CN107085688A - File authorizing method and mobile terminal - Google Patents
File authorizing method and mobile terminal Download PDFInfo
- Publication number
- CN107085688A CN107085688A CN201610087795.3A CN201610087795A CN107085688A CN 107085688 A CN107085688 A CN 107085688A CN 201610087795 A CN201610087795 A CN 201610087795A CN 107085688 A CN107085688 A CN 107085688A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- authorization
- file
- file data
- authorization response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of file authorizing method and mobile terminal, wherein:Methods described includes:First mobile terminal determines the first file data for needing to decrypt;First mobile terminal sends authorization requests by base station to file server, and the authorization requests are used to ask first file data to authorizing;First mobile terminal receives the authorization response that the file server is sent;First mobile terminal judges whether include authorization code in the authorization response, obtains the first judged result, the authorization code is authorized for first file data, and the user of second mobile terminal is the copyright owner of first file data;First mobile terminal is handled first file data according to first judged result.
Description
Technical field
The present invention relates to art file management technology, more particularly to a kind of file authorizing method and mobile terminal.
Background technology
With the fast development of Internet technology, how to improve data safety safeguard work also turns into ever more important
Problem.The data assets such as each current original document, easily because of text in upload, transmission, copy procedure
Shelves, which supervise improper or hacker and the factor such as steal, causes leakage of content, and intellectual property fails to be effectively protected and damage
Lose heavy;Therefore for original paper writer or owner, effective means are lacked at present to monitor money
Document security is expected, particularly after data file is cracked, it is difficult to reparation is carried out to loss and made up.And it is traditional
File authorizing system generally only has encryption and decryption functions, and encryption and decryption mode is divided into two kinds:One class is using static state
Cipher key mode, it is easy to be subjected to key and be cracked cause the risk of information leakage;Two classes are using dynamic
Code realized to the encryption and decryption technology of file, but problem causes to push away because use cost is high, user is inconvenient for use etc.
It is wide difficult.
At present, based on cross-platform file encryption-decryption algorithm, file crushing technology and short message dynamic password verification
Reached its maturity etc. technology, and had in Internet software arts and much successfully use case.And telecommunications is transported
Battalion's business's network architecture wouldn't can merge these technologies, how improve the structure of telecommunication carrier networks, using now
It is urgent problem to be solved to have Internet resources to merge operator network system with file security control technology.
The content of the invention
In view of this, the embodiment of the present invention provides one to solve at least one problem present in prior art
Kind of file authorizing method and system, can avoid document from being read, copy by disabled user, secondary transmission etc. is asked
Topic.
What the technical scheme of the embodiment of the present invention was realized in:
In a first aspect, the embodiment of the present invention provides a kind of file authorizing method, methods described includes:
First mobile terminal determines the first file data for needing to decrypt;
First mobile terminal sends authorization requests by base station to file server, and the authorization requests are used
In request first file data to authorizing;
First mobile terminal receives the authorization response that the file server is sent;
First mobile terminal judges whether include authorization code in the authorization response, obtains the first judgement knot
Really, the authorization code is authorized for first file data, and the user of second mobile terminal is
The copyright owner of first file data;
First mobile terminal is handled first file data according to first judged result.
Second aspect, the embodiment of the present invention provides a kind of file authorizing method, and methods described includes:
Second mobile terminal determines the first file data, and the user of second mobile terminal is the described first text
The copyright owner of number of packages evidence;
Second mobile terminal determines authorization code, and first file data is carried out using the authorization code
Encryption;
Second mobile terminal uploads the first file data after encryption to file server by base station and awarded
Power instruction, the authorized order is used to show that first file data is the file after encryption;
Second mobile terminal receives the authorization requests that file server is sent, and the authorization requests are used for please
First file data is asked at least to carry first movement to authorizing, in the authorization requests eventually
The identification information at end;
Second mobile terminal determines authorization response according to the identification information of first mobile terminal;
The authorization response is sent to the file server by second mobile terminal.
The third aspect, the embodiment of the present invention provides a kind of mobile terminal, and the mobile terminal includes first and determined
Unit, the first transmitting element, the first receiving unit, the first judging unit and first processing units, wherein:
First determining unit, for the first file data for determining to need to decrypt;
First transmitting element, for sending authorization requests to file server, the authorization requests are used for
First file data is asked to authorizing;
First receiving unit, for receiving the authorization response that the file server is sent;
First judging unit, for judging whether include authorization code in the authorization response, obtains first
Judged result, the authorization code is authorized for first file data, second mobile terminal
User is the copyright owner of first file data;
The first processing units, for being carried out according to first judged result to first file data
Processing.
Fourth aspect, the embodiment of the present invention provides a kind of mobile terminal, and the mobile terminal includes second and determined
Unit, the 3rd determining unit, ciphering unit, second processing unit, the second receiving unit, the 4th determine list
Member and the second transmitting element, wherein:
Second determining unit, for determining the first file data, the user of second mobile terminal is
The copyright owner of first file data;
3rd determining unit, for determining authorization code, using the authorization code to first number of files
According to being encrypted;
The second processing unit, for uploading the first number of files after encryption to file server by gateway
According to and authorized order, the authorized order be used for show first file data be encryption after file;
Second receiving unit, the authorization requests for receiving file server transmission, the authorization requests
For asking first file data to authorizing, described first is at least carried in the authorization requests
The identification information of mobile terminal;
4th determining unit, for determining authorization response according to the identification information of first mobile terminal;
Second transmitting element, for the authorization response to be sent into the file server.
The embodiment of the present invention provides a kind of file authorizing method and mobile terminal, wherein, the first mobile terminal is true
Fixed the first file data for needing to decrypt;First mobile terminal is sent to file server by base station and awarded
Power request, the authorization requests are used to ask first file data to authorizing;First movement
Terminal receives the authorization response that the file server is sent;First mobile terminal judges that described authorize is rung
Whether include authorization code in answering, obtain the first judged result, the authorization code is used for first file data
Authorized, the user of second mobile terminal is the copyright owner of first file data;It is described
First mobile terminal is handled first file data according to first judged result;In this way, energy
Enough avoid document from being read, copy by disabled user, secondary transmission the problems such as.
Brief description of the drawings
Fig. 1 is the implementation process schematic diagram of the file authorizing method of the embodiment of the present invention one;
Fig. 2 is the composition structural representation of the file authorizing system of the embodiment of the present invention three;
Fig. 3 is the composition structural representation of terminal in the file authorizing system of the embodiment of the present invention three;
Fig. 4 is the composition structural representation of the file authorizing system of the embodiment of the present invention four.
Embodiment
The technical solution of the present invention is further elaborated with specific embodiment below in conjunction with the accompanying drawings.
Embodiment one
In order to solve foregoing technical problem, the embodiment of the present invention provides a kind of file authorizing method, this method
It is the file authorizing method based on telecom operators' gateway, applied to mobile terminal, the work(that this method is realized
It is able to can be realized by the processor caller code in mobile terminal, certain program code can be preserved
In computer-readable storage medium, it is seen then that the mobile terminal at least includes processor and storage medium.
Fig. 1 is the implementation process schematic diagram of the file authorizing method of the embodiment of the present invention one, as shown in figure 1, should
Method includes:
Step S101, the first mobile terminal determines the first file data for needing to decrypt;
Step S102, first mobile terminal sends authorization requests by base station to file server;
Here, the authorization requests are used to ask first file data to authorizing;
Here, during implementing, the file server can be a server, certainly also
It can be realized using more than two servers, for example, file server can include in embodiment three
File monitor server and authorization server.
Here, mobile terminal in embodiments of the present invention needs base station, gateway with telecom operators etc. logical
Letter, the mode specifically communicated can be using short message, multimedia message etc., and accordingly, gateway is Short Message Service Gateway.
Step S103, first mobile terminal receives the authorization response that the file server is sent;
Step S104, first mobile terminal judges whether include authorization code in the authorization response, obtains
First judged result;
Here, the authorization code is authorized for first file data, second mobile terminal
User is the copyright owner of first file data;
Here, the authorization code can be the key of encryption, can be described during implementing
It is that the user of second mobile terminal is set or that the second mobile terminal is set automatically.
Step S105, first mobile terminal is according to first judged result to first file data
Handled.
In the embodiment of the present invention, first mobile terminal is according to first judged result to the described first text
Number of packages according to being handled, including:
If first judged result shows that the authorization response includes authorization code, first movement is eventually
First file data is decrypted using the authorization code in end;
If first judged result shows not include authorization code in the authorization response, first movement
The terminal notifying first information, the first information is used to show that the mandate of first file data can not be obtained.
Instructed if carrying described destroy in the authorization response, first mobile terminal utilizes described small
First file data is destroyed in fourth finger order.
Here, destruction can be the operation such as deletion.
In the embodiment of the present invention, the first mobile terminal determines the first file data for needing to decrypt;Described first
Mobile terminal sends authorization requests by base station to file server, and the authorization requests are used to ask described the
One file data is to authorizing;First mobile terminal receives the mandate sound that the file server is sent
Should;First mobile terminal judges whether include authorization code in the authorization response, obtains the first judgement knot
Really, the authorization code is authorized for first file data, and the user of second mobile terminal is
The copyright owner of first file data;First mobile terminal is according to first judged result pair
First file data is handled;So, it is possible to avoid document from being read by disabled user, copy, two
The problems such as secondary transmission.
Embodiment two
Based on foregoing embodiment, the embodiment of the present invention provides a kind of file authorizing method, and this method includes:
Step S201, the second mobile terminal determines the first file data, and the user of second mobile terminal is
The copyright owner of first file data;
Here, second mobile terminal is similar with the first mobile terminal, therefore repeats no more.
Step S202, second mobile terminal determines authorization code, using the authorization code to the described first text
Number of packages evidence is encrypted;
Here, the authorization code can be obtained at random, can also be specified by the user of the second mobile terminal.
Step S203, second mobile terminal uploads the first text after encryption to file server by base station
Number of packages evidence and authorized order, the authorized order are used to show that first file data is the file after encryption;
Step S204, the first mobile terminal determines the first file data for needing to decrypt;
Here, such as user of the first mobile terminal is in one keyword of web search, it was found that the first file
Data, therefore want to open the first file data, it is thus seen that the first file data is the file of encryption, in
It is that the first mobile terminal enters step S205;
Step S205, first mobile terminal sends authorization requests by base station to file server, described
Authorization requests are used to ask first file data to authorizing;
Here, during implementing, the file server can be a server, certainly also
It can be realized using more than two servers, for example, file server can include in embodiment three
File monitor server and authorization server.
Here, mobile terminal in embodiments of the present invention needs base station, gateway with telecom operators etc. logical
Letter, the mode specifically communicated can be using short message, multimedia message etc., and accordingly, gateway is Short Message Service Gateway.
Step S206, second mobile terminal receives the authorization requests that file server is sent, the mandate
Ask described for asking first file data at least to be carried to authorizing, in the authorization requests
The identification information of first mobile terminal;
Step S207, second mobile terminal determines to authorize according to the identification information of first mobile terminal
Response;
Here, the identification information can be any information of mobile terminal, for example, international mobile subscriber is known
Other code (IMSI:International Mobile Subscriber Identification Number), account information such as
QQ number code, mail account, phone number etc.;
The authorization response is sent to the file server by step S208, second mobile terminal.
Step S209, first mobile terminal receives the authorization response that the file server is sent;
Step S210, first mobile terminal judges whether include authorization code in the authorization response, obtains
First judged result, the authorization code is authorized for first file data, and second movement is eventually
The user at end is the copyright owner of first file data;
Here, the authorization code can be the key of encryption during implementing.
Step S211, first mobile terminal is according to first judged result to first file data
Handled.
In the embodiment of the present invention, second mobile terminal is true according to the identification information of first mobile terminal
Determine authorization response, including:
Second mobile terminal according to the identification information of first mobile terminal determine in authorization response whether
Carry authorization code;
If it is determined that when carrying authorization code in the authorization response, second mobile terminal is by the authorization code
It is carried in the authorization response;
If it is determined that when not carrying authorization code in the authorization response, second mobile terminal will be destroyed and instructed
It is carried in the authorization response.
In the embodiment of the present invention, mobile terminal such as the first mobile terminal and the second mobile terminal can pass through base station
It is connected with gateway with file server.
Embodiment three
In order to solve foregoing technical problem, the embodiment of the present invention provide it is a kind of document is carried out real-time authorization,
Monitoring, alarm, crush be integrated, it is to avoid document is read by disabled user, copied, secondary transmission the problems such as
File authorizing system.The embodiment of the present invention provides a kind of file authorizing system based on telecom operators' gateway,
Including mobile phone terminal, at least include two keeper's personal computer (PC) computers, file monitor servers
(operator), file encryption/authorization server (operator), telecom operators' gateway (including Internet of Things without
Gauze pass, Short Message Service Gateway etc.), telecom operators base station.The operating system of wherein mobile phone terminal includes:Android
(android), iOS etc., mobile phone terminal is connected to file by telecom operators base station, carrier gateway and added
Close/authorization server and file monitor server;During implementing, the operation system of personal computer
System can include UNIX, WINDOWS operating system.
Mobile phone terminal is provided with control program client, terminal control program include authenticating user identification module,
File encryption module, file authorizing module, file crush module.The file encryption module, file authorizing
Module, file are crushed module and are connected with authentication module.User must be registered as operation by phone number
The validated user of business could use this document to protect software, and then specify application protection document by the software,
Document information is uploaded to authorization server, document flow quantity control is realized.File authorizing module facilitates user to make by oneself
Adopted validated user and its opening document number of times are consulted the time limit.It is software daemon software, text that file, which crushes module,
Shelves authorized user can carry out the whole network file crushing by mobile phone instruction.
Account authorization is carried out to data file to comprise the following steps:
Step S301, starts the control program client of mobile phone terminal, opens authenticating user identification module, reads
Third party's mobile terminal dynamic authorization code is taken, file encryption module is decrypted.
Step S302, verification of contents data click on encryption menu setecting and submit the file data for needing to encrypt,
Document and authorized order are uploaded to authorization server by Short Message Service Gateway, confirm that account with power of attorney has completed encryption.
Step S303, authorization server is received after request instruction, recording documents information, generation record sign,
Encrypted file data, synchronizing information to file monitor server are generated simultaneously.
Step S304, file monitor server initiates the whole network document monitor, attempts to open text for disabled user
Shelves information, sends short message and notifies to carry out subsequent operation to original mobile phone.
Step S305, when needing that data file is decrypted, clicks on affiliated file data, initiates decryption
Request.
Step S306, background authorization module read requests, ejection decryption dialog box passes through Short Message Service Gateway
Identifying code is sent to authorship's mobile phone.
Step S307, after being verified by dynamic authorization code, backstage, which starts, compares dynamic authorization code, such as wrong
Reason is then pointed out by mistake and error reason is sent to by authorship's mobile phone by file monitor server.
Step S308, authorship can answer short message carry out file authorizing log in or file destroy operation.
Step S309, module of file destroying reads answer short message instruction, carries out data file destruction.
The embodiment of the present invention can realize terminal control program and file authorizing server and file monitor server
It is connected, by the interconnection with carrier gateway, realizes that control the whole network user opens document behavior, so as to realize
Monitoring of the document in links.
Referring to Fig. 2, file authorizing system of the embodiment of the present invention based on telecom operators' gateway control includes
At least one user terminal, terminal control program module, telecom operators base station, telecom operators' gateway,
File monitor server, file authorizing server, at least one keeper's computer.
Terminal, terminal control program module and operator base station described in the embodiment of the present invention, carrier gateway according to
Sequence is connected.User terminal uses wireless link, telecom operators base station, telecommunications fortune with telecom operators base station
Battalion's business's gateway, file monitor server, file authorizing server pass through expired air.
File authorizing server is operated by user terminal requests information to document.When user opens document
When, the identity information of user is sent to file and awarded by file encryption control system terminal control program by backstage
Server is weighed, authorization server verified by user profile, when the discovery user is not within the scope of authority,
Then return and unsuccessfully encode, and sent the action command to original personnel's mobile phone by Short Message Service Gateway, file adds
When close control system terminal control program receives the failure coding with subscriber identity information, used to currently used
Point out unauthorized message in family.Document authorship can be by file encryption control system terminal control program to mesh
Mark user carries out mandate and logs in or assign file destination crushing instruction.After Successful authorization, user is again turned on
File, according to same flow, backstage receives and authorizes successfully code, smooth opening file and can consult document;When
When indicating that file is crushed, authorization server is issued the documents to disabled user's terminal and crushes instruction, file encryption control
System terminal control program control file processed is destroyed.
The file encryption control system major function of telecom operators' gateway control includes:
1) file encryption and the foundation of authorization service mechanism;Keeper's computer can be connected by wide area network or LAN
File authorizing server is connected to, system manager monitors the operation of file authorizing server by application server
Behavior pattern, the normal operation of real-time ensuring server cluster.When delay machine, daily record of server reports an error letter
During breath, server issues error prompting to keeper's mobile phone by Short Message Service Gateway, and keeper is within the very first time
Solve the problems, such as, meet each user and use.User terminal is connected to file authorizing by carrier gateway and taken
File is encrypted by terminal software by business device, user, and file encryption information is by wirelessly storing file
In authorization server, after file encryption success, file authorizing server will be authorized successfully by Short Message Service Gateway
Information is sent into the mobile phone of user's registration, while encryption fileinfo is synchronized into file monitor server.
2) foundation of file monitor server;The encryption fileinfo of file authorizing server sync is received, is connect
Receive each terminal and open the instruction of file, and command information is synchronized in file authorizing server.File is awarded
Weigh server and return to the result, file monitor server issues the result information by carrier gateway.
The number of users instantly of real-time statistics original personnel commission document, access times, protected time either by
Protect number of times, effectively protection number of times, the illegal opening file number of times of interception, the illegal distribution situation for opening file
Etc. information, and line detail is entered according to the requirement of client check and download.
3) customer end systems are provided, facilitate client to carry out file encryption setting at any time, complete file encryption,
Monitor flow closed loop.
Referring to Fig. 3, terminal control program module is by authenticating user identification module, file encryption module, text
Part authorization module, file destroy the part of module four composition.Various pieces all provide interface operation, facilitate user
Use.System client need to could be used normally in the case where there is internet, and otherwise prompting " opens file
Failure, network condition please be check " etc. text message.
User is logged in by registering, and is completed original personnel identity and is created.Registration required information includes:Cell-phone number
Code, login username, modification logging, and realize that mobile phone identifying code is verified by telecom operators' gateway.
User logs in is carried out after short message dynamic verification code is verified and logged in.
The original document of user terminal uploads user, is existed by operation file encryption control system terminal control program
Document information is uploaded in file authorizing server by backstage using wireless network, and document information includes:User
Account, host MAC address, file name, file size, file creation time.File authorizing is serviced
Device is received after document, according to the unique sign ID of document information generation.
File authorizing program, facilitates original self-defined authorization object, and the phone number of licensee can be set,
Authorize and open document number of times or timing information.When being authorized to object opening document, input handset number passes through
After identifying code is verified, you can open document, inspection information.Number of times is licensed when grantee exceedes
Or licensing term expires, then it can not be again turned on document and be consulted, document is to enter lock-out state, is carried
Show that user carries out authority application.Reader fills in after application information that (application information includes:Application personnel's phone
Number, application frequency of reading or time), wait original authorizing personnel.Meanwhile, it is original to receive application short message,
Agreement mandate is carried out by answer short message " Y ", answer short message " N " disagrees mandate.
By file destroy module, facilitate it is original document is controlled, can be according to applicant's information-reply " N "
Disagree mandate and carry out file destruction, document destruction operation can also be carried out by logging program backstage.
This have the advantage that:1) it can be used towards the whole network user, in different network conditions
The lower Custom Encryption for realizing document, makes shielded document both to have met the normal of user and uses, and can protect
Hinder document content rationally effective transmission controe.Document includes:WORD、TXT、PPT、EXCEL、
The multiple formats such as PDF, cover daily conventional use document format type;2) taken by operator files mandate
Business device remote control document (can authorize and log in, destroy document etc.), can control text by short message dynamic code mode
The state of shelves, meets user and conveniently protects personal knowledge property right;3) document can be monitored in real time
User and use state, by operator files monitoring server for bootlegging, the illegal reading of trial
User (including:Mobile phone, pad, personal computer etc.) alerted, while supporting remote document locking
With crushing function;4) can avoiding authorship or user, there is provided unified by various authorization message interference
Escrow function.The propagation times of the settable document of authorship, frequency of reading, reading documents time limit, reading
Person IP/MAC etc., disposable setting is done to document.
Example IV
Based on foregoing embodiment, the embodiment of the present invention provides a kind of file authorizing system, this document mandate system
System at least includes the first mobile terminal and the second mobile terminal, wherein each unit included by the first mobile terminal,
And each module included by each unit can be realized by the processor in the first mobile terminal;Second
Each unit included by mobile terminal, and each module included by each unit can pass through the second movement eventually
Processor in end is realized;Certainly it can also be realized by specific logic circuit;In the mistake of specific embodiment
Cheng Zhong, processor can be central processing unit (CPU), microprocessor (MPU), digital signal processor
Or field programmable gate array (FPGA) etc. (DSP).
Fig. 4 is the composition structural representation of the file authorizing system of the embodiment of the present invention four, as shown in figure 4, should
File authorizing system includes the first mobile terminal and the second mobile terminal, wherein the first mobile terminal 410 includes
First determining unit 411, the first transmitting element 412, the first receiving unit 413, the first judging unit 414
With first processing units 415;Second mobile terminal 420 is determined including the second determining unit the 421, the 3rd
Unit 422, ciphering unit 423, second processing unit 424, the second receiving unit the 425, the 4th determine single
The transmitting element 427 of member 426 and second, wherein:
Second determining unit 421, for determining the first file data, the use of second mobile terminal
Family is the copyright owner of first file data;
3rd determining unit 422, for determining authorization code, using the authorization code to the described first text
Number of packages evidence is encrypted;
The second processing unit 423, for uploading the first text after encryption to file server by gateway
Number of packages evidence and authorized order, the authorized order are used to show that first file data is the file after encryption;
First determining unit 411, for the first file data for determining to need to decrypt;
First transmitting element 412, for sending authorization requests, the authorization requests to file server
For asking first file data to authorizing;
Second receiving unit 424, the authorization requests for receiving file server transmission, the mandate
Ask described for asking first file data at least to be carried to authorizing, in the authorization requests
The identification information of first mobile terminal;
4th determining unit 425, for being determined to authorize according to the identification information of first mobile terminal
Response;
Second transmitting element 425, for the authorization response to be sent into the file server.
First receiving unit 413, for receiving the authorization response that the file server is sent;
First judging unit 414, for judging whether include authorization code in the authorization response, is obtained
First judged result, the authorization code is authorized for first file data, and second movement is eventually
The user at end is the copyright owner of first file data;
The first processing units 415, for according to first judged result to first file data
Handled.
In the embodiment of the present invention, the first processing units include deciphering module and reminding module, wherein:
The deciphering module, if showing that the authorization response includes mandate for first judged result
Code, first file data is decrypted using the authorization code;
The reminding module, if showing not include awarding in the authorization response for first judged result
Weighted code, points out the first information, and the first information is used to show that awarding for first file data can not be obtained
Power.
In the embodiment of the present invention, the mobile terminal also includes the second judging unit and destroys unit, wherein:
Second judging unit, for judging whether include destroying instruction, the pin in the authorization response
Ruining instruction is used to destroy first file data;
The destruction unit, if for carried in the authorization response it is described destroy instruction, using described
First file data is destroyed in small fourth finger order.
In the embodiment of the present invention, the 4th determining unit include the second determining module, first carry module and
Second carries module, wherein:
Second determining module, for determining authorization response according to the identification information of first mobile terminal
In whether carry authorization code;
Described first carries module, for if it is determined that when carrying authorization code in the authorization response, inciting somebody to action described
Authorization code is carried in the authorization response;
Described second carries module, for if it is determined that when not carrying authorization code in the authorization response, by pin
Instruction is ruined to be carried in the authorization response.
It need to be noted that be:The description of above file authorizing system embodiment, is described with the above method
It is similar, with same embodiment of the method identical beneficial effect, therefore does not repeat.For present invention system
The ins and outs not disclosed in system embodiment, those skilled in the art refer to the inventive method embodiment
Describe and understand, to save length, repeat no more here.
It should be understood that " one embodiment " or " embodiment " that specification is mentioned in the whole text means and real
Apply the relevant special characteristic of example, structure or characteristic include at least one embodiment of the present invention in.Therefore,
" in one embodiment " or " in one embodiment " occurred everywhere in entire disclosure not necessarily refers to
Identical embodiment.In addition, these specific feature, structure or characteristics can be combined in any suitable manner
In one or more embodiments.It should be understood that in various embodiments of the present invention, the sequence of above-mentioned each process
Number size be not meant to the priority of execution sequence, the execution sequence of each process should be patrolled with its function and inherence
Collect and determine, any limit is constituted without tackling the implementation process of the embodiment of the present invention.The embodiments of the present invention
Sequence number is for illustration only, and the quality of embodiment is not represented.
It should be noted that herein, term " comprising ", "comprising" or its any other variant meaning
Covering including for nonexcludability, so that process, method, article or dress including a series of key elements
Putting not only includes those key elements, but also other key elements including being not expressly set out, or also including being
This process, method, article or the intrinsic key element of device.In the absence of more restrictions, by
The key element that sentence "including a ..." is limited, it is not excluded that in the process including the key element, method, thing
Also there is other identical element in product or device.
, can in several embodiments provided herein, it should be understood that disclosed apparatus and method
To realize by another way.Apparatus embodiments described above are only schematical, for example, institute
The division of unit is stated, only a kind of division of logic function there can be other dividing mode when actually realizing,
Such as:Multiple units or component can be combined, or be desirably integrated into another system, or some features can be neglected
Slightly, or do not perform.In addition, the coupling each other of shown or discussed each part or directly coupling
Close or communication connection can be by some interfaces, the INDIRECT COUPLING or communication connection of equipment or unit, can
Be it is electrical, machinery or other forms.
The above-mentioned unit illustrated as separating component can be or may not be it is physically separate, as
The part that unit is shown can be or may not be physical location;Both a place can be located at, also may be used
To be distributed on multiple NEs;Part or all of unit therein can be selected according to the actual needs
Realize the purpose of this embodiment scheme.
In addition, each functional unit in various embodiments of the present invention can be fully integrated into a processing unit,
Can also be each unit individually as a unit, can also two or more units be integrated in one
In individual unit;Above-mentioned integrated unit can both be realized in the form of hardware, it would however also be possible to employ hardware adds soft
The form of part functional unit is realized.
One of ordinary skill in the art will appreciate that:Realize that all or part of step of above method embodiment can
To be completed by the related hardware of programmed instruction, foregoing program can be stored in embodied on computer readable storage
In medium, the program upon execution, performs the step of including above method embodiment;And foregoing storage is situated between
Matter includes:Movable storage device, read-only storage (Read Only Memory, ROM), magnetic disc or
CD etc. is various can be with the medium of store program codes.
Or, if the above-mentioned integrated unit of the present invention is realized using in the form of software function module and as independently
Production marketing or in use, can also be stored in a computer read/write memory medium.Based on so
Understanding, the part that the technical scheme of the embodiment of the present invention substantially contributes to prior art in other words can
To be embodied in the form of software product, the computer software product is stored in a storage medium, bag
Some instructions are included to so that a computer equipment (can be personal computer, server or network
Equipment etc.) perform all or part of each of the invention embodiment methods described.And foregoing storage medium bag
Include:Movable storage device, ROM, magnetic disc or CD etc. are various can be with the medium of store program codes.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited to
This, any one skilled in the art the invention discloses technical scope in, can readily occur in
Change or replacement, should all be included within the scope of the present invention.Therefore, protection scope of the present invention should
It is defined by the scope of the claims.
Claims (10)
1. a kind of file authorizing method, it is characterised in that methods described includes:
First mobile terminal determines the first file data for needing to decrypt;
First mobile terminal sends authorization requests by base station to file server, and the authorization requests are used
In request first file data to authorizing;
First mobile terminal receives the authorization response that the file server is sent;
First mobile terminal judges whether include authorization code in the authorization response, obtains the first judgement knot
Really, the authorization code is authorized for first file data, and the user of second mobile terminal is
The copyright owner of first file data;
First mobile terminal is handled first file data according to first judged result.
2. according to the method described in claim 1, it is characterised in that first mobile terminal is according to described
First judged result is handled first file data, including:
If first judged result shows that the authorization response includes authorization code, first movement is eventually
First file data is decrypted using the authorization code in end;
If first judged result shows not include authorization code in the authorization response, first movement
The terminal notifying first information, the first information is used to show that the mandate of first file data can not be obtained.
3. according to the method described in claim 1, it is characterised in that methods described also includes:
First mobile terminal judges whether include destroying instruction in the authorization response, described to destroy instruction
For destroying first file data;
Instructed if carrying described destroy in the authorization response, first mobile terminal utilizes described small
First file data is destroyed in fourth finger order.
4. a kind of file authorizing method, it is characterised in that methods described includes:
Second mobile terminal determines the first file data, and the user of second mobile terminal is the described first text
The copyright owner of number of packages evidence;
Second mobile terminal determines authorization code, and first file data is carried out using the authorization code
Encryption;
Second mobile terminal uploads the first file data after encryption to file server by base station and awarded
Power instruction, the authorized order is used to show that first file data is the file after encryption;
Second mobile terminal receives the authorization requests that file server is sent, and the authorization requests are used for please
First file data is asked at least to carry first movement to authorizing, in the authorization requests eventually
The identification information at end;
Second mobile terminal determines authorization response according to the identification information of first mobile terminal;
The authorization response is sent to the file server by second mobile terminal.
5. method according to claim 4, it is characterised in that second mobile terminal is according to described
The identification information of first mobile terminal determines authorization response, including:
Second mobile terminal according to the identification information of first mobile terminal determine in authorization response whether
Carry authorization code;
If it is determined that when carrying authorization code in the authorization response, second mobile terminal is by the authorization code
It is carried in the authorization response.
6. method according to claim 4, it is characterised in that second mobile terminal is according to described
The identification information of first mobile terminal determines authorization response, including:
If it is determined that when not carrying authorization code in the authorization response, second mobile terminal will be destroyed and instructed
It is carried in the authorization response.
7. a kind of mobile terminal, it is characterised in that the mobile terminal includes the first determining unit, the first hair
Unit, the first receiving unit, the first judging unit and first processing units are sent, wherein:
First determining unit, for the first file data for determining to need to decrypt;
First transmitting element, for sending authorization requests to file server, the authorization requests are used for
First file data is asked to authorizing;
First receiving unit, for receiving the authorization response that the file server is sent;
First judging unit, for judging whether include authorization code in the authorization response, obtains first
Judged result, the authorization code is authorized for first file data, second mobile terminal
User is the copyright owner of first file data;
The first processing units, for being carried out according to first judged result to first file data
Processing.
8. mobile terminal according to claim 7, it is characterised in that the first processing units, bag
Deciphering module and reminding module are included, wherein:
The deciphering module, if showing that the authorization response includes mandate for first judged result
Code, first file data is decrypted using the authorization code;
The reminding module, if showing not include awarding in the authorization response for first judged result
Weighted code, points out the first information, and the first information is used to show that awarding for first file data can not be obtained
Power.
9. a kind of mobile terminal, it is characterised in that the mobile terminal includes the second determining unit, the 3rd true
Order member, ciphering unit, second processing unit, the second receiving unit, the 4th determining unit and second send
Unit, wherein:
Second determining unit, for determining the first file data, the user of second mobile terminal is
The copyright owner of first file data;
3rd determining unit, for determining authorization code, using the authorization code to first number of files
According to being encrypted;
The second processing unit, for uploading the first number of files after encryption to file server by gateway
According to and authorized order, the authorized order be used for show first file data be encryption after file;
Second receiving unit, the authorization requests for receiving file server transmission, the authorization requests
For asking first file data to authorizing, described first is at least carried in the authorization requests
The identification information of mobile terminal;
4th determining unit, for determining authorization response according to the identification information of first mobile terminal;
Second transmitting element, for the authorization response to be sent into the file server.
10. mobile terminal according to claim 9, it is characterised in that the 4th determining unit bag
Include the second determining module, the first carrying module and second and carry module, wherein:
Second determining module, for determining authorization response according to the identification information of first mobile terminal
In whether carry authorization code;
Described first carries module, for if it is determined that when carrying authorization code in the authorization response, inciting somebody to action described
Authorization code is carried in the authorization response;
Described second carries module, for if it is determined that when not carrying authorization code in the authorization response, by pin
Instruction is ruined to be carried in the authorization response.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610087795.3A CN107085688A (en) | 2016-02-16 | 2016-02-16 | File authorizing method and mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610087795.3A CN107085688A (en) | 2016-02-16 | 2016-02-16 | File authorizing method and mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107085688A true CN107085688A (en) | 2017-08-22 |
Family
ID=59614454
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610087795.3A Pending CN107085688A (en) | 2016-02-16 | 2016-02-16 | File authorizing method and mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107085688A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108171077A (en) * | 2017-12-26 | 2018-06-15 | 上海展扬通信技术有限公司 | The processing method and relevant device of a kind of file |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030196114A1 (en) * | 2002-04-10 | 2003-10-16 | International Business Machines | Persistent access control of protected content |
| CN101611578A (en) * | 2006-12-18 | 2009-12-23 | Ubc媒体集团 | The method of structure and deal with data file request |
| CN103049466A (en) * | 2012-05-14 | 2013-04-17 | 深圳市朗科科技股份有限公司 | Full-text search method and system based on distributed cipher-text storage |
| CN103685162A (en) * | 2012-09-05 | 2014-03-26 | 中国移动通信集团公司 | File storing and sharing method |
| CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN104537313A (en) * | 2014-12-04 | 2015-04-22 | 苏州阔地网络科技有限公司 | Data protection method, terminal and server |
| US20150121063A1 (en) * | 2013-10-31 | 2015-04-30 | Eco-Mail Development Llc | System and method for secured content delivery |
-
2016
- 2016-02-16 CN CN201610087795.3A patent/CN107085688A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030196114A1 (en) * | 2002-04-10 | 2003-10-16 | International Business Machines | Persistent access control of protected content |
| CN101611578A (en) * | 2006-12-18 | 2009-12-23 | Ubc媒体集团 | The method of structure and deal with data file request |
| CN103049466A (en) * | 2012-05-14 | 2013-04-17 | 深圳市朗科科技股份有限公司 | Full-text search method and system based on distributed cipher-text storage |
| CN103685162A (en) * | 2012-09-05 | 2014-03-26 | 中国移动通信集团公司 | File storing and sharing method |
| US20150121063A1 (en) * | 2013-10-31 | 2015-04-30 | Eco-Mail Development Llc | System and method for secured content delivery |
| CN103973696A (en) * | 2014-05-16 | 2014-08-06 | 天地融科技股份有限公司 | Data processing method of voice communication |
| CN104537313A (en) * | 2014-12-04 | 2015-04-22 | 苏州阔地网络科技有限公司 | Data protection method, terminal and server |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108171077A (en) * | 2017-12-26 | 2018-06-15 | 上海展扬通信技术有限公司 | The processing method and relevant device of a kind of file |
| CN108171077B (en) * | 2017-12-26 | 2020-08-14 | 上海展扬通信技术有限公司 | Folder processing method and related equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8719568B1 (en) | Secure delivery of sensitive information from a non-communicative actor | |
| CN112217835B (en) | Message data processing method and device, server and terminal equipment | |
| CN112583802A (en) | Data sharing platform system and equipment based on block chain and data sharing method | |
| CN104243419B (en) | Data processing method, apparatus and system based on safety shell protocol | |
| CN102571693A (en) | Capability safety calling method, device and system | |
| CN103095457A (en) | Login and verification method for application program | |
| CN110719203A (en) | Operation control method, device and equipment of intelligent household equipment and storage medium | |
| CN110061967A (en) | Business datum providing method, device, equipment and computer readable storage medium | |
| CN105577639A (en) | Trusted device control messages | |
| CN112202773B (en) | Computer network information security monitoring and protection system based on internet | |
| CN111614686A (en) | Key management method, controller and system | |
| CN109889508A (en) | A kind of right management method and device | |
| CN108650261A (en) | Mobile terminal system software method for burn-recording based on remote encryption interaction | |
| CN112329050A (en) | File security management terminal and system | |
| CN115952552A (en) | Remote data destruction method, system and equipment | |
| CN116781359A (en) | Portal security design method using network isolation and cryptograph | |
| US20020087619A1 (en) | Method and sysem for server management platform instrumentation | |
| CN107644153A (en) | Document management method and server | |
| CN117714495A (en) | Verification cloud management system for intelligent electric meter | |
| CN107085688A (en) | File authorizing method and mobile terminal | |
| CN101847111B (en) | Terminal apparatus, data providing system, and data providing method | |
| CN110445804A (en) | A kind of safe handling protection system about outgoing document | |
| CN108347411B (en) | Unified security guarantee method, firewall system, equipment and storage medium | |
| CN109600397A (en) | A kind of network security monitoring and managing method | |
| CN111464543B (en) | Teaching information safety protection system based on cloud platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170822 |
|
| RJ01 | Rejection of invention patent application after publication |