CN105763523A - Method, device and mobile terminal preventing application information leakage - Google Patents
Method, device and mobile terminal preventing application information leakage Download PDFInfo
- Publication number
- CN105763523A CN105763523A CN201410799453.5A CN201410799453A CN105763523A CN 105763523 A CN105763523 A CN 105763523A CN 201410799453 A CN201410799453 A CN 201410799453A CN 105763523 A CN105763523 A CN 105763523A
- Authority
- CN
- China
- Prior art keywords
- application information
- protected
- needing
- ciphertext
- storage position
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 230000009545 invasion Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000013478 data encryption standard Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method, device and mobile terminal preventing application information leakage and relates to the field of network security. The method includes encrypting to-be-protected application information for obtaining a ciphertext of the application information, and storing the ciphertext of the application information to a storage position of the application information; responding a use request for the application information, reading the ciphertext of the application information from the storage position of the application information, decrypting the ciphertext of the application information for obtaining the application information and sending the application information obtained through decryption to a request party only. Therefore, local storage safety of the application information is ensured and risks of application information leakage after invasion to the local network can be eliminated.
Description
Technical Field
The present invention relates to the field of network security, and in particular, to a method, an apparatus, and a mobile terminal for preventing application information leakage.
Background
With the popularization of mobile intelligent terminals, the security problem of application information on the mobile intelligent terminals is receiving more and more attention. In the application running process, a large amount of application information, such as communication records, short messages and the like, can be generated or obtained on the mobile intelligent terminal, and the information is stored on the mobile terminal in a plaintext mode, so that an illegal user or illegal application can easily intercept and utilize the application information to cause harm or loss to the mobile intelligent terminal user. Therefore, an effective solution is needed to solve the problem that application information on the mobile intelligent terminal is easy to leak.
Disclosure of Invention
The embodiment of the invention aims to solve the technical problem that: and the application information is easy to leak.
According to an aspect of the embodiments of the present invention, a method for preventing application information leakage is provided, which includes: encrypting the application information needing to be protected to obtain a ciphertext of the application information, and storing the ciphertext of the application information to a storage position where the application information is located; and responding to the application information use request, reading the application information ciphertext from the storage position where the application information is located, decrypting the application information ciphertext to obtain the application information, and sending the application information to the application information requester.
In one embodiment, the method for preventing application information leakage further comprises: determining application information needing to be protected or keywords of the application information needing to be protected according to user-defined application information; or determining the application information needing to be protected or the keywords of the application information needing to be protected according to a preset protection strategy.
In one embodiment, the method for preventing application information leakage further comprises: searching by using the application information needing to be protected so as to determine the storage position of the application information needing to be protected; or, searching by using the keyword of the application information needing to be protected to determine the application information needing to be protected and the storage position of the application information needing to be protected.
In one embodiment, the encryption and decryption algorithms in the method for preventing application information leakage comprise a symmetric encryption algorithm and an asymmetric encryption algorithm.
In one embodiment, the application information that needs to be protected includes: account number, password, location information, contact information, call record, short message, international mobile subscriber identity IMSI, mobile equipment international identity IMEI, and bank account number.
According to another aspect of the embodiments of the present invention, an apparatus for preventing application information leakage is provided, which includes: the encryption unit is used for encrypting the application information needing to be protected to obtain a ciphertext of the application information and storing the ciphertext of the application information to a storage position where the application information is located; and the decryption unit is used for responding to the use request of the application information, reading the ciphertext of the application information from the storage position where the application information is located, decrypting the ciphertext of the application information to obtain the application information, and sending the application information to the requester of the application information.
In one embodiment, the apparatus further comprises: the application information determining unit is used for determining the application information needing to be protected or the keywords of the application information needing to be protected according to the user-defined application information; or, the method is used for determining the application information needing to be protected or the keyword of the application information needing to be protected according to a preset protection policy.
In one embodiment, the apparatus further comprises: the searching unit is used for searching by using the application information needing to be protected so as to determine the storage position of the application information needing to be protected; or, the method is used for searching by using the keyword of the application information needing to be protected so as to determine the application information needing to be protected and the storage position where the application information needs to be protected.
In one embodiment, the encryption and decryption algorithms include a symmetric encryption algorithm and an asymmetric encryption algorithm.
In one embodiment, the application information that needs to be protected includes: account number, password, location information, contact information, call record, short message, international mobile subscriber identity IMSI, mobile equipment international identity IMEI, and bank account number.
According to another aspect of the embodiments of the present invention, a mobile terminal for preventing application information leakage is provided, which includes the apparatus for preventing application information leakage in any of the above embodiments.
The embodiment of the invention stores the ciphertext of the application information locally, decrypts the ciphertext of the application information when the application information is required to be used, and transmits the decrypted application information to the requester only, thereby protecting the safety of the local storage of the application information and preventing the danger of application information leakage after the local is invaded.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flow chart illustrating an embodiment of a method for preventing application information leakage according to the present invention.
Fig. 2 is a schematic structural diagram illustrating an embodiment of the apparatus for preventing application information leakage according to the present invention.
Fig. 3 is a schematic structural diagram of an embodiment of the apparatus for preventing application information leakage according to the present invention.
Fig. 4 is a schematic structural diagram of a device for preventing application information leakage according to still another embodiment of the present invention.
Fig. 5 shows a schematic structural diagram of an embodiment of the mobile terminal of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The relative arrangement of the components and steps, the numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
In order to solve the problem that the application information in the mobile terminal is easily leaked, the inventor proposes to perform security encryption and decryption on the application information needing to be protected, so as to protect the security of the local storage of the application information, and the technical scheme of the invention is specifically described below.
Fig. 1 is a schematic flow chart of an embodiment of a method for preventing application information leakage according to the present invention. As shown in fig. 1, the method of this embodiment includes:
and step S102, encrypting the application information needing to be protected to obtain a ciphertext of the application information, and storing the ciphertext of the application information to a storage position where the application information is located.
And step S104, responding to the application information use request, reading the ciphertext of the application information from the storage position where the application information is located, decrypting the ciphertext of the application information to obtain the application information, and sending the application information to the application information requester.
The application information requester can be a third-party application, and when the third-party application needs to use certain application information, a use request of the application information is initiated.
In an embodiment, before step S102, the method for preventing application information leakage may further include: and determining the application information needing protection or the keywords of the application information needing protection. An exemplary method can determine application information needing to be protected or keywords of the application information needing to be protected according to user-defined application information; alternatively, in another exemplary method, the application information to be protected or the keyword of the application information to be protected may be determined according to a preset protection policy. The first method gives the user the decision right to implement the targeted security protection only for the information concerned by the user. The second method does not need user participation and can automatically and relatively comprehensively implement safety protection.
After determining the application information needing to be protected or the keyword of the application information needing to be protected, the information such as the application information needing to be protected and the storage position where the application information needs to be protected can be determined through a retrieval method. Specifically, if the application information that needs to be protected has been specified, the application information that needs to be protected may be utilized for retrieval to determine the storage location where the application information that needs to be protected is located. If only the key words of the application information needing to be protected are known, the key words of the application information needing to be protected are utilized to carry out retrieval so as to determine the application information needing to be protected and the storage position of the application information needing to be protected. The first retrieval method is generally applicable to relatively clear application information to be protected, and the second retrieval method can protect related application information as comprehensively as possible under the condition that the application information to be protected is not clear.
One method for realizing the search of the application information needing protection is as follows: and searching by using a file searching function in the java.io.file class so as to determine the application information needing to be protected and the storage position of the application information. For example: the application Test1 saves the user's bank card account in a file, which is the application Test1 file as follows:
using the java.io.file file search function to input the user's bank account number' 9999012345678901 'in the file directory of Test1, the file search function may return the storage location of the user's bank account number as in the/data/com.example.test 1 directory.
In addition, the search result may include a storage identifier of the application information in addition to the application information and its storage location. The search results also include a database field for application information if stored in a database file and an xml tag for application information if stored in an xml file. For example, the file search function may return < userbaCardID > in XML format in addition to the storage location of the bank account number.
In one embodiment, application information that needs to be protected includes, for example, but is not limited to: an account number, a password, location information, contact information, a call record, a short message, an International Mobile Subscriber Identity (IMSI), an international mobile equipment international identity (IMEI), a bank account number, and the like. The user can define the protection of the application information by himself, and the system can set the application information to be protected. The application information to be protected and its format are shown in table 1:
TABLE 1
Wherein MCC is MobileCountryCode, namely mobile country code; MNC is mobile network code, i.e. mobile network number; MSIN is mobilespscriberidentificationnumber, i.e., a mobile subscriber identification number.
In an embodiment, for example, a symmetric encryption algorithm or an asymmetric encryption algorithm may be used as the encryption and decryption algorithm in the method for preventing application information leakage, and the embodiment does not limit the specific encryption and decryption algorithm. As an example, the algorithm of encryption and decryption may include: data encryption standard algorithm (DES), advanced encryption standard Algorithm (AES), and RSA encryption algorithm, and may be implemented by java.
When the application information is protected by using a symmetric encryption algorithm, the application information is encrypted by using a key, and when the application information needs to be used, a ciphertext of the application information is decrypted by using the key.
When the application information is protected by using the asymmetric encryption algorithm, the public key is used for encrypting the application information, and when the application information needs to be used, the private key is used for decrypting the ciphertext of the application information.
The embodiment of the invention stores the ciphertext of the application information locally, decrypts the ciphertext of the application information when the application information is required to be used, and transmits the decrypted application information to the requester only, thereby protecting the safety of the local storage of the application information and preventing the danger of application information leakage after the local is invaded. Here, the local refers to a device that stores a ciphertext of the application information, for example, a mobile terminal.
Fig. 2 is a schematic structural diagram of an embodiment of the apparatus for preventing application information leakage according to the present invention. Referring to fig. 2, the apparatus 200 for protecting a mobile terminal against application information leakage includes:
the encryption unit 202 is configured to encrypt the application information to be protected to obtain a ciphertext of the application information, and store the ciphertext of the application information in a storage location where the application information is located;
the decryption unit 204 is configured to, in response to the request for using the application information, read the ciphertext of the application information from the storage location where the application information is located, decrypt the ciphertext of the application information to obtain the application information, and send the application information to the requester of the application information.
In one embodiment, referring to fig. 3, the mobile terminal may further include: an application information determining unit 306, configured to determine, according to user-defined application information, application information to be protected or a keyword of the application information to be protected; or, the method is used for determining the application information needing to be protected or the keyword of the application information needing to be protected according to a preset protection policy.
In one embodiment, referring to fig. 4, the mobile terminal may further include: the searching unit 408 is configured to perform retrieval by using the application information to be protected to determine a storage location where the application information to be protected is located; or, the method is used for searching by using the keyword of the application information needing to be protected so as to determine the application information needing to be protected and the storage position where the application information needs to be protected.
In one embodiment, the encryption and decryption algorithms include, but are not limited to, symmetric encryption algorithms, asymmetric encryption algorithms, and the like.
In one embodiment, the application information that needs to be protected includes: account number, password, location information, contact information, call record, short message, international mobile subscriber identity IMSI, mobile equipment international identity IMEI, and bank account number.
In the invention, because the protected application information can be stored in the mobile terminal, the application information in the mobile terminal can be protected by installing a device for preventing the application information from being leaked in the mobile terminal. Therefore, a scheme of a mobile terminal capable of protecting application information is proposed, and the following describes the scheme in detail.
Fig. 5 is a schematic structural diagram of an embodiment of a mobile terminal for preventing application information leakage according to the present invention. Referring to fig. 5: the mobile terminal 500 may include: the apparatus 200 for preventing application information from being leaked in any of the foregoing embodiments may further include: a third party application 502 and a system setup unit 504. Of course, the mobile terminal may further include an operating system, a memory, and the like, and the memory may store the application information in the form of a file and the like.
The system setup unit 504 is used to provide a "data encryption" option, allowing the user to customize the application information or keywords that need to be protected.
The third-party application 502 is configured to initiate a request for using the application information to the apparatus for preventing application information leakage 200 through the API, and the decryption unit 204 in the apparatus for preventing application information leakage 200 reads the ciphertext of the application information from the storage location where the application information is located in the memory in response to the request for using, decrypts the ciphertext of the application information to obtain the application information, and sends the application information to the third-party application 502.
In addition, one way of protecting the encryption unit 202 in the apparatus 200 against application information leakage may be implemented by an encryptor, one way of protecting the decryption unit 204 may be implemented by a decryptor, and one way of searching the unit 408 may be implemented by a file searcher.
The embodiment of the invention stores the ciphertext of the application information locally, decrypts the ciphertext of the application information when the application information is required to be used, and transmits the decrypted application information to the requester only, thereby protecting the safety of the local storage of the application information and preventing the danger of application information leakage after the local is invaded.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (11)
1. A method for preventing application information from being leaked is characterized in that the method comprises the following steps:
encrypting the application information needing to be protected to obtain a ciphertext of the application information, and storing the ciphertext of the application information to a storage position where the application information is located;
and responding to the application information use request, reading the application information ciphertext from the storage position where the application information is located, decrypting the application information ciphertext to obtain the application information, and sending the application information to the application information requester.
2. The method of claim 1, further comprising:
determining application information needing to be protected or keywords of the application information needing to be protected according to user-defined application information;
or,
and determining the application information needing to be protected or the keywords of the application information needing to be protected according to a preset protection strategy.
3. The method according to claim 1 or 2, further comprising:
searching by using the application information needing to be protected so as to determine the storage position of the application information needing to be protected;
or,
and searching by using the key words of the application information needing to be protected so as to determine the application information needing to be protected and the storage position of the application information needing to be protected.
4. The method of claim 1, wherein the encryption and decryption algorithms comprise a symmetric encryption algorithm and an asymmetric encryption algorithm.
5. The method of claim 1, wherein the application information that needs to be protected comprises:
account number, password, location information, contact information, call record, short message, international mobile subscriber identity IMSI, mobile equipment international identity IMEI, and bank account number.
6. An apparatus for preventing application information leakage, the apparatus comprising:
the encryption unit is used for encrypting the application information needing to be protected to obtain a ciphertext of the application information and storing the ciphertext of the application information to a storage position where the application information is located;
and the decryption unit is used for responding to the use request of the application information, reading the ciphertext of the application information from the storage position where the application information is located, decrypting the ciphertext of the application information to obtain the application information, and sending the application information to the requester of the application information.
7. The apparatus of claim 6, further comprising: an application information determining unit for determining the application information,
the keyword is used for determining the application information needing to be protected or the application information needing to be protected according to the user-defined application information;
or,
the method is used for determining the application information needing to be protected or the keywords of the application information needing to be protected according to a preset protection strategy.
8. The apparatus of claim 6 or 7, further comprising: the search unit is used for searching the search unit,
the method comprises the steps of searching by using application information needing to be protected so as to determine the storage position of the application information needing to be protected;
or,
the method is used for searching by using the keywords of the application information needing to be protected so as to determine the application information needing to be protected and the storage position where the application information is located.
9. The apparatus of claim 6, wherein the encryption and decryption algorithms comprise a symmetric encryption algorithm and an asymmetric encryption algorithm.
10. The apparatus of claim 10, wherein the application information that needs to be protected comprises:
account number, password, location information, contact information, call record, short message, international mobile subscriber identity IMSI, mobile equipment international identity IMEI, and bank account number.
11. A mobile terminal for preventing application information leakage, comprising the apparatus for preventing application information leakage of any one of claims 6-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410799453.5A CN105763523A (en) | 2014-12-19 | 2014-12-19 | Method, device and mobile terminal preventing application information leakage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410799453.5A CN105763523A (en) | 2014-12-19 | 2014-12-19 | Method, device and mobile terminal preventing application information leakage |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105763523A true CN105763523A (en) | 2016-07-13 |
Family
ID=56340980
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410799453.5A Pending CN105763523A (en) | 2014-12-19 | 2014-12-19 | Method, device and mobile terminal preventing application information leakage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105763523A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020081995A1 (en) * | 2000-12-21 | 2002-06-27 | Mika Leppinen | Secure wireless backup mechanism |
| CN101593196A (en) * | 2008-05-30 | 2009-12-02 | 日电(中国)有限公司 | The methods, devices and systems that are used for rapidly searching ciphertext |
| CN102135944A (en) * | 2011-03-24 | 2011-07-27 | 深圳市华信安创科技有限公司 | Method for safe data storage in mobile communication equipment |
| CN102781001A (en) * | 2011-05-10 | 2012-11-14 | 中兴通讯股份有限公司 | Method for encrypting built-in file of mobile terminal and mobile terminal |
| CN103106372A (en) * | 2013-01-17 | 2013-05-15 | 上海交通大学 | Lightweight class privacy data encryption method and system for Android system |
| CN104144411A (en) * | 2013-05-08 | 2014-11-12 | 中兴通讯股份有限公司 | Encryption, decryption terminal and encryption and decryption method applied to terminal |
-
2014
- 2014-12-19 CN CN201410799453.5A patent/CN105763523A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020081995A1 (en) * | 2000-12-21 | 2002-06-27 | Mika Leppinen | Secure wireless backup mechanism |
| CN101593196A (en) * | 2008-05-30 | 2009-12-02 | 日电(中国)有限公司 | The methods, devices and systems that are used for rapidly searching ciphertext |
| CN102135944A (en) * | 2011-03-24 | 2011-07-27 | 深圳市华信安创科技有限公司 | Method for safe data storage in mobile communication equipment |
| CN102781001A (en) * | 2011-05-10 | 2012-11-14 | 中兴通讯股份有限公司 | Method for encrypting built-in file of mobile terminal and mobile terminal |
| CN103106372A (en) * | 2013-01-17 | 2013-05-15 | 上海交通大学 | Lightweight class privacy data encryption method and system for Android system |
| CN104144411A (en) * | 2013-05-08 | 2014-11-12 | 中兴通讯股份有限公司 | Encryption, decryption terminal and encryption and decryption method applied to terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100636111B1 (en) | Data protection method embedded in lost mobile terminal and recording medium | |
| US20170208049A1 (en) | Key agreement method and device for verification information | |
| KR102051720B1 (en) | Method and apparatus for encrypting/decrypting data on mobile terminal | |
| CN101465727B (en) | Method for ensuring communication safety, network appliance, device and communication system | |
| CN105812332A (en) | Data protection method | |
| CN106487659B (en) | Information encryption method, information encryption device and terminal | |
| CN101917710A (en) | Method, system and related device for mobile internet encryption communication | |
| US12225373B2 (en) | Privacy information transmission method, apparatus, computer device and computer-readable medium | |
| CN104966023A (en) | Data protection system, method and apparatus | |
| CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
| CN112804195A (en) | Data security storage method and system | |
| US20170091483A1 (en) | Method and Device for Protecting Address Book, and Communication System | |
| CN104601820A (en) | Mobile terminal information protection method based on TF password card | |
| CN101262669B (en) | A secure guarantee method for information stored in a mobile terminal | |
| CN107509180B (en) | Method for automatically encrypting short message, storage device and mobile terminal | |
| CN119276502A (en) | Method, system and medium for realizing unified encryption, decryption and desensitization of data across terminals | |
| CN117479154B (en) | Office terminal data processing method and system based on unified multi-domain identification authentication | |
| CN107995616B (en) | User behavior data processing method and device | |
| EP3556046A1 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| CN112398832A (en) | Service end user data encryption method and decryption method | |
| KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device | |
| CN105763523A (en) | Method, device and mobile terminal preventing application information leakage | |
| CN113312650A (en) | Transaction log privacy protection method and device | |
| CN102098657A (en) | Method and device for realizing network latching function of terminal | |
| CN111431839B (en) | Processing method and device for hiding user identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160713 |
|
| RJ01 | Rejection of invention patent application after publication |