CN106599712A - Electronic equipment and control method thereof - Google Patents

Abstract

Provided are an electronic device and a control method thereof. An electronic device that executes at least one application that performs a function using personal information includes a memory configured to store the personal information, wherein information related to protection of the personal information is set for each application, and a processor configured to respond to the information from the application. Receives a request for personal information, determines whether to protect personal information based on the set information, encrypts personal information based on the determination result and provides encrypted personal information to the application, responds to receiving a request for a function related to encrypted personal information from the application The processor is further configured to decrypt the encrypted personal information and perform the described function. Therefore, even after the protection of personal information is set, the user can normally use the service and prevent personal information from being leaked.

Description

Electronic device and control method thereof

This application claims Korean Patent Application No. 10-2015-0145551 filed with the Korean Intellectual Property Office on October 19, 2015 and Korean Patent Application No. 10-2016-0047135 filed with the Korean Intellectual Property Office on April 18, 2016 priority to a patent application, the disclosure of which is hereby incorporated by reference in its entirety.

technical field

Aspects of the present disclosure generally relate to an electronic device and a control method thereof, for example, to an electronic device protecting personal information and a control method thereof.

Background technique

With the development of electronic technology, various types of electronic products have been developed and distributed. In particular, various display devices such as TVs, smart phones, PCs, notebook PCs, and PDAs are widely used in general households.

As such display devices are widely used, user demands for various functions have increased. Therefore, manufacturers strive to meet the increasing demands of users and launch products with new functions.

In particular, such display devices can execute various applications, and those applications can request user's personal information to perform various functions. An application that obtains personal information may perform various functions based on the obtained personal information.

However, in this case, the user's personal information may be leaked through the application, which is not the user's intention and may cause problems.

Contents of the invention

An aspect of the present example embodiments relates to an electronic device configured to execute applications and provide normal services while protecting personal information and a controlling method thereof.

According to an example embodiment, there is provided an electronic device configured to execute at least one application that performs a function using personal information, the electronic device including: a memory configured to store personal information, wherein the protection of the personal information The information is set for each application, and the processor is configured to, in response to receiving a request for the personal information from the application, determine whether to protect the personal information based on the set information, encrypt the personal information based on a determination result, and provide the application with encryption. In response to receiving an execution request for a function related to the encrypted personal information from the application, the encrypted personal information is decrypted and the function is executed.

The processor may be configured to determine whether the request from the application is a request for personal information or a request to perform a function.

The processor may be configured to determine whether to protect the personal information based on information related to the protection of the personal information when the application requests the personal information, or to determine whether to protect the personal information based on the information related to the personal information when the personal information requested by the application is preset personal information. Protection of related information determines whether personal information is protected.

The information related to protection of personal information may include information on applications that do not require protection of personal information and information on types of personal information that do not require protection.

The processor may be configured not to determine whether to protect the personal information requested by the application, not to encrypt the personal information, and to provide the personal information to the application based on the information about the application that does not need to protect the personal information and the type of the personal information that does not need to be protected.

The device may further include a display, and the processor may be configured to display an execution result of the function on the display.

The personal information may include one or more of information about the location of the electronic device, contact information, information about photo files, and information about messages.

In response to receiving a request for contact information from an application, the processor may be configured to encrypt the contact information and provide the encrypted contact information to the application, and in response to receiving a request from the application related to the encrypted contact information According to the execution request of the function, the encrypted contact information is decrypted and the contact UI generated based on the decrypted contact information is displayed on the display.

In response to receiving an execution request for a call function based on encrypted contact information from an application, the processor may be configured to decrypt the encrypted contact information and execute the call function.

In response to receiving a request for location information from an application, the processor may be configured to encrypt the location information and provide the encrypted location information to the application, and in response to receiving from the application an execution of a function related to the encrypted location information request, decrypt the encrypted location information and display a map screen generated based on the decrypted location information on the display.

The processor may encrypt the purchase information and provide the encrypted purchase information to the application, and in response to receiving from the application an execution request for a function related to the encrypted purchase information, decrypt the encrypted purchase information and send the decrypted purchase information Sent to external shopping server.

The processor may encrypt the print information and provide the encrypted print information to the application, decrypt the encrypted print information and print the decrypted print information in response to receiving an execution request for a function related to the encrypted print information from the application.

According to an example embodiment, there is provided a method of controlling an electronic device executing at least one application that performs a function using personal information, the method including: in response to receiving a request for personal information from the application, based on Information determines whether to protect personal information for pre-stored information set for each application, encrypts personal information based on the determination result and provides encrypted personal information to the application, and responds to receiving a request for a function related to encrypted personal information from the application to execute the request, decrypt the encrypted personal information and perform the described function.

The method may further include determining whether the request received from the application is a request for personal information or a request to perform a function.

The determining step may include: when the application requests the personal information, determining whether to protect the personal information based on information related to the protection of the personal information, or when the personal information requested by the application is preset personal information, based on information related to the protection of the personal information The relevant information determines whether personal information is protected.

The information related to protection of personal information may include information on applications that do not require protection of personal information and information on types of personal information that do not require protection.

The providing may include determining not to protect the personal information requested by the application, not encrypting the personal information, and providing the personal information to the application based on the information on the application not requiring protection of the personal information and on the type of the personal information not requiring protection.

The method may further include displaying an execution result of the function.

The personal information may include one or more of information on the location of the electronic device, contact information, information on photo files, and information on messages.

The step of providing may include: in response to receiving a request for contact information from the application, encrypting the contact information and providing the encrypted contact information to the application, and responding to receiving a process from the application with the encrypted contact information The execution request of the relevant function decrypts the encrypted contact information and displays the contact UI generated based on the decrypted contact information on the display.

The executing may include decrypting the encrypted contact information and executing the calling function in response to receiving an execution request for the call function based on the encrypted contact information from the application.

The executed steps may include: encrypting the purchase information and providing the encrypted purchase information to the application, and in response to receiving an execution request for a function related to the encrypted purchase information from the application, decrypting the encrypted purchase information and decrypting the encrypted purchase information. The purchase information sent to the external shopping server.

The executed steps may include: encrypting the print information and providing the encrypted print information to the application, and in response to receiving an execution request for a function related to the encrypted print information from the application, decrypting the encrypted print information and printing the decrypted print information.

According to an exemplary embodiment, there is provided a storage medium storing a program for executing at least one application that performs a function using personal information, wherein the program, when executed, causes an electronic device to perform the following operations: in response to receiving a message from the application For a request for personal information, whether to protect personal information is determined based on information related to the protection of personal information for each application, based on pre-stored information set for each application, encrypts personal information based on the determination result and provides encrypted personal information to the application, and responds Upon receiving an execution request for a function related to the encrypted personal information from the application, the encrypted personal information is decrypted and the function is executed.

According to various example embodiments, even after the protection of personal information is set, a user may normally use a service, and the possibility of personal information being leaked may be prevented and/or reduced.

Description of drawings

The above and/or other aspects of the present disclosure will be more apparent from the following detailed description in conjunction with the accompanying drawings, wherein like reference numerals denote like elements, wherein:

1 is a block diagram illustrating an example configuration of an electronic device;

2 is a block diagram illustrating an example configuration of an electronic device;

3 is a block diagram illustrating an example configuration of the electronic device of FIG. 1;

Figure 4 is a diagram illustrating example software modules stored in memory;

FIG. 5 is a diagram illustrating example processing of a processor;

6 to 7 are flowcharts illustrating examples of data processing between each module of FIG. 5;

8 to 13 are diagrams illustrating various example embodiments;

Fig. 14 is a block diagram showing an example structure of a privacy protection module;

15 and 16 are diagrams illustrating example encryption methods;

17 is a flowchart illustrating an example method of controlling an electronic device;

18 to 21 are diagrams illustrating various example embodiments.

detailed description

Hereinafter, example embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings. In the following description, a detailed description of a known function or configuration may be omitted if it would unnecessarily obscure the subject matter of the present disclosure. Terms used in exemplary embodiments of the present disclosure have been defined in consideration of the functions of the present disclosure, and may vary according to users, operators, or precedents. Therefore, definitions of terms should be made in consideration of the entire content of the present disclosure.

FIG. 1 is a block diagram showing an example configuration of an electronic device.

Referring to FIG. 1 , an electronic device 100 includes a memory 110 and a processor (eg, including a processing circuit) 120 .

For example, the electronic device 100 may be any device that executes at least one application to perform a function using personal information, and may be implemented as various types of electronic devices such as, for example, a TV, an electronic blackboard, a spreadsheet, a large display (LFD) , smartphones, tablets, desktop PCs, notebook PCs, set-top boxes, smart watches, wearable devices, imaging devices, home appliances (such as food storage devices, air conditioners, washing machines, ovens, microwave ovens, washing machines, or air purifiers), Medical devices (for example, medical image capture devices or medical measurement devices (blood sugar monitoring devices, heart rate monitoring devices, blood pressure monitoring devices, body temperature measurement devices, etc.)), vehicle infotainment devices, marine electronic equipment (for example, marine navigation equipment, gyrocompass etc.), avionics devices, security devices, head units, industrial or home robots, drones, ATMs at financial institutions, point-of-sale (POS) at stores, or Internet of Things (IOT) devices (e.g., light bulbs, various sensor , heat sinks, fire alarms, thermostats, street lights, toasters, fitness equipment, hot water tanks, heaters, boilers, etc.), but not limited to.

The memory 110 may store personal information and information related to protection of the personal information set for each application.

For example, personal information may include, for example, information that may reveal a user's privacy. For example, the personal information according to example embodiments may include at least one of information about the location of the electronic device 100, contact information, information about photo files, and information about messages.

For example, in a case where the user holds the electronic device 100, the information on the location of the electronic device 100 may correspond to the information on the user's location.

In addition, the content information may include contact information such as name, phone number, email address, homepage address, and the like.

Information on photo files may include photos taken by a user, photos downloaded through the Internet, captured photos, and the like.

The information on messages may include information on texts exchanged by the user with a third person, comments on SNS, emails, and the like.

Personal information may include not only the above-mentioned information on the location of the electronic device 100, contact information, and information on photo files, but also information on all documents written or stored by the user, such as document files stored in the electronic device 100 , content, music files, videos, memo files, schedule list files, etc.

Information related to protection of personal information may be set for each application, and may include information on whether personal information requested by each of a plurality of applications must be protected and information on a method of encrypting personal information.

For example, information related to the protection of personal information may be set for each application, and may include that personal information required when executing a first application among a plurality of applications is information on the location of the electronic device 100 and is specific to the first application. There is no need to protect information about the location of the electronic device 100 .

In addition, information related to protection of personal information may be set for each application, and may include that personal information required when executing a second application among a plurality of applications is content information and protection of content information is not required for the second application information.

Information related to protection of personal information may be set for each application and may include policies, for example, reference information on whether to protect personal information for each application. In addition, information about the method used to encrypt personal information may also be included, for example, information about what cipher will be used for encryption.

If a request for personal information is received from an application, the processor 120 may be configured to determine whether to protect the personal information based on information on the protection of the personal information set for each application, encrypt the personal information based on the determination result, and The encrypted personal information is provided to the application, and if an execution request for a function related to the encrypted information is received from the application, the processor 120 is configured to decrypt the encrypted personal information and execute the function.

For example, if an application requests personal information, the processor 120 may be configured to determine whether to protect the personal information on the corresponding application based on the setting information stored in the memory 110, and if it is determined that the personal information should be protected and provided for the corresponding application, then The processor 120 may be configured to encrypt personal information and provide the encrypted personal information to a corresponding application.

If an execution request for a function related to the encrypted personal information is received from an application provided with the encrypted personal information, the processor 120 may be configured to decrypt the encrypted personal information and execute the function.

For example, when the personal information is contact information, the application is a chat application, and it is determined that the personal information should be protected and provided for the chat application, the processor 120 may be configured to encrypt the contact information and provide the chat application with encrypted contact information. If the chat application provided with encrypted contact information generates a friend list user interface (UI) based on the contact information, and requests to perform a function of displaying the generated friend list UI, the processor 120 may be configured to The information is decrypted and the resulting friend list UI is displayed.

As noted above, the chat application may receive and use only encrypted contact information, and may not be provided with unencrypted actual contact information. In addition, the function of displaying the friend list UI, which the chat application wishes to perform, may be normally performed in the electronic device 100 . Therefore, applications can be normally executed while preventing personal information such as contact information from being leaked.

For example, when a function related to encrypted personal information requested by an application is performed in the electronic device 100, the processor 120 may be configured to decrypt the encrypted personal information and perform the function. When the application cannot know the result of decrypting the encrypted personal information while being able to normally execute the function requested by the application, it is possible to protect the personal information.

Meanwhile, in the present disclosure, encrypted personal information may refer to, for example, protected data, and actual personal information before being encrypted may be called, for example, original data.

The processor 120 may be configured to determine whether the application's request is a request for personal information or a request to perform a function.

For example, if an application requests personal information, the processor 120 may be configured to determine whether to protect the personal information based on information on the protection of personal information set for each application, encrypt the personal information based on the determination result, and provide the application with Encrypted personal information. However, if the application requests performance of a function, the processor 120 may be configured to decrypt the encrypted personal information and perform the function requested by the application related to the personal information.

For example, if a chat application requests contact information to generate a friend list UI, the processor 120 may be configured to determine whether to protect the contact information for the chat application, encrypt the contact information based on the determination result, and provide encrypted contact information to the chat application. person information. However, if the chat application requests to perform the call function, the processor 120 may be configured to decrypt the encrypted contact information and perform the call function.

FIG. 2 is a block diagram illustrating an example embodiment of an electronic device.

Referring to FIG. 2 , the electronic device 100 includes a memory 110 , a processor (eg, including a processing circuit) 120 and a display (eg, including a display panel and a display driving circuit) 130 . The memory 110 and the processor 120 have been described above, and thus no further description of the memory 110 and the processor 120 will be provided.

The display 130 may display all video images or various objects such as still images, photos, documents, etc. generated as a plurality of images such as movies, dramas, recorded images, slow videos, etc. and displayed at a specific frame rate.

The display 130 may be implemented as, for example, a Liquid Crystal Display (LCD), an Organic Light Emitting Diode (OLED), a Plasma Display (PDP), or the like.

For example, if an execution request for a function related to encrypted personal information is received from an application, the processor 120 may be configured to decrypt the encrypted personal information, execute the function, and display information about the encrypted personal information through the display 130. The result of executing the function.

For example, if a request to perform a call sending function related to encrypted contact information is received, the processor 120 may be configured to decrypt the encrypted contact information, execute a call sending function, and display on the display 130 such screen: This screen includes information on the other party's phone number included in the actual contact information and the call function currently being performed.

In this example, the chat app only has encrypted contact information and no information about the person's actual phone number. Since the actual contact information is not provided to the chat application, personal information can be protected.

The processor 120 may be configured to determine whether to protect the personal information based on information related to the protection of the personal information when the application requests the personal information, or may be configured to, when the personal information requested by the application is preset personal information, Whether to protect personal information is determined based on information related to the protection of personal information.

For example, if personal information for a chat application among multiple applications is set to be protected, the processor 120 may be configured to determine whether to protect or not based on information related to the protection of personal information when the chat application requests contact information. contact information.

If protection of personal information for photo files among various personal information is not set, but protection is set for personal information of contact information, processor 120 may be configured to The information related to the protection of information is used to determine not to protect the photo file, but may be configured to determine to protect the contact information based on the information related to the protection of personal information when the chat tool requests the contact information.

For example, information related to the protection of personal information may include information on applications that do not require protection of personal information and information on types of personal information that do not require protection.

For example, information related to the protection of personal information may include whether it is necessary to determine the protection of personal information for each application, or whether it is necessary to determine the protection of personal information based on the type of personal information regardless of the application information.

For example, information related to the protection of personal information may include information that personal information needs to be protected for a chat application among multiple applications but does not need to be protected for a map application, and therefore, if the chat application requests contact information, then The processor 120 may be configured to encrypt the contact information and provide the encrypted contact information to the chat application, and if the location information is requested by the map application, the processor 120 may be configured not to encrypt the location information and provide the location information to the map application. Position information in raw data state.

Alternatively, the information related to protection of personal information may include information that protection of personal information is required for contact information and protection of personal information is not required for location information regardless of the type of application. Accordingly, if a chat application or a mail application requests contact information, the processor 120 may be configured to encrypt the contact information regardless of the type of the application and provide the encrypted contact information to the chat application or the mail application. If the chat application or the map application requests the location information, the processor 120 may be configured not to encrypt the location information regardless of the type of the application, and provide the location information in a raw data state to the chat application or the map application.

For example, the processor 120 may be configured to determine not to protect the personal information requested by the application, not to encrypt the personal information and Provide applications with personal information in its raw data state.

Meanwhile, FIG. 3 is a block diagram illustrating an example configuration of the electronic device of FIG. 1 .

3, the electronic device 100' includes a memory 110, a processor (eg, including a processing circuit) 120, a display (eg, including a display panel and a display driver circuit) 130, a communicator (eg, including a communication circuit) 140, a user interface (eg, including an interface circuit) 150 , an application driver (eg, including an application driving circuit) 160 , and a speaker 170 . Descriptions about elements that overlap with those in FIGS. 1 and 2 may not be provided in more detail.

The processor 120 is configured to control overall operations of the electronic device 100'.

For example, the processor 120 includes a RAM 121 , a ROM 122 , a main CPU 123 , a graphics processor 124 , first to nth interfaces 125 - 1 ˜ 125 - n , and a bus 126 .

The RAM 121 , the ROM 122 , the main CPU 123 , the graphics processor 124 , and the first to nth interfaces 125 - 1 - 125 -n can be connected to each other through the bus 126 .

The first to nth interfaces 125-1 to 125-n may be connected to various elements described above. One of the first to nth interfaces 125-1 to 125-n may be a network interface connected with an external device through a network.

The main CPU 123 can access the memory 110 and perform booting using an operating system (O/S) stored in the memory 110 . Also, the main CPU 123 can perform various operations using various programs, contents, data, etc. stored in the memory 110 .

ROM 122 stores a set of instructions for starting the system. In response to changes in the command being input and the energy being supplied, the main CPU 123 can copy the O/S stored in the memory 110 to the RAM 121 based on the command stored in the ROM 122, and start by executing the O/S system. In response to booting being completed, the main CPU 123 may copy various application programs stored in the memory 110 into the RAM 121 and perform various operations by executing the application programs copied into the RAM 121 .

The graphics processor 124 may generate a screen including various objects such as icons, images, text, etc. using a calculator (not shown) and a renderer (not shown). A calculator (not shown) may calculate attribute values of objects to be displayed, such as coordinate values, shape, size, color, etc., according to the layout of the screen based on the received control instruction. A renderer (not shown) may generate screens including various layouts of objects based on attribute values calculated by a calculator (not shown). Specifically, the graphics processor 124 may change the generated system response into a text form in response to a voice uttered by the user, and determine the font, size, color, etc. of the text. A screen generated by a renderer (not shown) may be displayed in a display area of the display 130 .

Meanwhile, the above-described operations of the processor 120 may be performed by programs stored in the memory 110 .

The memory 110 may store O/S software modules for driving the electronic device 100' and various data such as various multimedia contents.

For example, the memory 110 may include a software module, wherein, when the software module is executed, if the application requests personal information, the software module determines whether to protect the personal information based on the setting information, encrypts the personal information based on the determination result, and provides the encrypted information to the application. and if the application requests to perform a function related to the encrypted personal information, the encrypted personal information is decrypted and the function is performed, which will be described in more detail below with reference to FIG. 4 .

The communicator 140 may include various communication circuits performing communication with various types of external devices according to various types of communication methods. The communicator 140 may include various communication circuits such as, for example, without limitation, a communication chip (such as a WiFi chip, a Bluetooth chip, a wireless communication chip, etc.).

For example, a WiFi chip and a Bluetooth chip perform communication using a WiFi method and a Bluetooth method, respectively. The wireless communication chip may refer to, for example, a chip that performs communication according to various communication standards such as IEEE, Zigbee, 3rd Generation Mobile Communication Technology (3G), 3rd Generation Partnership Project (3GPP), Long Term Evolution (LTE), and the like. In addition, the communicator may further include an NFC chip that operates according to the NFC method using a frequency band of 13.56MHz among various RF-ID frequency bands such as 135kHz, 13.56MHz, 433MHz, 860MHz-960MHz, 2.45GHz, and the like.

For example, the communicator 140 may perform communication with a plurality of servers providing each of a plurality of applications using various communication circuits. For communication with each server, the same communication method can be used, but different communication methods can also be used depending on the environment.

The application driver 160 drives and performs functions of applications that can be provided by the electronic device 100'. For example, an application may refer to an application program executed by the application itself, and may include various multimedia contents. For example, the term "multimedia content" may include text, audio, still images, animation, video and interactive content, electronic program guide (EPG) content from content providers, electronic messages received from users, information about current events, etc. , but not limited to this.

Such an application may provide not only multimedia content but also various information, and in order to provide the above information, the above personal information may be required.

When necessary, the speaker 170 may be used to output a sound signal when performing a function requested by an application. In addition, the electronic device 100' may further include an audio processor, a video processor, buttons, a USB interface, a camera, a microphone, and the like.

FIG. 4 is a diagram illustrating example software modules stored in memory (110).

Referring to FIG. 4, the memory 110 may store programs such as a module 111 for determining whether to protect personal information, an encryption module 112, a function execution module 113, and the like.

The operations of the processor 120 described above may be performed by programs stored in the memory 110 . Hereinafter, operations of the processor 120 using programs stored in the memory 110 will be described in more detail below.

For example, if an application requests personal information, the module 111 for determining whether to protect personal information may perform a function of determining whether to protect personal information based on information set for each application based on information related to protection of personal information.

The encryption module 112 may perform a function of encrypting personal information based on a determination result by the module 111 for determining whether to protect personal information.

If an execution request for a function related to encrypted personal information is received from an application, the function execution module 113 may decrypt the encrypted personal information and execute the function.

Also, the memory 110 may include a communication module, and the communication module as a module performing communication with the outside may include a device module for communicating with an external device, a messenger program, a Short Message Service (SMS) and a Multimedia Message Service (MMS) program , a messaging module such as an e-mail program, a call information collection program module, and a telephony module including a VoIP module, etc.

FIG. 5 is a diagram illustrating example processing of a processor.

Referring to FIG. 5 , the privacy protection module 500 includes, for example, a privacy engine module 510 , a policy module 520 , a policy DB 521 , a data processing module 530 and a privacy user module 540 .

For example, the privacy protection module 500 can be configured as a part or a chip included in the processor 120, and the privacy engine module 510, the policy module 520, the policy DB 521, the data processing module 530 and the privacy user module 540 can also be configured as a processor Part or chip included in 120.

In addition, the privacy protection module 500, the privacy engine module 510, the policy module 520, the policy DB 521, the data processing module 530, and the privacy user module 540 may be configured as software modules, and in this example, may be stored in the memory 110.

In this disclosure, for example, it may be assumed that the privacy protection module 500 , the privacy engine module 510 , the policy module 520 , the policy DB 521 , the data processing module 530 and the privacy user module 540 are configured as a part or a chip included in the processor 120 .

If a request for personal information is received from the application 10, the privacy protection module 500 may determine whether to protect the personal information based on the information set for each application based on the information related to the protection of personal information, and provide the application 10 based on the determination result. encrypted personal information, and if an execution request for a function related to the encrypted personal information is received from the application 10, the privacy protection module 500 may decrypt the encrypted personal information and execute the function. For example, information about protection of personal information that is set for each application may be defined as a privacy policy.

Privacy policies are stored in the policy DB 521 , and the policy module 520 performs a function of managing the privacy policies stored in the policy DB 521 .

If a request for personal information is received from an application 10, the privacy engine module 510 may determine whether to protect the personal information requested by the application 10 with reference to the privacy policy detected by the policy module 520 about the corresponding application 10 and the personal information requested by the application 10. personal information. If it is determined that the personal information requested by the application 10 should be protected, the privacy engine module 510 may encrypt the personal information in the original data state into protected data through the data processing module 530 according to the privacy policy.

For example, privacy engine module 510 may obtain personal information from information source 20 in response to a request for the personal information. The information source 20 may include a memory 21, a GPS module 22, a WiFi module 23, etc., but is not limited thereto. The privacy engine module 510 can obtain personal information (such as contact information, photo files, music files, documents, etc.) from the memory 21, can obtain location information from the GPS module 22, and can obtain information about communication quality status from the WiFi module 23 , download speed, etc.

The privacy engine module 510 may provide encrypted personal information in a protected data state to the application 10 through the data processing module 530 .

In addition, if an execution request for a function related to encrypted personal information is received from the application 10, the privacy user module 540 may decrypt the encrypted personal information in the protected data state into personal information in the original data state, and execute Request feature. Examples of such functions may include, for example, a function of displaying a friend list UI, a call connection function, and the like. For example, the privacy user module 540 may perform a display function 31 of displaying a friend list UI through the display 130 or a call function 32 through the communication module. Other examples of such functions may include a function of displaying a purchase UI, a function of transmitting purchase information to a shopping server, a function of printing print information received from an external device, a function of displaying a medical UI, etc., but not limited thereto.

For example, the privacy user module 540 can perform the display function 31 of displaying the purchase UI or the medical UI through the display 130, perform the sending function 33 of sending information using the communication circuit of the communicator 140, or use a printer (not shown) to perform processing of printing information. Print function 34 for printing.

6 to 7 are flowcharts showing an example of data processing between each module of FIG. 5 .

6, if the application 10 requests personal information from the privacy protection module 500 (S610), the privacy engine module 510 can obtain the personal information in the original data state from the information source 20 (S620), and the privacy engine module 510 can pass the policy module 520 checks the privacy policy on the application 10 to determine whether it is necessary to protect personal information (S630).

If it is determined that the personal information needs to be protected, the privacy engine module 510 may obtain encrypted personal information in the protected data state from the data processing module 530 (S640), and provide the encrypted personal information in the protected data state to the application 10 ( S650).

If it is determined that the personal information does not need to be protected, the privacy engine module 510 may provide the unencrypted personal information in a raw data state to the application 10 (S660).

Meanwhile, referring to FIG. 7, if the application 10 requests the privacy protection module 500 to perform functions related to personal information (S710), the privacy user module 540 can check the privacy policy about the application 10 through the policy module 520 to determine the personal information requested by the application 10. Whether the information is in the state of protected data or in the state of original data (S720).

If the personal information is in the state of protected data, the privacy user module 540 can decrypt the encrypted personal information in the state of protected data to obtain the personal information in the state of original data (S730), and use the personal information in the state of original data Information execution function (S740).

If the personal information is in the raw data state, the privacy user module 540 may use the personal information in the raw data state to perform functions without decryption processing.

Meanwhile, FIGS. 8 to 13 are diagrams illustrating various example embodiments.

If an application that is determined to need to protect personal information requests contact information, the processor 120 may be configured to encrypt the contact information and provide the encrypted contact information to the application, and if a request for information related to the encrypted information is received from the application The processor 120 may be configured to decrypt the encrypted contact information and display the contact UI generated based on the decrypted contact information on the display 130 .

Referring to FIG. 8 described above, if the application 121 requests the privacy protection module 122 to provide address book information to generate a friend list UI, the privacy protection module 122 may obtain raw data 810 about the address book information from the memory 110 .

Here, the phone number "01095300602" is an example of the original data 810 on the address book information, but this is generally only an example for convenience of description, and the original data 810 on the address book information generating the friend list UI includes a plurality of phone numbers.

The privacy protection module 122 may encrypt the original data 810 on the address book information to convert the original data 810 on the address book information into protected data 820 on the address book information.

For example, the phone number "22091820385" is used as an example of the protected data 820 about the address book information, but this is generally only an example for convenience of description, and the protected data 820 about the address book information about generating the friend list UI includes multiple phone Number.

Meanwhile, the protected data 820 on the address book information is generated by encrypting the original data 810 on the address book information, and thus, the actual phone number '01095300602' is expressed in a different form '22091820385'.

Additionally, the privacy protection mode 122 may provide the application 121 with protected data 820 regarding address book information. Therefore, even if the application 121 sends the address book information to the server 840, the address information sent by the application 121 is the encrypted address book information 820 (22091820385) in the protected data state, not in the original data state including the actual phone number The address book information 810 (01009530602), and thus, personal information can be protected.

Meanwhile, if the application 121 transmits the protected data 820 on the address book information while requesting execution of the function of displaying the friend list UI using the protected data 820 on the address book information, the privacy protection module 122 may protect the protected data on the address book information. The data 820 is decrypted to change the protected data 820 on address book information into original data 810 on address book information, a friend list UI 830 is generated based on the original data, and the generated friend list UI 830 is displayed through the display 130 .

For example, it is shown that two identical privacy protection modules 122 are included in the processor, but this is for explaining the case where the application 121 requests the privacy protection module 122 to provide personal information and the case where the application 121 requests to execute functions related to personal information. Processor 120 may include a privacy protection module 122 .

Likewise, since the original data 810 about the address book information for displaying the friend list UI 830 is only used in the display 130, the application 121 can only obtain the protected data 810 about the address book information, and cannot obtain information about the address book The raw data 810 of information, and thus, personal information can be protected.

Meanwhile, if an execution request for a call function based on encrypted contact information is received from an application, the processor 120 may be configured to decrypt the encrypted contact information and execute the call function.

Referring to FIG. 9 described above, if the user inputs a user operation to perform a call function with a specific person marked on the friend list UI 910, the application 121 may send information about the address book while requesting the privacy protection module 122 to perform the call function. Protected data of 820(22091820385).

In addition, the privacy protection module 122 may decrypt the protected data 820 on the address book information to change the protected data 820 (22091820385) on the address book information into the original data 810 (01095300602) on the address book information, and communicate The device 140 performs a call transmission request to a specific person corresponding to the raw data 810 about the address book information.

In addition, the privacy protection module 122 may control the electronic device 100 to display a call connection screen 920 displaying the original data 810 ( 01095300602).

For example, when performing a call function, the application 121 can only obtain the protected data 820 (22091820385) on the address book information, and cannot recognize the original data (01095300602) on the address book information as the actual phone number, and thus, the personal information can be protected.

Meanwhile, if an application requests location information, the processor 120 may be configured to encrypt the location information and provide the encrypted location information to the application, and if an execution request for a function related to the encrypted location information is received from the application, then The processor 120 may be configured to decrypt the encrypted location information, and display a map screen generated based on the decrypted location information on the display.

Referring to FIG. 10 described above, if the map application 121' requests the privacy protection module 122 to provide location information to generate a screen representing the current location of the electronic device 100, the privacy protection module 122 may obtain raw data 810' about the location information from the memory 110 .

For example, the original data 810' about location information includes information about latitude and longitude (37.4562684, 127.0228328), but the original data 810' about location information may include information about azimuth and altitude instead of latitude and longitude.

The privacy protection module 122 may encrypt the raw data 810' on location information to convert the raw data 810' on location information into protected data 820' on location information.

For example, the protected data 820' on location information may include information (37.2029352, 127.102934) generated and displayed by encrypting information on latitude and longitude, and have information on the actual latitude and longitude that is the original data 810' on location information. Information (37.4562684, 127.0228328) in different forms.

In addition, the privacy protection module 122 may provide the protected data 820' regarding location information to the map application 121'. Therefore, even if the map application 121' transmits the location information, the location information sent by the map application 121' is the encrypted location information 820' (37.2029352, 127.102934) in the protected data state, rather than the original data including the actual location information. The location information 810'(37.4562684, 127.0228328) under the state, and thus, the personal information can be protected.

Meanwhile, if the map application 121' transmits the protected data 820' about the location information to the privacy protection module while requesting to execute the function of displaying the screen indicating the current location of the electronic device 100 using the protected data 820' about the location information 122, the privacy protection module 122 may decrypt the protected data 820' about the location information to change the protected data 820' about the location information into the original data 810' about the location information, and generate the instruction electronic device 100 based on the original data. and display a screen indicating the current location of the electronic device 100 through the display 130 .

For example, it is shown that two identical privacy protection modules 122 are included in the processor 120, but this is to illustrate the situation where the application 121 requests the privacy protection module 122 to provide personal information and the situation where the application 121 requests to perform functions related to personal information . Processor 120 may include a privacy protection module 122 .

Also, since the original data 810' about the location information for displaying the screen indicating the current location of the electronic device 100 is used only in the display 130, the map application 121' can obtain only the protected data 820' about the location information Raw data 810' about location information is not available, and thus, personal information can be protected.

Meanwhile, for example, the electronic device 100 may be implemented as a smart TV that can execute at least one application instead of a user terminal device.

Referring to FIG. 11 , various applications may be displayed on the screen of the smart TV 1100 , and in this case, a video call application 1110 may be executed to request the memory of the smart TV 1100 to provide address book information.

Likewise, the privacy protection module 122 in the smart TV 1100 can obtain raw data about the address book information from the memory, encrypt the raw data into protected data about the address book information, and provide the protected data to the video call application 1110 .

If the video call application 1110 transmits the protected data on the address book information to the privacy protection module 122 while requesting to perform a function of displaying a screen on the address book using the protected data on the address book information, the privacy protection module 122 may The protected data on the address book information is decrypted to change the protected data on the address book information into original data on the address book information, a screen on the address book information is generated based on the original data, and the generated on the address is displayed through the display 130 book information screen.

In this example, since the raw data about the address book information for displaying the screen about the address book is only used in the display 130, the video call application 1110 can only obtain the protected data about the address book information, and cannot obtain Raw data about address book information. Therefore, personal information can be protected.

Likewise, if the user desires to select a specific person and perform a video call with the specific person, the video call application 1110 uses the protected data about the address book information to request the execution of the video call function, and the privacy protection module 122 passes information about the address book The protected data of the information is decrypted into the original data about the address book information to control the communicator 140 to perform the video call function.

Meanwhile, referring to FIG. 12 , if a photo album application is executed in the smart TV 1200, the photo album application obtains photo files stored in a memory in the smart TV to generate and display various photo images, as shown in FIG. 12 . The process of displaying one of the images 1210 will be described as an example.

The photo album application may request the memory of the smart TV 1200 to provide corresponding photo files, and the privacy protection module 122 may obtain original data about the corresponding photo files from the memory of the smart TV 1200, and encrypt the original data into protected data about the photo files , and provide protected data to the Photos Roll app.

If the photo album application transmits the protected data about the photo file to the privacy protection module 122 while requesting to perform the function of displaying the album screen including the corresponding image 1210 using the protected data about the photo file, the privacy protection module 122 may The protected data on the photo file is decrypted to change the photo file into original data on the photo file, a corresponding image 1210 is generated based on the original data, and an album screen including the generated corresponding image 1210 is displayed through the display 130 .

In this example, the photo album application may obtain only protected data on photo files, and raw data on photo files for displaying an album screen including a corresponding image 1210 is used only in the display 130 . Therefore, the photo album application cannot obtain raw data about photo files, and thus, personal information can be protected.

Meanwhile, even when data is transmitted between a plurality of electronic devices and a server, the above-described processing for protection of personal information can be applied.

13, if the user executes the file upload application in the notebook PC screen 1310, selects the photo file stored in the memory of the notebook PC and adds the photo file to the file upload window of the execution file upload application to upload the photo file to On the server 1320, the file upload application uploads the added photo file to the server 1320. In this example, the privacy protection module 122 in the notebook PC can detect that the photo file is uploaded to the server 1320, and convert the photo file in the original data state into a photo file in the protected data state, and provide the file upload application with protected data.

Therefore, since the file upload application sends the photo file in the protected data state to the server 1320, the server 1320 cannot obtain the photo file in the original data state. Therefore, leakage of personal information can be avoided.

Subsequently, if the user executes the photo album application in the smart TV and performs the function of downloading the photo file under the protected data state from the server 1320 and displaying the photo file through the photo album application, the privacy protection module 122 in the smart TV 1330 can detect the photo The photo album application expects to display photos, and decrypts the photo files in the protected data state downloaded from the server 1320 to the photo files in the original data state and displays the photo files through the display 130 .

In addition, if the user executes the file download application in the smart phone 1340, downloads the photo file in the protected data state from the server 1320 and executes the function of displaying the downloaded photo file in the protected data state, the privacy protection in the smart phone 1340 The module 122 can detect that the file download application expects to display photos, decrypt the photo files in the protected data state downloaded from the server 1320 into photo files in the original data state, and display the photo files through the display 130 .

Meanwhile, FIG. 14 is a diagram illustrating an example structure of a privacy protection module.

For example, in the above description about FIG. 8, two identical privacy protection modules 122 are included in the processor 120, but this is only for convenience of illustration. If the application 121, the privacy protection module 122, the memory 110 and the display 130 are included in the electronic device 100 as shown in FIG. Execution function.

Meanwhile, as shown in FIG. 13, transmitting encrypted data between a plurality of electronic devices and a server may require a predetermined encryption method. In this regard, FIGS. 15 and 16 are diagrams illustrating encryption methods.

According to an example embodiment, as shown in FIG. 15 , for example, encryption and decryption may be performed through direct key exchange between a transmitting terminal 100 transmitting encrypted personal information and a receiving terminal 100' receiving encrypted personal information.

For example, if the receiving terminal 100' that receives encrypted personal information pre-stores a public key and a private key and the transmitting terminal 100 that transmits encrypted personal information pre-stores a public key that the receiving terminal 100' has, the receiving terminal 100' may The encrypted personal information (for example, the personal information encrypted and transmitted by the transmitting terminal 100 through the corresponding public key) is decrypted using the private key. In this example, the public key may be exchanged between the transmitting terminal 100 and the receiving terminal 100' when a predetermined event occurs. For example, if a predetermined menu is selected, address books supported by instant messengers are exchanged, etc., public keys may be exchanged.

Also, as shown in FIG. 16 , encryption and decryption may be performed by an external encryption management server 300, for example. For example, the encryption management server 300 may be implemented, for example, as a cloud server or the like operated by a device manufacturer, but is not limited thereto.

When the encryption management server 300 manages the public key and the private key, the encryption management server 300 may distribute the private key to the receiving terminal 100' receiving the encrypted message in response to a request from the transmitting terminal that transmits the message, and combine A public key corresponding to the private key allocated to the receiving terminal 100 ′ is allocated to the transmitting terminal 100 . Accordingly, the receiving terminal 100' can decrypt the message encrypted by the public key possessed by the transmitting terminal 100 by using the corresponding private key. Therefore, any private key can be generated and provided per session.

The encryption and decryption methods described above are merely examples, and other various encryption and decryption methods may be used.

17 is a flowchart illustrating an example method of controlling an electronic device.

The method of controlling an electronic device executing at least one application that performs a function using personal information includes, when the application requests the personal information, determining whether to protect the personal information based on information set for each application based on information related to protection of pre-stored personal information (S1710).

The personal information is encrypted based on the determination result and the encrypted personal information is provided to the application (S1720).

If an execution request for a function related to the encrypted personal information is received from the application, the encrypted personal information is decrypted and the function is executed (S1730).

In addition, the method of controlling an electronic device according to example embodiments may further include determining whether a request from an application is a request for personal information or a request to perform a function.

For example, the step of determining whether to protect personal information may include determining whether to protect personal information based on information related to the protection of personal information when the application requests personal information, or based on information related to personal information when the personal information requested by the application belongs to predetermined personal information. to determine whether to protect personal information.

In addition, information related to the protection of personal information may include information on applications that do not require protection of personal information and information on types of personal information that do not require protection.

The step of providing may include determining whether to not protect the personal information requested by the application based on the information on the application not requiring protection of the personal information and the information on the type of the personal information not requiring protection, and in the case of not encrypting the personal information Provide personal information to the application.

In addition, the method of controlling an electronic device according to example embodiments may further include displaying an execution result of a function.

The personal information may include at least one of information on a location of the electronic device, contact information, information on photo files, and information on messages.

Additionally, the step of providing includes, when the application requests contact information, encrypting the contact information and providing the encrypted personal information to the application, and the step of performing includes, when receiving from the application a request for information related to the encrypted contact information When the execution request of the function is requested, the encrypted contact information is decrypted and the contact UI generated based on the decrypted contact information is displayed.

In addition, the performed step includes, when an execution request for a call function based on the encrypted contact information is received from the application, decrypting the encrypted contact information and executing the call function.

18 to 21 are diagrams illustrating various example embodiments.

In FIG. 18 , the electronic device 100 may be, for example, a food storage device (eg, a refrigerator) 1800 . If the electronic device 100 is a food storage device, various applications 1811 related to food storage may be installed in the electronic device 100 . For example, the electronic device 100 may include an application that performs a function of checking the storage condition of food stored in the storage chamber 1801 of the food storage device 1800, an application that performs a function of adjusting the storage temperature of the electronic device 100, and an application that performs a function of checking the food stored in the electronic device 100. The application of the function of the inventory history of the food storage device 1800, the application of the function of displaying the food stored in the storage room 1801 of the food storage device 1800, the application of the function of purchasing the food to be stored in the electronic device 100, etc., but not limited thereto . At least one of the above-mentioned applications may be implemented as each function provided by one application.

In this example, an example application that determines that personal information needs to be protected according to an example embodiment may be an application 1811 for purchasing items (eg, food, etc.) using purchase information.

For example, if a user enters purchase information to purchase an item through the user interface 150 (eg, shown in FIG. 3 ), the entered purchase information may be stored in the memory 110 .

Purchase information may include, for example, user information (e.g., user name, user's nickname, user's e-mail address, etc.), information about items to be purchased (e.g., identification information of food, shelf life information of food, information about items to be purchased). information on the quantity of food, etc.), financial information required for purchase (eg, card number, card expiration date, etc.), and delivery information (eg, user's address, country of residence, user's zip code, etc.).

In another example, the processor 120 may detect the type, quantity, shelf life, expiration date, etc. of food stored in the storage chamber 1801 of the food storage device 1800 . If one of the type, quantity and expiration date of the food stored in the storage chamber 1801 of the food storage device 1800 does not reach a predetermined standard, the processor 120 may automatically store information about items that must be purchased in the memory 110 for purchase information.

In this case, the application 1811 may request the processor 120 to provide the purchase information to display the purchase UI 1831 including the purchase information based on the user's request for confirming the status of the purchase information.

The processor 120 may encrypt the purchase information and provide the encrypted purchase information to the application. If an execution request for a function related to the encrypted purchase information is received, the processor 120 may decrypt the encrypted purchase information and display the purchase UI 1831 generated based on the decrypted purchase information through the display 130 .

For example, if the application 1811 requests the privacy protection module 122 to provide purchase information to generate the purchase UI 1831 , the privacy protection module 122 may obtain raw data 1821 on the purchase information from the memory 110 .

For example, raw data 1821 about purchase information may be, for example, part of an address (such as "Manhattan").

The privacy protection module 122 may encrypt original data 1821 on purchase information and convert the encrypted original information 1821 on purchase information into protected data 1822 on purchase information.

Here, protected data 1822 regarding purchase information may be, for example, part of a user's address (such as "P[Manhattan]").

Subsequently, the privacy protection module 122 may provide the application 1811 with the protected data 1822 regarding the purchase information. Therefore, even if the application 1811 transmits purchase information to the server 830 without the user's consent, private information can be protected because the purchase information transmitted by the application 1811 is encrypted purchase information 1822 in a protected data state.

The application 1811 may request execution of a function of displaying the purchase UI 1831 using the protected data 1822 on private information. In this way, once the application 1811 sends the protected data 1822 about the purchase information to the privacy protection module 1822, the privacy protection module 122 can decrypt the protected data 1822 about the purchase information, and convert the protected data 1822 about the purchase information into about Raw data 1821 of purchase information. The display 130 may generate the purchase UI 1831 including the original data 1821 and display the generated purchase UI 1831 . In this case, the purchase UI 1831 may include purchase information. The purchase information may include at least one of user information, item information, financial information, and delivery information as described above.

In this example, the application 1811 can also only obtain the protected data 1822 about the purchase information, and the original data 1822 about the purchase information is only used by the display 130 to display the purchase UI 1831 . Therefore, the application 1811 cannot obtain the raw data 1821 on purchase information, and thus, private information can be protected.

Referring to FIG. 19 , a user who decides an item to purchase may request a shopping server 1900 to purchase an item using an application 1911 . In this example, the application 1911 of FIG. 19 may be the same as or similar to the application 1811 of FIG. 18 , or be the same type of application as the application 1811 .

According to a purchase request of an item, the application 1911 may request the processor 120 to provide purchase information to transmit the purchase information that the user has input and stored in the memory 110 to the shopping server 1900 . The shopping server 1900 may be a server that manages delivery of items that users desire to purchase. For example, the shopping server 1900 may search for a dealer having an item that the user desires to purchase and request the dealer to deliver the item to the user's residential area. In this example, the shopping server 1900 may be, for example, a server directly operated by a dealer or a server that conducts sales for a plurality of dealers. The shopping server 1900 may be implemented as more than one server or cloud server.

When the application 1911 requests purchase information, the processor 120 may encrypt the purchase information and provide the application 1911 with the encrypted purchase information. Subsequently, if an execution request for a function related to the encrypted purchase information is received from the application 1911 , the processor 120 may decrypt the encrypted purchase information and transmit the decrypted purchase information to the external shopping server 1900 through the communicator 140 .

For example, if the application 1911 requests the privacy protection module 122 to provide purchase information to be transmitted to the shopping server 1900 , the privacy protection module 122 may obtain raw data 1921 on the purchase information from the memory 110 . Then, the privacy protection module 122 may encrypt the original data 1921 about the purchase information and convert the original data 1921 into protected data 1922 .

For example, protected data 1922 regarding purchase information may be, for example, part of a user's address (such as "P[Manhattan]").

The privacy protection module 122 may provide the application 1911 with protected data 1922 on shopping information.

The application 1911 may request to perform a function of transmitting the shopping information to the shopping server 1900 using the protected data 1922 on the shopping information. In this way, if the application 1911 sends the protected data 1922 about the shopping information to the privacy protection module 122, the privacy protection module 122 decrypts the protected data 1922 about the purchase information and converts the protected data 1922 about the purchase information into about Raw data 1921 of purchase information. The communication circuit of the communicator 140 may transmit the converted raw data 1921 to the shopping server 1900 .

In this example, the application 1911 can also obtain only the protected data 1922 on the purchase information, and the original data 1921 on the purchase information transmitted to the shopping server is only used by the communication circuit of the communicator 140 . Accordingly, the application 1911 may not obtain raw data 1921 on purchase information, and thus, private information may be protected.

Referring to FIG. 20 , the electronic device 100 may be, for example, an image forming device 2000 (eg, a printer).

If the electronic device 100 is an image forming device, various types of applications 2011 related to printing of content may be installed in the electronic device 100 . For example, the electronic device 100 may include an application for setting printing options such as printing volume, printing quality, single-sided printing or double-sided printing, color printing or black-and-white printing, printing format, etc., a function for performing a printing history, etc. , an application for setting forwarding addresses for printing files, an application for printing content according to predetermined printing options, etc., but not limited thereto. Meanwhile, at least one of the above-mentioned applications may be implemented as respective functions provided by one application.

In this example, an example of an application providing private information that needs to be protected according to an example embodiment may be an application 2011 for printing content selected by a user.

For example, if a user selects content to be printed in an external device (not shown) (eg, personal computer, notebook computer, smart phone, etc.), the content to be printed can be converted into a printable format and sent to the electronic device 100 . Also, if the user selects the content to be printed in the external device, the content to be printed may be transmitted to the electronic device 100, and the electronic device 100 may change the received content into a printable format. Examples of the printable format may be Postscript (PS), Printer Control Language (PCL), etc. supporting a printer language. The content that has been changed into a printable format may be transmitted to the storage 110 of the electronic device 100 . The content stored in the memory 110 whose format has been changed to be printable by the electronic device 100 may be referred to as print information.

In this example, the application 2011 may request the processor 120 to provide print information to perform a print job according to a request from a user who desires to print the selected content.

The processor 120 may encrypt the printing information and provide the encrypted printing information to the application. Upon receiving an execution request of a function related to encrypted print information from an application, the processor 120 may decrypt the encrypted print information and execute a print job using the decrypted print information through the printing unit 180 . For example, the processor 120 may print the printing information on the printing medium using at least one of an inkjet method, a dot jet method, and a laser printing method.

For example, if the application 2011 requests the privacy protection module 122 to provide printing information, the privacy protection module 122 can obtain the original data 2021 about the printing information from the memory 110 .

For example, the original data 2012 regarding printing information may include at least one of text and images, for example.

The privacy protection module 122 may encrypt the original data 2021 on printing information and convert the original data 2021 on printing information into protected data 2022 on printing information.

The privacy protection module 122 may provide the application 2011 with the protected data 2022 on printing information. Therefore, even if the application 2011 transmits print information to the server 840 without the user's consent, private information can be protected because the print information transmitted by the application 2011 is encrypted print information 2022 in the form of protected data.

The application 2011 may request execution of a function of printing the print information using the protected data 2022 on the print information. In this way, if the application 2011 sends the protected data 2022 about the printing information to the privacy protection module 122, the privacy protection module 122 can decrypt the protected data 2022 about the printing information and convert it into the original data 2021 about the printing information And send the original data 2021 to the printing unit 180. The printing unit 180 may print the received printing information on printing paper.

In this example, the application 2011 obtains only the protected data 2022 on printing information, and thus, the original data 2021 on printing information for printing the printing information is used only in the printing unit 180 . Therefore, the application 2011 cannot obtain the original data 2021 regarding printing information, and thus, private information can be protected.

Referring to FIG. 21 , the electronic device 100 may be, for example, a medical image capturing apparatus 2100 (for example, a computed tomography apparatus, an ultrasound imaging apparatus, an X-ray imaging apparatus, a magnetic resonance imaging apparatus, etc.).

If the electronic device 100 is a medical image capturing apparatus, various applications 2111 related to capturing of medical images may be installed in the electronic device 10 . For example, the electronic device 100 may include an application that performs a function of photographing an object (such as a patient, an animal, or a phantom), performs a function of setting a photographing option of a medical image (such as an option to control the wavelength irradiated on the object, the radiation amount of the signal, etc.) application of the function of driving a rotating frame, a rail or a platen for adjusting the position of an object, an application of performing a function of sending a captured medical image to an external device, an application of performing a function of inputting a medical image of an object, displaying information about An application of information capturing a medical image of a subject, etc., but not limited thereto. Meanwhile, at least one of the above-mentioned applications may be implemented as respective functions provided by one application.

In this example, an example of an application whose privacy information needs to be protected according to example embodiments may be an application 2111 that displays or transmits medical information of a subject.

The medical information may be input from a user or received from an external server (not shown), and stored in the memory 110 of the electronic device 100 . In this example, medical information may include the patient's weight, height, blood pressure, blood sugar levels, temperature, disease history, and the like. If a subject is photographed, the processor 120 may store medical image information, which is another example of medical information, in the memory 110 .

In this example, the application 2111 may request the processor 120 to provide medical information to display the medical UI 2131 including the medical information based on a request from a user who desires to confirm the medical information of a patient.

The processor 120 may encrypt the medical information and provide the encrypted medical information to the application. Upon receiving an execution request for a function related to encrypted medical information from an application, the processor 120 may decrypt the encrypted medical information and display a medical UI 2131 generated based on the decrypted medical information through the display 130 .

For example, if the application 2111 requests the privacy protection module 122 to provide medical information to generate a medical UI, the privacy protection module 122 may obtain raw data 2121 about the medical information from the memory 110 .

For example, the raw data 2121 regarding medical information may be, for example, a medical image capturing the inside of a subject.

The privacy protection module 122 may encrypt and convert raw data 2121 on medical information into protected data 2122 on medical information.

The privacy protection module 122 may provide the application 2111 with protected data 2122 regarding medical information. Therefore, even if the application 2111 transmits medical information to the server 840 without the user's consent, private information can be protected because the medical information transmitted by the application 2111 is encrypted medical information 2122 in the form of protected data.

The application 2111 may request execution of a function of displaying the medical UI 2131 using the protected data 2122 on medical information. In this way, if the application sends the protected data 2122 on medical information to the privacy protection module 122, the privacy protection module 122 may decrypt and convert the protected data 2122 on medical information into raw data 2121 on medical information. The display 130 may generate the medical UI 2131 including the raw data 2121 and display the generated medical UI 2131 .

In this example, the application 2111 obtains only the protected data 2122 on the medical information, and thus, the raw data 2121 on the medical information for displaying the medical UI 2131 is only used in the display 130 . Therefore, the application 2111 cannot obtain the raw data 2121 on the medical information, and thus, the medical information can be protected.

Meanwhile, regarding the storage medium according to the exemplary embodiment, a program for executing at least one application that performs a function using personal information is stored in the storage medium, the program performs an operation of: The information set by each application determines whether to protect personal information, when the application requests personal information, encrypts the personal information based on the determination result and provides the encrypted personal information to the application, and when a request for the encrypted personal information is received from the application When a function is requested, the encrypted personal information is decrypted and the function is executed.

Meanwhile, a non-transitory computer readable medium storing a program for executing the control method according to example embodiments may be provided.

For example, there may be provided a non-transitory computer-readable medium storing a program that, when an application requests personal information, performs determination whether to protect the information set for each application based on information about pre-stored personal information. A program for personal information, encrypting personal information based on the determination result and providing the encrypted personal information to the application, when receiving an execution request for a function related to the encrypted personal information from the application, decrypting the encrypted personal information and executing said function.

A non-transitory recordable medium refers to a medium that can store data semi-permanently. For example, the various exemplary embodiments and programs described above can be stored and provided in a non-transitory recordable medium such as CD, DVD, hard disk, Blu-ray disc, USB, memory card, ROM, and the like.

Although the bus is not shown in the above-mentioned block diagrams regarding the electronic device, communication between each element of the electronic device may be performed through the bus. In addition, each device may further include a processor (such as a CPU, a microprocessor, etc.) that performs the various steps described above.

The above-described example embodiments and advantages are examples only and are not to be construed as limiting the present disclosure. The present teachings can be readily applied to other types of devices. Furthermore, the description of the example embodiments of the present disclosure is intended to be illustrative, not to limit the scope of the claims, and many alternatives, modifications, and variations will be apparent to those skilled in the art.

Claims (15)

1. An electronic device configured to execute at least one application that performs a function using personal information, the device comprising: a memory configured to store personal information, and information related to protection of personal information is set for each application; A processor configured to, in response to receiving a request for personal information from the application, determine whether to protect the personal information based on the set information, encrypt the personal information based on the determination result and provide the encrypted personal information to the application, in response to receiving from the application To an execution request for a function related to the encrypted personal information, the encrypted personal information is decrypted and the function is executed. 2. The electronic device of claim 1, wherein the processor is configured to determine whether the request from the application is a request for personal information or a request to perform the function. 3. The electronic device according to claim 1, wherein the processor is configured to determine whether to protect the personal information based on information related to the protection of the personal information when the application requests the personal information, or when the personal information requested by the application When it is preset personal information, it is determined whether to protect the personal information based on the information related to the protection of the personal information. 4. The electronic device of claim 1, wherein the information related to protection of the personal information includes information on applications that do not require protection of the personal information and information on types of the personal information that do not require protection. 5. The electronic device according to claim 4, wherein the processor is configured to determine not to protect the personal information requested by the application based on the information on the application that does not need to protect the personal information and the information on the type of the personal information that does not need to be protected. Personal information, do not encrypt personal information and provide personal information to the application. 6. The electronic device of claim 1, further comprising: monitor, Wherein, the processor is configured to display the execution result of the function on the display. 7. The electronic device of claim 6, wherein the personal information includes one or more of information on a location of the electronic device, contact information, information on photo files, and information on messages. 8. The electronic device of claim 7 , wherein, in response to receiving a request for contact information from an application, the processor is configured to encrypt the contact information and provide the encrypted contact information to the application, in response to Receiving an execution request for a function related to the encrypted contact information from the application, the processor is further configured to decrypt the encrypted contact information and display a contact UI generated based on the decrypted contact information on the display. 9. The electronic device of claim 7, wherein, in response to receiving from the application a request to perform a call function based on the encrypted contact information, the processor is configured to decrypt the encrypted contact information and perform the call Function. 10. The electronic device of claim 7, wherein, in response to receiving a request for location information from an application, the processor is configured to encrypt the location information and provide the encrypted location information to the application, and in response to receiving a request from the application In response to an execution request for a function related to the encrypted location information, the processor is further configured to decrypt the encrypted location information and display a map screen generated based on the decrypted location information on the display. 11. A method of controlling an electronic device executing at least one application that performs a function using personal information, the method comprising: In response to receiving a request for personal information from an application, determining whether to protect the personal information based on pre-stored information, wherein information related to the protection of the personal information is set for each application; The personal information is encrypted based on the determination result and the encrypted personal information is provided to the application, and in response to receiving an execution request for a function related to the encrypted personal information from the application, the encrypted personal information is decrypted and the function is executed. 12. The method of claim 11, further comprising: It is determined whether the request from the application is a request for personal information or a request to perform the function. 13. The method according to claim 11, wherein the determining step comprises: when the application requests the personal information, determining whether to protect the personal information based on information related to the protection of the personal information, or when the personal information requested by the application is a predetermined When storing personal information, determine whether to protect personal information based on information related to the protection of personal information. 14. The method of claim 11, wherein the information related to the protection of the personal information includes information on applications that do not require protection of the personal information and information on types of the personal information that do not require protection. 15. The method according to claim 14, wherein the providing step comprises: determining not to protect the personal information requested by the application based on information on the application not requiring protection of the personal information and information on the type of the personal information not requiring protection , does not encrypt personal information, and provides personal information to the app.