CN105260664A - Security protection method and terminal for application among multiple systems - Google Patents
Security protection method and terminal for application among multiple systems Download PDFInfo
- Publication number
- CN105260664A CN105260664A CN201510618247.4A CN201510618247A CN105260664A CN 105260664 A CN105260664 A CN 105260664A CN 201510618247 A CN201510618247 A CN 201510618247A CN 105260664 A CN105260664 A CN 105260664A
- Authority
- CN
- China
- Prior art keywords
- operating system
- security domain
- application
- intended application
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Abstract
Embodiments of the invention disclose a security protection method and terminal for an application among multiple systems. The method comprises steps of entering a security mode of a terminal according to an operation order input by a user, wherein the terminal comprises a plurality of operation systems, each operation system comprises a security domain, and each operation system uses its own security domain in the security mode; receiving a system switching order input in the security mode; switching to the security domain of a second operation system from the security domain of a first operation system of a currently running target application according to the system switching order input in the security mode; and displaying an operation interface of the target application in the security domain in the second operation system according to preset application configuration information. Through adoption of the method, the application occupies less memory space, and the operation interface of the application is rapidly connected after the operation system is switched.
Description
Technical field
The present invention relates to electronic technology field, particularly relate to the application safety guard method between a kind of multisystem and terminal.
Background technology
Along with the development of smart mobile phone, smart mobile phone can have multiple operating system (operating system 1, operating system 2 ...), each operating system can have multiple territory, different territory environment can isolate operation, same area can not place different user data, multiple territory comprises security domain, user can use different authority accounts to sign in different territories, and important user data is put in security domain, only have owner just can have permission and enter security domain, the user that other account logs in belongs to visitor, and visitor can only access the user data in other territories.In the prior art scheme, high application is required for safety coefficient, can run by the security domain simultaneously in operating system 1 and operating system 2, but, the security domain of operating system 1 and operating system 2 needs to install this application simultaneously, so not only wastes storage space, and after the security domain being switched to operating system 2 from the security domain of operating system 1, control system 2 needs to restart to run this application, has a strong impact on Consumer's Experience.
Summary of the invention
The embodiment of the present invention provides application safety guard method between a kind of multisystem and terminal.Reduce application taking storage space, achieve operation interface quick joining after operating system switches of application.
Embodiments provide the application safety guard method between a kind of multisystem, comprising:
According to the operational order of user's input, enter into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self;
The systematic evaluation instruction inputted under being received in described safe mode;
According to the described systematic evaluation instruction inputted under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system;
According to the application configuration information preset, in the security domain in described second operating system, show the operation interface of described intended application.
Wherein, the described operational order according to user's input, the safe mode entering into described terminal comprises:
Obtain the fingerprint identifier of user's input;
Determine described fingerprint identifier whether with the fingerprint template information matches preset;
When determining described fingerprint identifier and the fingerprint template information matches preset, enter into the safe mode of described terminal.
Wherein, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system;
The application configuration information that described basis is preset, the operation interface showing described intended application in the security domain in described second operating system comprises:
Obtain the Apply Names of described intended application;
According to the Apply Names of described intended application, determine the application interface processing mode in the security domain of described intended application in described second operating system;
According to the application interface processing mode in the security domain of described intended application in described second operating system, in the security domain in described second operating system, show the operation interface of described intended application.
Wherein, often organize described application process information and also comprise the system and security domain supporting to run;
The described systematic evaluation instruction that described basis inputs under described safe mode, the security domain be switched in the second operating system from the security domain the first operating system that current operational objective is applied comprises:
According to the described application configuration information preset, determine whether the security domain in described second operating system is supported to run described intended application;
When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.
Wherein, the described systematic evaluation instruction that described basis inputs under described safe mode, the security domain be switched in the second operating system from the security domain the first operating system that current operational objective is applied comprises:
According to the described systematic evaluation instruction inputted under described safe mode, determine the described intended application of current operation and described second operating system;
According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Correspondingly, embodiments provide the application safety protection terminal between a kind of multisystem, comprising:
Pattern enters module, for the operational order inputted according to user, enters into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self;
Command reception module, for the systematic evaluation instruction inputted under being received in described safe mode;
Systematic evaluation module, for the described systematic evaluation instruction that basis inputs under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system;
Interface display module, for according to the application configuration information preset, shows the operation interface of described intended application in the security domain in described second operating system.
Wherein, described pattern enters module and comprises:
Information acquisition unit, for obtaining the fingerprint identifier of user's input;
Information matching unit, for determine described fingerprint identifier whether with the fingerprint template information matches preset;
Pattern enters unit, for when determining described fingerprint identifier and the fingerprint template information matches preset, enters into the safe mode of described terminal.
Wherein, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system;
Described interface display module comprises:
Name acquiring unit, for obtaining the Apply Names of described intended application;
Mode determining unit, for the Apply Names according to described intended application, determines the application interface processing mode in the security domain of described intended application in described second operating system;
Interface display unit, for according to the application interface processing mode in the security domain of described intended application in described second operating system, shows the operation interface of described intended application in the security domain in described second operating system.
Wherein, often organize described application process information and also comprise the system and security domain supporting to run;
Described systematic evaluation module specifically for:
According to the described application configuration information preset, determine whether the security domain in described second operating system is supported to run described intended application;
When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.
Wherein, described systematic evaluation module specifically for:
According to the described systematic evaluation instruction inputted under described safe mode, determine the described intended application of current operation and described second operating system;
According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Implement the embodiment of the present invention, first according to the operational order of user's input, enter into the safe mode of terminal, wherein, terminal comprises multiple operating system, and each operating system comprises security domain, and each operating system uses the security domain of self in the secure mode; Then the systematic evaluation instruction that user inputs in the secure mode is received; Secondly according to the systematic evaluation instruction inputted in the secure mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied; The application configuration information that last basis is preset, the operation interface of display-object application in the security domain in the second operating system.Reduce application taking storage space, achieve operation interface quick joining after operating system switches of application.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the first embodiment of application safety guard method between a kind of multisystem of proposing of the present invention;
Fig. 2 is the structural representation of a kind of safe mode that the embodiment of the present invention provides;
Fig. 3 is the schematic flow sheet of the second embodiment of application safety guard method between a kind of multisystem of proposing of the present invention;
Fig. 4 is the structural representation of the application safety protection terminal between a kind of multisystem of embodiment of the present invention proposition;
Fig. 5 is the structural representation that pattern in the terminal that provides of the embodiment of the present invention enters module;
Fig. 6 is the structural representation of the interface display module in the terminal that provides of the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Please refer to Fig. 1, Fig. 1 is the process flow diagram of the first embodiment of application safety guard method between a kind of multisystem of proposing of the present invention.As shown in the figure, the method in the embodiment of the present invention comprises:
S101, according to the operational order of user's input, enters into the safe mode of described terminal.
It should be noted that, operating system can run multiple territory, multiple territory comprises security domain, common territory and game field etc., different territories can isolate operation, and same area can not place different user data, and user can use different authority accounts to sign in different territories, and important user data is put in security domain, only have owner just can have permission and enter security domain, the user that other account logs in belongs to visitor, and visitor can only access the user data in other territories.In addition, terminal can comprise multiple operating system, each described operating system comprises security domain, under described safe mode, each described operating system uses the described security domain of self, and other territories in each operating system are unavailable, under described safe mode, terminal can switch between the security domain in different operating system, and as shown in Figure 2, Fig. 2 is a kind of structural representation of safe mode.
In specific implementation, the fingerprint identifier of user's input can be obtained; Determine described fingerprint identifier whether with the fingerprint template information matches preset; When determining described fingerprint identifier and the fingerprint template information matches preset, enter into the safe mode of described terminal, when determining that described fingerprint identifier does not mate with the fingerprint template information preset, prompting user re-enters fingerprint identifier, if the number of times re-entering fingerprint identifier exceedes preset times, then in preset time range, forbid that user inputs fingerprint identifier.
Optionally, the operational order of user on the function interface in other territories of the first operating system can be received, according to the operational order on the function interface in described other territories in the first operating system, enter into the safe mode of described terminal, and run the security domain of described first operating system.
S102, the systematic evaluation instruction inputted under being received in described safe mode.
In specific implementation, if terminal also comprises multiple operating system except described first operating system, user can select an operating system to switch from described multiple operating system, if also comprise an operating system except described first operating system, user can directly confirm to switch.
S103, according to the described systematic evaluation instruction inputted under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system.
In specific implementation, according to the described systematic evaluation instruction inputted under described safe mode, the described intended application of current operation and described second operating system can be determined; According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Such as: terminal comprises operating system OS1, operating system OS2 and operating system OS3, the security domain of operating system OS1 is provided with application 1, application 2 and application 3, currently in the security domain of operating system OS1 running application 1, if user selects the security domain being switched to operating system OS2, then be switched to operating system OS2 instead of operating system OS3 from operating system OS1, and run application 2 in security domain in operating system OS2, and do not run application 2 and application 3.
Optionally, the application configuration information preset comprises many group application process informations, often organize described application process information and also comprise the system and security domain supporting to run, according to the described application configuration information preset, can determine whether the security domain in described second operating system is supported to run described intended application; When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.Wherein, application configuration information can be application allocation list, as shown in table 1, and table 1 is a kind of application allocation list.
Table 1
Such as: the security domain of operating system OS1 is running application 1, now user needs to be switched to operating system OS2, as shown in table 1, security domain in operating system OS1 and operating system OS1 is all supported to run application 1, therefore can be switched to the security domain operating system OS2 from the security domain of operating system OS1; And for example: the security domain of operating system OS2 is running application 2, now user needs to be switched to operating system OS1, as shown in table 1, security domain in operating system OS1 and operating system OS1 is not all supported to run application 2, then user can be pointed out to apply in 2 security domains that can not be switched in operating system OS1.
S104, according to the application configuration information preset, shows the operation interface of described intended application in the security domain in described second operating system.
In specific implementation, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system.The Apply Names of described intended application can be obtained; According to the Apply Names of described intended application, determine the application interface processing mode in the security domain of described intended application in described second operating system; According to the application interface processing mode in the security domain of described intended application in described second operating system, in the security domain in described second operating system, show the operation interface of described intended application.
Such as: the security domain of operating system OS1 is running application 1, now user needs the security domain being switched to operating system OS2, as shown in table 1, the application interface processing mode of the security domain of application 1 in operating system OS2 is " 1 interface is applied in pull-up ", therefore, when to be switched to the security domain in operating system OS2 from the security domain operating system OS1 when application 1, the interface of the application 1 of operation interface display pull-up; And for example: the security domain of operating system OS2 is running application 2, now user needs the security domain being switched to operating system OS3, as shown in table 1, the application interface processing mode of the security domain of application 2 in operating system OS3 is " seamless switching ", therefore, when to be switched to the security domain in operating system OS3 from the security domain operating system OS2 when application 2, the operation interface of the security domain of application 2 in operating system OS3 is identical with the operation interface applying 2 security domains in operating system OS2 before switching.
In embodiments of the present invention, first according to the operational order of user's input, enter into the safe mode of terminal, wherein, terminal comprises multiple operating system, and each operating system comprises security domain, and each operating system uses the security domain of self in the secure mode; Then the systematic evaluation instruction that user inputs in the secure mode is received; Secondly according to the systematic evaluation instruction inputted in the secure mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied; The application configuration information that last basis is preset, the operation interface of display-object application in the security domain in the second operating system.Reduce application taking storage space, achieve operation interface quick joining after operating system switches of application.
Please refer to Fig. 3, Fig. 3 is the process flow diagram of the second embodiment of application safety guard method between a kind of multisystem of proposing of the present invention.As shown in the figure, the method in the embodiment of the present invention comprises:
S301, according to the operational order of user's input, enters into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self.
It should be noted that, operating system can run multiple territory, multiple territory comprises security domain, common territory and game field etc., different territories can isolate operation, and same area can not place different user data, and user can use different authority accounts to sign in different territories, and important user data is put in security domain, only have owner just can have permission and enter security domain, the user that other account logs in belongs to visitor, and visitor can only access the user data in other territories.In addition, terminal can comprise multiple operating system, each described operating system comprises security domain, under described safe mode, each described operating system uses the described security domain of self, and other territories in each operating system are unavailable, under described safe mode, terminal can switch between the security domain in different operating system, and as shown in Figure 2, Fig. 2 is a kind of structural representation of safe mode.
In specific implementation, the fingerprint identifier of user's input can be obtained; Determine described fingerprint identifier whether with the fingerprint template information matches preset; When determining described fingerprint identifier and the fingerprint template information matches preset, enter into the safe mode of described terminal, when determining that described fingerprint identifier does not mate with the fingerprint template information preset, prompting user re-enters fingerprint identifier, if the number of times re-entering fingerprint identifier exceedes preset times, then in preset time range, forbid that user inputs fingerprint identifier.
Optionally, the operational order of user on the function interface in other territories of the first operating system can be received, according to the operational order on the function interface in described other territories in the first operating system, enter into the safe mode of described terminal, and run the security domain of described first operating system.
S302, the systematic evaluation instruction inputted under being received in described safe mode.
In specific implementation, if terminal also comprises multiple operating system except described first operating system, user can select an operating system to switch from described multiple operating system, if also comprise an operating system except described first operating system, user can directly confirm to switch.
S303, according to the described systematic evaluation instruction inputted under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system.
In specific implementation, according to the described systematic evaluation instruction inputted under described safe mode, the described intended application of current operation and described second operating system can be determined; According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Such as: terminal comprises operating system OS1, operating system OS2 and operating system OS3, the security domain of operating system OS1 is provided with application 1, application 2 and application 3, currently in the security domain of operating system OS1 running application 1, if user selects the security domain being switched to operating system OS2, then be switched to operating system OS2 instead of operating system OS3 from operating system OS1, and run application 2 in security domain in operating system OS2, and do not run application 2 and application 3.
Optionally, the application configuration information preset comprises many group application process informations, often organize described application process information and also comprise the system and security domain supporting to run, according to the described application configuration information preset, can determine whether the security domain in described second operating system is supported to run described intended application; When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.Wherein, application configuration information can be application allocation list, as shown in table 1, and table 1 is a kind of application allocation list.
Such as: the security domain of operating system OS1 is running application 1, now user needs to be switched to operating system OS2, as shown in table 1, security domain in operating system OS1 and operating system OS1 is all supported to run application 1, therefore can be switched to the security domain operating system OS2 from the security domain of operating system OS1; And for example: the security domain of operating system OS2 is running application 2, now user needs to be switched to operating system OS1, as shown in table 1, security domain in operating system OS1 and operating system OS1 is not all supported to run application 2, then user can be pointed out to apply in 2 security domains that can not be switched in operating system OS1.
S304, obtains the Apply Names of described intended application.
S305, according to the Apply Names of described intended application, determines the application interface processing mode in the security domain of described intended application in described second operating system.
In specific implementation, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system.As shown in table 1, the application interface processing mode in the corresponding security domain in operating system OS1, operating system OS2 and operating system OS3 of application 1 difference.
S306, according to the application interface processing mode in the security domain of described intended application in described second operating system, shows the operation interface of described intended application in the security domain in described second operating system.
Such as: the security domain of operating system OS1 is running application 1, now user needs the security domain being switched to operating system OS2, as shown in table 1, the application interface processing mode of the security domain of application 1 in operating system OS2 is " 1 interface is applied in pull-up ", therefore, when to be switched to the security domain in operating system OS2 from the security domain operating system OS1 when application 1, the interface of the application 1 of operation interface display pull-up; And for example: the security domain of operating system OS2 is running application 2, now user needs the security domain being switched to operating system OS3, as shown in table 1, the application interface processing mode of the security domain of application 2 in operating system OS3 is " seamless switching ", therefore, when to be switched to the security domain in operating system OS3 from the security domain operating system OS2 when application 2, the operation interface of the security domain of application 2 in operating system OS3 is identical with the operation interface applying 2 security domains in operating system OS2 before switching.
In embodiments of the present invention, first according to the operational order of user's input, enter into the safe mode of terminal, wherein, terminal comprises multiple operating system, and each operating system comprises security domain, and each operating system uses the security domain of self in the secure mode; Then the systematic evaluation instruction that user inputs in the secure mode is received; Secondly according to the systematic evaluation instruction inputted in the secure mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied; The application configuration information that last basis is preset, the operation interface of display-object application in the security domain in the second operating system.Reduce application taking storage space, achieve operation interface quick joining after operating system switches of application.
Please refer to Fig. 4, Fig. 4 is the structural representation of the application safety protection terminal between a kind of multisystem of embodiment of the present invention proposition.As shown in the figure, the terminal in the embodiment of the present invention comprises:
Pattern enters module 401, for the operational order inputted according to user, enters into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self.
It should be noted that, operating system can run multiple territory, multiple territory comprises security domain, common territory and game field etc., different territories can isolate operation, and same area can not place different user data, and user can use different authority accounts to sign in different territories, and important user data is put in security domain, only have owner just can have permission and enter security domain, the user that other account logs in belongs to visitor, and visitor can only access the user data in other territories.In addition, terminal can comprise multiple operating system, each described operating system comprises security domain, under described safe mode, each described operating system uses the described security domain of self, and other territories in each operating system are unavailable, under described safe mode, terminal can switch between the security domain in different operating system, and as shown in Figure 2, Fig. 2 is a kind of structural representation of safe mode.
In specific implementation, as shown in Figure 5, pattern enters module 401 and can further include:
Information acquisition unit 501, for obtaining the fingerprint identifier of user's input.
Information matching unit 502, for determine described fingerprint identifier whether with the fingerprint template information matches preset.
Pattern enters unit 503, for when determining described fingerprint identifier and the fingerprint template information matches preset, enters into the safe mode of described terminal.When determining that described fingerprint identifier does not mate with the fingerprint template information preset, prompting user re-enters fingerprint identifier, if the number of times re-entering fingerprint identifier exceedes preset times, then in preset time range, forbid that user inputs fingerprint identifier.
Optionally, the operational order of user on the function interface in other territories of the first operating system can be received, according to the operational order on the function interface in described other territories in the first operating system, enter into the safe mode of described terminal, and run the security domain of described first operating system.
Command reception module 402, for the systematic evaluation instruction inputted under being received in described safe mode.
In specific implementation, if terminal also comprises multiple operating system except described first operating system, user can select an operating system to switch from described multiple operating system, if also comprise an operating system except described first operating system, user can directly confirm to switch.
Systematic evaluation module 403, for the described systematic evaluation instruction that basis inputs under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system.
In specific implementation, according to the described systematic evaluation instruction inputted under described safe mode, the described intended application of current operation and described second operating system can be determined; According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Such as: terminal comprises operating system OS1, operating system OS2 and operating system OS3, the security domain of operating system OS1 is provided with application 1, application 2 and application 3, currently in the security domain of operating system OS1 running application 1, if user selects the security domain being switched to operating system OS2, then be switched to operating system OS2 instead of operating system OS3 from operating system OS1, and run application 2 in security domain in operating system OS2, and do not run application 2 and application 3.
Optionally, the application configuration information preset comprises many group application process informations, often organize described application process information and also comprise the system and security domain supporting to run, according to the described application configuration information preset, can determine whether the security domain in described second operating system is supported to run described intended application; When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.Wherein, application configuration information can be application allocation list, as shown in table 1, and table 1 is a kind of application allocation list.
Such as: the security domain of operating system OS1 is running application 1, now user needs to be switched to operating system OS2, as shown in table 1, security domain in operating system OS1 and operating system OS1 is all supported to run application 1, therefore can be switched to the security domain operating system OS2 from the security domain of operating system OS1; And for example: the security domain of operating system OS2 is running application 2, now user needs to be switched to operating system OS1, as shown in table 1, security domain in operating system OS1 and operating system OS1 is not all supported to run application 2, then user can be pointed out to apply in 2 security domains that can not be switched in operating system OS1.
Interface display module 404, for according to the application configuration information preset, shows the operation interface of described intended application in the security domain in described second operating system.
In specific implementation, as shown in Figure 6, interface display module 404 may further include:
Name acquiring unit 601, for obtaining the Apply Names of described intended application.
Mode determining unit 602, for the Apply Names according to described intended application, determines the application interface processing mode in the security domain of described intended application in described second operating system.
In specific implementation, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system.As shown in table 1, the application interface processing mode in the corresponding security domain in operating system OS1, operating system OS2 and operating system OS3 of application 1 difference.
Interface display unit 603, for according to the application interface processing mode in the security domain of described intended application in described second operating system, shows the operation interface of described intended application in the security domain in described second operating system.
Such as: the security domain of operating system OS1 is running application 1, now user needs the security domain being switched to operating system OS2, as shown in table 1, the application interface processing mode of the security domain of application 1 in operating system OS2 is " 1 interface is applied in pull-up ", therefore, when to be switched to the security domain in operating system OS2 from the security domain operating system OS1 when application 1, the interface of the application 1 of operation interface display pull-up; And for example: the security domain of operating system OS2 is running application 2, now user needs the security domain being switched to operating system OS3, as shown in table 1, the application interface processing mode of the security domain of application 2 in operating system OS3 is " seamless switching ", therefore, when to be switched to the security domain in operating system OS3 from the security domain operating system OS2 when application 2, the operation interface of the security domain of application 2 in operating system OS3 is identical with the operation interface applying 2 security domains in operating system OS2 before switching.
In embodiments of the present invention, first according to the operational order of user's input, enter into the safe mode of terminal, wherein, terminal comprises multiple operating system, and each operating system comprises security domain, and each operating system uses the security domain of self in the secure mode; Then the systematic evaluation instruction that user inputs in the secure mode is received; Secondly according to the systematic evaluation instruction inputted in the secure mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied; The application configuration information that last basis is preset, the operation interface of display-object application in the security domain in the second operating system.Reduce application taking storage space, achieve operation interface quick joining after operating system switches of application.
It should be noted that, for each embodiment of the method aforesaid, in order to simple description, therefore it is all expressed as a series of combination of actions, but those skilled in the art should know, the present invention is not by the restriction of described sequence of movement, because according to the present invention, certain some step can adopt other orders or carry out simultaneously.Secondly, those skilled in the art also should know, the embodiment described in instructions all belongs to preferred embodiment, and involved action and module might not be that the present invention is necessary.
In the above-described embodiments, the description of each embodiment is all emphasized particularly on different fields, in certain embodiment, there is no the part described in detail, can see the associated description of other embodiments.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is that the hardware that can carry out instruction relevant by program has come, this program can be stored in a computer-readable recording medium, storage medium can comprise: flash disk, ROM (read-only memory) are (English: Read-OnlyMemory, be called for short: ROM), random access device (English: RandomAccessMemory, RAM), disk or CD etc. be called for short:.
The content download method provided the embodiment of the present invention above and relevant device, system are described in detail, apply specific case herein to set forth principle of the present invention and embodiment, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (10)
1. the application safety guard method between multisystem, is characterized in that, described method comprises:
According to the operational order of user's input, enter into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self;
The systematic evaluation instruction inputted under being received in described safe mode;
According to the described systematic evaluation instruction inputted under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system;
According to the application configuration information preset, in the security domain in described second operating system, show the operation interface of described intended application.
2. the method for claim 1, is characterized in that, the described operational order according to user's input, and the safe mode entering into described terminal comprises:
Obtain the fingerprint identifier of user's input;
Determine described fingerprint identifier whether with the fingerprint template information matches preset;
When determining described fingerprint identifier and the fingerprint template information matches preset, enter into the safe mode of described terminal.
3. the method for claim 1, is characterized in that, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system;
The application configuration information that described basis is preset, the operation interface showing described intended application in the security domain in described second operating system comprises:
Obtain the Apply Names of described intended application;
According to the Apply Names of described intended application, determine the application interface processing mode in the security domain of described intended application in described second operating system;
According to the application interface processing mode in the security domain of described intended application in described second operating system, in the security domain in described second operating system, show the operation interface of described intended application.
4. method as claimed in claim 3, is characterized in that, often organizes described application process information and also comprises the system and security domain supporting to run;
The described systematic evaluation instruction that described basis inputs under described safe mode, the security domain be switched in the second operating system from the security domain the first operating system that current operational objective is applied comprises:
According to the described application configuration information preset, determine whether the security domain in described second operating system is supported to run described intended application;
When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.
5. the method as described in Claims 1 to 4 any one, it is characterized in that, the described systematic evaluation instruction that described basis inputs under described safe mode, the security domain be switched in the second operating system from the security domain the first operating system that current operational objective is applied comprises:
According to the described systematic evaluation instruction inputted under described safe mode, determine the described intended application of current operation and described second operating system;
According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
6. the application safety protection terminal between multisystem, it is characterized in that, described terminal comprises:
Pattern enters module, for the operational order inputted according to user, enters into the safe mode of described terminal, wherein, described terminal comprises multiple operating system, and each described operating system comprises security domain, and under described safe mode, each described operating system uses the described security domain of self;
Command reception module, for the systematic evaluation instruction inputted under being received in described safe mode;
Systematic evaluation module, for the described systematic evaluation instruction that basis inputs under described safe mode, the security domain in the second operating system is switched to from the security domain the first operating system that current operational objective is applied, wherein, described intended application is the application in the common storage area that all can access of security domain in each described operating system;
Interface display module, for according to the application configuration information preset, shows the operation interface of described intended application in the security domain in described second operating system.
7. terminal as claimed in claim 6, it is characterized in that, described pattern enters module and comprises:
Information acquisition unit, for obtaining the fingerprint identifier of user's input;
Information matching unit, for determine described fingerprint identifier whether with the fingerprint template information matches preset;
Pattern enters unit, for when determining described fingerprint identifier and the fingerprint template information matches preset, enters into the safe mode of described terminal.
8. terminal as claimed in claim 6, is characterized in that, described application configuration information comprises many group application process informations, often organizes described application process information and comprises application interface processing mode in Apply Names and the security domain in described second operating system;
Described interface display module comprises:
Name acquiring unit, for obtaining the Apply Names of described intended application;
Mode determining unit, for the Apply Names according to described intended application, determines the application interface processing mode in the security domain of described intended application in described second operating system;
Interface display unit, for according to the application interface processing mode in the security domain of described intended application in described second operating system, shows the operation interface of described intended application in the security domain in described second operating system.
9. terminal as claimed in claim 8, is characterized in that, often organizes described application process information and also comprises the system and security domain supporting to run;
Described systematic evaluation module specifically for:
According to the described application configuration information preset, determine whether the security domain in described second operating system is supported to run described intended application;
When determining that the security domain support in described second operating system runs described intended application, be switched to the security domain in described second operating system from the security domain described first operating system of the described intended application of current operation.
10. the terminal as described in claim 6 ~ 9 any one, is characterized in that, described systematic evaluation module specifically for:
According to the described systematic evaluation instruction inputted under described safe mode, determine the described intended application of current operation and described second operating system;
According to the described intended application determined and described second operating system, be switched to the security domain in described second operating system from the security domain described first operating system, and run described intended application in security domain in described second operating system.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510618247.4A CN105260664B (en) | 2015-09-24 | 2015-09-24 | Method for security protection and terminal are applied between a kind of multisystem |
| PCT/CN2015/093516 WO2017049731A1 (en) | 2015-09-24 | 2015-10-31 | Method for application security protection among multiple systems, and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510618247.4A CN105260664B (en) | 2015-09-24 | 2015-09-24 | Method for security protection and terminal are applied between a kind of multisystem |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105260664A true CN105260664A (en) | 2016-01-20 |
| CN105260664B CN105260664B (en) | 2018-05-15 |
Family
ID=55100348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510618247.4A Active CN105260664B (en) | 2015-09-24 | 2015-09-24 | Method for security protection and terminal are applied between a kind of multisystem |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105260664B (en) |
| WO (1) | WO2017049731A1 (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105912896A (en) * | 2016-04-12 | 2016-08-31 | 深圳市金立通信设备有限公司 | Application switching method and terminal |
| CN107102891A (en) * | 2017-03-01 | 2017-08-29 | 北京珠穆朗玛移动通信有限公司 | The management method and mobile terminal of a kind of application based on dual system |
| CN107292148A (en) * | 2016-03-31 | 2017-10-24 | 宇龙计算机通信科技(深圳)有限公司 | A kind of Working mode switching method and user terminal |
| CN105407218B (en) * | 2015-10-28 | 2018-08-24 | 东莞酷派软件技术有限公司 | A kind of SMS processing method and terminal |
| CN111708575A (en) * | 2019-03-18 | 2020-09-25 | 成都鼎桥通信技术有限公司 | Operating system switching method, terminal device, electronic device and storage medium |
| CN112333331A (en) * | 2019-08-05 | 2021-02-05 | 中兴通讯股份有限公司 | System switching method, terminal and target device |
| CN112784319A (en) * | 2019-11-07 | 2021-05-11 | 成都鼎桥通信技术有限公司 | Double-domain implementation method of terminal equipment |
| US11023296B2 (en) | 2016-12-29 | 2021-06-01 | Huawei Technologies Co., Ltd. | Method for managing multiple operating systems in a terminal |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113127887A (en) * | 2019-12-30 | 2021-07-16 | 中移信息技术有限公司 | Data permission isolation judgment method, device, equipment and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101964029A (en) * | 2004-12-31 | 2011-02-02 | 钟巨航 | Method for online switching among multiple data processing subsystems |
| CN102708329A (en) * | 2011-02-22 | 2012-10-03 | 宏达国际电子股份有限公司 | Data security management systems and methods |
| CN104102876A (en) * | 2014-07-17 | 2014-10-15 | 北京握奇智能科技有限公司 | Device for safeguarding operational security of client side |
| CN104143066A (en) * | 2013-05-10 | 2014-11-12 | 中国银联股份有限公司 | Security information exchanging device |
| CN104615927A (en) * | 2014-12-31 | 2015-05-13 | 宇龙计算机通信科技(深圳)有限公司 | Multisystem safe verification method, multisystem safe verification device and terminal |
| CN104680089A (en) * | 2013-11-29 | 2015-06-03 | 联想(北京)有限公司 | Electronic device and system switching method |
| CN104679900A (en) * | 2015-03-18 | 2015-06-03 | 西安酷派软件科技有限公司 | Application program searching method and device |
| US20150186409A1 (en) * | 2013-12-31 | 2015-07-02 | Insyde Software Corp. | Portable electronic device, method for sharing file between multiple operating systems, recording medium and computer program product |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103886270A (en) * | 2014-03-31 | 2014-06-25 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and method for improving system safety |
| CN104506563B (en) * | 2015-01-20 | 2018-09-07 | 宇龙计算机通信科技(深圳)有限公司 | Access control method, access control system and the terminal of process |
| CN104598243A (en) * | 2015-01-28 | 2015-05-06 | 广东欧珀移动通信有限公司 | Multi-user application program management method and device applied to intelligent terminal |
| CN104572287B (en) * | 2015-01-30 | 2018-12-25 | 西安酷派软件科技有限公司 | The method, apparatus and terminal of application state are kept when a kind of system switches |
-
2015
- 2015-09-24 CN CN201510618247.4A patent/CN105260664B/en active Active
- 2015-10-31 WO PCT/CN2015/093516 patent/WO2017049731A1/en active Application Filing
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101964029A (en) * | 2004-12-31 | 2011-02-02 | 钟巨航 | Method for online switching among multiple data processing subsystems |
| CN102708329A (en) * | 2011-02-22 | 2012-10-03 | 宏达国际电子股份有限公司 | Data security management systems and methods |
| CN104143066A (en) * | 2013-05-10 | 2014-11-12 | 中国银联股份有限公司 | Security information exchanging device |
| CN104680089A (en) * | 2013-11-29 | 2015-06-03 | 联想(北京)有限公司 | Electronic device and system switching method |
| US20150186409A1 (en) * | 2013-12-31 | 2015-07-02 | Insyde Software Corp. | Portable electronic device, method for sharing file between multiple operating systems, recording medium and computer program product |
| CN104102876A (en) * | 2014-07-17 | 2014-10-15 | 北京握奇智能科技有限公司 | Device for safeguarding operational security of client side |
| CN104615927A (en) * | 2014-12-31 | 2015-05-13 | 宇龙计算机通信科技(深圳)有限公司 | Multisystem safe verification method, multisystem safe verification device and terminal |
| CN104679900A (en) * | 2015-03-18 | 2015-06-03 | 西安酷派软件科技有限公司 | Application program searching method and device |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105407218B (en) * | 2015-10-28 | 2018-08-24 | 东莞酷派软件技术有限公司 | A kind of SMS processing method and terminal |
| CN107292148A (en) * | 2016-03-31 | 2017-10-24 | 宇龙计算机通信科技(深圳)有限公司 | A kind of Working mode switching method and user terminal |
| CN105912896A (en) * | 2016-04-12 | 2016-08-31 | 深圳市金立通信设备有限公司 | Application switching method and terminal |
| US11023296B2 (en) | 2016-12-29 | 2021-06-01 | Huawei Technologies Co., Ltd. | Method for managing multiple operating systems in a terminal |
| US11579946B2 (en) | 2016-12-29 | 2023-02-14 | Huawei Technologies Co., Ltd. | Method for managing multiple operating systems in a terminal |
| CN107102891A (en) * | 2017-03-01 | 2017-08-29 | 北京珠穆朗玛移动通信有限公司 | The management method and mobile terminal of a kind of application based on dual system |
| CN111708575A (en) * | 2019-03-18 | 2020-09-25 | 成都鼎桥通信技术有限公司 | Operating system switching method, terminal device, electronic device and storage medium |
| CN112333331A (en) * | 2019-08-05 | 2021-02-05 | 中兴通讯股份有限公司 | System switching method, terminal and target device |
| CN112784319A (en) * | 2019-11-07 | 2021-05-11 | 成都鼎桥通信技术有限公司 | Double-domain implementation method of terminal equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017049731A1 (en) | 2017-03-30 |
| CN105260664B (en) | 2018-05-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105260664A (en) | Security protection method and terminal for application among multiple systems | |
| CN106201574B (en) | Application interface starting method and device | |
| CN106686601B (en) | Pseudo base station protection method and device | |
| CN103559055A (en) | Activity starting method and device applied to Android platform | |
| CN102340398A (en) | Security policy setting and determining method, and method and device for executing operation by application program | |
| CN106648685B (en) | Intelligent terminal system application processing method and device and intelligent terminal | |
| CN103955393A (en) | Method and device for starting application program | |
| US10419919B2 (en) | Network registration method for mobile terminal, storage medium, and mobile terminal | |
| CN105260216A (en) | Method, device and terminal for starting application program | |
| CN105306697A (en) | Information processing method and electronic device | |
| CN105573484A (en) | Projection method and terminal | |
| CN103530427A (en) | Dynamic switching method and device based on multiple databases | |
| CN106227483B (en) | Display control method and mobile terminal | |
| CN105589713A (en) | Electronic equipment and starting method therefor | |
| CN108282471B (en) | Electronic certificate transmission method, device and equipment | |
| CN104598804A (en) | Information processing method and electronic equipment | |
| CN104866782A (en) | Data processing method and apparatus | |
| CN102810139A (en) | Secure data operation method and communication terminal | |
| CN105160274A (en) | User data protection method and terminal | |
| US9978056B2 (en) | Smart card having multiple payment instruments | |
| CN104394526A (en) | Method for recovering data service and electronic apparatus | |
| CN108650702B (en) | Broadcast information processing method and user terminal | |
| CN105335192B (en) | A kind of information processing method and electronic equipment | |
| CN104618890A (en) | Information processing method and electronic equipment | |
| CN104700038A (en) | Information processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |