CN104102358A - Privacy information protecting method and privacy information protecting device - Google Patents
Privacy information protecting method and privacy information protecting device Download PDFInfo
- Publication number
- CN104102358A CN104102358A CN201410344802.4A CN201410344802A CN104102358A CN 104102358 A CN104102358 A CN 104102358A CN 201410344802 A CN201410344802 A CN 201410344802A CN 104102358 A CN104102358 A CN 104102358A
- Authority
- CN
- China
- Prior art keywords
- privacy information
- information
- party application
- acquisition request
- privacy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 168
- 230000008569 process Effects 0.000 claims abstract description 86
- 238000012545 processing Methods 0.000 claims abstract description 86
- 230000004044 response Effects 0.000 claims description 51
- 238000002347 injection Methods 0.000 claims description 32
- 239000007924 injection Substances 0.000 claims description 32
- 238000004806 packaging method and process Methods 0.000 claims description 22
- 238000013507 mapping Methods 0.000 claims description 9
- 230000010365 information processing Effects 0.000 claims description 8
- 230000006870 function Effects 0.000 description 51
- 238000004891 communication Methods 0.000 description 9
- 230000026676 system process Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 5
- 241000207748 Petunia Species 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 239000004576 sand Substances 0.000 description 2
- 241001312219 Amorphophallus konjac Species 0.000 description 1
- 235000001206 Amorphophallus rivieri Nutrition 0.000 description 1
- 241001495448 Impatiens <genus> Species 0.000 description 1
- 229920002752 Konjac Polymers 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 239000011230 binding agent Substances 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 229930190166 impatien Natural products 0.000 description 1
- 235000010485 konjac Nutrition 0.000 description 1
- 239000000252 konjac Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a privacy information protecting method and a privacy information protecting device. The privacy information protecting method comprises the following steps of injecting a privacy information protecting program in a privacy information service process; and processing a privacy information acquisition request according to a preset privacy information protecting strategy after the privacy information protecting program recognizes the privacy information acquisition request sent out by a third-party application. By using the privacy information protecting method and the privacy information protecting device, user privacy information acquired by the third-party application can be stopped or the third-party application can be tricked, so that the safety of the user privacy information is effectively improved.
Description
Technical Field
The invention relates to an intelligent terminal positioning technology, in particular to a privacy information protection method and a privacy information protection device.
Background
The intelligent terminal equipment is equipment with a multimedia function, can support audio, video and data transmission, can load corresponding application programs to realize corresponding application functions by adopting an open operating system, provides a platform for application program operation and content service, and enables a large number of value-added services such as news, weather, traffic, commodities, application program downloading, music picture downloading and the like to be realized based on the platform, and comprises fixed intelligent terminal equipment and mobile intelligent terminal equipment.
With the increasing popularity of various intelligent terminal devices and Wireless networks, the intelligent terminal devices can simultaneously have a plurality of Wireless connection and positioning functions, such as mobile network connection, base station positioning, Wireless Fidelity (WiFi) Wireless local area network, GPS positioning, and the like. The services such as base station positioning and GPS positioning based on geographic position information service present good market prospects and development trends as a novel spatial information service mode, moreover, most current intelligent terminal devices apply for the permission of acquiring the geographic position information service, a wireless network is allowed to acquire the position information of the intelligent terminal device through a specific positioning technology, and the position information is provided for users, a communication system or third-party application, so that the third-party application can acquire the geographic position information of the intelligent terminal device through the wireless network. Although, in some scenarios, it is really convenient for the user of the intelligent terminal device (for short, user) to use the geographic location information service by applying for obtaining the authority of the geographic location information service, the geographic location information is used as important privacy information of the user and marks the current geographic location of the user.
According to the providing mode of the geographic position information service, the geographic position information service can be divided into a mode requiring the intelligent terminal device to report the geographic position information and a mode not requiring the intelligent terminal device to report the geographic position information, particularly the latter mode, after receiving the request, the geographic position information of the geographic position information service is directly provided, and because the intelligent terminal device is not required to actively participate, a user cannot confirm whether the user is in a positioned state, and the geographic position information of the intelligent terminal device cannot be hidden and a third party application is prevented from obtaining the geographic position information of the user unless the user gives up any communication service. For example, for a WiFi network, if a user sets a geographic location information Service that can locate an approximate location based on a network, or locate an accurate location based on a GPS and the network in application information, then a third-party application can obtain base station information connected to an intelligent terminal device by reading a Service Set Identifier (SSID), a Basic Service Set Identifier (BSSID), and a signal strength of a WiFi hotspot connected to the intelligent terminal device or a WiFi hotspot around the intelligent terminal device by applying for a geographic location information Service authority and an authority to obtain WiFi information, the third-party application directly transmits the obtained base station information to a location server through the network, and the location server determines latitude and longitude information of WiFi by querying a database after receiving the WiFi information, so that the third-party application can obtain approximate latitude and longitude information (geographic location information) of the intelligent terminal device, causing leakage of private information of the user. For another example, for a mobile communication network, since the intelligent terminal needs to establish contact with at least one mobile communication network, for example, a base station, whether in a standby state or in an active state, since a master base station in communication contact with the intelligent terminal can be determined, and the location of the base station is fixed and known; further, the coverage area (cell) of the base station is also known, so that the third party application can determine the geographical location information of the intelligent terminal device through the base station where the intelligent terminal device to be located is located and the cell information.
Disclosure of Invention
In view of the above problems, the present invention has been made to provide a method of protecting privacy information and a privacy information protecting apparatus that overcome or at least partially solve the above problems.
According to an aspect of the present invention, there is provided a method of protecting private information, the method comprising:
injecting a privacy information protection program into a privacy information service process;
and after recognizing a privacy information acquisition request sent by a third-party application, the privacy information protection program processes the privacy information acquisition request according to a preset privacy information protection strategy.
Preferably, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and selecting disguised geographic position information from a preset geographic position information disguised list, packaging the selected disguised geographic position information in the privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
Preferably, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
generating disguised geographic position information according to a preset geographic position information disguising algorithm based on virtual path planning, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to a third party application.
Preferably, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised geographic position information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
Preferably, the injecting includes injecting in a privacy information service process of a third-party application operating system, or injecting in a privacy information service process of the intelligent terminal device.
Preferably, the injecting in the private information service process of the third-party application operating system comprises:
searching for the memory variable of a target program for processing the private information in the private information service process of the third-party application operating system;
and replacing the memory variable of the existing target program for processing the private information with the preset memory variable of the dynamic target program.
Preferably, the target program for privacy information processing is a program for sending an address location information acquisition request to a third-party application.
Preferably, the replacing the memory variable of the existing target program for processing the private information with the memory variable of the preset dynamic target program includes:
and writing the memory variable codes of the privacy information protection program into the dynamic link library, and mapping the memory variable codes of the privacy information protection program written into the dynamic link library to the remote privacy information service process by using a windows hook in the operating system.
Preferably, the replacing the memory variable of the existing target program for processing the private information with the memory variable of the preset dynamic target program includes:
and writing the memory variable codes of the privacy information protection program into the dynamic link library, and mapping the memory variable codes of the privacy information protection program written into the dynamic link library to a remote privacy information service process by utilizing remote injection and dynamic loading in an operating system.
Preferably, the replacing the memory variable of the existing target program for processing the private information with the memory variable of the preset dynamic target program includes:
and copying the memory variable codes of the privacy information protection program to a remote privacy information service process by using a system process monitor, and executing by using remote injection.
Preferably, the injecting in the privacy information service process of the intelligent terminal device comprises:
searching a function of a system positioning service program for processing the private information in the private information service process of the intelligent terminal equipment operation system;
and replacing the function of the existing system positioning service program for processing the private information with the function of a preset system positioning service program.
Preferably, before the injecting the privacy information protection program into the privacy information service process, the method further comprises:
and acquiring the root authority of the third-party application operating system or the intelligent terminal equipment operating system.
Preferably, after the privacy information protection program recognizes a privacy information acquisition request issued by a third-party application, the method further includes:
the method comprises the steps of analyzing a privacy information acquisition request, acquiring contained intelligent terminal equipment information, sending prompt information to intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt a user whether to select a privacy information protection strategy, and after receiving the information that the user selects the privacy information protection strategy, executing the privacy information protection strategy according to the preset privacy information protection strategy, and processing the flow of the privacy information acquisition request.
Preferably, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and selecting disguised privacy information from a preset disguised privacy information list, packaging the disguised privacy information in a privacy information acquisition request response, and sending the disguised privacy information to a third-party application.
Preferably, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and generating disguised privacy information according to a preset disguised privacy information generation algorithm, packaging the generated disguised privacy information in a privacy information acquisition request response, and sending the generated disguised privacy information to a third-party application.
Preferably, the disguised privacy information generation algorithm is a generation algorithm based on virtual path planning.
Preferably, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised privacy information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised privacy information in a privacy information acquisition request response, and sending the generated disguised privacy information to the third-party application.
Preferably, the third-party application sends a privacy information obtaining request through the privacy information service process.
Preferably, after the processing the privacy information acquisition request, the method further includes:
sending a message prompt to the intelligent terminal equipment; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
Preferably, a method for protecting privacy information in an environment where a geographic location information service authority is applied performs the method of any one of claims 1 to 19.
According to another aspect of the present invention, there is provided a private information protecting apparatus including: an injection module and an identification processing module, wherein,
the injection module is used for injecting a preset privacy information protection program into the privacy information service process;
and the identification processing module is used for processing the privacy information acquisition request according to a preset privacy information protection strategy after the privacy information protection program identifies the privacy information acquisition request sent by the third-party application.
Preferably, the injection module is configured to inject a dynamic target program in advance in a privacy information service process of the third-party application operating system, and replace a variable or a method of the target program of the third-party application operating system, which is used for invoking the system privacy information service, with the dynamically injected variable or method of the target program, which is used for invoking the system privacy information service.
Preferably, the injection module is configured to inject a system location service program in advance in a privacy information service process of the intelligent terminal device operating system, and replace a function in the intelligent terminal device operating system location service with a function corresponding to the injected system location service program.
Preferably, the injection module comprises: a first search unit and a first replacement unit, wherein,
the first searching unit is used for searching the memory variable of the target program for processing the privacy information in the privacy information service process of the third-party application operating system;
and the first replacing unit is used for replacing the memory variable of the existing target program for processing the private information with the preset memory variable of the dynamic target program.
Preferably, the injection module comprises: a second search unit and a second replacement unit, wherein,
the second searching unit is used for searching a function of a system positioning service program for processing the private information in the private information service process of the intelligent terminal equipment operating system;
and the second replacing unit is used for replacing the function of the existing system positioning service program for processing the private information with the function of the preset system positioning service program.
Preferably, the identification processing module includes: an identification unit and a processing unit, wherein,
the identification unit is used for notifying the response unit after the started privacy information protection program identifies a privacy information acquisition request sent by the third-party application;
and the processing unit is used for receiving the notification and processing the privacy information acquisition request according to a preset privacy information protection strategy.
Preferably, the identification processing module further comprises:
and the analysis unit is used for receiving the notification from the identification unit, analyzing the privacy information acquisition request, acquiring the contained intelligent terminal equipment information, sending prompt information to the intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt the user whether to select the privacy information protection strategy or not, and notifying the response unit after receiving the information of the privacy information protection strategy selected by the user.
Preferably, the apparatus further comprises:
and the authority acquisition module is used for informing the injection module after acquiring the root authority of the third-party application operating system or the intelligent terminal equipment operating system.
Preferably, the apparatus further comprises:
the expansion module is used for sending message reminding to the intelligent terminal equipment after the privacy information acquisition request is processed; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
According to the privacy information protection method and the privacy information protection device, any system process in the operating system can be controlled by injecting a preset geographic position information protection program into the third-party application or the intelligent terminal equipment, so that when the third-party application initiates a geographic position information acquisition request, the geographic position information acquisition request is intercepted by the geographic position information protection program injected in the third-party application operating system or the intelligent terminal equipment operating system in advance, and the disguised geographic position information is returned to the third-party application according to a preset geographic position information protection strategy. Therefore, the technical problem of user privacy information leakage is solved, the geographic position information of the user is prevented and deceived from being acquired by the third-party application, and the safety of the user privacy information is effectively improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 illustrates a method flow for protecting geographical location information according to an embodiment of the present invention; and the number of the first and second groups,
fig. 2 shows a geographical location information protection apparatus structure of an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In the prior art, after a user applies for a geographic location information service right, if a geographic location information service is shared in a manner that an intelligent terminal device does not need to report geographic location information, that is, when a third-party application (or called a third-party application program) needs to acquire geographic location information, a geographic location information acquisition request is initiated to the intelligent terminal device, and after receiving the geographic location information acquisition request, the intelligent terminal device responds to the geographic location information acquisition request, packages the geographic location information of the intelligent terminal device in a geographic location information acquisition request response, and returns the geographic location information to the third-party application, so that the third-party application can acquire the geographic location information of the intelligent terminal device. The user cannot confirm whether the user is positioned by the third-party application or not, and cannot prevent the third-party application from acquiring privacy information such as the geographic position information of the user, so that the risk of the privacy information of the user being leaked is high.
In practical applications, different users may have different permissions for operating the operating system. For an intelligent terminal device operating system (system for short), the operating system divides users into different permission groups, and assigns corresponding operating permissions to each permission group, and the permission groups may include: administrator permission group, high permission user group, common user group, backup operation group, file copy group, anonymous permission group, etc. The operation authority corresponding to the administrator authority group is administrator authority, the operation authority corresponding to the high-authority user group is high authority, and the operation authority corresponding to the common user group is common authority.
In the embodiment of the invention, although the operation of the user on the operating system is limited in the corresponding operation authority by considering different operation authorities, the operation authorities are not independent from each other and depend on the same instruction to complete the authority operation. Therefore, the operation authority of the user can be raised by using a method of raising authority (Adjust Token Privilege), wherein the raising authority refers to that a programmer breaks through the operation authority level assigned by the operating system by using various operating system bugs, and raises the current operation authority by one or more levels, so that the user obtains more authorities for operating the operating system. The existing method for promoting the authority is widely applied to the intelligent terminal equipment, such as machine refreshing, root authority, jail crossing and the like.
In the embodiment of the invention, based on the analysis and consideration, a method for protecting geographic position information is provided, the advanced operation permission of an operating system is obtained by utilizing the operating system loophole of intelligent terminal equipment and utilizing a method for improving the permission, after the advanced operation permission is obtained, an (inject) geographic position information protection program is injected into a third-party application or the intelligent terminal equipment, any process in the operating system can be controlled, so that when the third-party application initiates a geographic position information obtaining request, the geographic position information protection program injected in advance in the third-party application intercepts the geographic position information obtaining request, the geographic position information obtaining request is not sent to the intelligent terminal equipment, and the protected geographic position information is returned to the third-party application according to a preset geographic position information protection strategy; or after a geographic position information acquisition request initiated by the third-party application reaches the intelligent terminal equipment, the geographic position information acquisition request is intercepted and injected in the intelligent terminal equipment in advance, and the protected geographic position information is returned to the third-party application according to a preset geographic position information protection strategy. Therefore, the geographical position information of the user is protected to prevent and deceive a third-party application from acquiring the geographical position information of the user, so that the risk of the geographical position information of the user being leaked is reduced, and the safety of the privacy information of the user is improved.
In the embodiment of the present invention, an example is given in which an intelligent terminal device with an Android (Android) system is installed, and the privacy information is geographical location information, but it should be noted that the description is merely an example, and the scope of the present invention is not limited thereto, and the method in the embodiment of the present invention may also be applied to an intelligent terminal device with other operating systems, for example, a Linux operating system, an iOS operating system, a Window Phone operating system, and the like, and the privacy information may also be other information, for example, International Mobile Subscriber identity Number (IMSI) information, Mobile Phone information, and the like.
Fig. 1 shows a flow of a method for protecting geographical location information according to an embodiment of the present invention. Referring to fig. 1, the process includes:
step 101, starting a geographic position information disguise program injected in advance in a geographic position information service process;
in this step, as an optional embodiment, the geographic location information disguising program is the aforementioned geographic location information protecting program. The geographic location information protection program (privacy information protection program) may be injected in advance in a geographic location information service (location service) process of the third-party application operating system, that is, a target program is dynamically injected, and a variable or a method, for example, a memory variable or a function, of the target program of the third-party application operating system, for calling the system geographic location information service is replaced by the variable or the method, for example, the memory variable or the function, of the target program of the third-party application operating system, so that the purpose of identification may be achieved. As another optional embodiment, a geographic location information protection program, that is, a system location service program, may also be injected in advance into a geographic location information service process of the intelligent terminal device operating system, and a function in the intelligent terminal device operating system location service is replaced by a function corresponding to the injected system location service program, so as to achieve the purpose of identification.
In the embodiment of the present invention, pre-injecting a geographic location information protection program in a geographic location information service process of a third-party application operating system includes:
a11, searching the memory variable of the target program for processing the geographical location information in the geographical location information service process of the third-party application operating system;
in this step, the target program for processing the geographical location information is a program for sending an address location information acquisition request to the third-party application.
A12, replacing the memory variable of the existing target program for processing the geographical location information with the memory variable of the preset dynamic target program.
The method for pre-injecting the geographic position information protection program into the geographic position information service process of the intelligent terminal device comprises the following steps:
b11, searching the function of the existing system positioning service program for processing the geographical position information in the geographical position information service process of the intelligent terminal equipment operating system;
in this step, the system location service program for processing the geographical location information is a program for receiving an address location information acquisition request by the intelligent terminal device.
B12, replacing the function of the existing system positioning service program for processing the geographical position information with the function of the preset system positioning service program.
In the embodiment of the present invention, the geographic location information protection program includes: dynamic object programs and system location service programs. As an alternative embodiment, steps a12 and B12 may specifically include:
writing the memory variable codes or functions of the geographic position information protection program into a Dynamic Link Library (DLL), and mapping the memory variable codes or functions of the geographic position information protection program written into the Dynamic Link Library to a remote geographic position information service process by using a windows hook in an operating system.
As another alternative, steps a12 and B12 may also include:
writing the memory variable codes or functions of the geographic position information protection program into a Dynamic Link Library (DLL), and mapping the memory variable codes or functions of the geographic position information protection program written into the Dynamic Link Library to a remote geographic position information service process by using remote injection (CreateRemoteThread) and Dynamic loading (LoadLibrary) in an operating system.
As still another alternative, the steps a12 and B12 may further include:
the memory variable code or function of the geolocation information protection program is copied to a remote geolocation information service process using a system process monitor (WriteProcessMemory) and executed using remote injection (creatremountthread).
In practical application, the geographic position information stored in the geographic position information protection program can be stored in a file form, so that the file or the memory mapping of the file can be read by uniformly calling a reading function. In this way, the read function of the target program of the third-party application operating system can be replaced by the read function of the injected dynamic target program; or replacing the function in the positioning service program of the operating system of the intelligent terminal equipment by the read function of the injected system positioning service program. In the embodiment of the present invention, specifically, the geographic location information protection program may be loaded at the location of the geographic location information service process by finding the geographic location information service process in the operating system. For example, a dlopen method of a dynamic link library may be opened in a specified mode through an Application Programming Interface (API) provided by a Linux system based on the android system, and the geo-location information protection program is loaded into the geo-location information service process, so as to replace a related function in the geo-location information service process to a corresponding function in the geo-location information protection program. The function realized by the corresponding function in the replaced geographic position information protection program is consistent with the function realized by the related function in the geographic position information service process, and a geographic position information acquisition request identification function is added. In this way, after the geographic location information service process sends the geographic location information acquisition request, the geographic location information protection program is called for processing.
It should be noted that the injection in the embodiment of the present invention is only an example, and a person skilled in the art may use other techniques to replace the geographic location information processing program with the geographic location information protection program, which is not illustrated in the embodiment of the present invention.
In the embodiment of the invention, after the geographic position information protection program is injected into the geographic position information service process, the geographic position information protection program can replace the existing target program or system positioning service program in the geographic position information service process. Therefore, in the subsequent application, the geographic position information acquisition request sent by the third-party application can be identified through the underlying interface, and the normal use of other application programs cannot be influenced.
As an alternative embodiment, before starting the pre-injected geographic location information protection program in the geographic location information service process, the method may further include:
and acquiring Root (Root) authority of a third-party application operating system or an intelligent terminal device operating system.
In this step, the Root authority of the third-party application operating system or the intelligent terminal device operating system is obtained in advance, so that the authority can be improved. The Root is a super administrator user account in the Linux operating system and the Unix operating system, and if the Root authority is obtained, the Root indicates that the highest authority of the third-party application operating system or the intelligent terminal device operating system is obtained. In this way, operations such as addition, deletion, modification, and search can be performed on any file (including operating system files) in the third-party application or the intelligent terminal device, so as to realize the injection of the geographic location information protection program.
And step 102, after intercepting a geographical position information acquisition request sent by a third party, the started geographical position information disguising program responds to the geographical position information acquisition request according to a preset geographical position information disguising strategy.
In this step, after the started geographic position information protection program identifies a geographic position information acquisition request sent by a third-party application, the geographic position information acquisition request is processed according to a preset geographic position information protection strategy.
And the started geographic position information protection program monitors a geographic position information acquisition request sent by a third-party application through a privacy information service process in real time.
After the geographic location information protection program identifies the geographic location information acquisition request sent by the third-party application, the method may further include:
analyzing the geographic position information acquisition request, acquiring contained intelligent terminal equipment information, sending prompt information to intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt a user whether to select a geographic position information protection strategy, executing the geographic position information protection strategy according to the preset geographic position information after receiving the information that the user selects the geographic position information protection strategy, and responding to the process of the geographic position information acquisition request.
As an alternative embodiment, the step of identifying, by the geographic location information protection program, the geographic location information acquisition request sent by the third-party application includes:
after a third-party application initiates a geographic position information acquisition request, a geographic position information protection program (dynamic target program) injected into an operating system of the third-party application intercepts the geographic position information acquisition request so as to prevent the geographic position information acquisition request from being sent to intelligent terminal equipment; or,
the third party application initiates a geographic position information acquisition request and sends the request to the intelligent terminal equipment, and a geographic position information protection program (system positioning service program) injected into an operating system of the intelligent terminal equipment intercepts the geographic position information acquisition request. Specifically, the third-party application and the positioning data module of the operating system of the intelligent terminal device adopt an inter-process communication mechanism, for example, a bind communication mechanism of an Android system. The method comprises the steps that a BINDER communication mechanism interface function is called by a third party application to obtain a handle (namely a memory variable or function) pointing to a third party application location service, then a cross-process geographic location information obtaining request is sent to the location service through the obtained handle, the location service receives the geographic location information obtaining request through an inter-process communication mechanism, and then a location service handle pointing to a location data module of an intelligent terminal device operating system is obtained through the geographic location information obtaining request through the inter-process communication mechanism, the location service handle of the location data module of the intelligent terminal device operating system receives the geographic location information obtaining request, processes the geographic location information obtaining request, and returns requested data (disguised geographic location information). The positioning data module of the intelligent terminal device operating system is an independent system process and is not the same process with the third-party application.
In the embodiment of the present invention, since the third-party application (application program) needs to acquire the handle (memory variable) pointing to the location service, the geographical location information protection program is injected into the third-party application program to replace the handle (memory variable) pointing to the location service acquired by the third-party application program as the false handle (memory variable) set in the geographical location information protection program, so that the false handle (memory variable) executes the identified logic when being called. Or, by injecting the geographic location information protection program into the operating system of the intelligent terminal device, a handle (memory variable) used for receiving interprocess communication data in the positioning service of the operating system of the intelligent terminal device is replaced by a false handle (memory variable) set in the geographic location information protection program, so that the false handle (memory variable) receives a geographic location information acquisition request from a third party application prior to the positioning service of the system, and the false handle (memory variable) executes the identified logic when being called.
In this embodiment, as an optional embodiment, responding to the geographic location information obtaining request according to a preset geographic location information protection policy includes:
and selecting disguised geographic position information from a preset disguised geographic position information list, packaging the selected disguised geographic position information in a geographic position information acquisition request response, and sending the geographic position information acquisition request response to a third-party application.
As an optional embodiment, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and selecting disguised geographic position information from a preset geographic position information disguised list, packaging the selected disguised geographic position information in the privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
As another optional embodiment, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
generating disguised geographic position information according to a preset geographic position information disguising algorithm based on virtual path planning, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to a third party application.
As another optional embodiment, the disguised privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised geographic position information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
In this step, the list of disguised geographical location information may be composed of all of the disguised geographical location information, thereby hiding the actual geographical location information of the user; or the real geographical position information of the user can be hidden through the true and false geographical position information. For example, the list of disguised geographical location information may include: macao Stauko, hong Kong Gong bay, Dubai palm island, France Eiffel Tower, Paris holy institute, and Bali island, etc. For example, data of the Macao Konjac hotel is simulated in the disguised geographic location information list, so that a third party application can be effectively deceived to be truly Macao in the intelligent terminal device. It may even be possible to fool the social software of a third party application into finding a false local net friend.
When the geographical location information is selected, a piece of geographical location information may be randomly selected from the disguised geographical location information list, or a piece of geographical location information may be selected from the disguised geographical location information list in an equal probability manner. Of course, in practical application, the disguised geographical location information list may be displayed to the user first, the user selects the list, and the geographical location information selected by the user is encapsulated in the geographical location information acquisition request response.
Furthermore, for each piece of selected geographical position information, the selected geographical position information can be marked in the electronic map by combining the electronic map, and the electronic map marked with the geographical position information is packaged in the geographical position information acquisition request response. For example, for the australian petunia, specific geographic location information of the australian petunia can be provided in an electronic map, for example, the australian petunia corresponds to the great road No. 37 of australian lunstein in the electronic map, and for the Guincho a gale restaurant, for example, corresponds to the great district of australian particular administrative district, the great district of peninsula, the great road No. 2-4 of luckin hotel in the electronic map; for Aux Beaux Arts, corresponding to the American Hotel on the big road of the grand impatiens of the peninsula Yixian in the great hall area of the Macau special administrative area in the electronic map; for the China Bank building, the map corresponds to the Su Asia doctor Daway 323 number of the Tang district of the Australian special administrative district in the electronic map. Of course, in practical applications, specific information around the selected geographic location information may also be displayed in the electronic map.
As an alternative embodiment, the geographical location information includes: latitude information, longitude information, altitude information, and the like. As another alternative, the geographical location information may also include: service set identifier information, basic service set identifier information, base station information, neighbor base station information, and the like, or the geographical location information may include: latitude and longitude information mapped by the service set identifier information, and the like. The base station may be a mobile phone wireless base station of a mobile network, or may also be a wireless base station of a Wireless Local Area Network (WLAN), and the base station information may include: the method comprises the following steps of intelligent terminal equipment, namely, information of a business name of a telecommunication network, a frequency range of a base station, a channel of the base station, base station authentication information, a position coordinate of the base station, a type of the base station, a name of the base station, a model of the base station, a Media Access Control (MAC) address of the base station, network information of the base station, a Location Area Code (LAC) of the base station, Cell identification (Cell ID) information of the base station and the like. For example, when the intelligent terminal device is connected to a wireless base station of a mobile phone, the base station information is related information such as a base station LAC and a base station Cell ID, and when the intelligent terminal device is connected to a WiFi base station, for example, a WiFi hotspot connected to the intelligent terminal device, or a WiFi hotspot detectable around the intelligent terminal device, the base station information is related information such as a base station name and a base station MAC address.
It should be noted that, in the embodiment of the present invention, the service set identifier information, the basic service set identifier information, the base station information, and the adjacent base station information are masquerading information corresponding to the intelligent terminal device, rather than real information, but the masquerading information actually exists and is only not in the area where the intelligent terminal device is currently located.
In the embodiment of the invention, the geographical position information in the disguised geographical position information list can be from address data collected on the internet in real time, or from address data collected by a user, and the collected address data is used for disguising.
As another optional embodiment, responding to the geographic location information obtaining request according to a preset geographic location information protection policy includes:
and generating geographical position information according to a preset disguised geographical position information generation algorithm, packaging the generated geographical position information in a geographical position information acquisition request response, and sending the geographical position information to a third-party application.
In this step, the disguised geographical location information generation algorithm may be a generation algorithm based on virtual path planning. In the embodiment of the invention, the real track of the user can be covered by constructing the virtual path plan, so that the real geographical position information of the user is protected. For example, the generation algorithm based on the virtual path plan may be a preset virtual path plan from harbin to lissajous via beijing, nanjing, and in the virtual path plan, a plurality of sequentially connected disguised geographical location information are set, and after the geographical location information acquisition request is identified, the disguised geographical location information sequentially marked in the virtual path plan is packaged in a geographical location information acquisition request response according to the identified time sequence, and is sent to the third party application. In practical application, of course, the current geographic position may be calculated according to a preset vehicle and a time difference between the received previous and subsequent geographic position information acquisition requests, and the corresponding geographic position after the vehicle runs through the time difference is calculated, and the corresponding geographic position information is encapsulated in the geographic position information acquisition request response. For example, the geographic location information returned in the previous geographic location information acquisition request response is beijing, if the time difference between the received current and previous geographic location information acquisition requests is 16 hours, and the preset work vehicle is a train, the train runs for 16 hours, and the sand in the virtual path plan should be reached, the sand is packaged in the current geographic location information acquisition request response.
As another optional embodiment, according to a preset geographic location information protection policy, responding to the geographic location information acquisition request includes:
and analyzing the third-party application information contained in the geographical position information acquisition request, generating corresponding geographical position information with space-time rationality according to the analyzed third-party application information, packaging the generated geographical position information in a geographical position information acquisition request response, and sending the geographical position information to the third-party application.
In this step, the third-party application may need to obtain different privacy information from the user for different purposes. For example, if the third-party application is a travel company, it is desired to obtain the travel location related information of the user, and in the embodiment of the present invention, after the third-party application is analyzed as the travel related company, the geographic location information corresponding to the pseudo travel route may be generated. For example, a travel route of beijing-sain-australia is set, and geographic position information of beijing, sain, australia and the like is returned in sequence according to the received geographic position information acquisition requests sent in sequence by the third-party application, so that virtual travel route information is formed. The virtual path can be dynamically selected or predetermined by the user, is independent of the real path, and the user can start the virtual path planning at any time.
In the embodiment of the invention, the format of the geographic position information acquisition request response is the same as that of the existing geographic position information acquisition request response, namely, in the process of intercepting the call of the third-party application for acquiring the geographic position information, the geographic position information is returned to the third-party application according to the established format of the operating system, the return value is the format fixed by the operating system, but the content of the return value is preset disguised geographic position information instead of real geographic position information, for example, the content of the return value is set to be data such as a real MAC address of a certain different-place base station, and therefore, the third-party application can be deceived.
As an optional embodiment, after the processing the privacy information acquisition request, the method further includes:
sending a message prompt to the intelligent terminal equipment; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
As an alternative embodiment, the method of the embodiment of the present invention may be applied to a privacy information protection method in an environment where a geographic location information service authority is applied.
Fig. 2 shows a geographical location information protection apparatus structure of an embodiment of the present invention. Referring to fig. 2, the apparatus includes: an injection module, a starting module and an identification processing module, wherein,
the injection module is used for injecting a preset geographic position information protection program in a geographic position information service process;
in the embodiment of the invention, a dynamic target program can be injected in advance in the geographic position information service process of the third-party application operating system, and the variable or the method for calling the system geographic position information service of the target program of the third-party application operating system is replaced by the variable or the method for calling the system geographic position information service of the dynamically injected target program, or a system positioning service program can be injected in advance in the geographic position information service process of the intelligent terminal equipment operating system to replace a function in the positioning service of the intelligent terminal equipment operating system as a function corresponding to the injected system positioning service program.
As an alternative embodiment, the injection module comprises: a first search unit and a first replacement unit (not shown), wherein,
the first searching unit is used for searching the memory variable of a target program for processing the geographical position information in the geographical position information service process of the third-party application operating system;
in the embodiment of the present invention, the target program for processing the geographical location information is a program for sending an address location information acquisition request to a third-party application.
And the first replacing unit is used for replacing the memory variable of the existing target program for processing the geographical position information with the preset memory variable of the dynamic target program.
In the embodiment of the present invention, a specific process of replacing by the first replacement unit is as follows:
writing the memory variable code of the geographic position information protection program into a dynamic link library, and mapping the memory variable code of the geographic position information protection program written into the dynamic link library to a remote geographic position information service process by using a windows hook in an operating system; or,
writing the memory variable code of the geographic position information protection program into a dynamic link library, and transmitting the memory variable code of the geographic position information protection program written into the dynamic link library to a remote geographic position information service process by utilizing remote injection and dynamic loading in an operating system; or,
and copying the memory variable codes of the geographic position information protection program to a remote geographic position information service process by using a system process monitor, and executing by using remote injection.
As another alternative embodiment, the injection module includes: a second search unit and a second replacement unit, wherein,
the second searching unit is used for searching functions of a system positioning service program for processing the geographical position information in the geographical position information service process of the intelligent terminal equipment operating system;
in the embodiment of the invention, the system positioning service program for processing the geographical position information is a program for receiving the address position information acquisition request by the intelligent terminal equipment.
And the second replacing unit is used for replacing the function of the existing system positioning service program for processing the geographical position information with the function of the preset system positioning service program.
In the embodiment of the present invention, the specific process of replacing by the second replacing unit is similar to the specific process of replacing by the first replacing unit, and the detailed description is omitted here.
The starting module is used for starting a geographical position information protection program injected in advance in a geographical position information service process;
in the embodiment of the invention, the starting module is an optional module.
And the identification processing module is used for processing the geographical position information acquisition request according to a preset geographical position information protection strategy after the started geographical position information protection program identifies the geographical position information acquisition request sent by the third-party application.
In the embodiment of the present invention, the identification processing module includes: an identification unit and a processing unit (not shown in the figure), wherein,
the identification unit is used for notifying the response unit after the started geographic position information protection program identifies a geographic position information acquisition request sent by a third-party application;
in the embodiment of the invention, a dynamic target program injected into the third-party application operating system intercepts a geographic position information acquisition request initiated by a third-party application; or after the geographic position information acquisition request initiated by the third-party application reaches the intelligent terminal device, a system positioning service program injected into an operating system of the intelligent terminal device intercepts the geographic position information acquisition request.
And the processing unit is used for receiving the notification and processing the geographic position information acquisition request according to a preset geographic position information protection strategy.
In the embodiment of the invention, the processing unit can select geographical position information from a preset disguised geographical position information list, package the geographical position information in the geographical position information acquisition request response and send the geographical position information to the third-party application. Or generating disguised geographical position information according to a preset disguised geographical position information generating algorithm, packaging the generated disguised geographical position information in a geographical position information acquisition request response, and sending the generated disguised geographical position information to a third party application. The disguised geographic position information generation algorithm can be a generation algorithm based on virtual path planning, so that the real track of the user can be covered by constructing the virtual path planning, and the real geographic position information of the user can be protected.
As an alternative embodiment, the geographical location information comprises: latitude information, longitude information, altitude information, and the like.
As an alternative embodiment, the identification processing module further comprises:
and the analysis unit is used for receiving the notification from the identification unit, analyzing the geographic position information acquisition request, acquiring the contained intelligent terminal equipment information, sending prompt information to the intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt the user whether to select a geographic position information camouflage strategy or not, and notifying the response unit after receiving the information that the user selects the geographic position information camouflage strategy.
As an alternative embodiment, the apparatus may further comprise:
and the authority acquisition module is used for informing the injection module after acquiring the root authority of the third-party application operating system or the intelligent terminal equipment operating system.
As an alternative embodiment, the apparatus further comprises:
an extension module (not shown in the figure) for sending a message prompt to the intelligent terminal device after the privacy information acquisition request is processed; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
In the embodiment of the invention, the geographic position information acquisition request initiated by the third-party application is uniformly processed by the geographic position information protection device, so that the geographic position information acquisition request initiated by the third-party application cannot reach a positioning service program (system positioning service program) of the intelligent terminal equipment, is directly sent to the geographic position information protection device to acquire the protected geographic position information, and returns the protected geographic position information to the third-party application. Therefore, the risk that the geographic position information of the user is leaked due to the fact that the geographic position information of the user is obtained by a third-party application such as a service website or a Service Provider (SP) is avoided.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functions of some or all of the components in a geographic location information protection device according to an embodiment of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet web server or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The invention discloses A1. a method for protecting privacy information, which comprises the following steps:
injecting a privacy information protection program into a privacy information service process;
and after recognizing a privacy information acquisition request sent by a third-party application, the privacy information protection program processes the privacy information acquisition request according to a preset privacy information protection strategy.
A2. According to the method of a1, the masquerading privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and selecting disguised geographic position information from a preset geographic position information disguised list, packaging the selected disguised geographic position information in the privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
A3. According to the method of a1, the masquerading privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
generating disguised geographic position information according to a preset geographic position information disguising algorithm based on virtual path planning, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to a third party application.
A4. According to the method of a1, the masquerading privacy information includes geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised geographic position information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
A5. The method according to A1, wherein the injecting includes injecting in a privacy information service process of a third-party application operating system or a privacy information service process of the intelligent terminal device.
A6. The method of A5, the injecting in a private information service process of a third-party application operating system comprising:
searching for the memory variable of a target program for processing the private information in the private information service process of the third-party application operating system;
and replacing the memory variable of the existing target program for processing the private information with the preset memory variable of the dynamic target program.
A7. According to the method described in a6, the target program for private information processing is a program that sends an address location information acquisition request to a third-party application.
A8. The method according to a6, wherein the replacing the memory variables of the existing target program for private information processing with the memory variables of a preset dynamic target program includes:
and writing the memory variable codes of the privacy information protection program into the dynamic link library, and mapping the memory variable codes of the privacy information protection program written into the dynamic link library to the remote privacy information service process by using a windows hook in the operating system.
A9. The method according to a6, wherein the replacing the memory variables of the existing target program for private information processing with the memory variables of a preset dynamic target program includes:
and writing the memory variable codes of the privacy information protection program into the dynamic link library, and mapping the memory variable codes of the privacy information protection program written into the dynamic link library to a remote privacy information service process by utilizing remote injection and dynamic loading in an operating system.
A10. The method according to a6, wherein the replacing the memory variables of the existing target program for private information processing with the memory variables of a preset dynamic target program includes:
and copying the memory variable codes of the privacy information protection program to a remote privacy information service process by using a system process monitor, and executing by using remote injection.
A11. According to the method of A5, the injecting in the privacy information service process of the intelligent terminal device comprises the following steps:
searching a function of a system positioning service program for processing the private information in the private information service process of the intelligent terminal equipment operation system;
and replacing the function of the existing system positioning service program for processing the private information with the function of a preset system positioning service program.
A12. The method according to a1, before injecting the privacy information protection program in the privacy information service process, the method further comprising:
and acquiring the root authority of the third-party application operating system or the intelligent terminal equipment operating system.
A13. The method according to a1, wherein after the privacy information protection program recognizes a privacy information acquisition request issued by a third-party application, the method further comprises:
the method comprises the steps of analyzing a privacy information acquisition request, acquiring contained intelligent terminal equipment information, sending prompt information to intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt a user whether to select a privacy information protection strategy, and after receiving the information that the user selects the privacy information protection strategy, executing the privacy information protection strategy according to the preset privacy information protection strategy, and processing the flow of the privacy information acquisition request.
A14. According to the method of a1, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and selecting disguised privacy information from a preset disguised privacy information list, packaging the disguised privacy information in a privacy information acquisition request response, and sending the disguised privacy information to a third-party application.
A15. According to the method of a1, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and generating disguised privacy information according to a preset disguised privacy information generation algorithm, packaging the generated disguised privacy information in a privacy information acquisition request response, and sending the generated disguised privacy information to a third-party application.
A16. According to the method of a15, the masquerading privacy information generation algorithm is a generation algorithm based on virtual path planning.
A17. According to the method of a1, the processing the privacy information acquisition request according to a preset privacy information protection policy includes:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised privacy information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised privacy information in a privacy information acquisition request response, and sending the generated disguised privacy information to the third-party application.
A18. According to the method of a1, the third-party application issues a privacy information acquisition request through the privacy information service process.
A19. The method of a1, after the processing the private information acquisition request, the method further comprising:
sending a message prompt to the intelligent terminal equipment; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
A20. A method for protecting private information in an environment where a geographic location information service authority is applied, the method according to any one of claims 1 to 19 being performed.
A21. An apparatus for protecting private information, the apparatus comprising: an injection module and an identification processing module, wherein,
the injection module is used for injecting a preset privacy information protection program into the privacy information service process;
and the identification processing module is used for processing the privacy information acquisition request according to a preset privacy information protection strategy after the privacy information protection program identifies the privacy information acquisition request sent by the third-party application.
A22. The apparatus according to a21, wherein the injection module is configured to inject a dynamic target program into the privacy information service process of the third-party application operating system in advance, and replace a variable or a method of the target program of the third-party application operating system, which is used for calling the system privacy information service, with the variable or the method of the dynamically injected target program, which is used for calling the system privacy information service.
A23. According to the apparatus described in a21, the injection module is configured to inject a system location service program in advance in a privacy information service process of an intelligent terminal device operating system, and replace a function in the intelligent terminal device operating system location service with a function corresponding to the injected system location service program.
A24. The apparatus of a21, the injection module comprising: a first search unit and a first replacement unit, wherein,
the first searching unit is used for searching the memory variable of the target program for processing the privacy information in the privacy information service process of the third-party application operating system;
and the first replacing unit is used for replacing the memory variable of the existing target program for processing the private information with the preset memory variable of the dynamic target program.
A25. The apparatus of a21, the injection module comprising: a second search unit and a second replacement unit, wherein,
the second searching unit is used for searching a function of a system positioning service program for processing the private information in the private information service process of the intelligent terminal equipment operating system;
and the second replacing unit is used for replacing the function of the existing system positioning service program for processing the private information with the function of the preset system positioning service program.
A26. The apparatus of a21, the identification processing module comprising: an identification unit and a processing unit, wherein,
the identification unit is used for notifying the response unit after the started privacy information protection program identifies a privacy information acquisition request sent by the third-party application;
and the processing unit is used for receiving the notification and processing the privacy information acquisition request according to a preset privacy information protection strategy.
A27. The apparatus of a26, the identification processing module further comprising:
and the analysis unit is used for receiving the notification from the identification unit, analyzing the privacy information acquisition request, acquiring the contained intelligent terminal equipment information, sending prompt information to the intelligent terminal equipment corresponding to the acquired intelligent terminal equipment information to prompt the user whether to select the privacy information protection strategy or not, and notifying the response unit after receiving the information of the privacy information protection strategy selected by the user.
A28. The apparatus of a21, the apparatus further comprising:
and the authority acquisition module is used for informing the injection module after acquiring the root authority of the third-party application operating system or the intelligent terminal equipment operating system.
A29. The apparatus of a21, the apparatus further comprising:
the expansion module is used for sending message reminding to the intelligent terminal equipment after the privacy information acquisition request is processed; and/or the presence of a gas in the gas,
performing a security scan on the third party application; and/or the presence of a gas in the gas,
uninstalling the third-party application; and/or the presence of a gas in the gas,
and setting privacy access permission for the third-party application.
Claims (10)
1. A method of privacy information protection, comprising:
injecting a privacy information protection program into a privacy information service process;
and after recognizing a privacy information acquisition request sent by a third-party application, the privacy information protection program processes the privacy information acquisition request according to a preset privacy information protection strategy.
2. The method of claim 1, wherein the masquerading privacy information comprises geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy comprises:
and selecting disguised geographic position information from a preset geographic position information disguised list, packaging the selected disguised geographic position information in the privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
3. The method of claim 1, wherein the masquerading privacy information comprises geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy comprises:
generating disguised geographic position information according to a preset geographic position information disguising algorithm based on virtual path planning, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to a third party application.
4. The method of claim 1, wherein the masquerading privacy information comprises geographical location information, and the processing the privacy information acquisition request according to a preset privacy information protection policy comprises:
and analyzing the third-party application information contained in the privacy information acquisition request, generating corresponding disguised geographic position information with space-time rationality according to the analyzed third-party application information, packaging the generated disguised geographic position information in a privacy information acquisition request response, and sending the privacy information acquisition request response to the third-party application.
5. The method of claim 1, wherein the injecting comprises injecting in a privacy information service process of a third-party application operating system or in a privacy information service process of the intelligent terminal device.
6. The method of claim 5, wherein injecting in a private information services process of a third-party application operating system comprises:
searching for the memory variable of a target program for processing the private information in the private information service process of the third-party application operating system;
and replacing the memory variable of the existing target program for processing the private information with the preset memory variable of the dynamic target program.
7. The method according to claim 6, wherein the target program for the private information processing is a program for sending an address location information acquisition request to a third-party application.
8. The method according to claim 6, wherein the replacing the memory variable of the existing target program for private information processing with the memory variable of the preset dynamic target program comprises:
and writing the memory variable codes of the privacy information protection program into the dynamic link library, and mapping the memory variable codes of the privacy information protection program written into the dynamic link library to the remote privacy information service process by using a windows hook in the operating system.
9. An apparatus for protecting private information, the apparatus comprising: an injection module and an identification processing module, wherein,
the injection module is used for injecting a preset privacy information protection program into the privacy information service process;
and the identification processing module is used for processing the privacy information acquisition request according to a preset privacy information protection strategy after the privacy information protection program identifies the privacy information acquisition request sent by the third-party application.
10. The apparatus of claim 9, wherein the injection module is configured to pre-inject a dynamic target program into the privacy information service process of the third-party application operating system, and replace a variable or a method of the target program of the third-party application operating system for invoking the system privacy information service with the dynamically-injected variable or method of the target program for invoking the system privacy information service.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410344802.4A CN104102358A (en) | 2014-07-18 | 2014-07-18 | Privacy information protecting method and privacy information protecting device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410344802.4A CN104102358A (en) | 2014-07-18 | 2014-07-18 | Privacy information protecting method and privacy information protecting device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104102358A true CN104102358A (en) | 2014-10-15 |
Family
ID=51670558
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410344802.4A Pending CN104102358A (en) | 2014-07-18 | 2014-07-18 | Privacy information protecting method and privacy information protecting device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104102358A (en) |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104713547A (en) * | 2015-03-16 | 2015-06-17 | 酷派软件技术(深圳)有限公司 | Method and terminal for generating position information |
| CN104735617A (en) * | 2015-03-06 | 2015-06-24 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and sharing method of position information of terminal |
| CN105184149A (en) * | 2015-08-11 | 2015-12-23 | 广东欧珀移动通信有限公司 | Method and system for preventing rogue program from frequently acquiring user position information |
| CN105338065A (en) * | 2015-09-30 | 2016-02-17 | 北京奇虎科技有限公司 | Terminal equipment position information protection method and device |
| CN105574436A (en) * | 2015-12-23 | 2016-05-11 | 惠州Tcl移动通信有限公司 | Personal information protection method and system based on mobile terminal and mobile terminal |
| CN105631326A (en) * | 2014-11-05 | 2016-06-01 | 中兴通讯股份有限公司 | Security protection method and device for sensitive information |
| CN105630854A (en) * | 2015-01-28 | 2016-06-01 | 深圳酷派技术有限公司 | Data search method, data search apparatus and terminal |
| CN105653979A (en) * | 2015-12-29 | 2016-06-08 | 银江股份有限公司 | Code injection based privacy information protection method |
| CN105792120A (en) * | 2014-12-23 | 2016-07-20 | 小米科技有限责任公司 | Path trace acquisition method and system |
| CN106022128A (en) * | 2016-05-13 | 2016-10-12 | 北京奇虎科技有限公司 | Method and device for detecting process access right and mobile terminal |
| WO2016179860A1 (en) * | 2015-05-14 | 2016-11-17 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for protecting position information in multi-operating system terminal, and terminal |
| CN106210316A (en) * | 2016-07-12 | 2016-12-07 | 深圳市中易通安全芯科技有限公司 | A kind of anti-localization method of mobile terminal based on virtual address and system thereof |
| WO2016191917A1 (en) * | 2015-05-29 | 2016-12-08 | 宇龙计算机通信科技(深圳)有限公司 | Position camouflage method, apparatus and system |
| CN106331035A (en) * | 2015-06-30 | 2017-01-11 | 北京壹人壹本信息科技有限公司 | Tracking prevention method and terminal |
| CN106454813A (en) * | 2016-11-17 | 2017-02-22 | 珠海市魅族科技有限公司 | Wireless communication mode setting method and device |
| CN106686049A (en) * | 2016-08-09 | 2017-05-17 | 腾讯科技(深圳)有限公司 | Position virtualization method and position virtualization device |
| CN106897610A (en) * | 2017-01-19 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of method and apparatus for positioning protection |
| CN106933979A (en) * | 2017-02-16 | 2017-07-07 | 北京奇虎科技有限公司 | A kind of position information processing method, device and mobile terminal |
| CN106940650A (en) * | 2017-02-16 | 2017-07-11 | 北京奇虎科技有限公司 | The data capture method and mobile terminal of a kind of mobile terminal |
| CN107040540A (en) * | 2017-04-20 | 2017-08-11 | 北京奇虎科技有限公司 | A kind of cloud private data display methods and device, server and mobile terminal |
| CN107292614A (en) * | 2017-06-28 | 2017-10-24 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN107771408A (en) * | 2016-06-17 | 2018-03-06 | 华为技术有限公司 | Mobile terminal and its localization method |
| WO2018072436A1 (en) * | 2016-10-21 | 2018-04-26 | 中兴通讯股份有限公司 | Privilege management method, device and terminal |
| CN108476403A (en) * | 2016-02-26 | 2018-08-31 | 慧与发展有限责任合伙企业 | Equipment secret protection |
| CN109167782A (en) * | 2018-08-31 | 2019-01-08 | 国鼎网络空间安全技术有限公司 | Private data guard method and system based on intelligent mobile terminal |
| CN109688145A (en) * | 2015-12-23 | 2019-04-26 | 北京奇虎科技有限公司 | The guard method of privacy information and device |
| CN110267262A (en) * | 2019-04-30 | 2019-09-20 | 北京邮电大学 | Context aware method and device towards personal secrets |
| CN111142973A (en) * | 2019-12-31 | 2020-05-12 | 联想(北京)有限公司 | Information processing method, device, electronic equipment and medium |
| CN112565306A (en) * | 2021-02-24 | 2021-03-26 | 江苏苏测检测认证有限公司 | Third-party server identification method for app private data collection |
| CN113268185A (en) * | 2021-05-31 | 2021-08-17 | 维沃移动通信(杭州)有限公司 | Information providing method and device and electronic equipment |
| WO2024099326A1 (en) * | 2022-11-07 | 2024-05-16 | 蔚来软件科技(上海)有限公司 | Security privacy management and control method and apparatus, and device, medium and vehicle |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102176709A (en) * | 2010-12-13 | 2011-09-07 | 北京交通大学 | Method and device with privacy protection function for data sharing and publishing |
| CN102523201A (en) * | 2011-12-01 | 2012-06-27 | 华中科技大学 | User privacy protection method under cloud security environment |
| CN102694860A (en) * | 2012-05-25 | 2012-09-26 | 北京邦诺存储科技有限公司 | Method, equipment and system for data processing of cloud storage |
| CN102693388A (en) * | 2012-06-07 | 2012-09-26 | 腾讯科技(深圳)有限公司 | Data safety protection processing system, method and storage medium |
| CN102831238A (en) * | 2012-09-03 | 2012-12-19 | 湖南赛格导航技术研究有限公司 | Method for showing historical track of vehicle running in test mode |
| US20140108518A1 (en) * | 2007-06-12 | 2014-04-17 | Facebook, Inc. | Providing Personalized Platform Application Content |
| CN103761472A (en) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | Application program accessing method and device based on intelligent terminal |
-
2014
- 2014-07-18 CN CN201410344802.4A patent/CN104102358A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140108518A1 (en) * | 2007-06-12 | 2014-04-17 | Facebook, Inc. | Providing Personalized Platform Application Content |
| CN102176709A (en) * | 2010-12-13 | 2011-09-07 | 北京交通大学 | Method and device with privacy protection function for data sharing and publishing |
| CN102523201A (en) * | 2011-12-01 | 2012-06-27 | 华中科技大学 | User privacy protection method under cloud security environment |
| CN102694860A (en) * | 2012-05-25 | 2012-09-26 | 北京邦诺存储科技有限公司 | Method, equipment and system for data processing of cloud storage |
| CN102693388A (en) * | 2012-06-07 | 2012-09-26 | 腾讯科技(深圳)有限公司 | Data safety protection processing system, method and storage medium |
| CN102831238A (en) * | 2012-09-03 | 2012-12-19 | 湖南赛格导航技术研究有限公司 | Method for showing historical track of vehicle running in test mode |
| CN103761472A (en) * | 2014-02-21 | 2014-04-30 | 北京奇虎科技有限公司 | Application program accessing method and device based on intelligent terminal |
Cited By (46)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105631326A (en) * | 2014-11-05 | 2016-06-01 | 中兴通讯股份有限公司 | Security protection method and device for sensitive information |
| CN105792120B (en) * | 2014-12-23 | 2019-10-25 | 小米科技有限责任公司 | The acquisition methods and system of path locus |
| CN105792120A (en) * | 2014-12-23 | 2016-07-20 | 小米科技有限责任公司 | Path trace acquisition method and system |
| CN105630854A (en) * | 2015-01-28 | 2016-06-01 | 深圳酷派技术有限公司 | Data search method, data search apparatus and terminal |
| CN105630854B (en) * | 2015-01-28 | 2020-07-03 | 深圳酷派技术有限公司 | Data searching method, data searching device and terminal |
| CN104735617A (en) * | 2015-03-06 | 2015-06-24 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and sharing method of position information of terminal |
| CN104735617B (en) * | 2015-03-06 | 2018-08-24 | 宇龙计算机通信科技(深圳)有限公司 | The sharing method of terminal and its location information |
| CN104713547A (en) * | 2015-03-16 | 2015-06-17 | 酷派软件技术(深圳)有限公司 | Method and terminal for generating position information |
| WO2016179860A1 (en) * | 2015-05-14 | 2016-11-17 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for protecting position information in multi-operating system terminal, and terminal |
| CN107211269A (en) * | 2015-05-29 | 2017-09-26 | 宇龙计算机通信科技(深圳)有限公司 | Position camouflage method, apparatus and system |
| WO2016191917A1 (en) * | 2015-05-29 | 2016-12-08 | 宇龙计算机通信科技(深圳)有限公司 | Position camouflage method, apparatus and system |
| CN106331035A (en) * | 2015-06-30 | 2017-01-11 | 北京壹人壹本信息科技有限公司 | Tracking prevention method and terminal |
| CN105184149A (en) * | 2015-08-11 | 2015-12-23 | 广东欧珀移动通信有限公司 | Method and system for preventing rogue program from frequently acquiring user position information |
| CN105184149B (en) * | 2015-08-11 | 2018-07-06 | 广东欧珀移动通信有限公司 | A kind of method and system for preventing rogue program from frequently obtaining customer position information |
| CN105338065A (en) * | 2015-09-30 | 2016-02-17 | 北京奇虎科技有限公司 | Terminal equipment position information protection method and device |
| CN109688145A (en) * | 2015-12-23 | 2019-04-26 | 北京奇虎科技有限公司 | The guard method of privacy information and device |
| CN105574436A (en) * | 2015-12-23 | 2016-05-11 | 惠州Tcl移动通信有限公司 | Personal information protection method and system based on mobile terminal and mobile terminal |
| CN109688145B (en) * | 2015-12-23 | 2021-07-16 | 北京奇虎科技有限公司 | Method and device for protecting privacy information |
| CN105653979A (en) * | 2015-12-29 | 2016-06-08 | 银江股份有限公司 | Code injection based privacy information protection method |
| CN108476403B (en) * | 2016-02-26 | 2021-09-10 | 慧与发展有限责任合伙企业 | Device privacy protection |
| CN108476403A (en) * | 2016-02-26 | 2018-08-31 | 慧与发展有限责任合伙企业 | Equipment secret protection |
| CN106022128B (en) * | 2016-05-13 | 2019-03-08 | 北京奇虎科技有限公司 | Method, device and mobile terminal for detection procedure access authority |
| CN106022128A (en) * | 2016-05-13 | 2016-10-12 | 北京奇虎科技有限公司 | Method and device for detecting process access right and mobile terminal |
| CN107771408B (en) * | 2016-06-17 | 2020-02-21 | 华为技术有限公司 | Mobile terminal and positioning method thereof |
| CN107771408A (en) * | 2016-06-17 | 2018-03-06 | 华为技术有限公司 | Mobile terminal and its localization method |
| CN106210316A (en) * | 2016-07-12 | 2016-12-07 | 深圳市中易通安全芯科技有限公司 | A kind of anti-localization method of mobile terminal based on virtual address and system thereof |
| CN106686049A (en) * | 2016-08-09 | 2017-05-17 | 腾讯科技(深圳)有限公司 | Position virtualization method and position virtualization device |
| CN106686049B (en) * | 2016-08-09 | 2019-06-14 | 腾讯科技(深圳)有限公司 | Position virtual method and position virtual bench |
| CN107979684A (en) * | 2016-10-21 | 2018-05-01 | 中兴通讯股份有限公司 | Right management method, device and terminal |
| WO2018072436A1 (en) * | 2016-10-21 | 2018-04-26 | 中兴通讯股份有限公司 | Privilege management method, device and terminal |
| CN106454813A (en) * | 2016-11-17 | 2017-02-22 | 珠海市魅族科技有限公司 | Wireless communication mode setting method and device |
| WO2018133654A1 (en) * | 2017-01-19 | 2018-07-26 | 北京奇虎科技有限公司 | Protected positioning method and device |
| CN106897610A (en) * | 2017-01-19 | 2017-06-27 | 北京奇虎科技有限公司 | A kind of method and apparatus for positioning protection |
| CN106933979A (en) * | 2017-02-16 | 2017-07-07 | 北京奇虎科技有限公司 | A kind of position information processing method, device and mobile terminal |
| CN106940650A (en) * | 2017-02-16 | 2017-07-11 | 北京奇虎科技有限公司 | The data capture method and mobile terminal of a kind of mobile terminal |
| CN107040540A (en) * | 2017-04-20 | 2017-08-11 | 北京奇虎科技有限公司 | A kind of cloud private data display methods and device, server and mobile terminal |
| CN107040540B (en) * | 2017-04-20 | 2020-06-09 | 北京安云世纪科技有限公司 | Cloud privacy data display method and device, server and mobile terminal |
| CN107292614A (en) * | 2017-06-28 | 2017-10-24 | 广东欧珀移动通信有限公司 | Pay class application management method, device and mobile terminal |
| CN109167782A (en) * | 2018-08-31 | 2019-01-08 | 国鼎网络空间安全技术有限公司 | Private data guard method and system based on intelligent mobile terminal |
| CN109167782B (en) * | 2018-08-31 | 2021-10-19 | 国鼎网络空间安全技术有限公司 | Privacy data protection method and system based on intelligent mobile terminal |
| CN110267262A (en) * | 2019-04-30 | 2019-09-20 | 北京邮电大学 | Context aware method and device towards personal secrets |
| CN111142973A (en) * | 2019-12-31 | 2020-05-12 | 联想(北京)有限公司 | Information processing method, device, electronic equipment and medium |
| CN112565306A (en) * | 2021-02-24 | 2021-03-26 | 江苏苏测检测认证有限公司 | Third-party server identification method for app private data collection |
| CN112565306B (en) * | 2021-02-24 | 2021-05-14 | 江苏苏测检测认证有限公司 | Third-party server identification method for app private data collection |
| CN113268185A (en) * | 2021-05-31 | 2021-08-17 | 维沃移动通信(杭州)有限公司 | Information providing method and device and electronic equipment |
| WO2024099326A1 (en) * | 2022-11-07 | 2024-05-16 | 蔚来软件科技(上海)有限公司 | Security privacy management and control method and apparatus, and device, medium and vehicle |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104102358A (en) | Privacy information protecting method and privacy information protecting device | |
| US11906645B2 (en) | Certified location for mobile devices | |
| US11836521B2 (en) | Triggered queue transformation | |
| US9489787B1 (en) | Short-range device communications for secured resource access | |
| US9882896B2 (en) | System and method for secure login, and apparatus for same | |
| CN109167782B (en) | Privacy data protection method and system based on intelligent mobile terminal | |
| JP2012531679A5 (en) | ||
| US11909665B2 (en) | Systems and methods for queue control based on client-specific protocols | |
| CN110637449A (en) | Method and device for accessing equipment identifier | |
| WO2016201775A1 (en) | Method and device for protecting position information of mobile terminal | |
| WO2018133654A1 (en) | Protected positioning method and device | |
| US20160248771A1 (en) | Methods, apparatus, and systems for identity authentication | |
| CN105550595A (en) | Private data access method and system for intelligent communication equipment | |
| CN106897586B (en) | Application Programming Interface (API) authority management method and device | |
| CN103067911A (en) | Method and equipment used for controlling hardware module | |
| CN106411878B (en) | Method, device and system for making access control strategy | |
| CN107154919B (en) | Safe login method and device | |
| CN104270763A (en) | Message protection method and system | |
| JP2020509622A (en) | Wireless network type detection method and apparatus and electronic device | |
| CN105989280A (en) | Application program authority management system, device and method | |
| CN106685891A (en) | Verification method and apparatus for accessing network | |
| US10819711B2 (en) | Data access method, user equipment and server | |
| KR20130002044A (en) | A method for detecting illegal access point and a wlan device therefor | |
| EP2749097B1 (en) | Authenticating a user's location in a femtocell-based network | |
| US20140011525A1 (en) | Information aggregation display method and device for location based service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141015 |
|
| RJ01 | Rejection of invention patent application after publication |