技术领域technical field
本发明涉及移动终端技术领域,特别是涉及一种移动终端的防拆机方法、装置及移动终端。The present invention relates to the technical field of mobile terminals, in particular to a method and device for anti-dismantling of a mobile terminal and the mobile terminal.
背景技术Background technique
随着移动终端的普遍应用,移动终端被盗更是频繁发生。在移动终端被盗之后,移动终端上的用户数据等信息可能会被违法分子利用,从而造成用户的人身、财产损失。因此,对移动终端的防盗越来越重要。With the widespread use of mobile terminals, the theft of mobile terminals occurs more frequently. After the mobile terminal is stolen, information such as user data on the mobile terminal may be used by lawbreakers, thereby causing personal and property losses of the user. Therefore, the anti-theft of mobile terminals is more and more important.
在先技术中,一种移动终端的防盗方法主要步骤包括:首先,被盗移动终端用户通过一移动终端,向被盗移动终端发送指定格式的短消息;然后,当被盗移动终端接收到该短消息时,解析该短消息;最后,当该发送短消息的移动终端对应的号码与预先设置在被盗手机中的号码一致,且该短消息内容通过验证后,从移动终端中删除用户数据等。此外,还可以将移动终端中的用户数据上传至指定服务器、重置移动终端的密码等。In the prior art, the main steps of an anti-theft method for a mobile terminal include: first, the user of the stolen mobile terminal sends a short message in a specified format to the stolen mobile terminal through a mobile terminal; then, when the stolen mobile terminal receives the When sending a short message, parse the short message; finally, when the number corresponding to the mobile terminal that sent the short message is consistent with the number preset in the stolen mobile phone, and after the content of the short message is verified, delete the user data from the mobile terminal Wait. In addition, user data in the mobile terminal can also be uploaded to a designated server, passwords of the mobile terminal can be reset, and the like.
上述方法无法避免在移动终端被盗之后,通过物理接口将存储设备连接至电脑读取数据。The above method cannot avoid connecting the storage device to a computer through a physical interface to read data after the mobile terminal is stolen.
发明内容Contents of the invention
鉴于上述问题,提出了本发明以便提供解决上述问题或者至少部分地解决上述问题的移动终端的防盗方法、装置及移动终端。In view of the above problems, the present invention is proposed to provide an anti-theft method and device for a mobile terminal and a mobile terminal that solve the above problems or at least partially solve the above problems.
根据本发明的第一方面,提供了一种移动终端的防拆机方法,包括:判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。具有可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。According to the first aspect of the present invention, a method for anti-dismantlement of a mobile terminal is provided, including: judging whether an anti-dismantlement instruction is received; The mobile terminal is set in an anti-dismantle state, so as to protect the hardware of the mobile terminal. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
结合第一方面,本发明在第一方面的第一种实现方式中,所述判断是否接收到防拆机指令的步骤,包括:由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令;若接收到所述防盗指令,则确定接收到防拆机指令。具有可以通过远程防盗指令防止通过物理接口将存储设备连接至电脑读取数据的有益效果。With reference to the first aspect, in the first implementation manner of the first aspect of the present invention, the step of judging whether an anti-disassembly instruction is received includes: a designated security application monitors whether an anti-theft message sent by the server through a data network is received. instruction; if the anti-theft instruction is received, it is determined that the anti-disassembly instruction is received. It has the beneficial effect of being able to prevent the storage device from being connected to the computer through the physical interface to read data through the remote anti-theft command.
结合第一方面,本发明在第一方面的第二种实现方式中,所述判断是否接收到防拆机指令的步骤,包括:判断是否接收到在指定设置界面的防拆机开启操作;若接收到所述防拆机开启操作,则确定接收到防拆机指令。具有可以通过防拆机开启操作防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the first aspect, in the second implementation mode of the first aspect of the present invention, the step of judging whether an instruction to prevent dismantling has been received includes: judging whether an operation to open the tamper-resistant device on a specified setting interface is received; if After receiving the opening operation of the anti-dismantlement device, it is determined that the anti-dismantlement device instruction is received. It has the beneficial effect of being able to prevent the storage device from being connected to the computer through the physical interface to read data through the tamper-proof machine opening operation.
结合第一方面,本发明在第一方面的第三种实现方式中,所述判断是否接收到防拆机指令的步骤,包括:监控移动终端接收到的短信;判断所述短信是否为预设号码发送的短信;若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容;若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。具有可以通过短信防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the first aspect, in the third implementation of the first aspect of the present invention, the step of judging whether an anti-dismantlement instruction is received includes: monitoring the short message received by the mobile terminal; judging whether the short message is a preset A short message sent by a number; if the short message is a short message sent by a preset number, it is judged whether the content of the short message matches the preset content; if the content of the short message matches the preset content, it is determined that an anti-dismantle instruction has been received. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data through the short message.
结合第一方面,本发明在第一方面的第四种实现方式中,所述判断是否接收到防拆机指令的步骤,包括:判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值;若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。具有可以在多次解锁失败时防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the first aspect, in the fourth implementation manner of the first aspect of the present invention, the step of judging whether an anti-dismantle instruction is received includes: judging whether the number of unlocking failures of the mobile terminal in the lock screen state exceeds the first A threshold; if the number of times of unlocking failures exceeds the first threshold, it is determined that an anti-tamper instruction is received. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data when the unlocking fails for many times.
结合第一方面,本发明在第一方面的第五种实现方式中,所述判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值的步骤,包括:判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。具有可以在多种类型的解锁方式多次解锁失败时防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the first aspect, in the fifth implementation manner of the first aspect of the present invention, the step of judging whether the number of unlocking failures of the mobile terminal in the lock screen state exceeds the first threshold includes: judging that the mobile terminal is in the lock screen state Whether the number of times of fingerprint unlocking, pattern unlocking, or digital unlocking failures exceeds the first threshold. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data when multiple unlocking methods of various types fail to unlock.
结合第一方面,本发明在第一方面的第六种实现方式中,在所述判断是否接收到防拆机指令的步骤之前,还包括:在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。具有可以预先注册安全服务从而实现防拆机功能的有益效果。In combination with the first aspect, in the sixth implementation manner of the first aspect of the present invention, before the step of judging whether an anti-disassembly command is received, it further includes: registering the security service in the system service list of the framework layer, and A security partition is divided for the security service in the internal storage. It has the beneficial effect that the security service can be pre-registered so as to realize the anti-dismantlement function.
结合第一方面的第六种实现方式,本发明在第一方面的第七种实现方式中,所述调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤,包括:向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数;所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。具有可以调用安全服务的安全接口进行防拆机的有益效果。In combination with the sixth implementation of the first aspect, in the seventh implementation of the first aspect of the present invention, the security interface of calling the security switch service sets the current mobile terminal to the tamper-proof state, so as to Describe the step that mobile terminal carries out hardware protection, comprise: Send the security interface call instruction that is used for anti-dismantlement machine to security switch service; Described security interface call instruction that is used for anti-dismantlement machine includes anti-dismantlement machine instruction type parameter; Said security The security interface of the switch service writes signature information in each firmware partition respectively according to the anti-disassembly instruction type parameter in the security interface call instruction for the anti-disassembly device, and writes the signature information into the security partition. It has the beneficial effect of invoking the security interface of the security service for anti-dismantlement.
结合第一方面的第七种实现方式,本发明在第一方面的第八种实现方式中,在所述若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤之后,还包括:在所述移动终端启动时,读取各固件分区的签名信息;基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比;若不一致,则提示输入安全码;若所述安全码通过验证,则允许加载所述固件分区。具有可以通过安全码进行防拆机的有益效果。In combination with the seventh implementation of the first aspect, in the eighth implementation of the first aspect of the present invention, if an anti-disassembly command is received, the security interface of the security switch service is invoked, and the current mobile terminal is set to Determined as an anti-disassembly state, after the step of carrying out hardware protection to the mobile terminal, it also includes: when the mobile terminal is started, reading the signature information of each firmware partition; based on each firmware partition, the firmware partition The signature information in the security partition is compared with the signature information in the security partition; if they are inconsistent, the security code is prompted to be input; if the security code passes the verification, the firmware partition is allowed to be loaded. It has the beneficial effect that the machine can be tampered with through the security code.
结合第一方面,本发明在第一方面的第九种实现方式中,在所述若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤之后,还包括:判断是否接收到对所述移动终端的解除防拆机指令;若接收到所述解除防拆机指令,则调用所述安全开关服务的安全接口,解除对所述移动终端的防拆机操作。具有可以解除防拆机功能的有益效果。In combination with the first aspect, in the ninth implementation of the first aspect of the present invention, if the anti-dismantlement command is received, the security interface of the security switch service is called, and the current mobile terminal is set to the anti-dismantlement state After the step of carrying out hardware protection to the mobile terminal, it also includes: judging whether an instruction to remove the anti-dismantlement device is received for the mobile terminal; if the instruction to remove the anti-dismantlement device is received, then call the security switch The security interface of the service releases the tamper-proof operation on the mobile terminal. It has the beneficial effect that the anti-dismantlement function can be released.
根据本发明的第二方面,提供了一种移动终端的防拆机装置,包括:防拆机指令判断模块,用于判断是否接收到防拆机指令;防拆机模块,用于若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。具有可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。According to the second aspect of the present invention, there is provided an anti-dismantle device for a mobile terminal, including: an anti-dismantle instruction judging module, used to judge whether an anti-dismantle instruction has been received; The anti-dismantle command calls the security interface of the security switch service, and sets the current mobile terminal as an anti-dismantle state, so as to protect the hardware of the mobile terminal. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
结合第二方面,本发明在第二方面的第一种实现方式中,所述防拆机指令判断模块,包括:防盗指令监听子模块,用于由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令;第一防拆机确定子模块,用于若接收到所述防盗指令,则确定接收到防拆机指令。具有可以通过远程防盗指令防止通过物理接口将存储设备连接至电脑读取数据的有益效果。With reference to the second aspect, in the first implementation manner of the second aspect of the present invention, the anti-dismantlement instruction judging module includes: an anti-theft instruction monitoring submodule, which is used to monitor whether the specified security application receives data passed by the server. The anti-theft command sent by the network; the first sub-module for determining the anti-disassembly device is configured to determine that the anti-disassembly device instruction has been received if the anti-theft command is received. It has the beneficial effect of being able to prevent the storage device from being connected to the computer through the physical interface to read data through the remote anti-theft command.
结合第二方面,本发明在第二方面的第二种实现方式中,所述防拆机指令判断模块,包括:防拆机开启操作接收子模块,用于判断是否接收到在指定设置界面的防拆机开启操作;第二防拆机确定子模块,用于若接收到所述防拆机开启操作,则确定接收到防拆机指令。具有可以通过防拆机开启操作防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the second aspect, in the second implementation mode of the second aspect of the present invention, the anti-dismantlement machine instruction judging module includes: an anti-dismantlement machine opening operation receiving sub-module for judging whether to receive an instruction on the specified setting interface Anti-dismantle machine opening operation; the second anti-dismantle machine determination sub-module is used to determine that the anti-dismantle machine command has been received if the anti-dismantle machine opening operation is received. It has the beneficial effect of being able to prevent the storage device from being connected to the computer through the physical interface to read data through the tamper-proof machine opening operation.
结合第二方面,本发明在第二方面的第三种实现方式中,所述防拆机指令判断模块,包括:短信监控子模块,用于监控移动终端接收到的短信;短信发送号码验证子模块,用于判断所述短信是否为预设号码发送的短信;短信内容验证子模块,用于若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容;第三防拆机确定子模块,用于若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。具有可以通过短信防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In conjunction with the second aspect, in the third implementation of the second aspect of the present invention, the anti-dismantlement instruction judging module includes: a short message monitoring submodule for monitoring short messages received by the mobile terminal; A module for judging whether the short message is a short message sent by a preset number; a short message content verification sub-module for judging whether the content of the short message matches the preset content if the short message is a short message sent by a preset number; The three anti-dismantlement determination sub-module is used to determine that an anti-dismantlement instruction has been received if the content of the short message matches the preset content. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data through the short message.
结合第二方面,本发明在第二方面的第四种实现方式中,所述防拆机指令判断模块,包括:解锁失败次数判断子模块,用于判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值;第四防拆机确定子模块,用于若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。具有可以在多次解锁失败时防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the second aspect, in the fourth implementation of the second aspect of the present invention, the anti-dismantlement command judging module includes: a submodule for judging the number of times of unlocking failures, which is used to judge the unlocking failure of the mobile terminal in the lock screen state Whether the number of times exceeds the first threshold; the fourth anti-dismantlement determination submodule is used to determine that an anti-dismantlement instruction has been received if the number of unlocking failures exceeds the first threshold. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data when the unlocking fails for many times.
结合第二方面,本发明在第二方面的第五种实现方式中,所述解锁失败次数判断子模块,包括:解锁失败次数判断单元,用于判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。具有可以在多种类型的解锁方式多次解锁失败时防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In combination with the second aspect, in the fifth implementation manner of the second aspect of the present invention, the submodule for judging the number of times of unlocking failures includes: a judging unit for the number of times of unlocking failures, which is used to judge the fingerprint unlocking, Or whether the number of unlocking failures of pattern unlocking or digital unlocking exceeds the first threshold. It has the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data when multiple unlocking methods of various types fail to unlock.
结合第二方面,本发明在第二方面的第六种实现方式中,在所述防拆机指令判断模块之前,还包括:安全分区划分模块,用于在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。具有可以预先注册安全服务从而实现防拆机功能的有益效果。In combination with the second aspect, in the sixth implementation manner of the second aspect of the present invention, before the anti-dismantlement command judgment module, it also includes: a security partition division module, which is used to register security in the system service list of the framework layer. services, and divide security partitions for the security services in the internal storage. It has the beneficial effect that the security service can be pre-registered so as to realize the anti-dismantlement function.
结合第二方面的第六种实现方式,本发明在第二方面的第七种实现方式中,所述防拆机模块,包括:安全接口调用子模块,用于向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数;防拆机子模块,用于所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。具有可以调用安全服务的安全接口进行防拆机的有益效果。In combination with the sixth implementation of the second aspect, in the seventh implementation of the second aspect of the present invention, the anti-disassembly module includes: a safety interface call sub-module, which is used to send the anti-dismantlement information to the safety switch service. The safety interface calling instruction of dismantling machine; The safety interface calling instruction used for anti-dismantling machine includes anti-dismantling machine instruction type parameter; The safety interface of dismantling calls the anti-dismantling command type parameter in the command, writes signature information in each firmware partition, and writes the signature information into the security partition. It has the beneficial effect of invoking the security interface of the security service for anti-dismantlement.
结合第二方面的第七种实现方式,本发明在第二方面的第八种实现方式中,在所述若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤之后,还包括:在所述移动终端启动时,读取各固件分区的签名信息;基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比;若不一致,则提示输入安全码;若所述安全码通过验证,则允许加载所述固件分区。具有可以通过安全码进行防拆机的有益效果。In combination with the seventh implementation of the second aspect, in the eighth implementation of the second aspect of the present invention, if an anti-disassembly instruction is received, the security interface of the security switch service is called, and the current mobile terminal is set to Determined as an anti-disassembly state, after the step of carrying out hardware protection to the mobile terminal, it also includes: when the mobile terminal is started, reading the signature information of each firmware partition; based on each firmware partition, the firmware partition The signature information in the security partition is compared with the signature information in the security partition; if they are inconsistent, the security code is prompted to be input; if the security code passes the verification, the firmware partition is allowed to be loaded. It has the beneficial effect that the machine can be tampered with through the security code.
结合第二方面,本发明在第二方面的第九种实现方式中,在所述防拆机模块之后,还包括:签名信息读取模块,用于在所述移动终端启动时,读取各固件分区的签名信息;签名信息验证模块,用于基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比;安全码输入提示模块,用于若不一致,则提示输入安全码;允许加载模块,用于若所述安全码通过验证,则允许加载所述固件分区。具有可以解除防拆机功能的有益效果。With reference to the second aspect, in the ninth implementation manner of the second aspect of the present invention, after the anti-dismantlement module, it further includes: a signature information reading module, which is used to read each The signature information of the firmware partition; the signature information verification module is used to compare the signature information of the firmware partition with the signature information in the security partition based on each firmware partition; the security code input prompt module is used to prompt input if inconsistent A security code; a module allowed to be loaded, configured to allow the firmware partition to be loaded if the security code passes the verification. It has the beneficial effect that the anti-dismantlement function can be released.
根据本发明的第三方面,还公开了一种移动终端,包括处理器和存储器,According to the third aspect of the present invention, a mobile terminal is also disclosed, including a processor and a memory,
所述存储器用于存储执行上述的移动终端的防拆机方法的程序;The memory is used to store a program for executing the above-mentioned anti-tampering method for the mobile terminal;
所述处理器被配置为用于执行所述存储器中存储的程序。The processor is configured to execute programs stored in the memory.
根据本发明的第四方面,还公开了一种计算机存储介质,用于储存为上述移动终端的防拆机装置所用的计算机软件指令,其包含用于执行上述方面为移动终端的防拆机装置所设计的程序。According to the fourth aspect of the present invention, a computer storage medium is also disclosed, which is used to store computer software instructions for the above-mentioned anti-dismantlement device of the mobile terminal, which includes the anti-dismantlement device for executing the above-mentioned aspect. The designed program.
本发明的一种移动终端的防拆机方法、装置及移动终端,可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。The anti-dismantlement method and device of a mobile terminal and the mobile terminal of the present invention can judge whether an anti-dismantlement instruction is received; It is set as an anti-disassembly state, so as to protect the hardware of the mobile terminal. This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段,而可依照说明书的内容予以实施,并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂,以下特举本发明的具体实施方式。The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.
附图说明Description of drawings
通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same components. In the attached picture:
图1示出了根据本发明的一种移动终端的防拆机方法的一种实施例的步骤流程图;FIG. 1 shows a flowchart of the steps of an embodiment of a method for tampering with a mobile terminal according to the present invention;
图2示出了根据本发明的一种移动终端的防拆机方法的另一种实施例的步骤流程图;FIG. 2 shows a flow chart of the steps of another embodiment of a method for tampering with a mobile terminal according to the present invention;
图3示出了根据本发明的一种移动终端的防拆机装置的一种实施例的结构框图;Fig. 3 shows a structural block diagram of an embodiment of an anti-disassembly device for a mobile terminal according to the present invention;
图4示出了根据本发明的一种移动终端的防拆机装置的另一种实施例的结构框图;Fig. 4 shows a structural block diagram of another embodiment of a mobile terminal anti-dismantlement device according to the present invention;
图5示出了与本发明实施例提供的移动终端相关的手机的部分结构的框图。Fig. 5 shows a block diagram of a partial structure of a mobile phone related to the mobile terminal provided by the embodiment of the present invention.
具体实施方式detailed description
下面将参照附图更详细地描述本公开的示例性实施例。虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.
参照图1,示出了根据本发明的一种移动终端的防拆机方法的一种实施例的步骤流程图,具体可以包括如下步骤:Referring to FIG. 1 , it shows a flow chart of the steps of an embodiment of a method for anti-tampering of a mobile terminal according to the present invention, which may specifically include the following steps:
步骤101,判断是否接收到防拆机指令。Step 101, judging whether an anti-dismantle instruction is received.
其中,防拆机指令将当前移动终端设定为防拆机状态,使得硬件分区的文件和数据不能被加载,从而保护移动终端的文件和数据不会被任何方式获取到。Among them, the anti-dismantle command sets the current mobile terminal as an anti-dismantle state, so that the files and data of the hardware partition cannot be loaded, thereby protecting the files and data of the mobile terminal from being obtained by any means.
在本发明实施例中,防拆机指令可以为防盗指令,包括通过各种方式发送的防盗指令,还可以为移动终端处于不安全状态时的发送的任何指令。In the embodiment of the present invention, the anti-disassembly command may be an anti-theft command, including anti-theft commands sent in various ways, and may also be any command sent when the mobile terminal is in an unsafe state.
步骤102,若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。Step 102, if the anti-tampering instruction is received, call the security interface of the security switch service, and set the current mobile terminal as an anti-tampering state, so as to perform hardware protection on the mobile terminal.
其中,安全开关服务Safe Switch为第三方应用,可以对移动终端进行各种安全操作。Among them, the safe switch service Safe Switch is a third-party application, which can perform various safe operations on the mobile terminal.
在本发明实施例中,调用安全开关服务的安全接口将移动终端设定为防拆机状态,并将防拆机状态对应的参数保存至指定位置。从而可以在防拆机状态下拒绝从移动终端的硬件中加载数据和文件。In the embodiment of the present invention, the security interface of the security switch service is invoked to set the mobile terminal in the tamper-proof state, and save the parameters corresponding to the tamper-proof state to a specified location. Therefore, it is possible to refuse to load data and files from the hardware of the mobile terminal in the anti-dismantle state.
在本发明实施例中,可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In the embodiment of the present invention, it can be judged whether an anti-dismantle command is received; if an anti-dismantle command is received, the security interface of the security switch service is invoked, and the current mobile terminal is set as the anti-dismantle state, so as to The mobile terminal is protected by hardware. This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
参照图2,示出了根据本发明的一种移动终端的防拆机方法的另一种实施例的步骤流程图,具体可以包括如下步骤:Referring to FIG. 2 , it shows a flow chart of the steps of another embodiment of a method for anti-tampering of a mobile terminal according to the present invention, which may specifically include the following steps:
步骤201,在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。Step 201, register security services in the system service list of the framework layer, and divide security partitions for the security services in internal storage.
其中,框架层的系统服务列表为注册系统服务的列表,从而在移动终端的系统代码中均可以调用已注册的服务。Wherein, the system service list of the framework layer is a list of registered system services, so that the registered services can be invoked in the system code of the mobile terminal.
内部存储为移动终端的存储设备上的存储空间,可以为闪存等存储设备。The internal storage is a storage space on a storage device of the mobile terminal, which may be a storage device such as a flash memory.
安全分区用于存储安全服务的相关数据。在本发明实施例中,安全分区用于存储各固件分区的签名信息。安全分区的大小可以根据实际应用场景划分。例如,根据存储在安全分区中的签名信息的字节数和固件分区的个数确定。在实际应用中,可以周期性的删除安全分区中未使用的记录,从而节约安全分区的存储空间。The security partition is used to store data related to security services. In the embodiment of the present invention, the security partition is used to store signature information of each firmware partition. The size of the security partition can be divided according to actual application scenarios. For example, it is determined according to the number of bytes of signature information stored in the security partition and the number of firmware partitions. In practical applications, unused records in the security partition can be deleted periodically, thereby saving the storage space of the security partition.
步骤202,判断是否接收到防拆机指令。Step 202, judging whether an anti-dismantle instruction is received.
该步骤可以参照步骤101的详细说明,在此不再赘述。For this step, reference may be made to the detailed description of step 101, which will not be repeated here.
可选地,在本发明的另一种实施例中,步骤202包括子步骤20201至20202:Optionally, in another embodiment of the present invention, step 202 includes substeps 20201 to 20202:
子步骤20201,由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令。In sub-step 20201, the designated security application monitors whether the anti-theft instruction sent by the server through the data network is received.
其中,指定安全应用与远程服务器对应。当用户通过远程登录远程服务器向移动终端发送防盗指令时,指定安全应用可以监听到该远程防盗指令。Wherein, the specified security application corresponds to the remote server. When the user sends an anti-theft instruction to the mobile terminal by remotely logging in to the remote server, the designated security application can monitor the remote anti-theft instruction.
数据网络可以为移动数据网络、无限局域网络、有线网络等。The data network may be a mobile data network, a wireless local area network, a wired network, and the like.
防盗指令可以包括验证信息、以及指定的安全操作等。The anti-theft instruction may include verification information, designated security operations, and the like.
在实际应用中,用户可以使用预先注册的账户和密码通过客户端登录服务器,向预先绑定的移动终端或指定移动终端发送防盗指令。其中,客户端可以安装在个人计算机、平板电脑、其他移动终端上。本发明实施例对其不加以限制。In practical applications, the user can use the pre-registered account and password to log in to the server through the client, and send anti-theft instructions to the pre-bound mobile terminal or designated mobile terminal. Wherein, the client can be installed on a personal computer, a tablet computer, or other mobile terminals. The embodiment of the present invention does not limit it.
在本发明实施例中,当指定安全应用监听到接收到由服务器通过数据网络发送的防盗指令时,认为移动终端被盗,并将该防盗指令作为防拆机指令;否则,认为移动终端未被盗,移动终端处于正常模式。In the embodiment of the present invention, when the designated security application monitors and receives the anti-theft instruction sent by the server through the data network, it considers that the mobile terminal is stolen, and uses the anti-theft instruction as the anti-disassembly instruction; otherwise, it considers that the mobile terminal has not been stolen. Theft, the mobile terminal is in normal mode.
子步骤20202,若接收到所述防盗指令,则确定接收到防拆机指令。Sub-step 20202, if the anti-theft instruction is received, determine that the anti-disassembly instruction is received.
在本发明实施例中,防盗指令可以作为防拆机指令。In the embodiment of the present invention, the anti-theft instruction can be used as an anti-disassembly instruction.
子步骤20201至20202在应用层监听远程防盗指令,从而确定是否接收到防拆机指令。Sub-steps 20201 to 20202 monitor the remote anti-theft command at the application layer, so as to determine whether the anti-disassembly command is received.
可选地,在本发明的另一种实施例中,步骤202包括子步骤20203至20204:Optionally, in another embodiment of the present invention, step 202 includes substeps 20203 to 20204:
子步骤20203,判断是否接收到在指定设置界面的防拆机开启操作。Sub-step 20203, judging whether the operation of opening the anti-tamper device on the specified setting interface is received.
其中,指定设置界面通过开关开启或关闭防拆机功能。当用户在该界面打开开关时,向移动终端后台发送防拆机请求;当用户在该界面关闭开关时,向移动终端后台发送解除防拆机请求。Among them, the specified setting interface enables or disables the anti-tampering function through a switch. When the user turns on the switch on the interface, a request for anti-dismantlement is sent to the background of the mobile terminal; when the user turns off the switch on the interface, a request for disarming the anti-dismantlement is sent to the background of the mobile terminal.
子步骤20204,若接收到所述防拆机开启操作,则确定接收到防拆机指令。In sub-step 20204, if the opening operation of the anti-dismantlement device is received, it is determined that an instruction of the anti-dismantlement device is received.
在本发明实施例中,防拆机开启操作作为防拆机指令,防拆机关闭操作作为解除防拆机指令。In the embodiment of the present invention, the opening operation of the anti-tampering device is used as the instruction of the anti-tampering device, and the operation of closing the anti-tampering device is used as the instruction of releasing the anti-tampering device.
子步骤20203至20204在应用层监听防拆机开启操作,从而确定是否接收到防拆机指令。Sub-steps 20203 to 20204 monitor the opening operation of the anti-tamper machine at the application layer, so as to determine whether an anti-tamper machine instruction is received.
可选地,在本发明的另一种实施例中,步骤202包括子步骤20205至20208:Optionally, in another embodiment of the present invention, step 202 includes substeps 20205 to 20208:
子步骤20205,监控移动终端接收到的短信。Sub-step 20205, monitor the short messages received by the mobile terminal.
在本发明实施例中,可以通过其他指定移动终端向被盗移动终端发送包含防盗指令的短信。其中,防盗指令为加密版本,从而保证防盗指令的安全性。当被盗移动终端接收到包含防盗指令的短信时,将防盗指令进行解密。In the embodiment of the present invention, a short message containing an anti-theft instruction may be sent to the stolen mobile terminal through other designated mobile terminals. Wherein, the anti-theft command is an encrypted version, thereby ensuring the security of the anti-theft command. When the stolen mobile terminal receives the short message containing the anti-theft instruction, the anti-theft instruction is decrypted.
从而,指定移动终端向被盗移动终端发送的短信包括两种:正常的通信短信、包含防盗指令的短信。为了区分两种短信,可以对包含防盗指令的短信进行标记。例如,在短信内容或短信文件的头文件中添加特殊字符或其他标识,表明短信为包含防盗指令的短信。Therefore, the short messages sent by the designated mobile terminal to the stolen mobile terminal include two types: normal communication short messages and short messages containing anti-theft instructions. In order to distinguish the two types of short messages, the short messages containing the anti-theft instruction can be marked. For example, adding special characters or other identifications to the content of the short message or the header file of the short message file indicates that the short message is a short message containing an anti-theft instruction.
当移动终端接收到一短信时,从短信内容或头文件中读取标记,从而判断该短信是否为包含防盗指令的短信。若是,则进入子步骤20206;否则,该短信不是包含防盗指令的短信。When the mobile terminal receives a short message, it reads the mark from the content of the short message or the header file, thereby judging whether the short message is a short message containing an anti-theft instruction. If yes, go to sub-step 20206; otherwise, the short message is not a short message containing an anti-theft instruction.
上述方式可以避免对正常通信短信进行不必要的操作。The above method can avoid unnecessary operations on normal communication short messages.
子步骤20206,判断所述短信是否为预设号码发送的短信。Sub-step 20206, judging whether the short message is a short message sent by a preset number.
其中,预设号码可以在移动终端的安全设置中进行设定,可以从通信录上选择现有联系人,还可以通过手动输入电话号码。可以理解,预设号码可以为一个或多个。在设置预设号码时,同时设置短信内容,短信内容可以在符合一定规则下由用户自定义。可以理解,不同预设号码尽量设置不同的短信内容,也可以设置为相同的短信内容。本发明实施例对其不加以限制。Wherein, the preset number can be set in the security setting of the mobile terminal, an existing contact can be selected from the address book, and a phone number can also be manually input. It can be understood that there may be one or more preset numbers. When setting the preset number, set the content of the short message at the same time, and the content of the short message can be customized by the user under certain rules. It can be understood that different preset numbers should be set with different short message content as far as possible, and can also be set with the same short message content. The embodiment of the present invention does not limit it.
当用户设定完预设号码时,将预设号码和对应的短信内容存储在移动终端的指定存储位置。可以以数据库的表形式存储,预设号码作为检索关键字。When the user finishes setting the preset number, the preset number and the corresponding short message content are stored in the designated storage location of the mobile terminal. It can be stored in the table form of the database, and the preset number is used as a retrieval key.
当接收到短信时,使用短信的发送号码在数据中检索。若检索到该发送号码,则该短信为预设号码发送的短信,读取该短信对应的存储在数据库中的预设内容,并进入子步骤20207;否则,该短信不是预设号码发送的短信。When a text message is received, it is retrieved in the data using the sending number of the text message. If the sending number is retrieved, the short message is a short message sent by a preset number, read the preset content corresponding to the short message stored in the database, and enter substep 20207; otherwise, the short message is not a short message sent by a preset number .
子步骤20207,若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容。Sub-step 20207, if the short message is a short message sent by a preset number, then judge whether the content of the short message matches the preset content.
具体地,从数据库中读取预设号码对应的预设内容,将该预设内容与接收到的短信内容进行比较。若一致,则防盗指令通过验证;否则,防盗指令未通过验证。Specifically, the preset content corresponding to the preset number is read from the database, and the preset content is compared with the content of the received short message. If they are consistent, the anti-theft command is verified; otherwise, the anti-theft command is not verified.
子步骤20208,若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。Sub-step 20208, if the content of the short message matches the preset content, then it is determined that an anti-tamper instruction is received.
在本发明实施例中,当防盗指令通过验证时,该防盗指令作为防拆机指令;否则,确定移动终端未接收到防拆机指令。In the embodiment of the present invention, when the anti-theft instruction passes the verification, the anti-theft instruction is used as the anti-disassembly instruction; otherwise, it is determined that the mobile terminal has not received the anti-disassembly instruction.
子步骤20205至20208可以在应用层监听短信数据库中新接收到的短信,并判断是否符合预先设定的内容,从而确定是否接收到防拆机指令;还可以在框架层通过telephonemanager服务拦截通信层的短信,并判断是否符合预先设定的内容,从而确定是否接收到防拆机指令。Substeps 20205 to 20208 can listen to the newly received short message in the short message database at the application layer, and judge whether it meets the preset content, so as to determine whether the anti-dismantlement instruction is received; the communication layer can also be intercepted through the telephonemanager service at the framework layer SMS, and judge whether it conforms to the pre-set content, so as to determine whether the anti-dismantlement instruction is received.
可选地,在本发明的另一种实施例中,步骤202包括子步骤20209至20210:Optionally, in another embodiment of the present invention, step 202 includes substeps 20209 to 20210:
子步骤20209,判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值。Sub-step 20209, judging whether the number of unlocking failures of the mobile terminal in the screen-locked state exceeds the first threshold.
其中,第一阈值为解锁失败次数的上限,可以在移动终端的设置界面上根据实际应用场景设定。可以理解,在移动终端出厂时,可以根据经验值设置默认值。Wherein, the first threshold is an upper limit of unlocking failure times, which can be set according to actual application scenarios on the setting interface of the mobile terminal. It can be understood that, when the mobile terminal leaves the factory, default values can be set according to empirical values.
在实际应用中,在移动终端被盗之后,由于盗窃者不知道解锁屏幕的密码,从而往往会使用错误密码多次解锁失败。在本发明实施例中,当解锁失败次数超过一定阈值时,则认为移动终端被盗。In practical applications, after the mobile terminal is stolen, because the thief does not know the password for unlocking the screen, the wrong password will often be used for multiple unlocking failures. In the embodiment of the present invention, when the number of unlocking failures exceeds a certain threshold, it is considered that the mobile terminal is stolen.
可选地,在本发明的另一种实施例中,子步骤20209包括子步骤202091:Optionally, in another embodiment of the present invention, substep 20209 includes substep 202091:
子步骤202091,判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。Sub-step 202091, judging whether the number of unlocking failures of fingerprint unlocking, pattern unlocking, or digital unlocking of the mobile terminal in the locked screen state exceeds the first threshold.
其中,第一阈值可以根据实际应用场景设定,本发明实施例对其不加以限制。Wherein, the first threshold may be set according to an actual application scenario, which is not limited in this embodiment of the present invention.
指纹解锁将对用户输入的指纹特征与预先录入的指纹特征进行对比,验证用户身份。Fingerprint unlocking will compare the fingerprint features entered by the user with the pre-registered fingerprint features to verify the user's identity.
图形解锁将用户输入的图形与预先录入的图形进行对比,验证用户身份。Graphical unlocking compares the graphic entered by the user with the pre-recorded graphic to verify the user's identity.
数字解锁将用户输入的数字串与预先设置的数字串进行对比,验证用户身份。Digital unlocking compares the number string entered by the user with the preset number string to verify the user's identity.
在本发明实施例中,可以通过统计各种解锁方式的解锁失败次数,判断移动终端是否被盗。具体地,可以将各种解锁方式的总的解锁失败次数与预设的第一阈值对比。当总的解锁失败次数大于第一阈值时,则认为移动终端被盗;否则,认为移动终端未被盗。In the embodiment of the present invention, whether the mobile terminal is stolen can be judged by counting the number of unlocking failures in various unlocking modes. Specifically, the total number of times of unlocking failures in various unlocking manners may be compared with a preset first threshold. When the total number of unlocking failures is greater than the first threshold, it is considered that the mobile terminal has been stolen; otherwise, it is considered that the mobile terminal has not been stolen.
可以理解,还可以将各种解锁方式的单独的解锁失败次数与预设的第一阈值对比。当三种方式的解锁失败次数均大于第一阈值时,认为移动终端被盗;当三种方式中至少一种的解锁失败次数小于第一阈值时,认为移动终端未被盗。It can be understood that the individual unlocking failure times of various unlocking modes may also be compared with a preset first threshold. When the times of unlocking failures in the three ways are greater than the first threshold, it is considered that the mobile terminal is stolen; when the number of unlocking failures in at least one of the three ways is less than the first threshold, it is considered that the mobile terminal is not stolen.
子步骤20210,若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。In sub-step 20210, if the number of unlocking failures exceeds the first threshold, determine that an anti-tamper instruction is received.
在本发明实施例中,若解锁失败次数超过第一阈值,则确定移动终端被盗,并确定接收到防拆机指令;否则,确定移动终端未被盗,并确定未接收到防拆机指令。In the embodiment of the present invention, if the number of unlocking failures exceeds the first threshold, it is determined that the mobile terminal is stolen, and it is determined that an anti-dismantle instruction has been received; otherwise, it is determined that the mobile terminal has not been stolen, and it is determined that an anti-dismantle instruction has not been received .
子步骤20209至20210在应用层监听防拆机操作,统计解锁失败次数,并判断解锁失败次数是否超过第一阈值,从而确定是否接收到防拆机指令。Sub-steps 20209 to 20210 monitor the anti-dismantlement operation at the application layer, count the number of unlocking failures, and judge whether the number of unlocking failures exceeds the first threshold, so as to determine whether the anti-dismantlement instruction is received.
步骤203,向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数。Step 203 , sending a security interface call instruction for the anti-dismantlement device to the security switch service; the safety interface call instruction for the anti-dismantlement device includes an instruction type parameter for the anti-disassembly device.
其中,防拆机指令类型参数指定调用安全接口进行防拆机操作,对应的具体表示方式和值可以根据实际应用场景设定,本发明实施例对其不加以限制。Wherein, the type parameter of the anti-dismantlement instruction specifies calling the security interface to perform the anti-dismantlement operation, and the corresponding specific representation and value can be set according to the actual application scenario, which is not limited in the embodiment of the present invention.
例如,在安卓系统中,调用安全接口可以通过com.qualcomm.qti.securemsm.mdtp.processSignedMsg(Byte[]msg)来实现,参数msg为操作类型参数,包括锁卡操作对应的锁卡指令类型参数、防拆机操作对应的防拆机指令类型参数等,com.qualcomm.qti.securemsm.mdtp.processSignedMsg为安全接口的包路径,processSignedMsg为安全接口名称。For example, in the Android system, calling the security interface can be implemented through com.qualcomm.qti.securemsm.mdtp.processSignedMsg(Byte[]msg), the parameter msg is the operation type parameter, including the lock card instruction type parameter corresponding to the lock card operation , Anti-tamper command type parameters corresponding to the anti-tamper operation, etc., com.qualcomm.qti.securemsm.mdtp.processSignedMsg is the package path of the security interface, and processSignedMsg is the name of the security interface.
步骤204,所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。Step 204, the security interface of the security switch service writes signature information in each firmware partition according to the anti-dismantlement instruction type parameter in the security interface call instruction for the anti-dismantlement machine, and writes the signature information Write to the secure partition.
其中,固件分区包括移动终端外部存储器的系统分区、启动分区、安全分区等。Wherein, the firmware partition includes a system partition, a boot partition, a security partition, etc. of the external memory of the mobile terminal.
签名信息为与固件分区对应的验证信息,根据各固件分区中的目录文件生成。当一固件区分中的目录文件被修改或攻击时,会相应更新该固件分区对应的签名信息。可以理解,可以通过数字签名生成签名信息,还可以通过其他加密算法生活曾签名信息。本发明实施例对其不加以限制。The signature information is the verification information corresponding to the firmware partition, and is generated according to the directory files in each firmware partition. When a directory file in a firmware partition is modified or attacked, the signature information corresponding to the firmware partition will be updated accordingly. It can be understood that the signed information can be generated through digital signature, and the signed information can also be saved through other encryption algorithms. The embodiment of the present invention does not limit it.
安全分区为步骤201划分的安全分区。The security partition is the security partition divided in step 201 .
在实际应用中,将签名信息以文件形式写入固件分区的根目录下,在将签名信息写入安全分区时,需要指明固件分区。具体地,将固件分区的标识和对应的签名信息作为一条记录,保存至安全分区中。其中,固件分区的标识作为检索关键字。In practical applications, the signature information is written into the root directory of the firmware partition in the form of a file, and the firmware partition needs to be specified when writing the signature information into the security partition. Specifically, the identifier of the firmware partition and the corresponding signature information are stored in the secure partition as a record. Wherein, the identifier of the firmware partition is used as a retrieval key.
步骤205,在所述移动终端启动时,读取各固件分区的签名信息。Step 205, when the mobile terminal starts, read the signature information of each firmware partition.
具体地,与步骤204对应,从各固件的根目录下找到存储签名信息的文件,打开并从中读取签名信息。Specifically, corresponding to step 204, the file storing the signature information is found from the root directory of each firmware, opened, and the signature information is read from it.
步骤206,基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比。Step 206, based on each firmware partition, compare the signature information of the firmware partition with the signature information in the security partition.
具体地,在验证系统分区的签名信息时,根据系统分区的标识从安全分区中获取系统分区对应的签名信息,并与从系统分区中读取的签名信息进行对比;在验证启动分区的签名信息时,根据启动分区的标识从安全分区中获取启动分区对应的签名信息,并与从启动分区中读取的签名信息进行对比。Specifically, when verifying the signature information of the system partition, the signature information corresponding to the system partition is obtained from the security partition according to the identification of the system partition, and compared with the signature information read from the system partition; when verifying the signature information of the boot partition , the signature information corresponding to the boot partition is obtained from the security partition according to the identifier of the boot partition, and compared with the signature information read from the boot partition.
若固件分区的签名信息与安全分区中的签名信息一致时,签名信息验证通过,并允许加载该固件分区的文件;否则,验证不通过,并进入步骤207。If the signature information of the firmware partition is consistent with the signature information in the security partition, the verification of the signature information is passed, and the file of the firmware partition is allowed to be loaded;
步骤207,若不一致,则提示输入安全码。Step 207, if they are inconsistent, prompt to input the security code.
其中,安全码为在移动终端上预先设置的验证码,存储在移动终端的指定存储位置上。Wherein, the security code is a verification code preset on the mobile terminal, and is stored in a designated storage location of the mobile terminal.
可以理解,安全码可以由数字、大写字母、小写字母以及其他特殊字符中的至少一种组成。为了提高安全码的安全性,尽量包括多种类型的字符。It can be understood that the security code may be composed of at least one of numbers, uppercase letters, lowercase letters and other special characters. To increase the security of the security code, try to include as many types of characters as possible.
在本发明实施例中,当一固件分区的签名信息不通过验证时,可以通过安全码进一步判断是否加载该固件分区。In the embodiment of the present invention, when the signature information of a firmware partition fails to pass the verification, it can be further judged whether to load the firmware partition through the security code.
步骤208,若所述安全码通过验证,则允许加载所述固件分区。Step 208, if the security code passes the verification, allow the firmware partition to be loaded.
具体地,将用户输入的安全码与存储在移动终端上的安全码进行对比。若两者完全一致,则该安全码验证通过,允许加载当前固件分区的文件;否则,该安全码未通过验证,不允许加载当前固件分区的文件。Specifically, the security code input by the user is compared with the security code stored on the mobile terminal. If the two are completely consistent, the security code is verified and the file of the current firmware partition is allowed to be loaded; otherwise, the security code fails the verification and the file of the current firmware partition is not allowed to be loaded.
步骤209,判断是否接收到对所述移动终端的解除防拆机指令。Step 209, judging whether an instruction to release the anti-tampering device for the mobile terminal is received.
其中,解除防拆机指令与防拆机指令相反,可以解除移动终端的防拆机功能,可以通过在指定设置界面上关闭防拆机功能时触发,也可以通过其他移动终端或客户端远程发送。本发明实施例对其不加以限制。Among them, the anti-dismantle command is opposite to the anti-dismantle command, which can release the anti-dismantle function of the mobile terminal. It can be triggered when the anti-dismantle function is turned off on the specified setting interface, or it can be sent remotely through other mobile terminals or clients. . The embodiment of the present invention does not limit it.
可以理解,解除防拆机指令携带解除防拆机的密码,该密码在开启防拆机功能时进行设置,并保存至安全分区。从而当接收到解除防拆机指令时,需要通过该密码对该解除防拆机指令进行验证。若验证通过,则解除对移动终端的防拆机操作;否则,不解除对移动终端的防拆机操作。It can be understood that the command to release the anti-tampering device carries a password for disabling the anti-tampering device, which is set when the anti-tampering device function is turned on, and is saved to the security partition. Therefore, when receiving the instruction of disarming the anti-dismantlement, the instruction of disarming the anti-dismantlement needs to be verified through the password. If the verification is passed, the anti-dismantle operation on the mobile terminal is released; otherwise, the anti-dismantle operation on the mobile terminal is not released.
步骤210,若接收到所述解除防拆机指令,则调用所述安全开关服务的安全接口,解除对所述移动终端的防拆机操作。Step 210, if the dismantling anti-dismantling instruction is received, call the security interface of the security switch service to release the anti-tampering operation on the mobile terminal.
在实际应用中,在调用安全开关服务的安全接口时,指定解除防拆机指令类型参数,与防拆机指令类型参数相反。In practical applications, when calling the security interface of the security switch service, specify the type parameter of the anti-dismantlement command, which is opposite to the parameter of the anti-dismantlement command type.
具体地,在解除对移动终端的防拆机操作之后,从各固件以及安全分区中删除各固件分区的签名信息。Specifically, after the anti-tampering operation on the mobile terminal is released, the signature information of each firmware partition is deleted from each firmware and security partition.
对于方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明实施例并不受所描述的动作顺序的限制,因为依据本发明实施例,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作并不一定是本发明实施例所必须的。For the method embodiment, for the sake of simple description, it is expressed as a series of action combinations, but those skilled in the art should know that the embodiment of the present invention is not limited by the described action order, because according to the embodiment of the present invention , certain steps may be performed in other order or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions involved are not necessarily required by the embodiments of the present invention.
在本发明实施例中,可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。此外,还可以通过远程指令或自动启动防止通过物理接口将存储设备连接至电脑读取数据的功能。In the embodiment of the present invention, it can be judged whether an anti-dismantle command is received; if an anti-dismantle command is received, the security interface of the security switch service is invoked, and the current mobile terminal is set as the anti-dismantle state, so as to The mobile terminal is protected by hardware. This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data. In addition, the function of preventing data from being read by connecting the storage device to the computer through the physical interface can be activated remotely or automatically.
参照图3,示出了根据本发明的一种移动终端的防拆机装置的一种实施例的结构框图,具体可以包括如下模块:Referring to FIG. 3 , it shows a structural block diagram of an embodiment of an anti-disassembly device for a mobile terminal according to the present invention, which may specifically include the following modules:
防拆机指令判断模块301,用于判断是否接收到防拆机指令。The anti-dismantle instruction judging module 301 is used for judging whether an anti-dismantle instruction is received.
防拆机模块302,用于若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。The anti-dismantlement module 302 is used to call the security interface of the security switch service to set the current mobile terminal as an anti-dismantlement state to protect the hardware of the mobile terminal if an anti-dismantlement instruction is received.
在本发明实施例中,可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。In the embodiment of the present invention, it can be judged whether an anti-dismantle command is received; if an anti-dismantle command is received, the security interface of the security switch service is invoked, and the current mobile terminal is set as the anti-dismantle state, so as to The mobile terminal is protected by hardware. This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
参照图4,示出了根据本发明的一种移动终端的防拆机装置的另一种实施例的结构框图,具体可以包括如下模块:Referring to FIG. 4 , it shows a structural block diagram of another embodiment of an anti-dismantlement device for a mobile terminal according to the present invention, which may specifically include the following modules:
安全分区划分模块401,用于在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。The security partition dividing module 401 is configured to register the security service in the system service list of the framework layer, and divide the security service into security zones in the internal storage.
防拆机指令判断模块402,用于判断是否接收到防拆机指令。The anti-dismantle instruction judging module 402 is used to judge whether an anti-dismantle instruction is received.
防拆机模块403,用于若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。上述防拆机模块403包括:The anti-dismantlement module 403 is used to call the security interface of the security switch service to set the current mobile terminal as an anti-dismantlement state, so as to protect the hardware of the mobile terminal if an anti-dismantlement instruction is received. The anti-disassembly module 403 includes:
安全接口调用子模块4031,用于向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数。The safety interface call sub-module 4031 is used to send a safety interface call instruction for the anti-dismantle machine to the safety switch service; the safety interface call instruction for the anti-dismantle machine includes the type parameter of the anti-dismantle machine instruction.
防拆机子模块4032,用于所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。Anti-dismantle machine sub-module 4032, the safety interface used for the safety switch service writes signature information in each firmware partition respectively according to the anti-dismantle machine instruction type parameter in the safety interface call instruction for the anti-dismantle machine, And write the signature information into the security partition.
签名信息读取模块404,用于在所述移动终端启动时,读取各固件分区的签名信息。The signature information reading module 404 is configured to read the signature information of each firmware partition when the mobile terminal is started.
签名信息验证模块405,用于基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比。The signature information verification module 405 is configured to compare the signature information of the firmware partition with the signature information in the security partition based on each firmware partition.
安全码输入提示模块406,用于若不一致,则提示输入安全码。The security code input prompting module 406 is configured to prompt to input the security code if they are inconsistent.
允许加载模块407,用于若所述安全码通过验证,则允许加载所述固件分区。The loading allowing module 407 is configured to allow loading of the firmware partition if the security code passes the verification.
解除防拆机指令判断模块408,用于判断是否接收到对所述移动终端的解除防拆机指令。The anti-tamper release instruction judging module 408 is configured to judge whether an instruction to release the anti-tamper device for the mobile terminal is received.
解除防拆机模块409,用于若接收到所述解除防拆机指令,则调用所述安全开关服务的安全接口,解除对所述移动终端的防拆机操作。The anti-dismantlement disarming module 409 is configured to invoke the security interface of the security switch service to disarm the dismantling-resistance operation on the mobile terminal if the dismantling-antidisarming disarming instruction is received.
可选地,在本发明的另一种实施例中,上述防拆机指令判断模块402包括:Optionally, in another embodiment of the present invention, the above-mentioned anti-dismantle machine instruction judging module 402 includes:
防盗指令监听子模块,用于由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令。The anti-theft command monitoring sub-module is used to monitor whether the specified security application receives the anti-theft command sent by the server through the data network.
第一防拆机确定子模块,用于若接收到所述防盗指令,则确定接收到防拆机指令。The first anti-dismantlement determining submodule is configured to determine that the anti-dismantlement instruction is received if the anti-theft instruction is received.
可选地,在本发明的另一种实施例中,上述防拆机指令判断模块402包括:Optionally, in another embodiment of the present invention, the above-mentioned anti-dismantle machine instruction judging module 402 includes:
防拆机开启操作接收子模块,用于判断是否接收到在指定设置界面的防拆机开启操作。The anti-tamper machine opening operation receiving sub-module is used to judge whether to receive the anti-tamper machine opening operation in the specified setting interface.
第二防拆机确定子模块,用于若接收到所述防拆机开启操作,则确定接收到防拆机指令。The second anti-dismantlement device determination sub-module is used to determine that the anti-dismantlement device instruction is received if the operation of opening the anti-dismantlement device is received.
可选地,在本发明的另一种实施例中,上述防拆机指令判断模块402包括:Optionally, in another embodiment of the present invention, the above-mentioned anti-dismantle machine instruction judging module 402 includes:
短信监控子模块,用于监控移动终端接收到的短信。The short message monitoring sub-module is used for monitoring short messages received by the mobile terminal.
短信发送号码验证子模块,用于判断所述短信是否为预设号码发送的短信。The short message sending number verification submodule is used to judge whether the short message is a short message sent by a preset number.
短信内容验证子模块,用于若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容。The short message content verification sub-module is used for judging whether the content of the short message matches the preset content if the short message is sent by a preset number.
第三防拆机确定子模块,用于若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。The third anti-dismantlement determination submodule is configured to determine that an anti-dismantlement instruction has been received if the content of the short message matches the preset content.
可选地,在本发明的另一种实施例中,上述防拆机指令判断模块402包括:Optionally, in another embodiment of the present invention, the above-mentioned anti-dismantle machine instruction judging module 402 includes:
解锁失败次数判断子模块,用于判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值。The unlocking failure times judging submodule is used to judge whether the unlocking failure times of the mobile terminal in the screen-locked state exceeds the first threshold.
第四防拆机确定子模块,用于若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。The fourth anti-tamper determination submodule is configured to determine that an anti-tamper instruction is received if the number of times of unlocking failures exceeds the first threshold.
可选地,在本发明的另一种实施例中,上述解锁失败次数判断子模块包括:Optionally, in another embodiment of the present invention, the above-mentioned unlocking failure times judging submodule includes:
解锁失败次数判断单元,用于判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。The unlocking failure times judging unit is used for judging whether the number of unlocking failures of the fingerprint unlocking, pattern unlocking, or digital unlocking of the mobile terminal in the screen-locked state exceeds the first threshold.
在本发明实施例中,可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。此外,还可以通过远程指令或自动启动防止通过物理接口将存储设备连接至电脑读取数据的功能。In the embodiment of the present invention, it can be judged whether an anti-dismantle command is received; if an anti-dismantle command is received, the security interface of the security switch service is invoked, and the current mobile terminal is set as the anti-dismantle state, so as to The mobile terminal is protected by hardware. This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data. In addition, the function of preventing data from being read by connecting the storage device to the computer through the physical interface can be activated remotely or automatically.
对于装置实施例而言,由于其与方法实施例基本相似,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。As for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiment.
本发明实施例还提供了一种移动终端,如图5示,为了便于说明,仅示出了与本发明实施例相关的部分,具体技术细节未揭示的,请参照本发明实施例方法部分。该终端可以为包括手机、平板电脑、PDA(Personal Digital Assistant,个人数字助理)、POS(Point ofSales,销售终端)、车载电脑等任意终端设备,以终端为手机为例:The embodiment of the present invention also provides a mobile terminal, as shown in FIG. 5 , for ease of description, only the parts related to the embodiment of the present invention are shown. For specific technical details not disclosed, please refer to the method part of the embodiment of the present invention. The terminal can be any terminal device including mobile phone, tablet computer, PDA (Personal Digital Assistant, personal digital assistant), POS (Point of Sales, sales terminal), vehicle-mounted computer, etc. Taking the terminal as a mobile phone as an example:
图5示出的是与本发明实施例提供的移动终端相关的手机的部分结构的框图。参考图5,手机包括:射频(Radio Frequency,RF)电路510、存储器520、输入单元530、显示单元540、传感器550、音频电路560、无线保真(wireless fidelity,WiFi)模块570、处理器580、以及电源590等部件。本领域技术人员可以理解,图5中示出的手机结构并不构成对手机的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。FIG. 5 shows a block diagram of a partial structure of a mobile phone related to the mobile terminal provided by the embodiment of the present invention. 5, the mobile phone includes: a radio frequency (Radio Frequency, RF) circuit 510, a memory 520, an input unit 530, a display unit 540, a sensor 550, an audio circuit 560, a wireless fidelity (wireless fidelity, WiFi) module 570, a processor 580 , and power supply 590 and other components. Those skilled in the art can understand that the structure of the mobile phone shown in FIG. 5 is not limited to the mobile phone, and may include more or less components than shown in the figure, or combine some components, or arrange different components.
下面结合图5对手机的各个构成部件进行具体的介绍:The following is a specific introduction to each component of the mobile phone in conjunction with Figure 5:
RF电路510可用于收发信息或通话过程中,信号的接收和发送,特别地,将基站的下行信息接收后,给处理器580处理;另外,将设计上行的数据发送给基站。通常,RF电路510包括但不限于天线、至少一个放大器、收发信机、耦合器、低噪声放大器(Low NoiseAmplifier,LNA)、双工器等。此外,RF电路510还可以通过无线通信与网络和其他设备通信。上述无线通信可以使用任一通信标准或协议,包括但不限于全球移动通讯系统(GlobalSystem of Mobile communication,GSM)、通用分组无线服务(General Packet RadioService,GPRS)、码分多址(Code Division Multiple Access,CDMA)、宽带码分多址(Wideband Code Division Multiple Access,WCDMA)、长期演进(Long Term Evolution,LTE)、电子邮件、短消息服务(Short Messaging Service,SMS)等。The RF circuit 510 can be used for sending and receiving information or receiving and sending signals during a call. In particular, after receiving the downlink information from the base station, the processor 580 processes it; in addition, it sends the designed uplink data to the base station. Generally, the RF circuit 510 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier (Low Noise Amplifier, LNA), a duplexer, and the like. In addition, RF circuitry 510 may also communicate with networks and other devices via wireless communications. The above-mentioned wireless communication can use any communication standard or protocol, including but not limited to Global System of Mobile Communication (Global System of Mobile communication, GSM), General Packet Radio Service (General Packet Radio Service, GPRS), Code Division Multiple Access (Code Division Multiple Access) , CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (Long Term Evolution, LTE), email, Short Messaging Service (Short Messaging Service, SMS), etc.
存储器520可用于存储软件程序以及模块,处理器580通过运行存储在存储器520的软件程序以及模块,从而执行手机的各种功能应用以及数据处理。存储器520可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据手机的使用所创建的数据(比如音频数据、电话本等)等。此外,存储器520可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The memory 520 can be used to store software programs and modules, and the processor 580 executes various functional applications and data processing of the mobile phone by running the software programs and modules stored in the memory 520 . The memory 520 can mainly include a program storage area and a data storage area, wherein the program storage area can store an operating system, at least one application program required by a function (such as a sound playback function, an image playback function, etc.); Data created by the use of mobile phones (such as audio data, phonebook, etc.), etc. In addition, the memory 520 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage devices.
输入单元530可用于接收输入的数字或字符信息,以及产生与手机的用户设置以及功能控制有关的键信号输入。具体地,输入单元530可包括触控面板531以及其他输入设备532。触控面板531,也称为触摸屏,可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触控面板531上或在触控面板531附近的操作),并根据预先设定的程式驱动相应的连接装置。可选的,触控面板531可包括触摸检测装置和触摸控制器两个部分。其中,触摸检测装置检测用户的触摸方位,并检测触摸操作带来的信号,将信号传送给触摸控制器;触摸控制器从触摸检测装置上接收触摸信息,并将它转换成触点坐标,再送给处理器580,并能接收处理器580发来的命令并加以执行。此外,可以采用电阻式、电容式、红外线以及表面声波等多种类型实现触控面板531。除了触控面板531,输入单元530还可以包括其他输入设备532。具体地,其他输入设备532可以包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。The input unit 530 can be used to receive input numbers or character information, and generate key signal input related to user settings and function control of the mobile phone. Specifically, the input unit 530 may include a touch panel 531 and other input devices 532 . The touch panel 531, also referred to as a touch screen, can collect touch operations of the user on or near it (for example, the user uses any suitable object or accessory such as a finger or a stylus on the touch panel 531 or near the touch panel 531). operation), and drive the corresponding connection device according to the preset program. Optionally, the touch panel 531 may include two parts, a touch detection device and a touch controller. Among them, the touch detection device detects the user's touch orientation, and detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and sends it to the to the processor 580, and can receive and execute commands sent by the processor 580. In addition, the touch panel 531 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic wave. In addition to the touch panel 531 , the input unit 530 may also include other input devices 532 . Specifically, other input devices 532 may include but not limited to one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), trackball, mouse, joystick, and the like.
显示单元540可用于显示由用户输入的信息或提供给用户的信息以及手机的各种菜单。显示单元540可包括显示面板541,可选的,可以采用液晶显示器(Liquid CrystalDisplay,LCD)、有机发光二极管(Organic Light-Emitting Diode,OLED)等形式来配置显示面板541。进一步的,触控面板531可覆盖显示面板541,当触控面板531检测到在其上或附近的触摸操作后,传送给处理器580以确定触摸事件的类型,随后处理器580根据触摸事件的类型在显示面板541上提供相应的视觉输出。虽然在图5中,触控面板531与显示面板541是作为两个独立的部件来实现手机的输入和输入功能,但是在某些实施例中,可以将触控面板531与显示面板541集成而实现手机的输入和输出功能。The display unit 540 may be used to display information input by or provided to the user and various menus of the mobile phone. The display unit 540 may include a display panel 541. Optionally, the display panel 541 may be configured in the form of a liquid crystal display (Liquid Crystal Display, LCD), an organic light-emitting diode (Organic Light-Emitting Diode, OLED), or the like. Further, the touch panel 531 may cover the display panel 541, and when the touch panel 531 detects a touch operation on or near it, it transmits to the processor 580 to determine the type of the touch event, and then the processor 580 determines the type of the touch event according to the touch event. The type provides a corresponding visual output on the display panel 541 . Although in FIG. 5 , the touch panel 531 and the display panel 541 are used as two independent components to realize the input and input functions of the mobile phone, in some embodiments, the touch panel 531 and the display panel 541 can be integrated to form a mobile phone. Realize the input and output functions of the mobile phone.
手机还可包括至少一种传感器550,比如光传感器、运动传感器以及其他传感器。具体地,光传感器可包括环境光传感器及接近传感器,其中,环境光传感器可根据环境光线的明暗来调节显示面板541的亮度,接近传感器可在手机移动到耳边时,关闭显示面板541和/或背光。作为运动传感器的一种,加速计传感器可检测各个方向上(一般为三轴)加速度的大小,静止时可检测出重力的大小及方向,可用于识别手机姿态的应用(比如横竖屏切换、相关游戏、磁力计姿态校准)、振动识别相关功能(比如计步器、敲击)等;至于手机还可配置的陀螺仪、气压计、湿度计、温度计、红外线传感器等其他传感器,在此不再赘述。The handset may also include at least one sensor 550, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor can include an ambient light sensor and a proximity sensor, wherein the ambient light sensor can adjust the brightness of the display panel 541 according to the brightness of the ambient light, and the proximity sensor can turn off the display panel 541 and/or when the mobile phone is moved to the ear. or backlight. As a kind of motion sensor, the accelerometer sensor can detect the magnitude of acceleration in various directions (generally three axes), and can detect the magnitude and direction of gravity when it is stationary, and can be used to identify the application of mobile phone posture (such as horizontal and vertical screen switching, related Games, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tap), etc.; as for other sensors such as gyroscope, barometer, hygrometer, thermometer, infrared sensor, etc. repeat.
音频电路560、扬声器561,传声器562可提供用户与手机之间的音频接口。音频电路560可将接收到的音频数据转换后的电信号,传输到扬声器561,由扬声器561转换为声音信号输出;另一方面,传声器562将收集的声音信号转换为电信号,由音频电路560接收后转换为音频数据,再将音频数据输出处理器580处理后,经RF电路510以发送给比如另一手机,或者将音频数据输出至存储器520以便进一步处理。The audio circuit 560, the speaker 561, and the microphone 562 can provide an audio interface between the user and the mobile phone. The audio circuit 560 can transmit the electrical signal converted from the received audio data to the loudspeaker 561, and the loudspeaker 561 converts it into an audio signal output; After being received, it is converted into audio data, and then the audio data is processed by the output processor 580, and then sent to another mobile phone through the RF circuit 510, or the audio data is output to the memory 520 for further processing.
WiFi属于短距离无线传输技术,手机通过WiFi模块570可以帮助用户收发电子邮件、浏览网页和访问流式媒体等,它为用户提供了无线的宽带互联网访问。虽然图5示出了WiFi模块570,但是可以理解的是,其并不属于手机的必须构成,完全可以根据需要在不改变发明的本质的范围内而省略。WiFi is a short-distance wireless transmission technology. The mobile phone can help users send and receive emails, browse web pages, and access streaming media through the WiFi module 570, which provides users with wireless broadband Internet access. Although Fig. 5 shows a WiFi module 570, it can be understood that it is not an essential component of the mobile phone, and can be completely omitted as required without changing the essence of the invention.
处理器580是手机的控制中心,利用各种接口和线路连接整个手机的各个部分,通过运行或执行存储在存储器520内的软件程序和/或模块,以及调用存储在存储器520内的数据,执行手机的各种功能和处理数据,从而对手机进行整体监控。可选的,处理器580可包括一个或多个处理单元;优选的,处理器580可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器580中。The processor 580 is the control center of the mobile phone. It uses various interfaces and lines to connect various parts of the entire mobile phone. By running or executing software programs and/or modules stored in the memory 520, and calling data stored in the memory 520, execution Various functions and processing data of the mobile phone, so as to monitor the mobile phone as a whole. Optionally, the processor 580 may include one or more processing units; preferably, the processor 580 may integrate an application processor and a modem processor, wherein the application processor mainly processes operating systems, user interfaces, and application programs, etc. , the modem processor mainly handles wireless communications. It can be understood that the foregoing modem processor may not be integrated into the processor 580 .
手机还包括给各个部件供电的电源590(比如电池),优选的,电源可以通过电源管理系统与处理器580逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。The mobile phone also includes a power supply 590 (such as a battery) for supplying power to each component. Preferably, the power supply can be logically connected to the processor 580 through the power management system, so as to realize functions such as managing charging, discharging, and power consumption management through the power management system.
尽管未示出,手机还可以包括摄像头、蓝牙模块等,在此不再赘述。Although not shown, the mobile phone may also include a camera, a Bluetooth module, etc., which will not be repeated here.
在本发明实施例中,该移动终端所包括的处理器580还具有以下功能:In the embodiment of the present invention, the processor 580 included in the mobile terminal also has the following functions:
判断是否接收到防拆机指令;Judging whether the anti-dismantle machine instruction is received;
若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。If the anti-dismantle instruction is received, the security interface of the security switch service is invoked, and the current mobile terminal is set to the anti-dismantle state, so as to perform hardware protection on the mobile terminal.
以上方式可以判断是否接收到防拆机指令;若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。由此解决了在移动终端被盗之后通过物理接口将存储设备连接至电脑读取数据的问题,取得了可以防止通过物理接口将存储设备连接至电脑读取数据的有益效果。The above method can determine whether the anti-dismantlement command is received; if the anti-dismantlement command is received, the security interface of the safety switch service is called, and the current mobile terminal is set to the anti-dismantlement state to perform hardware protection on the mobile terminal . This solves the problem of connecting the storage device to the computer to read data through the physical interface after the mobile terminal is stolen, and achieves the beneficial effect of preventing the storage device from being connected to the computer through the physical interface to read data.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
在本发明所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided by the present invention, it should be understood that the disclosed systems, devices and methods can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or May be integrated into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括:只读存储器(ROM,Read Only Memory)、随机存取存储器(RAM,RandomAccess Memory)、磁盘或光盘等。Those of ordinary skill in the art can understand that all or part of the steps in the various methods of the above-mentioned embodiments can be completed by instructing related hardware through a program, and the program can be stored in a computer-readable storage medium, and the storage medium can include: Read Only Memory (ROM, Read Only Memory), Random Access Memory (RAM, Random Access Memory), magnetic disk or optical disk, etc.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是只读存储器,磁盘或光盘等。Those of ordinary skill in the art can understand that all or part of the steps in the method of the above-mentioned embodiments can be completed by instructing related hardware through a program, and the program can be stored in a computer-readable storage medium, and the above-mentioned storage The medium can be read-only memory, magnetic or optical disk, etc.
以上对本发明所提供的一种移动终端的防拆机方法、装置及移动终端进行了详细介绍,对于本领域的一般技术人员,依据本发明实施例的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。The anti-disassembly method and device for a mobile terminal provided by the present invention and the mobile terminal have been introduced in detail above. For those of ordinary skill in the art, according to the idea of the embodiment of the present invention, both the specific implementation and the scope of application are different. There will be changes, and in summary, the contents of this specification should not be construed as limiting the present invention.
本发明公开了A1、一种移动终端的防拆机方法,包括:The invention discloses A1, a method for preventing dismantling of a mobile terminal, including:
判断是否接收到防拆机指令;Judging whether the anti-dismantle machine instruction is received;
若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。If the anti-dismantle instruction is received, the security interface of the security switch service is invoked, and the current mobile terminal is set to the anti-dismantle state, so as to perform hardware protection on the mobile terminal.
A2、如A1所述的方法,所述判断是否接收到防拆机指令的步骤,包括:A2. The method as described in A1, the step of judging whether an anti-dismantle machine instruction is received includes:
由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令;The designated security application monitors whether the anti-theft instruction sent by the server through the data network is received;
若接收到所述防盗指令,则确定接收到防拆机指令。If the anti-theft instruction is received, it is determined that the anti-disassembly instruction is received.
A3、如A1所述的方法,所述判断是否接收到防拆机指令的步骤,包括:A3. The method as described in A1, the step of judging whether an anti-dismantle machine instruction is received includes:
判断是否接收到在指定设置界面的防拆机开启操作;Judging whether to receive the operation of opening the anti-tampering machine in the specified setting interface;
若接收到所述防拆机开启操作,则确定接收到防拆机指令。If the opening operation of the anti-dismantlement machine is received, it is determined that the anti-dismantlement machine instruction is received.
A4、如A1所述的方法,所述判断是否接收到防拆机指令的步骤,包括:A4. The method as described in A1, the step of judging whether an anti-dismantle machine instruction is received includes:
监控移动终端接收到的短信;Monitor the SMS received by the mobile terminal;
判断所述短信是否为预设号码发送的短信;judging whether the short message is a short message sent by a preset number;
若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容;If the short message is a short message sent by a preset number, then judging whether the content of the short message matches the preset content;
若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。If the content of the short message matches the preset content, it is determined that an anti-dismantle instruction is received.
A5、如A1所述的方法,所述判断是否接收到防拆机指令的步骤,包括:A5. The method as described in A1, the step of judging whether an anti-dismantle machine instruction is received includes:
判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值;Judging whether the number of unlocking failures of the mobile terminal in the locked screen state exceeds a first threshold;
若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。If the number of unlocking failures exceeds the first threshold, it is determined that an anti-tamper instruction is received.
A6、如A1所述的方法,所述判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值的步骤,包括:A6, the method as described in A1, the step of judging whether the number of unlocking failures of the mobile terminal in the locked screen state exceeds the first threshold includes:
判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。It is judged whether the number of unlocking failures of fingerprint unlocking, pattern unlocking, or digital unlocking of the mobile terminal in the screen-locked state exceeds a first threshold.
A7、如A1所述的方法,在所述判断是否接收到防拆机指令的步骤之前,还包括:A7. The method as described in A1, before the step of judging whether the anti-dismantle machine instruction is received, also includes:
在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。The security service is registered in the system service list of the framework layer, and security partitions are allocated for the security service in the internal storage.
A8、如A7所述的方法,所述调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤,包括:A8. The method as described in A7, the step of calling the security interface of the security switch service and setting the current mobile terminal as an anti-dismantlement state to protect the hardware of the mobile terminal includes:
向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数;Sending a security interface call instruction for the anti-disassembly machine to the security switch service; the security interface call instruction for the anti-disassembly machine includes an anti-disassembly machine instruction type parameter;
所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。The safety interface of the safety switch service writes signature information in each firmware partition respectively according to the anti-disassembly machine instruction type parameter in the safety interface call instruction for the anti-disassembly machine, and writes the signature information into the security partition.
A9、如A8所述的方法,在所述若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤之后,还包括:A9, the method as described in A8, if the anti-dismantlement instruction is received, then call the security interface of the safety switch service, and set the current mobile terminal to the anti-dismantlement state, to carry out hardware protection to the mobile terminal After the steps, also include:
在所述移动终端启动时,读取各固件分区的签名信息;When the mobile terminal starts, read the signature information of each firmware partition;
基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比;Based on each firmware partition, comparing the signature information of the firmware partition with the signature information in the security partition;
若不一致,则提示输入安全码;If not, prompt to enter the security code;
若所述安全码通过验证,则允许加载所述固件分区。If the security code passes the verification, the firmware partition is allowed to be loaded.
A10、如A1所述的方法,在所述若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护的步骤之后,还包括:A10, the method as described in A1, if the anti-dismantlement instruction is received, the security interface of the security switch service is called, and the current mobile terminal is set to the anti-dismantlement state, so as to protect the hardware of the mobile terminal After the steps, also include:
判断是否接收到对所述移动终端的解除防拆机指令;judging whether an instruction to disarm the mobile terminal from dismantling has been received;
若接收到所述解除防拆机指令,则调用所述安全开关服务的安全接口,解除对所述移动终端的防拆机操作。If the command to release the anti-dismantlement device is received, the security interface of the security switch service is invoked to release the operation of the anti-dismantlement device on the mobile terminal.
本发明还公开了B1、一种移动终端的防拆机装置,包括:The present invention also discloses B1, an anti-disassembly device for a mobile terminal, including:
防拆机指令判断模块,用于判断是否接收到防拆机指令;The anti-dismantle machine command judging module is used to judge whether the anti-dismantle machine command is received;
防拆机模块,用于若接收到防拆机指令,则调用安全开关服务的安全接口,将当前移动终端设定为防拆机状态,以对所述移动终端进行硬件保护。The anti-dismantle module is used to call the safety interface of the security switch service if the anti-dismantle instruction is received, and set the current mobile terminal to the anti-dismantle state, so as to protect the hardware of the mobile terminal.
B2、如B1所述的装置,所述防拆机指令判断模块,包括:B2, the device as described in B1, the anti-disassembly machine command judgment module includes:
防盗指令监听子模块,用于由指定安全应用监听是否接收到由服务器通过数据网络发送的防盗指令;The anti-theft command monitoring sub-module is used to monitor whether the specified security application receives the anti-theft command sent by the server through the data network;
第一防拆机确定子模块,用于若接收到所述防盗指令,则确定接收到防拆机指令。The first anti-dismantlement determining submodule is configured to determine that the anti-dismantlement instruction is received if the anti-theft instruction is received.
B3、如B1所述的装置,所述防拆机指令判断模块,包括:B3, the device as described in B1, the anti-disassembly machine command judgment module includes:
防拆机开启操作接收子模块,用于判断是否接收到在指定设置界面的防拆机开启操作;The anti-dismantle machine opening operation receiving sub-module is used to judge whether to receive the anti-dismantle machine opening operation in the specified setting interface;
第二防拆机确定子模块,用于若接收到所述防拆机开启操作,则确定接收到防拆机指令。The second anti-dismantlement device determination sub-module is used to determine that the anti-dismantlement device instruction is received if the operation of opening the anti-dismantlement device is received.
B4、如B1所述的装置,所述防拆机指令判断模块,包括:B4, the device as described in B1, the anti-dismantle machine command judgment module, including:
短信监控子模块,用于监控移动终端接收到的短信;The short message monitoring sub-module is used to monitor the short messages received by the mobile terminal;
短信发送号码验证子模块,用于判断所述短信是否为预设号码发送的短信;The short message sending number verification submodule is used to judge whether the short message is a short message sent by a preset number;
短信内容验证子模块,用于若所述短信是预设号码发送的短信,则判断所述短信内容是否匹配预设内容;The short message content verification submodule is used to determine whether the content of the short message matches the preset content if the short message is a short message sent by a preset number;
第三防拆机确定子模块,用于若所述短信内容匹配所述预设内容,则确定接收到防拆机指令。The third anti-dismantlement determination submodule is configured to determine that an anti-dismantlement instruction has been received if the content of the short message matches the preset content.
B5、如B1所述的装置,所述防拆机指令判断模块,包括:B5, the device as described in B1, the anti-dismantle machine command judgment module, including:
解锁失败次数判断子模块,用于判断移动终端在锁屏状态下的解锁失败次数是否超过第一阈值;The unlocking failure times judging submodule is used to judge whether the number of unlocking failures of the mobile terminal in the locked screen state exceeds the first threshold;
第四防拆机确定子模块,用于若所述解锁失败次数超过所述第一阈值,则确定接收到防拆机指令。The fourth anti-tamper determination submodule is configured to determine that an anti-tamper instruction is received if the number of times of unlocking failures exceeds the first threshold.
B6、如B1所述的装置,所述解锁失败次数判断子模块,包括:B6. The device as described in B1, the submodule for judging the number of unlocking failures includes:
解锁失败次数判断单元,用于判断移动终端在锁屏状态下的指纹解锁、或图形解锁、或数字解锁的解锁失败次数是否超过第一阈值。The unlocking failure times judging unit is used for judging whether the number of unlocking failures of the fingerprint unlocking, pattern unlocking, or digital unlocking of the mobile terminal in the screen-locked state exceeds the first threshold.
B7、如B1所述的装置,在所述防拆机指令判断模块之前,还包括:B7, the device as described in B1, before the anti-disassembly machine command judgment module, also includes:
安全分区划分模块,用于在框架层的系统服务列表中注册安全服务,并在内部存储中为所述安全服务划分安全分区。The security partition dividing module is used for registering the security service in the system service list of the framework layer, and dividing the security service into security zones in the internal storage.
B8、如B7所述的装置,所述防拆机模块,包括:B8, the device as described in B7, the anti-dismantlement module includes:
安全接口调用子模块,用于向安全开关服务发送用于防拆机的安全接口调用指令;所述用于防拆机的安全接口调用指令包括防拆机指令类型参数;The safety interface calling sub-module is used to send the safety interface calling instruction for the anti-dismantling machine to the safety switch service; the safety interface calling instruction for the anti-dismantling machine includes the anti-dismantling machine instruction type parameter;
防拆机子模块,用于所述安全开关服务的安全接口根据所述用于防拆机的安全接口调用指令中的防拆机指令类型参数,在各固件分区中分别写入签名信息,并将所述签名信息写入安全分区中。Anti-dismantle machine sub-module, the security interface used for the security switch service writes signature information in each firmware partition respectively according to the anti-dismantle machine instruction type parameter in the security interface calling instruction for the anti-dismantle machine, and Write the signature information into the security partition.
B9、如B8所述的装置,在所述防拆机模块之后,还包括:B9, the device as described in B8, after the anti-disassembly module, also includes:
签名信息读取模块,用于在所述移动终端启动时,读取各固件分区的签名信息;The signature information reading module is used to read the signature information of each firmware partition when the mobile terminal starts;
签名信息验证模块,用于基于各固件分区,将所述固件分区的签名信息与安全分区中的签名信息进行对比;A signature information verification module, configured to compare the signature information of the firmware partition with the signature information in the security partition based on each firmware partition;
安全码输入提示模块,用于若不一致,则提示输入安全码;The security code input prompt module is used for prompting the input of the security code if inconsistent;
允许加载模块,用于若所述安全码通过验证,则允许加载所述固件分区。The load-allowing module is configured to allow the firmware partition to be loaded if the security code passes the verification.
B10、如B1所述的装置,在所述防拆机模块之后,还包括:B10, the device as described in B1, after the anti-disassembly module, also includes:
解除防拆机指令判断模块,用于判断是否接收到对所述移动终端的解除防拆机指令;A judging module for removing the anti-dismantlement instruction, used to judge whether an instruction to remove the anti-dismantlement of the mobile terminal is received;
解除防拆机模块,用于若接收到所述解除防拆机指令,则调用所述安全开关服务的安全接口,解除对所述移动终端的防拆机操作。The anti-dismantlement disarming module is configured to call the security interface of the safety switch service to disarm the dismantling-resistance operation on the mobile terminal if the dismantling-resistance disarming instruction is received.
本发明还公开了C1、一种移动终端,包括处理器和存储器,The invention also discloses C1, a mobile terminal, including a processor and a memory,
所述存储器用于存储执行A1至A10中任一项所述的移动终端的防拆机方法的程序;The memory is used to store a program for executing the anti-tampering method for a mobile terminal described in any one of A1 to A10;
所述处理器被配置为用于执行所述存储器中存储的程序。The processor is configured to execute programs stored in the memory.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710029463.4ACN106874795B (en) | 2017-01-16 | 2017-01-16 | Mobile terminal and machine disassembly prevention method and device thereof |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710029463.4ACN106874795B (en) | 2017-01-16 | 2017-01-16 | Mobile terminal and machine disassembly prevention method and device thereof |
| Publication Number | Publication Date |
|---|---|
| CN106874795Atrue CN106874795A (en) | 2017-06-20 |
| CN106874795B CN106874795B (en) | 2020-12-08 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710029463.4AActiveCN106874795B (en) | 2017-01-16 | 2017-01-16 | Mobile terminal and machine disassembly prevention method and device thereof |
| Country | Link |
|---|---|
| CN (1) | CN106874795B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107577966A (en)* | 2017-09-19 | 2018-01-12 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | The anti-virus method and anti-virus security device of a kind of mobile storage |
| CN109409105A (en)* | 2018-09-30 | 2019-03-01 | 联想(北京)有限公司 | A kind of switching method, processor and electronic equipment |
| CN113766819A (en)* | 2021-08-19 | 2021-12-07 | 希姆通信息技术(上海)有限公司 | Anti-dismantling system and anti-dismantling method for shielding cover |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1645288A (en)* | 2003-12-16 | 2005-07-27 | 微软公司 | Ensuring that a software update may be installed or run only on a specific device or class of devices |
| US8151343B1 (en)* | 2007-07-30 | 2012-04-03 | Intuit Inc. | Method and system for providing authentication credentials |
| CN102693381A (en)* | 2012-05-08 | 2012-09-26 | 张�林 | Method, device and system for anti-theft of portable computer equipment |
| CN103037310A (en)* | 2012-12-14 | 2013-04-10 | 北京网秦天下科技有限公司 | Mobile terminal intelligent anti-theft method and mobile terminal |
| CN103403732A (en)* | 2012-10-15 | 2013-11-20 | 华为技术有限公司 | Processing method and device for input and output opeartion |
| CN103702317A (en)* | 2013-12-13 | 2014-04-02 | 北京奇虎科技有限公司 | Mobile terminal antitheft method and client |
| CN104243706A (en)* | 2014-09-17 | 2014-12-24 | 广东欧珀移动通信有限公司 | Anti-theft processing method and device of mobile terminal |
| CN106022165A (en)* | 2016-05-31 | 2016-10-12 | 宇龙计算机通信科技(深圳)有限公司 | Access control method and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1645288A (en)* | 2003-12-16 | 2005-07-27 | 微软公司 | Ensuring that a software update may be installed or run only on a specific device or class of devices |
| US8151343B1 (en)* | 2007-07-30 | 2012-04-03 | Intuit Inc. | Method and system for providing authentication credentials |
| CN102693381A (en)* | 2012-05-08 | 2012-09-26 | 张�林 | Method, device and system for anti-theft of portable computer equipment |
| CN103403732A (en)* | 2012-10-15 | 2013-11-20 | 华为技术有限公司 | Processing method and device for input and output opeartion |
| CN103037310A (en)* | 2012-12-14 | 2013-04-10 | 北京网秦天下科技有限公司 | Mobile terminal intelligent anti-theft method and mobile terminal |
| CN103702317A (en)* | 2013-12-13 | 2014-04-02 | 北京奇虎科技有限公司 | Mobile terminal antitheft method and client |
| CN104243706A (en)* | 2014-09-17 | 2014-12-24 | 广东欧珀移动通信有限公司 | Anti-theft processing method and device of mobile terminal |
| CN106022165A (en)* | 2016-05-31 | 2016-10-12 | 宇龙计算机通信科技(深圳)有限公司 | Access control method and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107577966A (en)* | 2017-09-19 | 2018-01-12 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | The anti-virus method and anti-virus security device of a kind of mobile storage |
| CN107577966B (en)* | 2017-09-19 | 2023-09-29 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | Anti-virus method for mobile storage and anti-virus safety device |
| CN109409105A (en)* | 2018-09-30 | 2019-03-01 | 联想(北京)有限公司 | A kind of switching method, processor and electronic equipment |
| CN113766819A (en)* | 2021-08-19 | 2021-12-07 | 希姆通信息技术(上海)有限公司 | Anti-dismantling system and anti-dismantling method for shielding cover |
| CN113766819B (en)* | 2021-08-19 | 2023-09-29 | 上海晨兴希姆通电子科技有限公司 | Anti-disassembly system and anti-disassembly method for shielding cover |
| Publication number | Publication date |
|---|---|
| CN106874795B (en) | 2020-12-08 |
| Publication | Publication Date | Title |
|---|---|---|
| CN109964227B (en) | Method and terminal for updating SELinux security policy | |
| CN106874805A (en) | A kind of data guard method, device and mobile terminal | |
| US11176228B2 (en) | Application interface display method, apparatus, and terminal, and storage medium | |
| CN106791168A (en) | Information of mobile terminal guard method, device and mobile terminal | |
| CN110532764A (en) | A kind of method, mobile terminal and the readable storage medium storing program for executing of permission processing | |
| CN106845211A (en) | Mobile terminal and its application start method and device | |
| CN106803027A (en) | Application function entrance starts method, device and mobile terminal | |
| WO2017118436A1 (en) | Key storing method, key managing method and device | |
| CN108076501A (en) | A kind of Wi-Fi network connection management method and mobile terminal | |
| CN108156537B (en) | A kind of remote operation method of mobile terminal and mobile terminal | |
| CN106302603A (en) | The method and apparatus remotely deleting information | |
| CN107622213A (en) | A kind of data access method, terminal and computer-readable recording medium | |
| US10764038B2 (en) | Method and apparatus for generating terminal key | |
| CN111125680A (en) | Permission setting method and terminal device | |
| CN106874795A (en) | A kind of tamper machine method of mobile terminal, device and mobile terminal | |
| CN106791176A (en) | A kind of anti-theft method for mobile terminal, device and mobile terminal | |
| CN106203143A (en) | Method, device and the mobile terminal of a kind of application program locking | |
| CN106791171B (en) | Card locking method and device of mobile terminal and mobile terminal | |
| CN108491713A (en) | A kind of safety prompt function method and electronic equipment | |
| TW201826158A (en) | Method, Device and Terminal for Displaying Data | |
| CN107707554A (en) | A kind of login method and mobile terminal of application program account | |
| CN110557747A (en) | network registration method, terminal and readable storage medium | |
| CN108549804B (en) | Mode switching method and device, computer-readable storage medium, and terminal | |
| CN107948390A (en) | The guard method of user data and mobile terminal | |
| CN106933633A (en) | Right management method, device and mobile terminal |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | Effective date of registration:20170802 Address after:100102, 18 floor, building 2, Wangjing street, Beijing, Chaoyang District, 1801 Applicant after:BEIJING ANYUN SHIJI SCIENCE AND TECHNOLOGY CO., LTD. Address before:100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant before:Beijing Qihu Technology Co., Ltd. | |
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |