CN103685266A - Method and device for protecting enterprise data - Google Patents
Method and device for protecting enterprise dataDownload PDFInfo
- Publication number
- CN103685266A CN103685266ACN201310666504.2ACN201310666504ACN103685266ACN 103685266 ACN103685266 ACN 103685266ACN 201310666504 ACN201310666504 ACN 201310666504ACN 103685266 ACN103685266 ACN 103685266A
- Authority
- CN
- China
- Prior art keywords
- event
- enterprise
- service area
- system event
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Translated fromChinese
Description
Technical field
The present invention relates to information security field, particularly relate to a kind of guard method and device of business data.Background technology
Along with the maturation of intelligent terminal is with universal, the individual intelligent terminal that mobile phone, flat board be representative of take progresses into enterprise field.Following enterprise will support employee on individual mobile terminal, to move enterprise's office application program, and the phenomenon that this class is called as BYOD (Bring Your Own Device, from carrying device office) is that enterprise security and management have brought new challenge.
In this case, owing to allowing employee to handle official business easily by mobile terminal, mobile terminal need be preserved the business data for work, and such as mail, short message, message registration, associated person information etc. also can be preserved user's private data simultaneously.
But, owing to there being following situation: first, the mobile terminal of enterprise staff can access mobile Internet or public/home network at any time and any place, and the business data in mobile terminal also can be exposed under the attack from the Internet, has safety defect.The second, existing individual application on same mobile terminal, the application of You You enterprise and data, individual application can arbitrarily be accessed, access business data, thus the risk that exists business data illegally to be uploaded, share and leak by individual application.The 3rd, mobile terminal is easily lost, and therefore enterprise's sensitive data of preserving in mobile terminal also faces the risk of divulging a secret, and device losses not only means leakage and the loss of responsive business information, and the equipment of losing also may become the springboard of attacking enterprise network.The 4th, the today becoming more and more popular at mobile Internet, assailants have started sight line to turn to mobile terminal by PC.Mobile terminal becomes the new hotbed that grows security risk, easily becomes the springboard of hacker attacks infiltration corporate intranet.
Therefore, under present circumstances, the mode of depositing for business data and user's private data confusion in mobile terminal, poor stability, easily causes business data to leak and brings the risk of divulging a secret, and business data is easily obtained by rogue program.
Summary of the invention
In view of the above problems, having proposed the present invention overcomes the problems referred to above or the guard method that is suitable for business data addressing the above problem at least in part and correspondingly installs to provide a kind of.
According to one aspect of the present invention, a kind of guard method of business data is provided, comprising:
In mobile terminal, set up the service area for storing business data; Wherein, the data acquisition of service area is preserved by the mode of encrypting;
System event is monitored, and judge whether system event meets the rule of enterprise or user's setting;
When system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event.
Alternatively, the rule that enterprise sets comprises: in enterprise's address list that the contact person corresponding with system event sets in enterprise;
The rule that user sets comprises: the contact person corresponding with system event imports in the address list of service area in individual subscriber.
Alternatively, system event is monitored, and judges whether to meet the rule of enterprise or user's setting, comprising:
System event is monitored, judge whether the contact person corresponding with system event is working relation people;
Wherein, working relation artificially imports to the contact person in the address list of service area in enterprise's address list that enterprise sets or in individual subscriber.
Alternatively, system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
Alternatively, when system event is when calling or receiving calls, system event is monitored and is comprised:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
Alternatively, the radio receiver of described appointment is PhoneStateReceiver radio receiver.
Alternatively, when system event is when receiving note, when system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event, comprising:
When the artificial working relation people of outbox of note, tackle this note and enter system inbox, and this note is stored in service area.
Alternatively, when system event is when sending note, when system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event, comprising:
When the artificial working relation people of addressee of note, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in service area.
Alternatively, when system event is when calling, when system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event, comprising:
When phone is for when being kept at address list in service area and transfering to, this calling record of operating system record is deleted, and be recorded in service area.
Alternatively, before this calling record of operating system record is deleted, also comprise:
Judge whether user has been arranged on the message registration that shows working relation people in the message registration of operating system;
This calling record of operating system record is deleted, being comprised:
While showing working relation people's message registration in the message registration that is not arranged on operating system, this calling record of operating system record is deleted.
Alternatively, when system event is when receiving calls, when system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event, comprising:
When the caller ID of phone is working relation number, this time message registration producing that receives calls is deleted in the message registration of operating system, and copied in service area.
Alternatively, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, before deleting in the message registration at the message registration that produces that this time received calls in operating system, also comprise:
The prompting user message registration producing that whether this time received calls is deleted in the message registration of operating system;
This time message registration producing that receives calls is deleted in the message registration of operating system, being comprised:
When user selects to delete, this time message registration producing that receives calls is deleted in the message registration of operating system.
Alternatively, when system event is when missed call occurs, when system event meets regular that enterprise or user set, in service area, carry out the operation corresponding with this event, comprising:
When the caller ID of missed call is working relation number, will in the message registration that be recorded in operating system of this missed call, deletes, and copy in service area.
Alternatively, when the contact number in the caller ID of missed call and the address list of operating system overlaps, before by deletion in the message registration that is recorded in operating system of this missed call, also comprise:
Whether prompting user will delete in the message registration that be recorded in operating system of this missed call;
To in the message registration that be recorded in operating system of this missed call, delete, comprising:
When user selects to delete, will in the message registration that be recorded in operating system of this missed call, delete.
Alternatively, the method also comprises:
When user's wish is accessed the data in service area, prompting user inputs PUK;
Whether the PUK that receives also authentication of users input is correct;
When the PUK of user input is correct, allow user to access the data in service area.
According to one aspect of the present invention, a kind of protective device of business data is also provided, comprising:
Set up module, be configured to set up for storing the service area of business data in mobile terminal; Wherein, the data acquisition of service area is preserved by the mode of encrypting;
Monitoring modular, is configured to system event to monitor, and judges whether system event meets the rule of enterprise or user's setting;
Executive Module, is configured to, when system event meets regular that enterprise or user set, carry out the operation corresponding with this event in service area.
Alternatively, the rule that enterprise sets comprises: in enterprise's address list that the contact person corresponding with system event sets in enterprise;
The rule that user sets comprises: the contact person corresponding with system event imports in the address list of service area in individual subscriber.
Alternatively, monitoring modular is configured to system event to monitor, and judges whether the contact person corresponding with system event is working relation people;
Wherein, working relation artificially imports to the contact person in the address list of service area in enterprise's address list that enterprise sets or in individual subscriber.
Alternatively, system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
Alternatively, when system event is when calling or receiving calls, described monitoring modular is configured in the following manner system event be monitored:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
Alternatively, the radio receiver of described appointment is PhoneStateReceiver radio receiver.
Alternatively, when system event is that while receiving note, Executive Module is configured to when the artificial working relation people of outbox of note, tackles this note and enters system inbox, and this note is stored in service area.
Alternatively, when system event is that while sending note, Executive Module is configured to when the artificial working relation people of addressee of note, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in service area.
Alternatively, when system event is when calling, Executive Module is configured to, when phone is for when being kept at address list in service area and transfering to, this calling record of operating system record be deleted, and be recorded in service area.
Alternatively, this device also comprises:
Judge module, is configured to judge whether user has been arranged on the message registration that shows working relation people in the message registration of operating system;
When Executive Module is also configured to show working relation people's message registration in the message registration that is not arranged on operating system, this calling record of operating system record is deleted.
Alternatively, when system event is when receiving calls, Executive Module is configured to when the caller ID of phone is working relation number, this time message registration producing that receives calls is deleted in the message registration of operating system, and copied in service area.
Alternatively, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, device also comprises:
The first reminding module, is configured to point out user's message registration producing that whether this time received calls to delete in the message registration of operating system;
Executive Module is also configured to when user selects to delete, and this time message registration producing that receives calls is deleted in the message registration of operating system.
Alternatively, when system event is that while there is missed call, Executive Module is configured to when the caller ID of missed call is working relation number, will delete in the message registration that be recorded in operating system of this missed call, and copies in service area.
Alternatively, when the contact number in the caller ID of missed call and the address list of operating system overlaps, device also comprises:
Whether the second reminding module, be configured to point out user will in the message registration that be recorded in operating system of this missed call, to delete;
Executive Module is also configured to when user selects to delete, and will in the message registration that be recorded in operating system of this missed call, delete.
Alternatively, this device also comprises:
The 3rd reminding module, while being configured to the data in user's wish access service area, prompting user inputs PUK;
Authentication module, whether the PUK that is configured to receive also authentication of users input is correct;
Access modules, is configured to PUK when authentication module authentication of users input when correct, allows user to access the data in service area.
The invention provides a kind of guard method and device of business data; by set up the service area of storage business data in mobile terminal; and preserve with cipher mode; system event is monitored simultaneously; when meeting regular that enterprise or user set, in service area, carry out the operation corresponding with this event.Visible, the present invention can avoid the leakage of the business data that the attack due to rogue program causes, even if mobile terminal is lost, because encrypt service area, other people can not read and obtain business data, have guaranteed the fail safe of business data, and can by rogue program, not obtained.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to better understand technological means of the present invention, and can be implemented according to the content of specification, and for above and other objects of the present invention, feature and advantage can be become apparent, below especially exemplified by the specific embodiment of the present invention.
Accompanying drawing explanation
By reading below detailed description of the preferred embodiment, various other advantage and benefits will become cheer and bright for those of ordinary skills.Accompanying drawing is only for the object of preferred implementation is shown, and do not think limitation of the present invention.And in whole accompanying drawing, by identical reference symbol, represent identical parts.In the accompanying drawings:
Fig. 1 is the guard method flow chart of a kind of business data according to an embodiment of the invention;
Fig. 2 is the concrete guard method flow chart of a kind of business data according to an embodiment of the invention;
Fig. 3 is the protective device structured flowchart of a kind of business data according to an embodiment of the invention;
Fig. 4 is a kind of concrete application scenarios schematic diagram of the protective device of business data according to an embodiment of the invention.
Embodiment
Exemplary embodiment of the present disclosure is described below with reference to accompanying drawings in more detail.Although shown exemplary embodiment of the present disclosure in accompanying drawing, yet should be appreciated that and can realize the disclosure and the embodiment that should do not set forth limits here with various forms.On the contrary, it is in order thoroughly to understand the disclosure that these embodiment are provided, and can by the scope of the present disclosure complete convey to those skilled in the art.
Wherein, in the present invention and following the present embodiment, service area and individual district can be defined as follows:
The definition in service area and individual district in equipment use procedure, in order to facilitate personal information and the work data in management equipment, can mark a part of disk storage space in equipment, configures new authority information, can be for store and management work data.And the remaining disk storage space of this equipment, can be for storage, management personal information or other data, remaining disk storage space can have initial authority information.Comparatively speaking, the disk storage space of storage work data can be referred to as service area, and the disk storage space of storage personal information can be referred to as individual district.
In addition, for convenience of operation, individual district and service area can have different UI(User Interface, user interface), but some system file can jointly be used.
User's most of the time may relate to the operation in individual district, and the fewer time relates to the operation of service area.When relating to the operation of service area, because the reasons such as rest need initiatively equipment to be encrypted, or because having operation information too for a long time, equipment is not automatically encrypted, after devices encrypt, again separate secret meeting and get back to service area, need to carry out the deciphering of the authority information in individual district, carry out again the deciphering of the authority information of service area, just can enter service area.If now user does not want to get back to service area, need to deactivate again district, operate very loaded down with trivial details, but the deciphering of directly saving service area authority information has again potential safety hazard.
Embodiment mono-
The embodiment of the present invention provides a kind of guard method of business data.The method is improved the protective device of business data.In the present embodiment, the protective device of business data can be arranged on user's multiple portable set, game console for example, laptop computer; portable electronic device, board type computer, flat computer; PDA, mobile computer, and mobile phone etc.
Wherein, user's input type can be to slidably input, and gesture input, touches input, and phonetic entry.
Fig. 1 is the guard method flow chart of a kind of business data according to an embodiment of the invention, the method comprising the steps of S102 to S106.
S102 sets up the service area for storing business data in mobile terminal; Wherein, the data acquisition of service area is preserved by the mode of encrypting.
S104, monitors system event, and judges whether system event meets the rule of enterprise or user's setting.
S106 when system event meets regular that enterprise or user set, carries out the operation corresponding with this event in service area.
The embodiment of the present invention provides a kind of guard method of business data; by set up the service area of storage business data in mobile terminal; and preserve with cipher mode; system event is monitored simultaneously; when meeting regular that enterprise or user set, in service area, carry out the operation corresponding with this event.Visible, the method that the embodiment of the present invention provides can be avoided the leakage of the business data that the attack due to rogue program causes, even if mobile terminal is lost, because encrypt service area, other people can not read and obtain business data, guaranteed the fail safe of business data, and can by rogue program, do not obtained.
Embodiment bis-
The present embodiment is a kind of concrete application scenarios of above-described embodiment one, by the present embodiment, can set forth clearer, particularly method provided by the present invention.
Fig. 2 is the concrete guard method flow chart of a kind of business data according to an embodiment of the invention, the method comprising the steps of S201 to S212.
The embodiment of the present invention will be protected the business data in mobile terminal, and first this just need to perform step S201, sets up one for storing the service area of business data in mobile terminal.
In the present embodiment, the object of setting up this service area is the data that produce in storage work, realizes the data in the data in service area and individual district are carried out to isolated storage, to the data in service area are managed.
Alternatively, in order to guarantee the safety of service area data, the data acquisition of service area is preserved by the mode of encrypting, and user can arrange unlocking pin for the data of service area, when the PUK of user's input is correct, just allow user to access the data in service area.
Take in Android system is example, when the data of service area being arranged to unlocking pin isolation preservation, can take following mode:
Create respectively and the individual district of recording user and the Launcher of service area, before showing desktop, prompting user inputs password.If it is legal that user carries out logining of service area, start service area Launcher, the desktop of service area is provided to user, user can enter the application in service area by this desktop; If user logins,, from selecting the individual district Launcher of acquiescence to start, user enters the application in individual district by the Launcher of this acquiescence, to reach the isolation in service area and individual district.
Wherein, Launcher is starter or the desktop in tall and erect system, can enter other application by the icon from desktop.
Next, execution step S202, monitors system event, and judges whether this system event meets the rule that enterprise in advance or user set.If meet, in service area, carry out the operation corresponding with this event.If do not meet, in the individual Qu Zhihang operation corresponding with system event.
Alternatively, in the present embodiment, related system event can comprise reception note, sends note, call, receives calls, occurs the event that the mobile terminals such as missed call, receiving and dispatching mail can be supported.
In the present embodiment, in order to manage the data of service area better, in mobile terminal, can set in advance two different address lists, wherein, one is the enterprise's address list for working, and another private address list that is user, can preserve contact person's phone in address list, mailbox, the contact methods such as instant messaging.
Wherein, enterprise's address list is arranged in above-mentioned service area, stores the contact person relevant to this user job in enterprise's address list, and for example, the contact person that enterprise's address list comprises can be whole colleagues of this user department of living in.
In addition, for convenient, enterprise's address list is managed and upgraded, this enterprise's address list can also be synchronizeed with server end, the enterprise's address list that is user can regularly synchronously upgrade according to server, for example, the address list management personnel of enterprise have newly added contact person, and this contact person also can be updated in enterprise's address list of user.
It should be noted that, user in identical department, its working relation people who faces is different often, for example, administration department under user A, the work dealing of Qi Yu Human Resources Department is comparatively close, user B is affiliated administration department also, the work dealing of the Er Qiyu International Department is comparatively close, and often in enterprise's address list, only can store the common working relation people of this department, can not contain the working relation people that each colleague faces completely.
So, the present embodiment is in order to meet the demand of different user, in service area, except storing above-mentioned enterprise address list, can also store the contact person that individual subscriber imports, these contact persons can be the contact person of and non-this department in close relations with this user job.
For example, administration department under user A, the work dealing of Er Qiyu Human Resources Department is comparatively close, at this moment, user A can import to service area by the All Contacts of Human Resources Department, now, the contact person in enterprise's address list and a user A people import to the working relation people that contact person in service area has formed user A jointly.Also for example, user B is affiliated administration department also, the work dealing of the Er Qiyu International Department is comparatively close, at this moment, user B can import to service area by the All Contacts of the International Department, now, the contact person in enterprise's address list and a user B people import to the working relation people that contact person in service area has formed user B jointly.
Visible, the setting that individual imports contact person can make different users according to the demand of himself, set the contact person of service area, user-friendly, has also guaranteed the safety of business data simultaneously.
Different from the service area address list of foregoing description, private address list is arranged on nonclient area, can comprise the contact person relevant to individual subscriber, for example, and relatives, friend etc.For example, but the contact person of service area can overlap with the contact person in the private address list of user,, contact person A is this user's colleague, also be this user's friend, contact person A can be stored in enterprise's address list and private address list simultaneously, to guarantee the safety of business data.
To sum up, step S202, when judging whether this system event meets regular that enterprise in advance or user set, specifically can judge as follows:
System event is monitored, judge whether the contact person corresponding with system event is working relation people.When being working relation people, confirm to meet preset rules, now, according to the classification of system event, in service area, carry out corresponding operation.When being not working relation people, confirm that not meeting preset rules meets, now, according to the classification of system event, in nonclient area, carry out corresponding operation.
Wherein, in enterprise's address list that working relation is artificially set in above-mentioned enterprise or in above-mentioned individual subscriber, import to the contact person in the address list of service area.
The present embodiment is for the more clear this method of at length introducing, existing take system event as receiving note, send note, call, receive calls, occur missed call and be specifically introduced as example.While introducing respectively above-mentioned five kinds of system events generation below, the concrete implementation of this method.
The first situation, system event is for receiving short message event.
When system event is while receiving short message event, whether the step S202 judgement contact person corresponding with receiving short message event is working relation people.When being working relation people, execution step S203, when not being working relation people, performs step S204.
Step S203, tackles this note and enters system inbox, and this note is stored in service area.
In the present embodiment, during the note record of preserving can also be uploaded onto the server, be convenient to keeper's bookkeeping in service area.
Step S204, deposits this note in system inbox.
Step S203 tackles this note and enters system inbox, and store this note into operation in service area, realized the separation of public and private data, avoided and the system inbox of the relevant letter of work in user in and maliciously checked, thereby guaranteed the safety of business data.
The second situation, system event is for sending short message event.
When system event is while sending short message event, whether the step S202 judgement contact person corresponding with sending short message event is working relation people.When being working relation people, execution step S205, when not being working relation people, performs step S206.
Step S205, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in service area.
In the present embodiment, during the note transmission record of preserving can also be uploaded onto the server, be convenient to keeper's bookkeeping in service area.
Step S206, stores the transmission record of this note into system inbox.
The transmission record that step S205 tackles this note enters system outbox, and store the transmission record of this note into operation in service area, realized the separation of public and private data, avoided and the relevant system outbox of posting a letter in user of work in and maliciously checked, thereby guaranteed the safety of business data.
The third situation, system event is for calling event.
When system event is when calling event, whether the step S202 judgement contact person corresponding with the event of calling is working relation people.When being working relation people, execution step S207, when not being working relation people, performs step S208.
Step S207, deletes this calling record of operating system record, and is recorded in service area.
In the present embodiment, during the phone calling record of preserving can also be uploaded onto the server, be convenient to keeper's bookkeeping in service area.
Step S208, stores in the calling record of operating system at this calling record.
It should be noted that, in order to make user conveniently check calling record, before step S207 deletes this calling record of operating system record, can also comprise following operation:
Judge whether user has been arranged on the message registration that shows working relation people in the message registration of operating system.While showing working relation people's message registration in the message registration that is not arranged on operating system, by step S207, this calling record of operating system record is deleted.While showing working relation people's message registration in the message registration that is arranged on operating system, this calling record is presented in the message registration of operating system, and is recorded in service area simultaneously.
In the present embodiment, according to different demands, whether the message registration that user can arrange respectively each contact person in service area is presented in system message registration, also can unify to arrange, be arranged to that whole message registrations are presented in system message registration or all message registration be not presented in system message registration.
The 4th kind of situation, system event is the event of receiving calls.
When system event is when receiving calls event, whether the step S202 judgement contact person corresponding with the event of receiving calls is working relation people.When being working relation people, execution step S209, when not being working relation people, performs step S210.
Step S209 deletes this time message registration producing that receives calls, and copies in described service area in the message registration of operating system.
Take Android system as example, for when system event is when calling or receiving calls, to the safeguarding of the message registration of operating system (copy and shift), can be in the following way:
By PhoneStateReceiver radio receiver, receive the event of calling and receiving calls, when calling or receive calls event, start CallLogObserverService service message registration is safeguarded, comprise copy and the transfer operation of message registration.
When starting CallLogObserverService service, the startService service that can provide by operating system realizes.
Wherein, PhoneStateReceiver radio receiver receives and can realize by following code for the event of calling and receiving calls:
Particularly, before starting CallLogObserverService service, also need to obtain the access limit for operating system address list, can be in the following way:
The authority that statement is used in androidmanifest.xml:
<uses-permission?android:name="android.permission.READ_PHONE_STATE"/>
Wherein, when carrying out the copy of message registration, can serve realization by CallLogObserverService:
In the process starting in CallLogObserverService service, registered a monitoring service ContentObserver, and the Handler of processing variation;
The variation of the message registration database of monitoring service ContentObserver term monitoring system (its URI is android.provider.CallLog.Calls.CONTENT_URI), when having the change of message registration, call the onChange method of this Handler, upgrade the message registration database of service area.
In the present embodiment, during the telephone receiving record of preserving can also be uploaded onto the server, be convenient to keeper's bookkeeping in service area
Step S210, answers record by this and is stored in the message registration of operating system.
It should be noted that, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, before at step S209, this time being received calls and deleting in the message registration that the produces message registration in operating system, can also comprise following operation:
The prompting user message registration producing that whether this time received calls is deleted in the message registration of operating system.When user selects to delete, by step S209, this time message registration producing that receives calls is deleted in the message registration of operating system.When user selects not delete, this time answered to record and be stored in the message registration of operating system, and copy in service area.
Above-mentioned prompting user operation can realize and preserves or delete message registration according to user's different demands, is also convenient to user's operation when having guaranteed service area Information Security.
The 5th kind of situation, system event is missed call event.
When system event is missed call event, whether the step S202 judgement contact person corresponding with missed call event is working relation people.When being working relation people, execution step S211, when not being working relation people, performs step S212.
Step S211, will delete in the message registration that be recorded in operating system of this missed call, and copy in described service area.
In the present embodiment, during the missed call record of preserving can also be uploaded onto the server, be convenient to keeper's bookkeeping in service area
Step S212, is stored in the record of this missed call in the message registration of operating system.
It should be noted that, when the contact number in the caller ID of missed call and the address list of operating system overlaps, at step S211, by before deleting in the message registration that is recorded in operating system of this missed call, can also comprise as follows:
Whether prompting user will delete in the message registration that be recorded in operating system of this missed call.When user selects to delete, by step S211, will in the message registration that be recorded in operating system of this missed call, delete.When user selects not delete, this time do not connect to record and be stored in the message registration of operating system, and copy in service area.
It should be noted that, the above-mentioned described five kinds of system events of this enforcement are exemplary, do not limit the scope that the embodiment of the present invention is protected, within the scope that the system event that other mobile terminals can be supported is also protected in the embodiment of the present invention.
The embodiment of the present invention provides a kind of guard method of business data; by set up the service area of storage business data in mobile terminal; and preserve with cipher mode; system event is monitored simultaneously; when meeting regular that enterprise or user set, in service area, carry out the operation corresponding with this event.Visible, the method that the embodiment of the present invention provides can be avoided the leakage of the business data that the attack due to rogue program causes, even if mobile terminal is lost, because encrypt service area, other people can not read and obtain business data, guaranteed the fail safe of business data, and can by rogue program, do not obtained.
Embodiment tri-
Fig. 3 is the protective device structured flowchart of a kind of business data of providing of one embodiment of the invention, and this device 300 comprises:
Set upmodule 310, be configured to set up for storing the service area of business data in mobile terminal; Wherein, the data acquisition of service area is preserved by the mode of encrypting;
Monitoring modular 320, is configured to system event to monitor, and judges whether system event meets the rule of enterprise or user's setting;
Executive Module 330, is configured to, when system event meets regular that enterprise or user set, carry out the operation corresponding with this event in service area.
Alternatively, the rule that enterprise sets comprises: in enterprise's address list that the contact person corresponding with system event sets in enterprise;
The rule that user sets comprises: the contact person corresponding with system event imports in the address list of service area in individual subscriber.
Alternatively, monitoring modular 320 is configured to system event to monitor, and judges whether the contact person corresponding with system event is working relation people;
Wherein, working relation artificially imports to the contact person in the address list of service area in enterprise's address list that enterprise sets or in individual subscriber.
Alternatively, system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
Alternatively, when system event is when calling or receiving calls, monitoring modular 320 is configured in the following manner system event be monitored:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with event or the event that receives calls.
Alternatively, the radio receiver of appointment is PhoneStateReceiver radio receiver.
Alternatively, when system event is that while receiving note, Executive Module 330 is configured to when the artificial working relation people of outbox of note, tackles this note and enters system inbox, and this note is stored in service area.
Alternatively, when system event is that while sending note, Executive Module 330 is configured to when the artificial working relation people of addressee of note, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in service area.
Alternatively, when system event is when calling, Executive Module 330 is configured to, when phone is for when being kept at address list in service area and transfering to, this calling record of operating system record be deleted, and be recorded in service area.
Alternatively, this device 300 also comprises:
When Executive Module 330 is also configured to show working relation people's message registration in the message registration that is not arranged on operating system, this calling record of operating system record is deleted.
Alternatively, when system event is when receiving calls, Executive Module 330 is configured to when the caller ID of phone is working relation number, this time message registration producing that receives calls is deleted in the message registration of operating system, and copied in service area.
Alternatively, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, device also comprises:
The first remindingmodule 350, is configured to point out user's message registration producing that whether this time received calls to delete in the message registration of operating system;
Executive Module 330 is also configured to when user selects to delete, and this time message registration producing that receives calls is deleted in the message registration of operating system.
Alternatively, when system event is that while there is missed call, Executive Module 330 is configured to when the caller ID of missed call is working relation number, will delete in the message registration that be recorded in operating system of this missed call, and copies in service area.
Alternatively, when the contact number in the caller ID of missed call and the address list of operating system overlaps, device also comprises:
Whether the second reminding module 360, be configured to point out user will in the message registration that be recorded in operating system of this missed call, to delete;
Executive Module 330 is also configured to when user selects to delete, and will in the message registration that be recorded in operating system of this missed call, delete.
Alternatively, this device 300 also comprises:
The 3rd remindingmodule 370, while being configured to the data in user's wish access service area, prompting user inputs PUK;
Authentication module 380, whether the PUK that is configured to receive also authentication of users input is correct;
Access modules 390, is configured to PUK when authentication module 380 authentication of users inputs when correct, allows user to access the data in service area.
As shown in Figure 4, a kind of concrete application scenarios of the protective device providing for the embodiment of the present invention, comprising:
Employee's equipment, this employee's equipment is equivalent to the protective device of the business data that the embodiment of the present invention provides, and in employee's equipment, enterprise's private system can be installed, and this enterprise's private system comprises:
Mailing system, operation system and OA(Office Automation, office automation) system.
Said system is kept at the service area in employee's equipment, and for preserving business data in the mode of encrypting, user can conduct interviews to the business data in enterprise's private system by input password.
Simultaneously, employee's equipment is connected with nature's mystery enterprise privately owned cloud service, in this cloud service, preserve cloud security service, the rule of cloud security service (rule that for example enterprise sets) can be pushed to employee's equipment, the rule that employee's equipment need be set according to enterprise is carried out the isolation of service area and individual district data, to reach the safety of business data.
And enterprise administrator can set the rule of cloud security service in the privately owned cloud service of nature's mystery enterprise.
The embodiment of the present invention provides a kind of protective device of business data; by set up the service area of storage business data in mobile terminal; and preserve with cipher mode; system event is monitored simultaneously; when meeting regular that enterprise or user set, in service area, carry out the operation corresponding with this event.Visible, the device that the embodiment of the present invention provides can be avoided the leakage of the business data that the attack due to rogue program causes, even if mobile terminal is lost, because encrypt service area, other people can not read and obtain business data, guaranteed the fail safe of business data, and can by rogue program, do not obtained.
In the specification that provided herein, a large amount of details have been described.Yet, can understand, embodiments of the invention can not put into practice in the situation that there is no these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand one or more in each inventive aspect, in the above in the description of exemplary embodiment of the present invention, each feature of the present invention is grouped together into single embodiment, figure or sometimes in its description.Yet, the method for the disclosure should be construed to the following intention of reflection: the present invention for required protection requires than the more feature of feature of clearly recording in each claim.Or rather, as reflected in claims below, inventive aspect is to be less than all features of disclosed single embodiment above.Therefore, claims of following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and can the module in the equipment in embodiment are adaptively changed and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and can put them into a plurality of submodules or subelement or sub-component in addition.At least some in such feature and/or process or unit are mutually repelling, and can adopt any combination to combine all processes or the unit of disclosed all features in this specification (comprising claim, summary and the accompanying drawing followed) and disclosed any method like this or equipment.Unless clearly statement in addition, in this specification (comprising claim, summary and the accompanying drawing followed) disclosed each feature can be by providing identical, be equal to or the alternative features of similar object replaces.
In addition, those skilled in the art can understand, although embodiment more described herein comprise some feature rather than further feature included in other embodiment, the combination of the feature of different embodiment means within scope of the present invention and forms different embodiment.For example, in claims, the one of any of embodiment required for protection can be used with compound mode arbitrarily.
All parts embodiment of the present invention can realize with hardware, or realizes with the software module moved on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that and can use in practice microprocessor or digital signal processor (DSP) to realize the some or all functions according to the some or all parts in the protective device of the business data of the embodiment of the present invention.The present invention for example can also be embodied as, for carrying out part or all equipment or device program (, computer program and computer program) of method as described herein.Realizing program of the present invention and can be stored on computer-readable medium like this, or can there is the form of one or more signal.Such signal can be downloaded and obtain from internet website, or provides on carrier signal, or provides with any other form.
It should be noted above-described embodiment the present invention will be described rather than limit the invention, and those skilled in the art can design alternative embodiment in the situation that do not depart from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and is not listed as element or step in the claims.Being positioned at word " " before element or " one " does not get rid of and has a plurality of such elements.The present invention can be by means of including the hardware of some different elements and realizing by means of the computer of suitably programming.In having enumerated the unit claim of some devices, several in these devices can be to carry out imbody by same hardware branch.The use of word first, second and C grade does not represent any order.Can be title by these word explanations.
So far, those skilled in the art will recognize that, although detailed, illustrate and described a plurality of exemplary embodiment of the present invention herein, but, without departing from the spirit and scope of the present invention, still can directly determine or derive many other modification or the modification that meets the principle of the invention according to content disclosed by the invention.Therefore, scope of the present invention should be understood and regard as and cover all these other modification or modifications.
The present embodiment also provides the guard method of an A1. business data, comprising:
In mobile terminal, set up the service area for storing business data; Wherein, the data acquisition of described service area is preserved by the mode of encrypting;
System event is monitored, and judge whether described system event meets the rule of enterprise or user's setting;
When described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event.
A2. the method described in root A1, wherein, the rule that described enterprise sets comprises: in enterprise's address list that the contact person corresponding with described system event sets in described enterprise;
The rule that described user sets comprises: the contact person corresponding with described system event imports in the address list of service area in individual subscriber.
A3. according to the method described in A2, wherein, described system event is monitored, and judge whether to meet the rule that enterprise or user set, comprising:
System event is monitored, judge whether the contact person corresponding with described system event is working relation people;
Wherein, in enterprise's address list that described working relation is artificially set in described enterprise or in individual subscriber, import to the contact person in the address list of service area.
A4. according to the method described in A3, wherein, described system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
A5. according to the method described in A4, wherein, when system event is when calling or receiving calls, described system event monitored and comprised:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
A6. according to the method described in A5, wherein, the radio receiver of described appointment is PhoneStateReceiver radio receiver.
A7. according to the method described in A4, wherein, when described system event is when receiving note, when described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event, comprising:
When the artificial working relation people of outbox of described note, tackle this note and enter system inbox, and this note is stored in described service area.
A8. according to the method described in A4, wherein, when described system event is when sending note, when described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event, comprising:
When the artificial working relation people of addressee of described note, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in described service area.
A9. according to the method described in A4, wherein, when described system event is when calling, when described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event, comprising:
When described phone is for when being kept at address list in described service area and transfering to, this calling record of operating system record is deleted, and be recorded in described service area.
A10. according to the method described in A9, wherein, before described this calling record by operating system record is deleted, also comprise:
Judge whether user has been arranged on the message registration that shows working relation people in the message registration of operating system;
Described this calling record by operating system record is deleted, and comprising:
While showing working relation people's message registration in the message registration that is not arranged on operating system, this calling record of operating system record is deleted.
A11. according to the method described in A4, wherein, when described system event is when receiving calls, when described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event, comprising:
When the caller ID of described phone is working relation number, this time message registration producing that receives calls is deleted in the message registration of operating system, and copied in described service area.
A12. according to the method described in A11, wherein, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, before deleting in the message registration at the described message registration that produces that this time received calls in operating system, also comprise:
The prompting user message registration producing that whether this time received calls is deleted in the message registration of operating system;
Described this time message registration producing that receives calls is deleted in the message registration of operating system, being comprised:
When user selects to delete, this time message registration producing that receives calls is deleted in the message registration of operating system.
A13. according to the method described in A4, wherein, when described system event is when missed call occurs, when described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event, comprising:
When the caller ID of described missed call is working relation number, will in the message registration that be recorded in operating system of this missed call, deletes, and copy in described service area.
A14. according to the method described in A13, wherein, when the contact number in the caller ID of missed call and the address list of operating system overlaps, described, by before deleting in the message registration that is recorded in operating system of this missed call, also comprise:
Whether prompting user will delete in the message registration that be recorded in operating system of this missed call;
Described will deletion in the message registration that be recorded in operating system of this missed call, comprising:
When user selects to delete, will in the message registration that be recorded in operating system of this missed call, delete.
A15. according to the method described in A1 to A14 any one, also comprise:
When user's wish is accessed the data in described service area, prompting user inputs PUK;
Receive and verify that whether the PUK of described user's input is correct;
When the PUK of user input is correct, allow user to access the data in described service area.
The present embodiment also provides the B16. protective device of a business data, comprising:
Set up module, be configured to set up for storing the service area of business data in mobile terminal; Wherein, the data acquisition of described service area is preserved by the mode of encrypting;
Monitoring modular, is configured to system event to monitor, and judges whether described system event meets the rule of enterprise or user's setting;
Executive Module, is configured to, when described system event meets regular that described enterprise or user set, carry out the operation corresponding with this event in described service area.
B17. according to the device described in B16, wherein, the rule that described enterprise sets comprises: in enterprise's address list that the contact person corresponding with described system event sets in described enterprise;
The rule that described user sets comprises: the contact person corresponding with described system event imports in the address list of service area in individual subscriber.
B18. according to the device described in B17, wherein, described monitoring modular is configured to system event to monitor, and judges whether the contact person corresponding with described system event is working relation people;
Wherein, in enterprise's address list that described working relation is artificially set in described enterprise or in individual subscriber, import to the contact person in the address list of service area.
B19. according to the device described in B18, wherein, described system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
B20. according to the device described in B19, wherein, when system event is when calling or receiving calls, described monitoring modular is configured in the following manner system event be monitored:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
B21. according to the device described in B20, wherein, the radio receiver of described appointment is PhoneStateReceiver radio receiver.
B22. according to the device described in B19, wherein, when described system event is that while receiving note, described Executive Module is configured to when the artificial working relation people of outbox of described note, tackle this note and enter system inbox, and this note is stored in described service area.
B23. according to the device described in B19, wherein, when described system event is while sending note, described Executive Module is configured to when the artificial working relation people of addressee of described note, the transmission record of tackling this note enters system outbox, and the transmission record of this note is stored in described service area.
B24. according to the device described in B19, wherein, when described system event is when calling, described Executive Module is configured to when described phone is for when being kept at address list in described service area and transfering to, this calling record of operating system record is deleted, and be recorded in described service area.
B25. according to the device described in B24, wherein, described device also comprises:
Judge module, is configured to judge whether user has been arranged on the message registration that shows working relation people in the message registration of operating system;
When described Executive Module is also configured to show working relation people's message registration in the message registration that is not arranged on operating system, this calling record of operating system record is deleted.
B26. according to the device described in B19, wherein, when described system event is when receiving calls, described Executive Module is configured to when the caller ID of described phone is working relation number, this time message registration producing that receives calls is deleted in the message registration of operating system, and copied in described service area.
B27. according to the device described in B26, wherein, when the contact number in the address list of the caller ID receiving calls and operating system overlaps, described device also comprises:
The first reminding module, is configured to point out user's message registration producing that whether this time received calls to delete in the message registration of operating system;
Described Executive Module is also configured to when user selects to delete, and this time message registration producing that receives calls is deleted in the message registration of operating system.
B28. according to the device described in B19, wherein, when described system event is while there is missed call, described Executive Module is configured to when the caller ID of described missed call is working relation number, to in the message registration that be recorded in operating system of this missed call, delete, and copy in described service area.
B29. according to the device described in B28, wherein, when the contact number in the caller ID of missed call and the address list of operating system overlaps, described device also comprises:
Whether the second reminding module, be configured to point out user will in the message registration that be recorded in operating system of this missed call, to delete;
Described Executive Module is also configured to when user selects to delete, and will in the message registration that be recorded in operating system of this missed call, delete.
B30. according to the device described in B16 to B29 any one, wherein, described device also comprises:
The 3rd reminding module, is configured to when user's wish is accessed the data in described service area, and prompting user inputs PUK;
Authentication module, is configured to receive and verifies that whether the PUK of described user's input is correct;
Access modules, is configured to PUK when the input of described authentication module authentication of users when correct, allows user to access the data in described service area.
Claims (10)
1. a guard method for business data, comprising:
In mobile terminal, set up the service area for storing business data; Wherein, the data acquisition of described service area is preserved by the mode of encrypting;
System event is monitored, and judge whether described system event meets the rule of enterprise or user's setting;
When described system event meets regular that described enterprise or user set, in described service area, carry out the operation corresponding with this event.
2. method according to claim 1, wherein, the rule that described enterprise sets comprises: in enterprise's address list that the contact person corresponding with described system event sets in described enterprise;
The rule that described user sets comprises: the contact person corresponding with described system event imports in the address list of service area in individual subscriber.
3. method according to claim 2, wherein, describedly monitors system event, and judges whether to meet the rule that enterprise or user set, and comprising:
System event is monitored, judge whether the contact person corresponding with described system event is working relation people;
Wherein, in enterprise's address list that described working relation is artificially set in described enterprise or in individual subscriber, import to the contact person in the address list of service area.
4. method according to claim 3, wherein, described system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
5. method according to claim 4, wherein, when system event is when calling or receiving calls, described system event is monitored and comprised:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
6. a protective device for business data, comprising:
Set up module, be configured to set up for storing the service area of business data in mobile terminal; Wherein, the data acquisition of described service area is preserved by the mode of encrypting;
Monitoring modular, is configured to system event to monitor, and judges whether described system event meets the rule of enterprise or user's setting;
Executive Module, is configured to, when described system event meets regular that described enterprise or user set, carry out the operation corresponding with this event in described service area.
7. device according to claim 6, wherein, the rule that described enterprise sets comprises: in enterprise's address list that the contact person corresponding with described system event sets in described enterprise;
The rule that described user sets comprises: the contact person corresponding with described system event imports in the address list of service area in individual subscriber.
8. device according to claim 7, wherein, described monitoring modular is configured to system event to monitor, and judges whether the contact person corresponding with described system event is working relation people;
Wherein, in enterprise's address list that described working relation is artificially set in described enterprise or in individual subscriber, import to the contact person in the address list of service area.
9. device according to claim 8, wherein, described system event comprises with lower any one:
Receive note, send note, call, receive calls, occur missed call.
10. device according to claim 9, wherein, when system event is when calling or receiving calls, described monitoring modular is configured in the following manner system event be monitored:
Radio receiver by appointment in operating system carries out event reception, when receiving event, judges the event of calling that current generation is corresponding with described event or the event that receives calls.
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310666504.2ACN103685266B (en) | 2013-12-10 | 2013-12-10 | Enterprise data protection method and device |
| US15/103,531US20160316330A1 (en) | 2013-12-10 | 2014-09-30 | Method and device for business and private region separation |
| PCT/CN2014/087815WO2015085819A1 (en) | 2013-12-10 | 2014-09-30 | Method and device for public/private separation |
| PCT/CN2014/093391WO2015085906A1 (en) | 2013-12-10 | 2014-12-09 | Method and device for enterprise data protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310666504.2ACN103685266B (en) | 2013-12-10 | 2013-12-10 | Enterprise data protection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685266Atrue CN103685266A (en) | 2014-03-26 |
| CN103685266B CN103685266B (en) | 2016-11-09 |
Family
ID=50321581
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310666504.2AActiveCN103685266B (en) | 2013-12-10 | 2013-12-10 | Enterprise data protection method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103685266B (en) |
| WO (1) | WO2015085906A1 (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462997A (en)* | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Method, device and system for protecting work data in mobile terminal |
| WO2015085819A1 (en)* | 2013-12-10 | 2015-06-18 | 北京奇虎科技有限公司 | Method and device for public/private separation |
| WO2015085906A1 (en)* | 2013-12-10 | 2015-06-18 | 北京奇虎科技有限公司 | Method and device for enterprise data protection |
| CN104954591A (en)* | 2015-06-05 | 2015-09-30 | 小米科技有限责任公司 | Telephone communication method and device |
| CN105610671A (en)* | 2016-01-11 | 2016-05-25 | 北京奇虎科技有限公司 | Terminal data protection method and device |
| CN111339543A (en)* | 2020-02-27 | 2020-06-26 | 深信服科技股份有限公司 | File processing method and device, equipment and storage medium |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110427302A (en)* | 2019-07-29 | 2019-11-08 | 努比亚技术有限公司 | Trigger method, mobile terminal and the computer readable storage medium of content observer |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101026822A (en)* | 2006-02-24 | 2007-08-29 | 江苏高通科技实业有限公司 | Method for protecting mobile phone private data |
| CN102982289A (en)* | 2012-11-14 | 2013-03-20 | 广东欧珀移动通信有限公司 | A data protection method and mobile intelligent terminal |
| CN103390026A (en)* | 2013-06-20 | 2013-11-13 | 中国软件与技术服务股份有限公司 | Mobile intelligent terminal security browser and working method thereof |
| US20130305058A1 (en)* | 2012-05-14 | 2013-11-14 | International Business Machines Corporation | Controlling enterprise data on mobile device via the use of a tag index |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9348626B2 (en)* | 2011-08-05 | 2016-05-24 | Vmware, Inc. | Mobile device maintaining adequate security and data partitioning between user mode and business mode |
| CN103685266B (en)* | 2013-12-10 | 2016-11-09 | 北京奇虎科技有限公司 | Enterprise data protection method and device |
- 2013
- 2013-12-10CNCN201310666504.2Apatent/CN103685266B/enactiveActive
- 2014
- 2014-12-09WOPCT/CN2014/093391patent/WO2015085906A1/enactiveApplication Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101026822A (en)* | 2006-02-24 | 2007-08-29 | 江苏高通科技实业有限公司 | Method for protecting mobile phone private data |
| US20130305058A1 (en)* | 2012-05-14 | 2013-11-14 | International Business Machines Corporation | Controlling enterprise data on mobile device via the use of a tag index |
| CN102982289A (en)* | 2012-11-14 | 2013-03-20 | 广东欧珀移动通信有限公司 | A data protection method and mobile intelligent terminal |
| CN103390026A (en)* | 2013-06-20 | 2013-11-13 | 中国软件与技术服务股份有限公司 | Mobile intelligent terminal security browser and working method thereof |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015085819A1 (en)* | 2013-12-10 | 2015-06-18 | 北京奇虎科技有限公司 | Method and device for public/private separation |
| WO2015085906A1 (en)* | 2013-12-10 | 2015-06-18 | 北京奇虎科技有限公司 | Method and device for enterprise data protection |
| CN104462997A (en)* | 2014-12-04 | 2015-03-25 | 北京奇虎科技有限公司 | Method, device and system for protecting work data in mobile terminal |
| CN104954591A (en)* | 2015-06-05 | 2015-09-30 | 小米科技有限责任公司 | Telephone communication method and device |
| CN105610671A (en)* | 2016-01-11 | 2016-05-25 | 北京奇虎科技有限公司 | Terminal data protection method and device |
| CN111339543A (en)* | 2020-02-27 | 2020-06-26 | 深信服科技股份有限公司 | File processing method and device, equipment and storage medium |
| CN111339543B (en)* | 2020-02-27 | 2023-07-14 | 深信服科技股份有限公司 | File processing method and device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685266B (en) | 2016-11-09 |
| WO2015085906A1 (en) | 2015-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10454942B2 (en) | Managed clone applications | |
| CN103685266A (en) | Method and device for protecting enterprise data | |
| US11516251B2 (en) | File resharing management | |
| Wei et al. | Malicious android applications in the enterprise: What do they do and how do we fix it? | |
| EP2641449B1 (en) | Controlling data transfer on mobile devices | |
| US11336598B2 (en) | Integration of chat messaging in email | |
| WO2015096695A1 (en) | Installation control method, system and device for application program | |
| EP2562667A1 (en) | Apparatus and method for providing security information on background process | |
| CN105830477A (en) | Operating system integrated domain management | |
| CN103647784B (en) | A kind of method and apparatus of public and private isolation | |
| CN104462997B (en) | Method, device and system for protecting work data in mobile terminal | |
| CN105610671A (en) | Terminal data protection method and device | |
| CN104239764A (en) | Terminal device and system function management and control method and device of terminal device | |
| CN104156215B (en) | The method and device of application information is obtained based on Mobile operating system | |
| US20200084186A1 (en) | Encrypted Messaging System | |
| CN102316197A (en) | Method for acquiring contact information and device | |
| US11678261B2 (en) | Distributed wireless communication access security | |
| KR102491360B1 (en) | Systems and methods for providing user accounts that allow users to operate computing devices | |
| US20170230369A1 (en) | Access control for digital data | |
| CN111052685A (en) | Techniques for multi-agent messaging | |
| WO2015085819A1 (en) | Method and device for public/private separation | |
| CN104363160A (en) | Processing methods, device and system of e-mail with file attachments | |
| Hunt | Security testing in Android networks-A practical case study | |
| CN111263356A (en) | Short message processing method and system for terminal equipment, electronic equipment and storage medium | |
| US10616405B1 (en) | Utilizing caller ID for managing a mobile device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder | Address after:100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee after:BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee after:Beijing Qizhi Business Consulting Co.,Ltd. Address before:100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before:BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before:Qizhi software (Beijing) Co.,Ltd. | |
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20220324 Address after:100016 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after:Sanliu0 Digital Security Technology Group Co.,Ltd. Address before:100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before:BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before:Beijing Qizhi Business Consulting Co.,Ltd. |