embodiment, the server 300 may communicate with the user devices of the various users to control sharing of files among the different users. According to an embodiment of the present application, file sharing between different users may be performed under the control of the server 300.
As shown in fig. 3, a first user 100 may initiate file sharing on a user device, and the user device of the first user 100 may install an application that is compatible with a file service. The server 300 may provide relevant interfaces for file services, such as server-side interfaces for uploading, downloading, sharing, copying, etc. of files to provide for user device invocation.
The server 300 may also perform risk sharing control, such as file content auditing, user grading, sharing behavior auditing, and so on.
In one embodiment, the first user 100 may act as a sharer and the second user 200 may act as a recipient. For example, the user device of the first user 100 may send a web page link, text, image, document, folder, video, audio, or installed application, etc. as a file to be shared to the user device of the second user 200, so as to implement a file sharing function between devices.
For example, as shown in fig. 4, the first user 100 (i.e. sharer) may call an interface of the server 300 through an Application (APP) of the user equipment to initiate file sharing, and may set a propagation rule of a file when the file is shared, that is, the first user 100 uploads the file with the propagation rule to the server 300. The server 300 may manage the propagation chain data of the file, and generate a propagation node for file sharing, that is, generate one-time propagation behavior data, where the propagation node may include information for performing sharing control by a propagation rule, file metadata, sharer, and the like.
It will be appreciated that in this embodiment, file metadata may be distinguished from data of file content. In some possible implementations, the file metadata may be used to describe characteristics of the file, such as file size, sha256, file name, file type, and so forth.
It will be appreciated that the server 300 will audit the file content and the propagation rules, i.e. the server 300 will audit the file content and the sharing behavior.
The propagation rules comprise user-set propagation rules and system-configured propagation rules. Thus, the server 300 may perform file sharing control according to the propagation chain data. If it is determined that file sharing is allowed, the server 300 supplements the propagation node of the sharing to the propagation chain.
It can be appreciated that the propagation rule is a sharing rule set when each user shares a file.
In some possible implementations, the second user 200 may download the shared file through the APP in the user device, include the propagation chain data of the file in the downloaded content, and save the downloaded file and the propagation chain data to a secure Sandbox (Sandbox) of the system.
It will be appreciated that a secure sandbox provides a secure mechanism for isolating the environment for a program in execution. The secure sandbox can ensure the security of the system by strictly controlling the resources accessed by the executed program, and other applications cannot directly access the data (data in the memory and the disk) stored in the secure sandbox.
In the user device of the second user 200, if the second user 200 copies the file, the application needs to copy the propagation chain data of the file at the same time as copying the file content. If the second user 200 uploads a file to the server 300, the application also needs to upload with the propagation chain data.
In the following embodiments, taking the sharing of the first user 100 and the second user 200 based on the server 300 as an example, a file sharing method provided in the embodiments of the present application is described in detail, as shown in fig. 5, the method includes:
In step S51, a request to share the file of the first user to the second user is received.
In one embodiment, the sharing of the file may be initiated by the first user 100, i.e. the first user 100 may send a file sharing request to the server 300. For example, the first user 100 may operate his user device to share a specified file to the second user 200.
Specifically, the first user 100 may invoke an interface of the server 300 at the terminal side to share the file, where a recipient, for example, the first user 100 may be designated during sharing, or may share to all users. The first user 100 may set a propagation rule when sharing.
Step S52, acquire propagation chain data of the file.
It will be appreciated that the propagation chain data in this embodiment may be data formed by each user through which the file is propagated.
In one embodiment, the server 300 obtains the propagation chain data of the file after receiving the sharing request of the first user 100. It will be appreciated that the server 300 may obtain the necessary data for the propagation chain in the file, such as metadata of the file, sharers, propagation rules, etc., and supplement the necessary data to the propagation chain data to form a propagation node.
It can be appreciated that in the embodiment of the present application, the file will generate the propagation information during the sharing process, and may be stored in the propagation chain.
For example, as shown in FIG. 6, when a file is first shared by the owners of the file, the server generates one-time propagation behavior data S 0 and builds a propagation chain C 0. Namely, C 0 contains one-time propagation behavior data S 0. Wherein the propagation chain data may be stored in metadata information of the file. If the recipient of the file shares the file again to other users, this sharing will also generate a propagation behavior data S 1, and add S 1 to the propagation chain C 0, which is denoted as C 1. Similarly, when the file is shared by the nth recipient to the (n+1) th recipient, a propagation chain C n+1, C n+1=Cn+Sn+1, is obtained. The propagation chain C n+1 includes S 0,S1,…,Sn+1 these propagation behavior data.
Step S53, sharing control is performed on the files.
In one embodiment, the server 300 may perform file sharing control according to the propagation chain data.
It may be appreciated that the file sharing control may be that the server 300 performs control for preventing or allowing sharing according to file content, user characteristics, and propagation characteristics, and by combining rules set by the system and propagation rules on a propagation chain. The propagation rule may be specified by the sharer during sharing (and stored in the propagation behavior data of the propagation chain), or may be specified by the system configuration (stored in the server).
For example, the server 300 may allow the first user 100 to share files with the second user 200 according to propagation chain data, or the server 300 may prevent the first user 100 from sharing files with the second user 200 according to propagation chain data.
Please refer to fig. 7, which is a detailed flowchart of step S53. In one embodiment of the present application, the sharing control of the file by the server 300 may include:
and step S71, auditing the content of the file.
The server 300 may perform content auditing on the content of the file uploaded by the first user 100, so as to obtain a content rating of the file.
Step S72, acquiring propagation chain data from the file.
For example, when the first user 100 uploads a file to the server 300, the server 300 may obtain propagation chain data from the file.
Step S73, acquiring a propagation rule from the propagation chain data.
In one embodiment, the server 300 may obtain the propagation rule set by the user in the propagation chain data, for example, the server 300 may obtain the propagation rule set by the first user 100 in the propagation chain data. It can be appreciated that each user can set the propagation rule for the sharing when sharing the file.
Step S74, checking the propagation rule in turn.
In one embodiment, the server 300 may check the propagation rules in turn and may perform sharing control according to the propagation rules.
It will be appreciated that in one possible application scenario, the user-set propagation rule may be to prohibit tampering of the file by the recipient (e.g., copyright protection).
For example, as shown in fig. 8, when the first user 100 performs file sharing, the propagation rule (P 0) sets that the recipient is prohibited from modifying the file, and the propagation rule (P 0) is stored in the propagation chain. At this time, the second user 200 downloads the file from the server 300, modifies the file, and shares the file to the third user.
At this time, the server 300 checks according to the propagation chain, and checks that the Hash (Hash) value of the file in the current propagation behavior data S 1 is inconsistent with the Hash value of the file in the propagation behavior data S 0, and at this time, the server 300 may confirm that the file has been tampered, so that the second user may be prevented from sharing the file to the third user.
By adopting the design, when users share, the users can set the sharing propagation rules, and the server controls according to the propagation rules set by the users, so that the legal rights and interests of private data, copyright and the like are protected.
It is understood that in one possible application scenario, the propagation rule set by the user may be to prohibit secondary sharing.
For example, when the first user 100 performs file sharing, it is set in the propagation rule that only the shared user is visible to the file, and the receiver is restricted from re-sharing the file, and may set to prohibit secondary sharing during sharing. Then, when the second user 200 shares the file again, the server 300 may prevent this sharing according to the propagation rule on the propagation chain (i.e. prohibit secondary sharing).
It will be appreciated that embodiments of the present application may limit the rights of a recipient to the operability of the distribution file, and that such operable rights may include modification, copying, sharing, downloading, and the like.
In one possible application scenario, the user-set propagation rule may be to define the total number of users or the number of propagation times for receiving the file.
For example, as shown in FIG. 9, a sharer may define the number of recipients of a file on a propagation rule, and a server may obtain the source of the file from a propagation chain and the recipient data of the file from the propagation chain or other propagation chains of the source file, whereby the server may derive the total number of recipients of the file. When the total number of file recipients exceeds the total number of users receiving files in the propagation rule, the sharing is prevented.
Thus, in the above scenario, the user may control the propagation range of file sharing, specifically including the number of recipients, the number of propagation times, and the user characteristics of the recipients.
It can be appreciated that in one possible application scenario, the propagation rule set by the system may be to limit the risk level of sharing to be lower than a preset index.
In one embodiment of the present application, the server 300 may perform comprehensive evaluation according to parameters such as risk level of file content, number of propagated recipients, number of propagated times, risk level of recipients, number of complaints, and the like, so as to obtain a shared risk level.
It can be appreciated that the embodiment of the application can evaluate the content classification or risk level of the file according to the content of the file by checking the risk level of the content of the file, such as legal-offending content related to yellow content, horror content, violent content and the like. If the file cannot be subjected to content auditing, using a default value of system configuration. The embodiment of the application can acquire the users on the propagation path from the propagation path of the illegal file, and obtain the risk level of the receiver through the process of sharing the users to other users and evaluating the risk of the users.
For example, when the first user 100 is about to share a file, if the server 300 detects that the risk level of the sharing of the first user 100 is greater than a predetermined index, the server 300 will prevent the sharing.
By adopting the design, when the content of the file cannot be audited, the embodiment of the application can control the distribution behavior by using the transmission characteristics according to the information of the file in the sharing and transmission process, such as the source, the sharer, the receiver, the complaint information and the like of the file.
In step S54, the second user downloads the shared file through the application in the user device, and saves the file and the propagation chain data in the secure sandbox.
It will be appreciated that the sharer may copy or download and then upload the file to another file to change the original file to a new file, where the propagation chain data is not in the new file. Thus, to avoid the user's files from being tampered with, stolen, and maliciously propagated, the propagation chain data needs to be protected.
When the server 300 confirms that the file sharing of the first user 100 is allowed, the second user 200 may download the shared file from the server 300 through an application in his user device. Wherein the content downloaded by the second user 200 may comprise propagation chain data of a file. Thus, the second user 200 may save the file and propagation chain data to a secure sandbox of the operating system.
It will be appreciated that if the second user 200 copies a file, the application needs to control the propagation chain data of the copied file as well as the content of the file. If the second user 200 uploads a file to the server 300, the application also needs to upload the file carrying the propagation chain data.
In this embodiment, when the second user 200 downloads the shared file, a protection mechanism of a secure sandbox of the operating system may be used to protect the propagation chain data.
It will be appreciated that the files stored in the secure sandbox are limited to access by the application to which they belong or other applications authorized by the application, thereby ensuring that the files comprising the propagation chain data are not stolen and tampered with by third party applications.
For example, as shown in fig. 10, when the second user 200 downloads and views the file shared by the first user 100 in the user device, the second user 200 may operate the application to call the interface of the server 300 to download the file shared by the first user 100 from the server 300. The server 300 transmits the file content and the propagation chain data to the application, which saves the file downloaded from the server 300 to a secure sandbox of the system. It will be appreciated that the file includes file content and propagation chain data.
When the second user 200 copies a file as a new file, the application also needs to copy the file in the secure sandbox, including the file content and the propagation chain data, to ensure that the propagation chain data is maintained from the source file to the destination file. When the second user 200 uploads the copied new file to the server 300, the application needs to upload both the file content and the propagation chain data to the server 300, thereby ensuring that the propagation chain data remains in the file if it is copied. It will be appreciated that if the server 300 replicates the file as a new file, the propagation chain data in the source file will be replicated and preserved.
Based on the design, the propagation chain data of the file can be protected from being tampered and lost in the processes of downloading, copying, modifying and uploading by a security sandbox mechanism of the system.
Referring to fig. 11, fig. 11 is a schematic structural diagram of a file sharing device according to an embodiment of the application. The file sharing device 500 may be used to perform some or all of the steps of the file sharing method described in fig. 3 to 10, and the detailed description of fig. 3 to 10 is omitted herein.
In one possible implementation, the file sharing device 500 may be a server.
As shown in fig. 11, the file sharing apparatus 500 provided in the embodiment of the present application may include an obtaining unit 501 and a control unit 502.
The obtaining unit 501 is configured to obtain a file of a first user in response to a request to share the file to a second user.
It will be appreciated that the file includes propagation chain data, which is data formed by the individual users through which the file is propagated.
The obtaining unit 501 is also configured to obtain propagation rules from the propagation chain data. The propagation rule is a sharing rule set when the first user shares the file with the second user.
The control unit 502 is configured to control file sharing of the second user by the first user using the propagation rules in the file.
In one possible design, the control unit 502 is further configured to prohibit the second user from tampering with the file according to the propagation rule.
In one possible design, the control unit 502 is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule.
In one possible design, the control unit 502 is further configured to define the number of users receiving the file according to the propagation rule.
It should be understood that the division of each module in the file sharing device is only used for illustration, and in other embodiments, the file sharing device may be divided into different modules according to the need to complete all or part of the functions of the file sharing device.
The specific implementation of each unit in the embodiments of the present application may also correspond to the corresponding description of the method embodiments shown with reference to fig. 3 to 10. In the file sharing device illustrated in fig. 11, the file sharing range can be controlled, and the file can be prevented from being maliciously or illegally propagated. For details, reference may be made to the above embodiments of the file sharing method, which are not described in detail herein.
In this embodiment, the file sharing device 500 is presented in the form of a unit. "unit" herein may refer to an application-specific integrated circuit (ASIC), a processor and memory that execute one or more software or firmware programs, an integrated logic circuit, and/or other devices that can provide the above-described functionality. Further, the acquisition unit 501 and the control unit 502 may be implemented by the processor 601 of the file sharing apparatus shown in fig. 12.
As shown in fig. 12, the file sharing apparatus 600 may be implemented in the structure of fig. 12, where the file sharing apparatus 600 includes at least one processor 601, at least one memory 602, and at least one communication interface 603.
The processor 601, the memory 602, and the communication interface 603 may be connected by a communication bus and perform communication with each other.
The processor 601 may be a general purpose Central Processing Unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the above-described program schemes.
A communication interface 603 for communicating with other devices or communication networks, such as ethernet, radio Access Network (RAN), wireless local area network (Wireless Local Area Networks, WLAN), etc.
The Memory 602 may be, but is not limited to, a read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a random access Memory (random access Memory, RAM) or other type of dynamic storage device that can store information and instructions, an electrically erasable programmable read-Only Memory (ELECTRICALLY ERASABLE PROGRAMMABLE READ-Only Memory, EEPROM), a compact disc read-Only Memory (Compact Disc Read-Only Memory) or other optical disc storage, a compact disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory may be stand alone and coupled to the processor via a bus. The memory may also be integrated with the processor.
Wherein the memory 602 is used for storing application program codes for executing the above schemes, and the execution is controlled by the processor 601. The processor 601 is arranged to execute application code stored in the memory 602. The code stored in the memory 602 may perform some or all of the steps of the file sharing method described in fig. 3 to 10.
It will be evident to those skilled in the art that the application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. Therefore, appropriate modifications and variations of the above embodiments should be included within the scope of the application as hereinafter claimed.

Claims (11)

1.一种文件分享方法,其特征在于,所述文件分享方法包括:1. A file sharing method, characterized in that the file sharing method comprises: 响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;In response to a request to share a file of a first user with a second user, obtaining the file of the first user; wherein the file includes propagation chain data, and the propagation chain data is data formed by each user through which the file passes when being propagated; 从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;Acquire a propagation rule from the propagation chain data, wherein the propagation rule is a sharing rule set when each user shares a file; 使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。The propagation rule in the file is used to control the file sharing of the first user to the second user. 2.如权利要求1所述的文件分享方法,其特征在于,2. The file sharing method according to claim 1, wherein: 所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户对文件进行篡改。When the first user shares a file with the second user, the dissemination rule prohibits the second user from tampering with the file. 3.如权利要求1或2所述的文件分享方法,其特征在于,3. The file sharing method according to claim 1 or 2, characterized in that: 所述第一用户在向第二用户进行文件分享时,所述传播规则为禁止第二用户向第三用户分享文件。When the first user shares a file with the second user, the propagation rule prohibits the second user from sharing the file with a third user. 4.如权利要求1所述的文件分享方法,其特征在于,4. The file sharing method according to claim 1, wherein: 所述第一用户在向第二用户进行文件分享时,所述传播规则为限定接收文件的用户数量。When the first user shares a file with the second user, the propagation rule is to limit the number of users who receive the file. 5.如权利要求1所述的文件分享方法,其特征在于,所述方法还包括:5. The file sharing method according to claim 1, characterized in that the method further comprises: 所述第二用户通过用户设备中的应用下载所述文件的内容和传播链数据,将所述文件的内容和传播链数据保存到安全沙箱中。The second user downloads the content and propagation chain data of the file through an application in the user device, and saves the content and propagation chain data of the file in a security sandbox. 6.如权利要求5所述的文件分享方法,其特征在于,6. The file sharing method according to claim 5, characterized in that: 当所述第二用户复制所述文件为一个新文件时,所述应用在所述安全沙箱中复制包括文件内容和所述传播链数据的文件。When the second user copies the file as a new file, the application copies the file including the file content and the propagation chain data in the security sandbox. 7.如权利要求6所述的文件分享方法,其特征在于,7. The file sharing method according to claim 6, wherein: 当所述第二用户上传所述新文件至服务器时,所述应用将所述文件内容和所述传播链数据均上传至服务器。When the second user uploads the new file to the server, the application uploads both the file content and the propagation chain data to the server. 8.一种文件分享装置,其特征在于,所述文件分享装置包括:8. A file sharing device, characterized in that the file sharing device comprises: 获取单元,被配置为响应于将第一用户的文件分享给第二用户的请求,获取所述第一用户的所述文件;其中所述文件中包括传播链数据,所述传播链数据是所述文件在进行传播时所经过的各个用户所形成的数据;An acquisition unit is configured to acquire the file of the first user in response to a request to share the file of the first user with a second user; wherein the file includes propagation chain data, and the propagation chain data is data formed by each user through which the file passes when being propagated; 所述获取单元还被配置为从所述传播链数据中获取传播规则,其中,所述传播规则为每个用户分享文件时所设定的分享规则;The acquisition unit is further configured to acquire a propagation rule from the propagation chain data, wherein the propagation rule is a sharing rule set when each user shares a file; 控制单元,被配置为使用所述文件中的所述传播规则控制所述第一用户对所述第二用户的文件分享。A control unit is configured to control the file sharing of the first user to the second user using the propagation rule in the file. 9.如权利要求8所述的文件分享装置,其特征在于,9. The file sharing device as claimed in claim 8, wherein: 所述控制单元还被配置为根据所述传播规则禁止第二用户对文件进行篡改。The control unit is further configured to prohibit the second user from tampering with the file according to the propagation rule. 10.如权利要求8或9所述的文件分享装置,其特征在于,10. The file sharing device according to claim 8 or 9, characterized in that: 所述控制单元还被配置为根据所述传播规则禁止第二用户向第三用户分享文件。The control unit is further configured to prohibit the second user from sharing the file with the third user according to the propagation rule. 11.如权利要求8所述的文件分享装置,其特征在于,11. The file sharing device as claimed in claim 8, wherein: 所述控制单元还被配置为根据所述传播规则限定接收文件的用户数量。The control unit is further configured to limit the number of users receiving the file according to the propagation rule.
CN202110291947.2A 2021-03-18 2021-03-18 File sharing method and device Active CN115114252B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110291947.2A CN115114252B (en) 2021-03-18 2021-03-18 File sharing method and device
PCT/CN2022/081009 WO2022194167A1 (en) 2021-03-18 2022-03-15 File sharing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110291947.2A CN115114252B (en) 2021-03-18 2021-03-18 File sharing method and device

Publications (2)

Publication Number Publication Date
CN115114252A CN115114252A (en) 2022-09-27
CN115114252B true CN115114252B (en) 2025-07-08

Family

ID=83321721

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110291947.2A Active CN115114252B (en) 2021-03-18 2021-03-18 File sharing method and device

Country Status (2)

Country Link
CN (1) CN115114252B (en)
WO (1) WO2022194167A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101778352A (en) * 2009-12-25 2010-07-14 中兴通讯股份有限公司 Realization method and system of technology for protecting multimedia message contents
CN108924666A (en) * 2018-07-31 2018-11-30 成都华栖云科技有限公司 A kind of method that the video content of enhancing propagates analysis
CN111339543A (en) * 2020-02-27 2020-06-26 深信服科技股份有限公司 File processing method and device, equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102801640B (en) * 2011-05-23 2016-06-01 腾讯科技(深圳)有限公司 A kind of method and apparatus of message examination & verification
CN103297484B (en) * 2012-03-05 2017-07-11 腾讯科技(深圳)有限公司 resource sharing method and device
CN110798819B (en) * 2018-08-01 2021-04-20 华为技术有限公司 A message dissemination method and device
CN112363988A (en) * 2020-11-13 2021-02-12 深圳传音控股股份有限公司 File sharing method, mobile terminal and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101778352A (en) * 2009-12-25 2010-07-14 中兴通讯股份有限公司 Realization method and system of technology for protecting multimedia message contents
CN108924666A (en) * 2018-07-31 2018-11-30 成都华栖云科技有限公司 A kind of method that the video content of enhancing propagates analysis
CN111339543A (en) * 2020-02-27 2020-06-26 深信服科技股份有限公司 File processing method and device, equipment and storage medium

Also Published As

Publication number Publication date
CN115114252A (en) 2022-09-27
WO2022194167A1 (en) 2022-09-22

Similar Documents

Publication Publication Date Title
KR102696321B1 (en) User Consent Framework
RU2295157C2 (en) Method for joint usage of privilege objects between users
US8683552B2 (en) Information distribution system and terminal device
US20130054697A1 (en) System and method for sharing content using near field communication in a cloud network
JP2012053894A (en) Method and apparatus for enforcing application level restrictions on local and remote content
US8190636B2 (en) Method, apparatus and computer program product for providing object privilege modification
KR20160089436A (en) Managed domains for remote content and configuration control on mobile information devices
JP5837219B2 (en) Method and system for lending digital content
CN100593786C (en) System and method for providing access to OMA DRM protected files from JAVA applications
US20220414244A1 (en) Sender-based consent mechanism for sharing images
CN112468482A (en) Data transmission method, device, server, storage medium and system
US9665723B2 (en) Watermarking detection and management
CN105074711A (en) Method and device for sending files containing access-controlled multimedia content
AU2012304788B2 (en) Content handling for applications
JP2007310822A (en) Information processing system and information control program
JP2015133087A (en) File management device, file management system, and program
CN115114252B (en) File sharing method and device
US20150347365A1 (en) System and method for distributing censored and encrypted versions of a document
US10931446B2 (en) Method and system for protecting sharing information
US20220058275A1 (en) System, devices and/or processes for system ownership change event
Lane Does the android permission system provide adequate information privacy protection for end-users of mobile apps?
KR100891564B1 (en) Method and apparatus for dealing with proprietary data format content
KR20190061251A (en) Data transmission method
HK1114504B (en) System and method for providing access to oma drm protected files from java applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant