CN111859461A - Data isolation method and device and electronic equipment - Google Patents
Data isolation method and device and electronic equipment Download PDFInfo
- Publication number
- CN111859461A CN111859461A CN202010769596.7A CN202010769596A CN111859461A CN 111859461 A CN111859461 A CN 111859461A CN 202010769596 A CN202010769596 A CN 202010769596A CN 111859461 A CN111859461 A CN 111859461A
- Authority
- CN
- China
- Prior art keywords
- specified
- file
- application program
- action
- isolation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/172—Caching, prefetching or hoarding of files
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a data isolation method, a data isolation device and electronic equipment, wherein the method comprises the following steps: after the designated application program is started, loading a designated isolation control; monitoring actions under a specified application program through an isolation control; and when the action executed under the specified application program is to acquire the specified class file, saving the specified class file to the isolated storage area of the preset storage path.
Description
Technical Field
The application relates to the technical field of computers, in particular to a data isolation method and device and electronic equipment.
Background
At present, various items are mobile and intelligent, and application programs with different functions are generated. Some application programs are for entertainment, the requirement on the secrecy of the application programs is relatively low, and the probability of secret information leakage is also low when a user transmits information in the entertainment application programs in time. However, the security requirement of the application programs such as the payment instrument and the bank application program related to personal information and monetary account information is high, and if information such as files in the application programs is leaked, serious divulgence may be caused.
Disclosure of Invention
In view of this, an object of the embodiments of the present application is to provide a data isolation method, apparatus and electronic device. The security problem of the application program can be solved.
In a first aspect, an embodiment of the present application provides a data isolation method, including:
after the designated application program is started, loading a designated isolation control;
monitoring actions under the specified application program through the isolation control;
and when the action executed under the specified application program is to acquire the specified class file, saving the specified class file to an isolated storage area of a preset storage path.
In an optional embodiment, the method further comprises:
and accessing the file in the isolated storage area of the preset path by starting the specified application program.
In the data isolation method of the embodiment, the risk of file leakage can be reduced by limiting the access mode of the file in the isolation storage area, so that the security of the file in the application program can be further improved.
In an optional embodiment, the loading specifies an isolated control, comprising:
and initializing an isolation function module in isolation control, and registering a system interface file storage event.
In an optional embodiment, the saving the specified class file to an isolated storage area of a preset storage path includes:
intercepting the file storage action of the designated class so as to switch a default file storage path to a preset storage path;
and saving the specified class file to an isolated storage area of a preset storage path.
In the data isolation method of the embodiment, the default file storage path is switched to enable the specified file to be stored in the required isolation storage area, and the specified file is stored in the isolation storage area, so that the privacy of the specified file can be improved, and the security of the file generated under the specified application program can be improved.
In an optional implementation manner, the method is applied to an electronic device, where an iOS operating system runs in the electronic device, and the intercepting the specified class file storage action to switch a default file storage path to a preset storage path includes:
and intercepting an interface at the bottom layer of the iOS operating system by using a hook function so as to intercept the file storage action of the specified class and switch a default file storage path to a preset storage path.
In the data isolation method, the hook is performed on the interface at the bottom layer, so that the system call interface is intercepted at the beginning of the application start of the user, the stability is ensured, and the reliability of storing the specified file to the isolated storage area is improved.
In an optional embodiment, after monitoring, by the isolation control, the action under the specified application, the method further includes:
and judging whether the action executed under the specified application program is to acquire the specified class file.
In the data isolation method of the embodiment, whether the action executed under the specified application program is to acquire the specified class file can be further judged, so that the intercepting accuracy can be improved, and the storage accuracy of the specified class file can be improved.
In an optional implementation manner, the determining whether the action performed under the specified application is to acquire a specified class file includes:
judging whether the action executed under the specified application program is to intercept the picture in the current page of the specified application program; and/or the first and/or second light-emitting diodes are arranged in the light-emitting diode,
and judging whether the action executed under the specified application program is a file downloaded in the specified application program.
In the data isolation method of the embodiment, the screenshot or the downloaded file may directly record the private information in the specified application program, so that the file is isolated and stored, thereby improving the privacy of the application program and the security of the information in the application program.
In an optional embodiment, the saving the specified class file to an isolated storage area of a preset storage path includes:
when the action executed under the specified application program is to acquire a specified class file, displaying a selection window, wherein the display window comprises a first button and a second button;
and after receiving the selection operation of the first button, saving the specified class file into an isolated storage area of a preset storage path.
In an optional embodiment, the method further comprises:
when the action executed under the specified application program is to acquire a specified class file, displaying a selection window, wherein the display window comprises a first button and a second button;
and after receiving the selection operation of the second button, saving the specified class file into an isolated storage area of a preset storage path.
In the data isolation method of the embodiment, the required storage mode can be selected by providing the storage selection mode, so that the requirements of different users can be met, and the application scene of the data isolation method is improved.
In a second aspect, an embodiment of the present application further provides a data isolation apparatus, including:
the loading module is used for loading the specified isolation control after the specified application program is started;
the monitoring module is used for monitoring the action under the specified application program through the isolation control;
and the storage module is used for saving the specified class file into an isolated storage area of a preset storage path when the action executed under the specified application program is to acquire the specified class file.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a processor, a memory storing machine-readable instructions executable by the processor, the machine-readable instructions, when executed by the processor, performing the steps of the method of the first aspect described above, or any possible implementation of the first aspect, when the electronic device is run.
In a fourth aspect, this embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to perform the steps of the method in the first aspect or any one of the possible implementation manners of the first aspect.
According to the data isolation method and device and the electronic equipment, the action under the appointed application program is monitored by loading the isolation control, so that the appointed file can be isolated and stored.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Fig. 2 is a flowchart of a data isolation method according to an embodiment of the present application.
Fig. 3 is another flowchart of a data isolation method according to an embodiment of the present application.
Fig. 4 is a schematic functional block diagram of a data isolation device according to an embodiment of the present application.
Detailed Description
The technical solution in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Example one
For the convenience of understanding the present embodiment, the electronic device executing the data isolation method disclosed in the embodiments of the present application will be described in detail first.
As shown in fig. 1, is a block schematic diagram of an electronic device. The electronic device 100 may include a memory 111, a memory controller 112, a processor 113, a peripheral interface 114, an input-output unit 115, and a display unit 116. It will be understood by those of ordinary skill in the art that the structure shown in fig. 1 is merely exemplary and is not intended to limit the structure of the electronic device 100. For example, electronic device 100 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The above-mentioned elements of the memory 111, the memory controller 112, the processor 113, the peripheral interface 114, the input/output unit 115 and the display unit 116 are electrically connected to each other directly or indirectly, so as to implement data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The processor 113 is used to execute the executable modules stored in the memory.
The Memory 111 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. The memory 111 is configured to store a computer program, and the processor 113 executes the computer program after receiving an execution instruction, and the method performed by the electronic device 100 defined by the process disclosed in any embodiment of the present application may be applied to the processor 113, or implemented by the processor 113.
Illustratively, the computer programs stored in the memory 111 may include an operating system. Alternatively, the operating system may be an iOS operating system.
The processor 113 may be an integrated circuit chip having signal processing capability. The Processor 113 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The peripheral interface 114 couples various input/output devices to the processor 113 and memory 111. In some embodiments, the peripheral interface 114, the processor 113, and the memory controller 112 may be implemented in a single chip. In other examples, they may be implemented separately from the individual chips.
The input/output unit 115 is used to provide input data to the user. The input/output unit 115 may be, but is not limited to, a mouse, a keyboard, and the like.
The display unit 116 provides an interactive interface (e.g., a user operation interface) between the electronic device 100 and the user or is used for displaying image data to the user for reference. In this embodiment, the display unit may be a liquid crystal display or a touch display. In the case of a touch display, the display can be a capacitive touch screen or a resistive touch screen, which supports single-point and multi-point touch operations. The support of single-point and multi-point touch operations means that the touch display can sense touch operations simultaneously generated from one or more positions on the touch display, and the sensed touch operations are sent to the processor for calculation and processing.
In this embodiment, other components may be further provided to the electronic device 100 according to different usage scenarios, different requirements, and the like of the electronic device 100. For example, if the electronic device 100 is used for image recognition of a captured image, the electronic device 100 may further include a capturing device for capturing image data.
The electronic device 100 in this embodiment may be configured to perform each step in each method provided in this embodiment. The implementation of the data isolation method is described in detail below by way of several embodiments.
Example two
Please refer to fig. 2, which is a flowchart illustrating a data isolation method according to an embodiment of the present disclosure. The specific process shown in fig. 2 will be described in detail below.
Alternatively, the above-mentioned specified application may be an application that needs to be security-monitored.
Alternatively, the above-mentioned specified application may be an application relating to personal privacy. Illustratively, specifying an application may include: recruitment application programs, relatives application programs, communication application programs and the like.
Alternatively, the designated application described above may also be an application relating to a funds transaction. Illustratively, a bank application, a wallet-type application, etc.
Illustratively, upon startup of a given application, the process of the given application is initialized, as well as the isolation control is initialized.
Optionally, step 202 may include: and initializing an isolation function module in isolation control, and registering a system interface file storage event.
In this embodiment, the isolation function module may include: the system comprises a bottom layer interface intercepting module, a file isolation basic environment module, a file isolation configuration module, a file isolation data display module and file isolation data storage.
The bottom layer interface interception module is used for making hook on the interface of the bottom layer of the required operating system.
Illustratively, the operating system may be an iOS operating system.
By carrying out hook on the interface at the bottom layer of the operating system, the system call interface can be intercepted at the beginning of starting the application program, the stability is ensured, and the condition that the interception cannot be carried out due to the starting opportunity problem is prevented.
The file isolation basic environment module is used for initializing the basic environment of file isolation, loading module-related processing UI page display and initializing a directory structure entity of an isolation storage area.
Illustratively, the directory structure entity forms the isolated memory region storage path.
The file isolation configuration module is used for matching with the file isolation basic environment module.
In this embodiment, the file isolation configuration module can enable the file isolation to support user-defined configuration. For example, the isolated memory area and the system memory area are isolated from each other, and the data storage locations in the isolated memory area and the system memory area cannot be interchanged. For another example, the isolated memory area and the system memory area are not completely isolated from each other, and the storage locations of the data in the isolated memory area and the system memory area can be interchanged.
The file isolation data display module is used for limiting the data display mode in the isolation storage area.
Alternatively, the sequestered storage area is only accessible by the application.
Alternatively, the isolated memory area can be accessed by a specified class of applications. For example, the designated application may be a QQ, and the designated class application may be an application provided by the same publisher, such as a WeChat, a QQ mailbox, or the like. The application program of the specified class may also be one or more application programs set by a user, for example.
The file isolation data storage module is used for controlling a storage path of the specified class file so as to store the specified class file into the isolation storage area.
And 204, monitoring the action under the specified application program through the isolation control.
Optionally, referring to fig. 3 again, step 204 may further include: step 205, determining whether the action executed under the specified application program is to acquire a specified class file.
In one embodiment, step 205 may comprise: and judging whether the action executed under the specified application program is to intercept the picture in the current page of the specified application program.
For example, if the designated application is a banking application, sensitive information such as the user's bank account, the user's name, the user's amount of funds, etc. may be included in the current interface. The information in the current interface needs to be stored in a private storage area to improve the security of the information.
In one embodiment, step 205 may comprise: and judging whether the action executed under the specified application program is to start a camera component or not, and shooting pictures through the camera component.
In another embodiment, step 205 may include: and judging whether the action executed under the specified application program is a file downloaded in the specified application program.
For example, if the designated application is a recruitment-type application, the file downloaded from the designated application may be a user resume, and therefore the file downloaded from the designated application may be stored in private.
And step 206, when the action executed under the specified application program is to acquire the specified class file, saving the specified class file into an isolated storage area of a preset storage path.
Alternatively, the storage interface may be intercepted when the specified application program executes to acquire the specified class file, the original data stream may be changed to the original data stream, and the specified class file may be saved in the isolated storage area.
Alternatively, the sequestered memory area may be initialized prior to launching the specified application.
Alternatively, the isolated storage area may be initialized when the isolated control is loaded after the specified application is launched.
Step 206 may include: intercepting the storage action of the specified file to switch a default file storage path to a preset storage path, and then storing the specified file to an isolated storage area of the preset storage path.
In this embodiment, the data isolation method may be applied to an electronic device, where an iOS operating system runs in the electronic device.
Optionally, step 206 may be implemented as: the interface at the bottom layer of the iOS operating system can be intercepted by using a hook function so as to intercept the file storage action of the specified class and switch a default file storage path to a preset storage path.
Optionally, in order to meet the requirements of different users, the storage location of the specified class file can also be stored according to the selection of the user. Step 206 may also include the following steps.
In step 2063, when the action executed under the specified application program is to acquire the specified class file, the selection window is displayed.
The display window includes a first button and a second button thereon.
Step 2064, after receiving the selection operation of the first button, saving the specified class file to the isolated storage area of the preset storage path.
Illustratively, a first prompting message may also be displayed when the first button is selected. The first prompt message is used for prompting the user that the currently selected corresponding operation is that the specified class file is saved to the isolated storage area of the preset storage path.
Alternatively, the first prompting message can be output in a voice output mode.
Optionally, the first prompting message may also be output in a text output manner, for example, the text of the first prompting message may be displayed in a prompting window.
Optionally, when the electronic device executing the method in this embodiment is in the silent mode, the first prompting message may be output in a text output manner instead of a voice output manner.
Optionally, when the electronic device executing the method in this embodiment is in a non-silent mode, the first prompting message may be output in a form of voice output.
Illustratively, the content of the first hint message may be "store specified class file in isolation zone".
Alternatively, the content of the first prompt message may be "store the specified class file in the isolated area, please confirm", and after the first prompt message is output, a confirm button and a cancel button may be displayed. Further, after receiving the operation of the confirmation button, saving the specified class file into an isolated storage area of a preset storage path.
Step 2065, after receiving the selection operation of the second button, saving the specified class file to the isolated storage area of the preset storage path.
Illustratively, a second prompting message may also be displayed when the second button is selected. The second prompt message is used for prompting the user that the currently selected corresponding operation is the saving of the specified class file to the default system storage area.
Alternatively, the second prompting message can be output in a voice output mode.
Optionally, the second prompting message may also be output in a text output manner, for example, the text of the second prompting message may be displayed in a prompting window.
Optionally, when the electronic device executing the method in this embodiment is in the silent mode, the second prompting message may be output in a text output manner instead of a voice output manner.
Optionally, when the electronic device executing the method in this embodiment is in a non-silent mode, the second prompting message may be output in a form of voice output.
Illustratively, the content of the second prompting message may be "store the specified class file in the default area".
Alternatively, the content of the second prompt message may be "store the specified class file in the default area, please confirm", and after the second prompt message is output, a confirm button and a cancel button may be displayed. Further, after receiving the operation of the confirmation button, saving the specified class file into an isolated storage area of a preset storage path.
In order to further improve the security of the data in the isolated memory area, the access mode of the data in the isolated memory area can be limited.
Referring to fig. 3, the data isolation method in the present embodiment further includes: and step 207, accessing the file in the isolated storage area of the preset path by starting the specified application program.
For example, when a user needs to acquire a specified class file obtained from a specified application program, the specified application program can be started, and the specified class file can be accessed through an access entry in the specified application program.
Illustratively, an access entry may be displayed in the display interface of the designated application. For example, the access entry is displayed in the form of a button. When the access entry is clicked, the data in the isolated memory area can be displayed.
Optionally, a pass password may also be set for the access entry. The password can be a character string password or a biological password. For example, the biometric code may be a face of a person, a fingerprint, or other biometric feature that uniquely identifies an identity.
For example, after the access entry is clicked, a password input interface is started, and after a correct password is input, the isolated storage area is opened.
In the data isolation method provided by the embodiment of the application, the action under the designated application program is monitored by loading the isolation control, so that the designated class file can be isolated and stored.
Furthermore, the embodiment of the application adopts a non-invasive and integrated mode, the memory occupation and the performance occupation are low, and the isolation and the storage of the specified files can be realized under the condition that the requirement of the CPU memory is low. When the designated files are isolated and saved, the operation required to be designated by a user is simple and convenient, the isolation region can be automatically saved under the designated application program, the data leakage is reduced, and the user operation is reduced under the condition of improving the safety of the designated files.
EXAMPLE III
Based on the same application concept, a data isolation device corresponding to the data isolation method is also provided in the embodiments of the present application, and since the principle of solving the problem of the device in the embodiments of the present application is similar to that in the embodiments of the data isolation method, the implementation of the device in the embodiments of the present application may refer to the description in the embodiments of the method, and repeated details are not repeated.
Please refer to fig. 4, which is a schematic diagram of functional modules of a data isolation apparatus according to an embodiment of the present disclosure. Each module in the data isolation apparatus in this embodiment is configured to perform each step in the above method embodiment. The data isolation device includes: a loading module 301, a monitoring module 302 and a storage module 303; wherein,
the loading module 301 is configured to load a specified isolation control after a specified application program is started;
a monitoring module 302, configured to monitor an action under the specified application program through the isolation control;
the storage module 303 is configured to, when the action performed under the specified application program is to acquire a specified class file, store the specified class file into an isolated storage area of a preset storage path.
In a possible implementation manner, the data isolation apparatus in this embodiment further includes:
and the access module is used for accessing the file in the isolated storage area of the preset path by starting the specified application program.
In a possible implementation manner, the loading module 301 is configured to initialize an isolation function module in the isolation control, and register a system interface file saving event.
In a possible implementation, the storage module 303 is configured to:
intercepting the file storage action of the designated class so as to switch a default file storage path to a preset storage path;
and saving the specified class file to an isolated storage area of a preset storage path.
In one possible implementation manner, the method is applied to an electronic device, in which an iOS operating system runs, and the storage module 303 is configured to:
and intercepting an interface at the bottom layer of the iOS operating system by using a hook function so as to intercept the storage action of the specified file, switching a default file storage path to a preset storage path, and storing the specified file to an isolated storage area of the preset storage path.
In a possible implementation manner, the data isolation apparatus in this embodiment further includes: and the judging module is used for judging whether the action executed under the specified application program is to acquire the specified class file.
In a possible implementation, the determining module is configured to:
judging whether the action executed under the specified application program is to intercept the picture in the current page of the specified application program; and/or the first and/or second light-emitting diodes are arranged in the light-emitting diode,
and judging whether the action executed under the specified application program is a file downloaded in the specified application program.
In a possible implementation, the storage module 303 is configured to:
when the action executed under the specified application program is to acquire a specified class file, displaying a selection window, wherein the display window comprises a first button and a second button;
and after receiving the selection operation of the first button, saving the specified class file into an isolated storage area of a preset storage path.
In a possible implementation, the storage module 303 is further configured to:
when the action executed under the specified application program is to acquire a specified class file, displaying a selection window, wherein the display window comprises a first button and a second button;
and after receiving the selection operation of the second button, saving the specified class file into an isolated storage area of a preset storage path.
In addition, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the data isolation method in the foregoing method embodiment.
The computer program product of the data isolation method provided in the embodiment of the present application includes a computer-readable storage medium storing a program code, where instructions included in the program code may be used to execute the steps of the data isolation method in the above method embodiment, which may be specifically referred to in the above method embodiment, and are not described herein again.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method of data isolation, comprising:
after the designated application program is started, loading a designated isolation control;
monitoring actions under the specified application program through the isolation control;
and when the action executed under the specified application program is to acquire the specified class file, saving the specified class file to an isolated storage area of a preset storage path.
2. The method of claim 1, further comprising:
and accessing the file in the isolated storage area of the preset path by starting the specified application program.
3. The method of claim 1, wherein loading the specified isolated control comprises:
and initializing an isolation function module in isolation control, and registering a system interface file storage event.
4. The method according to claim 1, wherein the saving the specified class file to the isolated storage area of the preset storage path comprises:
intercepting the file storage action of the designated class so as to switch a default file storage path to a preset storage path;
and saving the specified class file to an isolated storage area of a preset storage path.
5. The method according to claim 4, wherein the method is applied to an electronic device in which an iOS operating system runs, and the intercepting the file storage action of the specified class to switch a default file storage path to a preset storage path includes:
and intercepting an interface at the bottom layer of the iOS operating system by using a hook function so as to intercept the file storage action of the specified class and switch a default file storage path to a preset storage path.
6. The method of claim 1, wherein after monitoring, by the isolation control, the action under the specified application, further comprising:
and judging whether the action executed under the specified application program is to acquire the specified class file.
7. The method of claim 6, wherein the determining whether the action performed under the specified application is to obtain a specified class file comprises:
judging whether the action executed under the specified application program is to intercept the picture in the current page of the specified application program; and/or the first and/or second light-emitting diodes are arranged in the light-emitting diode,
and judging whether the action executed under the specified application program is a file downloaded in the specified application program.
8. A data isolation device, comprising:
the loading module is used for loading the specified isolation control after the specified application program is started;
the monitoring module is used for monitoring the action under the specified application program through the isolation control;
and the storage module is used for saving the specified class file into an isolated storage area of a preset storage path when the action executed under the specified application program is to acquire the specified class file.
9. An electronic device, comprising: a processor, a memory storing machine-readable instructions executable by the processor, the machine-readable instructions when executed by the processor performing the steps of the method of any of claims 1 to 7 when the electronic device is run.
10. A computer-readable storage medium, having stored thereon a computer program which, when being executed by a processor, is adapted to carry out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010769596.7A CN111859461A (en) | 2020-08-03 | 2020-08-03 | Data isolation method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010769596.7A CN111859461A (en) | 2020-08-03 | 2020-08-03 | Data isolation method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111859461A true CN111859461A (en) | 2020-10-30 |
Family
ID=72954388
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010769596.7A Pending CN111859461A (en) | 2020-08-03 | 2020-08-03 | Data isolation method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111859461A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112100153A (en) * | 2020-11-16 | 2020-12-18 | 启迪国信(北京)信息技术有限公司 | File processing method and device, electronic equipment and readable storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104657674A (en) * | 2015-01-16 | 2015-05-27 | 北京邮电大学 | Isolation protection system and isolation protection method of private data in mobile phone |
| CN108170844A (en) * | 2018-01-17 | 2018-06-15 | 广东欧珀移动通信有限公司 | Storage method, device, terminal and storage medium for screen recording files |
| CN108616652A (en) * | 2018-03-29 | 2018-10-02 | 广东欧珀移动通信有限公司 | Data guard method and device, terminal, computer readable storage medium |
| CN111339543A (en) * | 2020-02-27 | 2020-06-26 | 深信服科技股份有限公司 | File processing method and device, equipment and storage medium |
-
2020
- 2020-08-03 CN CN202010769596.7A patent/CN111859461A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104657674A (en) * | 2015-01-16 | 2015-05-27 | 北京邮电大学 | Isolation protection system and isolation protection method of private data in mobile phone |
| CN108170844A (en) * | 2018-01-17 | 2018-06-15 | 广东欧珀移动通信有限公司 | Storage method, device, terminal and storage medium for screen recording files |
| CN108616652A (en) * | 2018-03-29 | 2018-10-02 | 广东欧珀移动通信有限公司 | Data guard method and device, terminal, computer readable storage medium |
| CN111339543A (en) * | 2020-02-27 | 2020-06-26 | 深信服科技股份有限公司 | File processing method and device, equipment and storage medium |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112100153A (en) * | 2020-11-16 | 2020-12-18 | 启迪国信(北京)信息技术有限公司 | File processing method and device, electronic equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10554656B2 (en) | Authentication processing method and electronic device supporting the same | |
| KR102299261B1 (en) | Method of controlling lock state of applications and electronic device supporting the same | |
| US20170103382A1 (en) | Method of providing payment service and electronic device for implementing same | |
| US20180032712A1 (en) | Electronic device and method for authenticating biometric information | |
| KR102351042B1 (en) | Method and device for authenticating in electronic device | |
| US10331871B2 (en) | Password input interface | |
| US11240230B2 (en) | Automatic authentication processing method and system using dividing function | |
| Marforio et al. | Evaluation of personalized security indicators as an anti-phishing mechanism for smartphone applications | |
| KR102509594B1 (en) | Method for detecting the tampering of application code and electronic device supporting the same | |
| EP3176719B1 (en) | Methods and devices for acquiring certification document | |
| US11010460B2 (en) | Method for managing contents and electronic device thereof | |
| AU2019253827A1 (en) | Method, system, and device for process triggering | |
| CN108229171B (en) | Driver processing method, device and storage medium | |
| CN109472122A (en) | A kind of multimedia messages reminding method and system | |
| US11797706B2 (en) | Mobile device network traffic modification and user based restrictions on data access | |
| KR20130082979A (en) | User personalized recommendation system based on fingerprint identification | |
| KR20170094895A (en) | Method and electronic device for verifying fingerprint | |
| CN113326539B (en) | Method, device and system for private data leakage detection aiming at applet | |
| KR102349714B1 (en) | Method for Managing Program and Electronic Device supporting the same | |
| CN111859461A (en) | Data isolation method and device and electronic equipment | |
| EP3877878B1 (en) | Device and method to control access to protected functionality of applications | |
| CN112287713A (en) | Two-dimensional code identification method and device | |
| CN110554817A (en) | desktop icon display control method and device, readable medium and computing equipment | |
| WO2017197976A1 (en) | Method for hiding/displaying application program, and terminal device | |
| CN111279339A (en) | Application locking method, terminal equipment and computer readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |