+

WO2017036345A1 - Procédé et dispositif de saisie d'informations - Google Patents

Procédé et dispositif de saisie d'informations Download PDF

Info

Publication number
WO2017036345A1
WO2017036345A1 PCT/CN2016/096787 CN2016096787W WO2017036345A1 WO 2017036345 A1 WO2017036345 A1 WO 2017036345A1 CN 2016096787 W CN2016096787 W CN 2016096787W WO 2017036345 A1 WO2017036345 A1 WO 2017036345A1
Authority
WO
WIPO (PCT)
Prior art keywords
input
environment
secret information
module
keyboard
Prior art date
Application number
PCT/CN2016/096787
Other languages
English (en)
Chinese (zh)
Inventor
严跃
程刚
乔丽莎
Original Assignee
阿里巴巴集团控股有限公司
严跃
程刚
乔丽莎
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司, 严跃, 程刚, 乔丽莎 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2017036345A1 publication Critical patent/WO2017036345A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/02Input arrangements using manually operated switches, e.g. using keyboards or dials
    • G06F3/023Arrangements for converting discrete items of information into a coded form, e.g. arrangements for interpreting keyboard generated codes as alphanumeric codes, operand codes or instruction codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements

Definitions

  • the present invention relates to the field of computer application technologies, and in particular, to an information input method and apparatus.
  • the present invention provides a method and apparatus for information input to improve the security of information input such as passwords.
  • the invention provides a method for information input, the method comprising:
  • the security input keyboard is activated and the security protection function is activated;
  • the interface of the screen capture and/or the screen capture is prohibited after the security protection function is activated.
  • an input environment for identifying confidential information includes:
  • the attribute of the input box is obtained, and the input environment of the secret information is identified according to the attribute of the input box.
  • the input environment for identifying the secret information according to the attribute of the input box includes:
  • the attribute value of the input box indicates the password password attribute
  • the input environment of the secret information is identified.
  • the security input keyboard is a password keyboard that is included in the system.
  • the method further includes:
  • the default input method keyboard is activated.
  • the method before the security input keyboard is activated and the security protection function is activated, the method further includes:
  • the method further includes:
  • the interface for prohibiting the invoking of the screen capture and/or the screen recording comprises:
  • the interface for prohibiting the invoking of the screen capture and/or the screen recording by setting the flag flag of the system window includes:
  • the flag of the window is set to flag_secure by the WindowManager.LayoutParams parameter.
  • the method further includes:
  • the secure input keyboard After identifying the input environment exiting the secret information, the secure input keyboard is closed and the security protection function is turned off.
  • the input environment for identifying the exit of the secret information includes:
  • the invention also provides an apparatus for information input, the apparatus comprising:
  • An environment identification module for identifying an input environment
  • a function startup module configured to start a security input keyboard and activate a security protection module when the environment identification module recognizes an input environment of the secret information
  • the security protection module is configured to prohibit an interface for invoking a screen capture and/or a screen recording after startup.
  • the environment identification module is configured to: after detecting that the input box obtains the focus, acquire the attribute of the input box, and identify the secret information according to the attribute of the input box. Enter the environment.
  • the environment recognition module when the environment identification module identifies the input environment of the secret information according to the attribute of the input box, the environment recognition module specifically executes:
  • the attribute value of the input box indicates the password password attribute
  • the input environment of the secret information is identified.
  • the security input keyboard is a password keyboard that is included in the system.
  • the function activation module is further configured to activate a default input method keyboard when the environment recognition module recognizes an input environment of non-confidential information.
  • the device further comprises:
  • a determining module configured to determine, when the environment identification module identifies an input environment of the secret information, whether the input environment of the secret information belongs to a legal application
  • the function startup module executes the operation of starting the security input keyboard and starting the security protection module when the determination result of the determination module is YES.
  • the function starting module is further configured to prohibit starting any input method keyboard when the judgment result of the determining module is negative, and/or prompting the user to have an input risk.
  • the function startup module specifically executes when the interface of the screen capture and/or the screen capture is prohibited from being invoked:
  • the function execution module specifically executes:
  • the flag of the window is set to flag_secure by the WindowManager.LayoutParams parameter.
  • the device further comprises:
  • a function closing module configured to close the security input keyboard and close the security protection module after the environment identification module recognizes an input environment that exits the secret information.
  • the environment recognition module after detecting that the input box loses focus, the environment recognition module identifies an input environment for exiting the secret information.
  • the present invention activates the security input keyboard and activates the security protection module to recognize the interface of the screen capture and/or the screen recording when the input environment of the secret information is recognized.
  • the security input keyboard uses a secure input keyboard to prevent malware from stealing information by listening to the keyboard.
  • security protection to prevent malware from stealing information through screen capture or screen recording, and improve confidential information such as passwords. Input security.
  • FIG. 1 is a flowchart of a method according to an embodiment of the present invention
  • FIG. 2a is a schematic diagram of an application interface according to an embodiment of the present invention.
  • FIG. 2b is a diagram showing an example of a non-confidential information input scenario on the application interface shown in FIG. 2a;
  • FIG. 2c is a diagram showing an example of an input scenario of secret information on the application interface shown in FIG. 2a;
  • FIG. 3 is a structural diagram of a device according to an embodiment of the present invention.
  • the core idea of the present invention is to activate a secure input keyboard and activate a security protection function when the input environment of the secret information is recognized, wherein the interface of the screen capture and/or the screen recording is prohibited after the security protection function is activated. This process is mainly performed at the system level.
  • the identification of the input environment is mainly to judge the input component of this type, that is, the input environment for identifying the confidential information according to the attribute of the input box. For other types of components, if there is also a security requirement, it can be handled in a similar manner.
  • an input environment for identifying confidential information may be identified depending on the attributes of the button (eg, the button's text attribute indicates a button such as "login” or "register”). The following embodiments are described by taking an input box as an example.
  • the identification of the input environment can be judged from the page in addition to the component. For example, for a page that needs security protection, an execution function (JavaScript) can be inserted in advance, and the page is actively issued when the execution function is executed. Information that requires security. Once the information is received, the input environment identifying the page as confidential information is identified.
  • JavaScript JavaScript
  • FIG. 1 is a flowchart of a method according to an embodiment of the present invention. As shown in FIG. 1, the process may include the following steps:
  • the attribute of the input box is obtained.
  • an onfocus event is generated, so if the onfocus event generated by the input box component is captured, it is determined that the input box is detected to be in focus.
  • the input box component has a certain type, and if the type value is indicated as a password attribute, the input box is used for password input, which belongs to the input environment of the secret information involved in the present invention.
  • the present invention is not limited to password input, and can also be used for inputting other secret information.
  • the type value may also indicate other attributes, or a type value may be defined in advance to indicate the need. Enter the confidential information. In the embodiment of the present invention, only the password input is taken as an example for description.
  • the judgment of this step is actually an input environment for judging whether the input environment is confidential information.
  • the default input keyboard here can be a third-party input method set by the user, or it can be the input method that comes with the system.
  • This step is to determine whether the input environment of the confidential information is a legitimate application.
  • the legal application information may be preset in a whitelist manner, or some illegal application information may be preset by using a blacklist. Then, the input box is obtained.
  • Application information such as one or any combination of the package name, version, size, etc. of the application, and then using a preset whitelist or blacklist to determine the Whether the application information is legal.
  • the method for judging the validity of the application is only an example. In an actual application, the application may be determined in a plurality of manners, for example, obtaining the publisher information of the application, and determining the blacklist or whitelist of the application publisher.
  • the software scans the application to determine whether the application is legal. If the scan finds that the application has an illegal call to the system function, the application is considered illegal.
  • the main purpose of performing step 104 is to further improve the security of information input. If it is an illegal application, the information input security protection can be further enhanced (as described in step 105 below). Therefore, the present application does not determine whether the application is determined.
  • the legal method is specifically limited. According to the actual situation, the legal or illegal judgment methods of various applications can be defined, and will not be enumerated here.
  • the application in which the input box is located is an illegal application
  • the application may be at risk of stealing user information. It is forbidden to activate any input method keyboard so that the user cannot continue to input information, thereby ensuring that the confidential information is not stolen. Prompting the user to have an input risk may also cause the user to no longer input information, thereby ensuring that the confidential information is not stolen. Therefore, it is possible to adopt any one of prohibiting the activation of any input method keyboard and prompting the user to have an input risk, or as shown in this step, two processes are simultaneously employed.
  • the secure input keyboard is activated and the security protection function is activated.
  • the security input keyboard activated in this step can be the password keyboard that comes with the system, or it can be a third-party input method keyboard that has been safely verified and confirmed to be secure.
  • the security feature is a system-level feature that, when launched, prohibits any application from invoking the screen capture and/or screen capture interface, and also prohibits any other system-level functions from invoking screenshots and/or screen capture commands and/or screen captures and/or Screen recording interface.
  • the security protection function can disable the interface of the screen capture and/or the screen capture by acquiring the system window and setting the flag of the system window.
  • the get system window can pass the function getWindow() is implemented to get the current system window.
  • Setting the flag of the system window can be implemented by the function setFlags() or addFlags().
  • the flag of the window can be set to flag_secure through the WindowManager.LayoutParams parameter. which is:
  • the security input keyboard is turned off and the security protection function is turned off.
  • the security protection function can be turned off, so that the screen capture software or the screen recording software can restore the function, so that the screen capture and screen recording functions are shielded only when the secret information is input, thereby minimizing the normal function of the screen capture software or the screen recording software.
  • the foregoing manner provided by the embodiments of the present invention may be applied to a mobile device, and may also be applied to a fixed device such as a PC.
  • a page as shown in FIG. 2a appears in the application A, and the user needs to fill in the content in the input box corresponding to each item.
  • the information such as the user name, email address, and delivery address are not confidential, and only the password is information that needs to be kept secret.
  • the user clicks on the input box corresponding to the user name it is determined according to the attribute of the input box that the password attribute is not indicated, so the default input method keyboard is directly started, as shown in FIG. 2b.
  • the password attribute is determined according to the attribute of the input box, that is, the input environment of the secret information, and the information of the application A is further obtained, for example, the package name, version number, size, and the like of the application A, Compare with each application information in the preset whitelist, and add to determine that the application A is a legitimate application, then start the system's own password keyboard and activate the security protection function, as shown in Figure 2c.
  • the screen capture and screen recording functions are disabled.
  • FIG. 3 is a structural diagram of a device according to an embodiment of the present invention. As shown in FIG. 3, the device may include The environment identification module 01, the function startup module 02, and the security protection module 03 may further include a determination module 04 and a function shutdown module 05.
  • the main functions of each component are as follows:
  • the environment identification module 01 is responsible for recognizing the input environment.
  • the identification of the input environment is mainly to judge the component of the input frame, that is, the input environment for identifying the confidential information according to the attribute of the input box. For other types of components, if there is also a security requirement, it can be handled in a similar manner.
  • the environment identification module 01 may acquire the attribute of the input box after detecting that the input box obtains the focus, and identify the input environment of the secret information according to the attribute of the input box. If the attribute value of the input box indicates the password attribute, the input environment of the secret information is identified. Wherein, when the user clicks on the input box to prepare for input, an onfocus event is generated, so if the onfocus event generated by the input box component is captured, it is determined that the input box is detected to obtain the focus.
  • the present invention is not limited to password input, and can also be used for inputting other secret information. If the input box is used for inputting other secret information, the attribute value may also correspond to other attributes.
  • the function startup module 02 is responsible for starting the security input keyboard and starting the security protection module when the environment identification module 01 recognizes the input environment of the secret information.
  • the security input keyboard can be the password keyboard that comes with the system, or it can be a third-party input method keyboard that has been safely verified and confirmed to be secure.
  • the function launch module 02 can activate a default input method keyboard. For example, if the current input box is not used to input a password, no additional security protection is required, and the default input method is used for information input, so the default input method keyboard is started.
  • the default input keyboard here can be a third-party input method set by the user, or it can be the input method that comes with the system.
  • the security protection module 03 is responsible for prohibiting the call screen and/or screen recording interface from being activated after startup.
  • the security protection module 03 is a system-level module that, upon startup, prohibits any application from invoking an interface for screen capture and/or screen recording, and also prohibits any other system-level module from invoking a screen capture and/or after receiving a screen capture and/or screen recording command. / or screen recording interface.
  • the determining module 04 may first determine whether the input environment of the secret information belongs to a legitimate application.
  • the function startup module 02 performs an operation of starting the security input keyboard and starting the security protection module 03;
  • the judgment result of the judgment module 04 is NO, the function start module 02 prohibits starting any input method keyboard, and/or prompts the user to have an input risk.
  • the determining unit 04 may preset some legal application information by using a white list in advance, or preset some illegal application information by using a blacklist manner; and then obtain an application where the input box is located.
  • the information for example, one or any combination of the package name, version, size, and the like of the application, and then uses the preset whitelist or blacklist to determine whether the application information is legal.
  • the function startup module 02 can acquire the system window when the interface for capturing the screen capture and/or the screen recording is prohibited, and the interface of the screen capture and/or the screen capture is prohibited by setting the flag flag of the system window.
  • the get system window can be implemented by the function getWindow() to get the current system window.
  • Setting the flag of the system window can be implemented by the function setFlags() or addFlags(). In the specific setting, the flag of the window can be set to flag_secure through the WindowManager.LayoutParams parameter. which is:
  • the environment recognition module 01 recognizes the input environment for exiting the secret information, for example, the environment recognition module 01 detects that the input box loses focus, and recognizes the input environment for exiting the secret information.
  • the function closing module 05 can close the security input keyboard, and can close the security protection module, so that the screen capture software or the screen recording software can restore the function, so that the screen capture and the screen recording function are actually blocked only when the secret information is input. Minimize the impact on the normal function of screen capture software or screen recording software.
  • the disclosed apparatus and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division, and the actual implementation may have another division manner.
  • each functional unit in various embodiments of the present invention may be integrated in one processing unit
  • each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
  • the above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium.
  • the above software functional unit is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to perform the methods of the various embodiments of the present invention. Part of the steps.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • User Interface Of Digital Computer (AREA)
  • Document Processing Apparatus (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

L'invention concerne un procédé et un dispositif de saisie d'informations. Le procédé consiste : lorsqu'un environnement de saisie d'informations confidentielles est détecté, à activer un clavier de saisie sécurisée et à permettre une fonction de protection de sécurité, lorsque la fonction de protection de sécurité est activée, l'appel d'interfaces pour une capture d'écran et/ou un enregistrement d'écran étant empêché. Lorsque l'environnement de saisie d'informations confidentielles est détecté, le procédé active le clavier de saisie sécurisée et un module de protection de sécurité pour empêcher l'appel des interfaces pour une capture d'écran et/ou un enregistrement d'écran, ce qui empêche un programme malveillant de voler des informations par capture d'écran ou par un enregistrement d'écran et permet d'améliorer la sécurité lors la saisie d'informations confidentielles telles que des mots de passe.
PCT/CN2016/096787 2015-09-02 2016-08-25 Procédé et dispositif de saisie d'informations WO2017036345A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510552192.1 2015-09-02
CN201510552192.1A CN106485170A (zh) 2015-09-02 2015-09-02 一种信息输入方法和装置

Publications (1)

Publication Number Publication Date
WO2017036345A1 true WO2017036345A1 (fr) 2017-03-09

Family

ID=58186700

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/096787 WO2017036345A1 (fr) 2015-09-02 2016-08-25 Procédé et dispositif de saisie d'informations

Country Status (2)

Country Link
CN (1) CN106485170A (fr)
WO (1) WO2017036345A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114612272A (zh) * 2022-03-14 2022-06-10 黑龙江省格趣科技有限公司 一种基于信息安全大数据的安全防护系统及方法
CN115167747A (zh) * 2021-03-18 2022-10-11 华为技术有限公司 截屏方法、电子设备及存储介质

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107180204A (zh) * 2017-07-04 2017-09-19 惠州Tcl移动通信有限公司 一种防止信息被盗的方法、存储设备及移动终端
CN108133137B (zh) * 2017-12-13 2021-11-23 北京奇虎科技有限公司 智能终端中的界面安全性检测方法和装置
CN108664804A (zh) * 2018-05-22 2018-10-16 深圳乐信软件技术有限公司 一种信息的输入方法、装置、终端及存储介质
CN111310248B (zh) * 2020-01-22 2022-07-01 维沃移动通信有限公司 隐私保护方法及电子设备
CN115185448A (zh) * 2022-07-21 2022-10-14 中国银行股份有限公司 虚拟数字键盘的布局生成方法、装置、电子设备及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103076988A (zh) * 2012-12-28 2013-05-01 银联商务有限公司 一种密码输入方法及装置
US20140101772A1 (en) * 2012-10-05 2014-04-10 Panasonic Corporation Input method, input apparatus, and input program
CN103853993A (zh) * 2014-03-26 2014-06-11 联想(北京)有限公司 一种信息处理方法及电子设备
CN104281272A (zh) * 2013-07-11 2015-01-14 北京数码视讯科技股份有限公司 密码输入处理方法及装置

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8151324B2 (en) * 2007-03-16 2012-04-03 Lloyd Leon Burch Remotable information cards
CN103268447B (zh) * 2013-05-10 2016-03-02 广东欧珀移动通信有限公司 一种防钓鱼方法及系统
CN104281950A (zh) * 2013-07-11 2015-01-14 腾讯科技(深圳)有限公司 提高电子支付安全性的方法及装置
CN104899528A (zh) * 2015-05-06 2015-09-09 深圳市小兵智能科技有限公司 基于触摸屏的安全输入方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140101772A1 (en) * 2012-10-05 2014-04-10 Panasonic Corporation Input method, input apparatus, and input program
CN103076988A (zh) * 2012-12-28 2013-05-01 银联商务有限公司 一种密码输入方法及装置
CN104281272A (zh) * 2013-07-11 2015-01-14 北京数码视讯科技股份有限公司 密码输入处理方法及装置
CN103853993A (zh) * 2014-03-26 2014-06-11 联想(北京)有限公司 一种信息处理方法及电子设备

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115167747A (zh) * 2021-03-18 2022-10-11 华为技术有限公司 截屏方法、电子设备及存储介质
CN114612272A (zh) * 2022-03-14 2022-06-10 黑龙江省格趣科技有限公司 一种基于信息安全大数据的安全防护系统及方法
CN114612272B (zh) * 2022-03-14 2022-10-14 黑龙江省格趣科技有限公司 一种基于信息安全大数据的安全防护系统及方法

Also Published As

Publication number Publication date
CN106485170A (zh) 2017-03-08

Similar Documents

Publication Publication Date Title
WO2017036345A1 (fr) Procédé et dispositif de saisie d'informations
US10788984B2 (en) Method, device, and system for displaying user interface
US10791126B2 (en) System and methods for protecting users from malicious content
KR102307665B1 (ko) 신원 인증
CN105519038B (zh) 用户输入的数据保护方法及系统
CN112513857A (zh) 可信执行环境中的个性化密码安全访问控制
CN113315637B (zh) 安全认证方法、装置及存储介质
WO2014121714A1 (fr) Procédé, dispositif et système de traitement de message dans une barre de notification
CN104268476B (zh) 一种运行应用程序的方法
WO2016015680A1 (fr) Procédé et appareil de détection de sécurité pour fenêtre d'entrée d'un terminal mobile
CN104820805B (zh) 一种用户身份识别卡信息防盗的方法及装置
CN104361281B (zh) 一种安卓平台钓鱼攻击的解决方法
WO2017084569A1 (fr) Procédé d'acquisition de justificatif de connexion dans un terminal intelligent, terminal intelligent, et systèmes d'exploitation
US20170201528A1 (en) Method for providing trusted service based on secure area and apparatus using the same
CN106897629A (zh) 终端应用的控制方法及终端
EP3336734B1 (fr) Terminal mobile, procédé et appareil d'appel sécurisé d'informations d'empreintes digitales
CN113836529A (zh) 进程检测方法、装置、存储介质以及计算机设备
WO2016180234A1 (fr) Procédé et appareil de construction d'environnement sécurisé
CN106529232A (zh) 开机启动方法及装置
CN105306691A (zh) 一种个人信息的保护方法及终端
CN105631666B (zh) 安全移动支付方法、安全移动支付系统和终端
Hutchinson et al. Forensic analysis of spy applications in android devices
WO2016165537A1 (fr) Procédé et appareil de commande de terminal intelligent
WO2016026333A1 (fr) Procédé de protection de données, dispositif et support de stockage en connexion entre un terminal et pc
TW201828142A (zh) 資訊輸入方法和裝置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16840774

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16840774

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载