[go: up one dir, main page]

WO2017166359A1 - Procédé d'accès à un domaine utilisateur, dispositif d'accès et terminal mobile - Google Patents

Procédé d'accès à un domaine utilisateur, dispositif d'accès et terminal mobile Download PDF

Info

Publication number
WO2017166359A1
WO2017166359A1 PCT/CN2016/080617 CN2016080617W WO2017166359A1 WO 2017166359 A1 WO2017166359 A1 WO 2017166359A1 CN 2016080617 W CN2016080617 W CN 2016080617W WO 2017166359 A1 WO2017166359 A1 WO 2017166359A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
access
user domain
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/080617
Other languages
English (en)
Chinese (zh)
Inventor
崔宇
王晓菲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Publication of WO2017166359A1 publication Critical patent/WO2017166359A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present invention relates to the field of terminal technologies, and in particular, to a user domain access method, a user domain access device, and a mobile terminal.
  • a security domain with a higher security level than the standard domain is stored outside the standard domain to store the applications and information, and is usually set in the standard domain.
  • the icon of the security domain is used as the access point of the security domain.
  • the invention is based on at least one of the above technical problems, and proposes a new user domain access scheme, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related art, and greatly improves the entire access process of the user domain.
  • the security meets the actual needs of users.
  • the present invention provides a user domain access method, including: hiding a specified user domain Detecting whether to obtain trigger information for triggering access to the specified user domain; and determining to obtain the trigger information, authenticating a user accessing the specified user domain; The user's authentication is passed, and the specified user domain is run.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "input error, please retry” can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
  • the step of authenticating a user accessing the specified user domain comprises: acquiring at least one unlocking element on the predetermined interface, and calculating according to the at least one unlocking element. Determining an access password of the user domain; obtaining verification information input by the user; determining whether the verification information matches the access password; and if determining that the verification information matches the access password, determining the opposite The user's authentication is passed.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the step of calculating an access password of the specified user domain according to the at least one unlocking element specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
  • a device for accessing a user domain including: a hiding unit, configured to hide an access entry of a specified user domain; and a first detecting unit, configured to detect whether the The triggering information is used to specify the user domain to access the authentication information, and the authentication unit is configured to perform identity verification on the user accessing the specified user domain when determining the triggering information, and the processing unit is configured to be in the identity verification unit.
  • the specified user domain is run when the authentication of the user passes.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the first detecting unit is specifically configured to: obtain character information input by the user, and determine whether the character information matches the preset character information, when determining the character information and When the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information. When it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "Input error, please retry” can be displayed at the same time, and the same preset information is continued for the second time, the whole process is to others. It is somewhat confusing and therefore improves safety.
  • the identity verification unit includes: a first obtaining unit, configured to acquire at least one unlocking element on the predetermined interface; and a calculating unit, configured to calculate, according to the at least one unlocking element, The access password of the specified user domain; the second obtaining unit is configured to obtain the verification information input by the user; the determining unit is configured to determine whether the verification information matches the access password, and the determining unit is configured to When the determining unit determines that the verification information matches the access password, it determines that the identity verification of the user passes.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the calculating unit is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and the The preset password generation rule corresponding to each unlocking element is calculated, and the access password is calculated.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: a second detecting unit, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired; When the second detecting unit determines that the verification information is acquired within the predetermined time, it is determined whether the verification information matches the access password.
  • a mobile terminal comprising a processor and a memory, wherein the memory stores a set of program codes, and the processor is configured to call program code stored in the memory for Do the following:
  • the step of detecting, by the processor, the trigger information for triggering access to the specified user domain specifically includes:
  • the step of the processor performing identity verification on a user accessing the specified user domain includes:
  • the step of calculating, by the processor, the access password of the specified user domain, according to the at least one unlocking element specifically includes:
  • the processor further performs the following operations before the step of determining whether the verification information matches the access password:
  • the access entry of the user domain is hidden and the dynamic access password is set for the user domain, which effectively avoids the problems of poor confidentiality and high leakage of the access method in the related technology, and greatly improves the security of the entire access process of the user domain. , to meet the actual needs of users.
  • FIG. 1 shows a schematic flow chart of a method of accessing a user domain according to an embodiment of the present invention
  • FIG. 2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention
  • FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention
  • 4A and 4B are diagrams showing an interface of a mobile terminal according to an embodiment of the present invention.
  • FIG. 5 is a schematic flow chart showing a method of accessing a user domain according to another embodiment of the present invention.
  • FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention.
  • FIG. 1 shows a schematic flow chart of a method of accessing a user domain in accordance with an embodiment of the present invention.
  • a method for accessing a user domain includes:
  • Step 102 Hide an access entry of a specified user domain.
  • Step 104 Detect whether a trigger information for triggering access to the specified user domain is obtained.
  • Step 106 When it is determined that the trigger information is obtained, accessing the user of the specified user domain Authenticate;
  • Step 108 Run the specified user domain if the identity verification of the user passes.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the step of detecting whether the trigger information for triggering access to the specified user domain is obtained, specifically comprising: acquiring character information input by the user, and determining the character information and the preset character Whether the information is matched, when it is determined that the character information matches the preset character information, determining that the trigger information is acquired; or acquiring information that the user inputs multiple times in succession, and determining that the user inputs each time Whether the information is matched with the preset information, when it is determined that the information input by the user matches the preset information, it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), for example, input the same preset twice in the unlock interface.
  • the prompt information such as "input error, please retry” can be displayed at the same time, and the same preset information is continuously input for the second time, the whole process is somewhat deceptive to others, so Will improve security.
  • the user accessing the specified user domain is performed on the body.
  • the step of verifying specifically includes: acquiring at least one unlocking element on the predetermined interface, and calculating an access password of the specified user domain according to the at least one unlocking element; acquiring verification information input by the user; determining the verification Whether the information matches the access password; if it is determined that the verification information matches the access password, it is determined that the authentication of the user is passed.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the step of calculating an access password of the specified user domain according to the at least one unlocking element specifically, determining: determining, corresponding to each of the at least one unlocking element, the unlocking element Presetting a password generation rule; calculating the access password according to the at least one unlocking element and a preset password generation rule corresponding to each of the unlocking elements.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: detecting whether the location is acquired within a predetermined time after the trigger information is acquired Determining the verification information; if it is determined that the verification information is acquired within the predetermined time, performing the step of determining whether the verification information matches the access password.
  • FIG. 2 shows a schematic block diagram of an access device of a user domain in accordance with an embodiment of the present invention.
  • the access device 200 of the user domain includes: a hiding unit 202, a first detecting unit 204, an identity verifying unit 206, and a processing unit 208.
  • the hiding unit 202 is configured to hide an access entry of the specified user domain
  • the detecting unit 204 is configured to detect whether trigger information for triggering access to the specified user domain is acquired
  • the identity verification unit 206 is configured to determine When the trigger information is obtained, the user accessing the specified user domain is authenticated; and the processing unit 208 is configured to run the specified user domain when the identity verification unit passes the identity verification of the user.
  • the terminal by hiding the access entry of the user domain (the user can hide any user domain in the terminal according to actual needs, in particular, a user domain storing user private information or some payment application, etc.), hiding the user After the access point of the domain is displayed, the icon of the user domain is not displayed on any interface of the terminal, so that anyone other than the user is difficult to know the existence of the user domain, and the user domain access in the related technology is effectively solved.
  • the problem of poor privacy when the user has access requirements for the specified user domain of the hidden access portal, the terminal detects whether the trigger information for triggering access to the specified user domain is obtained, and determines that the trigger is obtained.
  • the user accessing the specified user domain is authenticated, the authentication of the user is passed, and the specified user domain is run. Since the access entry of the user domain is hidden, the authentication of the user input is performed when the user is authenticated.
  • Information it is difficult for others to associate verification information with hidden user domains, reducing password leakage Probability, to ensure the security of the whole process of user access to the domain, user privacy and security to meet the needs of the user domain access process.
  • the first detecting unit 204 is specifically configured to: acquire character information input by the user, and determine whether the character information matches the preset character information, when determining the character information.
  • the preset character information is matched, it is determined that the trigger information is acquired; or the information that the user inputs multiple times in succession is obtained, and it is determined whether the information input by the user each time matches the preset information.
  • it is determined that the information input by the user each time matches the preset information it is determined that the trigger information is acquired.
  • the preset character information can be input (the preset character information can be set by the user preset), For example, input the character information “**##” on the emergency call interface; you can also input the same preset information multiple times in succession (the preset information can be preset by the user), such as continuous on the unlock interface.
  • the prompt information such as “Input error, please retry” can be displayed at the same time, and the same preset information is continued for the second time. The whole process has the same for others. Certainly confusing, so it will improve safety.
  • the identity verification unit 206 includes: a first obtaining unit 206A, configured to acquire at least one unlocking element on a predetermined interface; and a calculating unit 206B, configured to unlock according to the at least one An element, the access password of the specified user domain is calculated; the second obtaining unit 206C is configured to obtain the verification information input by the user; the determining unit 206D is configured to determine whether the verification information matches the access password; The unit 206E is configured to determine, when the determining unit determines that the verification information matches the access password, determine that the identity verification of the user passes.
  • the access password of the user domain is fixed, the user inputs the same password every time, and there may be a security risk of the password leakage, so by acquiring at least one unlocking element on the predetermined interface, and according to at least An unlocking element calculates the access password of the specified user domain, so that the access password of the user domain is in a changed state, and the setting is not fixed.
  • the user does not input a password when accessing, effectively avoiding password leakage.
  • the unlocking element may be time, date, character information, and the like on the predetermined interface.
  • the calculating unit 206B is specifically configured to: determine a preset password generation rule corresponding to each of the at least one unlocking element; according to the at least one unlocking element and The preset password generation rule corresponding to each unlocking element calculates the access password.
  • the at least one unlocking element and the preset password generating rule corresponding to each unlocking element may be specifically calculated, wherein the unlocking element may be time, date, and character information on the predetermined interface.
  • the unlocking element may be time, date, and character information on the predetermined interface.
  • Etc For example, if the time (10:51) is used as the unlocking element and the inversion method is used as the corresponding default password generating rule, then the current verification password is calculated as "1501". This example is only used to calculate how to calculate The verification password is described without limitation.
  • the user can set the number of unlocking elements according to actual needs, and the preset password generation rules corresponding to each unlocking element.
  • the preset passwords of each unlocking element can be the same. It can also be different.
  • the method further includes: a second detecting unit 210, configured to detect whether the verification information is acquired within a predetermined time after the trigger information is acquired;
  • the breaking unit 206D is specifically configured to determine, when the second detecting unit 210 determines that the verification information is acquired within the predetermined time, whether the verification information matches the access password.
  • FIG. 3 shows a schematic block diagram of a mobile terminal in accordance with an embodiment of the present invention.
  • the mobile terminal 300 includes: an access device 200 of a user domain as shown in FIG. 2.
  • the initialization phase in the "Settings -> Lock Screen” setting item in the mobile terminal, a "Security Domain On” option specifically for processing the security domain policy may be added, and the security domain opening operation may be set.
  • the method includes a "preamble password” mode selection, a "preamble password” setting, a “security password” algorithm setting, and the like, and the security domain is hidden, that is, the interface is not displayed on any interface in the mobile terminal.
  • the access point of the security domain (such as the icon of the security domain), the user can set the association relationship between the "preamble password” and the security domain, so that the mobile terminal performs the "first password” in the subsequent processing. Triggers access to the security domain.
  • the role of the "preamble password” is to enable the "pilot mode”: notify the system user to try to enter the "security domain”, and prepare for this, such as pulling up relevant content in the background, obtaining the algorithm according to the user and related information.
  • the “emergency call” function 402 exists on the lock screen interface. After clicking 402, the “emergency call” interface can be accessed as an implicit security domain unlock interface, which not only has high concealment, but also has high concealment. Increased operational space for password settings.
  • the setting of "confusing type pilot password” can be based on the normal lock screen interface, such as graphic unlocking interface, digital unlocking interface, etc.
  • the setting rules are the same as the general unlocking password. The difference is: when you first enter the "confusing type pilot password", If the password is entered incorrectly, you need to enter the same "confusing pilot password” again before you can enable the "leading mode” to prepare the background of the security domain. Generally, after starting the "leading mode", you can jump to "emergency call”.
  • the interface receives the verification password input by the user through the “emergency call” interface for further verification.
  • the predetermined duration of the "pilot mode” is initiated (ie, the predetermined duration from the input of the "leading password", the predetermined duration may be determined by the user or the system default setting) whether the verification password input by the user is received, if the predetermined password is exceeded If the duration does not perform the input operation of verifying the password, the "lead mode" will be exited, and even if the correct verification password is entered, the system will not be verified.
  • the "security password” calculated by the system is the verification password for the security domain after entering the "leading mode". It does not use a fixed password, and can be combined with the specified information on the Keyguard interface (the specified information can be customized by the user). Algorithmic password setting, such as date, time, and lock screen information on the screen.
  • the specified date is the current date and time on the lock screen interface, for example, the current date and time is: 2016.01.29 12:31;
  • Inverted method Invert the current date and time (2016.01.29 12:31) and set it as “secure password”, then get “secure password” as “13 21 92 10 6102”, the user only needs to input when actually operating.
  • the verification password is “13 21 92 10 6102”, and you can access the security domain, which is easy to operate.
  • the registration method the user can arbitrarily set the alignment rule according to his own operating habits and requirements during the initial setting phase.
  • This embodiment describes the following alignment rules: from left to right, 4 bits are taken as a unit (such as " 2016" is a group, "0129” is a group, "1231” is a group), and then it is divided into 2 pairs of 2 digits, and the operation of ten and one digits respectively is performed, taking the addition as an example: 20, 16 Corresponding addition (2+1,0+6), the month and the Japanese registration are added (0+2,1+9), and the time and the quantitation are added (1+3, 2+1). Get the "Security Password” as "3 6 2 10 4 3".
  • Pinyin method Based on the customized lock screen information, the number corresponding to the pinyin is the password. For example, “Welcome to you” (HuanYingNi), then get the “security password” as "4826 9464 64", of course, you can also set the letter “HuanYingNi” to "security password”.
  • the processing process at the time of implementation, as shown in FIG. 5, includes:
  • step 502 it is determined whether it is in the lock screen interface. If yes, step 504 is performed; otherwise, step 516 is performed.
  • Step 504 it is determined whether there is a "prefix type first arrival password" or "confusing type pilot password” verification pass, and if so, step 506 is performed; otherwise, step 516 is performed.
  • step 506 the "pilot mode” is turned on, and the current "secure password” is calculated by setting an algorithm and specifying information.
  • Step 508 Determine whether the verification password input by the user is received within a predetermined duration of starting the "pilot mode". If yes, go to step 510; otherwise, go to step 512.
  • step 510 it is determined whether the current "secure password" and the verification password input by the user match, and if so, step 514 is performed; otherwise, step 516 is performed.
  • step 512 the "lead mode" is exited.
  • Step 514 run and enter the security domain.
  • step 516 access or entry to the security domain is prohibited.
  • FIG. 6 shows a schematic block diagram of a mobile terminal in accordance with another embodiment of the present invention.
  • the mobile terminal may include at least one processor 61, such as a CPU, at least one communication bus 62, and a memory 63; a communication bus 62 for implementing connection communication between these components; and the memory 63 may be a high speed
  • the RAM memory may also be a non-volatile memory such as at least one disk memory.
  • a set of program codes is stored in the memory 63, and the processor 61 is configured to call the program code stored in the memory 63 to perform the following operations:
  • the step of detecting, by the processor 61, the trigger information for triggering access to the specified user domain specifically includes:
  • the step of the processor 61 performing identity verification on a user accessing the specified user domain includes:
  • the step of calculating, by the processor 61, the access password of the specified user domain, according to the at least one unlocking element specifically includes:
  • the processor further performs the following operations before the step of determining whether the verification information matches the access password:
  • the Keyguard (keyboard lock) application can be fully utilized, and the security domain hiding and encryption can be well realized on the basis of retaining the user's usage habits, which has high security and practicability, and can be largely Improve the user experience.
  • the technical solution of the present invention is described in detail above with reference to the accompanying drawings.
  • the technical solution of the present invention proposes a new user domain access scheme, which effectively avoids by hiding the access entry of the user domain and setting a dynamic access password for the user domain.
  • the access method has poor confidentiality and high leakage, which greatly improves the security of the entire access process of the user domain and satisfies the actual needs of the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Telephone Function (AREA)
  • Medical Informatics (AREA)
  • Automation & Control Theory (AREA)
  • Telephonic Communication Services (AREA)
  • Lock And Its Accessories (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé d'accès à un domaine utilisateur, un dispositif d'accès et un terminal mobile. Le procédé d'accès à un domaine utilisateur consiste : à masquer un point d'accès d'un domaine utilisateur désigné (102) ; à détecter si des informations de déclenchement destinées à déclencher un accès au domaine utilisateur désigné ont été acquises (104) ; s'il est déterminé que les informations de déclenchement ont été acquises, à contrôler un utilisateur accédant au domaine utilisateur désigné (106) ; et à autoriser une opération dans le domaine utilisateur désigné si l'utilisateur a été contrôlé avec succès (108). Des problèmes tels qu'une faible confidentialité d'accès et un risque de fuite élevé sont évités par le masquage d'un point d'accès d'un domaine utilisateur et la mise en place d'un mot de passe dynamique pour accéder au domaine utilisateur, ce qui permet d'améliorer considérablement la sécurité dans l'ensemble du processus d'accès au domaine utilisateur et de satisfaire des besoins réels des utilisateurs.
PCT/CN2016/080617 2016-03-28 2016-04-29 Procédé d'accès à un domaine utilisateur, dispositif d'accès et terminal mobile Ceased WO2017166359A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610182256.8A CN105787318B (zh) 2016-03-28 2016-03-28 用户域的访问方法、访问装置及移动终端
CN201610182256.8 2016-03-28

Publications (1)

Publication Number Publication Date
WO2017166359A1 true WO2017166359A1 (fr) 2017-10-05

Family

ID=56391872

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/080617 Ceased WO2017166359A1 (fr) 2016-03-28 2016-04-29 Procédé d'accès à un domaine utilisateur, dispositif d'accès et terminal mobile

Country Status (2)

Country Link
CN (1) CN105787318B (fr)
WO (1) WO2017166359A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503583B (zh) * 2016-10-26 2019-06-14 北京小米移动软件有限公司 终端分身的操作方法及装置
CN106548051A (zh) * 2016-10-31 2017-03-29 宇龙计算机通信科技(深圳)有限公司 私人访问模式的管理方法、管理装置和终端
CN112784245A (zh) * 2020-06-05 2021-05-11 环鸿电子(昆山)有限公司 移动设备的屏幕解锁方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103294941A (zh) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 访问隐私空间的方法及移动设备
US20140366114A1 (en) * 2012-03-02 2014-12-11 Tencent Technology (Shenzhen) Company Limited Login Method and Device, Terminal and Network Server
CN104732125A (zh) * 2015-01-30 2015-06-24 深圳市中兴移动通信有限公司 加密信息的显示方法及终端
CN105069333A (zh) * 2015-08-20 2015-11-18 宇龙计算机通信科技(深圳)有限公司 用户域的访问方法、访问系统及终端
CN105160274A (zh) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 一种用户数据的保护方法及终端

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1281025C (zh) * 2003-09-08 2006-10-18 赵忠华 可变密码身份验证方法
CN103377352A (zh) * 2012-04-16 2013-10-30 上海博路信息技术有限公司 一种滑动密码的解锁方法
CN103809897B (zh) * 2012-11-15 2017-06-30 展讯通信(上海)有限公司 终端设备及其控制方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103294941A (zh) * 2012-02-22 2013-09-11 腾讯科技(深圳)有限公司 访问隐私空间的方法及移动设备
US20140366114A1 (en) * 2012-03-02 2014-12-11 Tencent Technology (Shenzhen) Company Limited Login Method and Device, Terminal and Network Server
CN104732125A (zh) * 2015-01-30 2015-06-24 深圳市中兴移动通信有限公司 加密信息的显示方法及终端
CN105069333A (zh) * 2015-08-20 2015-11-18 宇龙计算机通信科技(深圳)有限公司 用户域的访问方法、访问系统及终端
CN105160274A (zh) * 2015-09-24 2015-12-16 宇龙计算机通信科技(深圳)有限公司 一种用户数据的保护方法及终端

Also Published As

Publication number Publication date
CN105787318A (zh) 2016-07-20
CN105787318B (zh) 2018-09-14

Similar Documents

Publication Publication Date Title
US11212283B2 (en) Method for authentication and authorization and authentication server using the same for providing user management mechanism required by multiple applications
US9641521B2 (en) Systems and methods for network connected authentication
US8863243B1 (en) Location-based access control for portable electronic device
US20130024932A1 (en) Enhanced security for bluetooth-enabled devices
CN104992102A (zh) 一种消息显示方法及装置
WO2016106989A1 (fr) Procédé et appareil d'authentification de sécurité multi-système ainsi que terminal
CN105929974B (zh) 一种密码输入管理方法及移动终端
EP3815413B1 (fr) Authentification d'utilisateur à l'aide d'un dispositif compagnon
WO2014121612A1 (fr) Procédé et dispositif pour déverrouiller un écran, et terminal
US10140445B2 (en) Information processing apparatus and information processing method
CN103813334A (zh) 权限控制方法和权限控制装置
WO2019047148A1 (fr) Procédé de vérification de mot de passe, terminal, et support de stockage lisible par ordinateur
WO2017166689A1 (fr) Procédé et dispositif de protection de la confidentialité
CN104252305A (zh) 电子装置解锁系统及方法
CN106897629A (zh) 终端应用的控制方法及终端
TWI739778B (zh) 作業系統之登入機制
CN115396139B (zh) 密码防盗的认证及加密的系统和方法
WO2017166359A1 (fr) Procédé d'accès à un domaine utilisateur, dispositif d'accès et terminal mobile
US10009341B1 (en) External keyboard with OTP capability
CN106936672A (zh) 燃气设备的控制方法及终端
WO2016116017A1 (fr) Procédé et dispositif de déverrouillage pour écran tactile, et procédé et dispositif de mise à jour d'interface de verrouillage pour écran tactile
WO2017071498A1 (fr) Procédé et dispositif d'authentification d'identité
CN106503504A (zh) 一种解锁方法及装置
EP3037997A1 (fr) Appareil, procédé de traitement d'ouverture de session et programme
RU2488879C1 (ru) Система и способ для защиты доступа к данным, сохраненным на мобильном устройстве, с помощью пароля

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16896137

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16896137

Country of ref document: EP

Kind code of ref document: A1