Mobile terminal and data guard method thereof
Technical field
The present invention relates to a kind of mobile terminal, particularly relate to a kind of mobile terminal and a kind of data guard method that utilizes this mobile terminal to realize with data protection function.
Background technology
along with the continuous increase of memory span and the continuous decline of price, no matter be the mobile terminal that only has internal storage, or can expand the mobile terminal of external memory storage, its storage capacity is all in continuous rising, therefore the user has also more and more got used to the song that storage is liked oneself in mobile terminal, film, the data such as e-book and picture, in addition, in the memory that the photo that the software of taking pictures and make a video recording in mobile terminal all can automatically be taken the user and video segment deposit mobile terminal in, MSN, the chat softwares such as QQ also can be automatically deposit user's chat record in the memory of mobile terminal in.
In these data in being stored in mobile terminal, obviously some data is comparatively secret or relate to vital interests, for example some important document, private photos and video segment and chat record etc. for the user.Safety how to guarantee this part data is very important beyond doubt for the user.
Present mobile terminal mainly carries out transfer of data by dual mode and computer, a kind of is to carry out transfer of data by the synchronizing software that the mobile terminal developer provides, itunes of providing of the PC external member that provides of Nokia company or Apple company etc. for example, this class software is all generally to carry out the synchronous of file by the SyncML agreement, therefore fail safe is higher, but the slower shortcoming of transmission speed is arranged again simultaneously; Another kind of is exactly that mobile terminal is set to the mass storage pattern, and the user just can carry out read-write operation arbitrarily to mobile terminal as a USB flash disk on computers like this.
The second data transfer mode has also caused the unsafe problem of data in easy to use.When user's mobile terminal was held by illegal user, illegal user just can utilize computer directly user's significant data arbitrarily to be read and write.
Summary of the invention
The technical problem to be solved in the present invention is for the lower defective of Information Security that overcomes mobile terminal of the prior art, and a kind of mobile terminal and a kind of data guard method that utilizes this mobile terminal to realize with data protection function is provided.
The present invention solves above-mentioned technical problem by following technical proposals: a kind of mobile terminal, and it comprises a memory, and its characteristics are, and this memory comprises a read-write protection district and a read-write non-protection area, and this mobile terminal also comprises:
One character string generation module, be used for utilizing a cryptographic algorithm with IMEI number (the International Mobile Equipment Identity of this mobile terminal, the International Mobile Equipment Identity code, " the electronics string number " that is formed by 15 bit digital, corresponding one by one with every mobile device, and being that the whole world is unique) MAC Address (MediaAccess Control Address, hardware address) of the computer that is being connected with this mobile terminal is generated as a character string;
One character string writing module is used for the character string that this character string generation module generates is write in a user sightless space (that is, to the user hides thereby the user can't read and write memory space) of this mobile terminal;
One character string comparison module, whether the character string that is used for judge this character string generation module generation is identical with the character string in the sightless space of this user, if identical, allows the user to read and write, if not identical, do not allow the user to read and write;
One writable area judge module, be used for the judgement user and be and to read and write or will read and write non-protection area to this and read and write this read-write protection district, if will read and write this read-write protection district, call successively this character string generation module and this character string comparison module, read and write if will read and write non-protection area to this, allow the user to read and write;
One first connection judge module, be used for judging when this mobile terminal is connected with a computer whether this mobile terminal is to be connected with computer first, if, call successively this character string generation module and this character string writing module, then call this writable area judge module when the user will read and write this memory, if not, when will reading and writing this memory, the user calls this writable area judge module.
" read-write protection district " in the present invention refers to: the memory space that be subject to read-write protection in the memory of this mobile terminal, only has validated user just to have authority to read and write." read-write non-protection area " in the present invention refers to: be not subject to read-write protection in the memory of this mobile terminal, can carry out the arbitrarily memory space of read-write by anyone.
Judge whether this mobile terminal is the process that is connected with computer first, and the process of the MAC Address of the computer that is attached thereto of this acquisition for mobile terminal, all can realize by add corresponding function code in the driver of bottom, and writing of this code very easily realizes to those skilled in the art, do not give unnecessary details therefore at this, this part content is not done.
The user can be according to the difference of the importance of file and privacy, and secret comparatively or the file that relates to vital interests are stored in this read-write protection district, can be positioned over as for all the other files that can arbitrarily share and read and write in non-protection area.So; no matter this mobile terminal with which kind of data-transmission mode is connected with computer; illegal user all can't carry out any read-write to the agent-protected file in the read-write protection district of this mobile terminal, and user's significant data just can obtain to protect very reliably thus.
Wherein, this memory is internal storage or the external memory storage of this mobile terminal, and perhaps, this memory comprises internal storage and the external memory storage of this mobile terminal.
Preferably, this mobile terminal also comprises a connection mode judge module, is used for judging when the user will read and write this memory whether this mobile terminal is to be connected with computer with the synchronizing software pattern, if, allow the user to read and write, if not, call this writable area judge module; Be not when being connected with computer first at this mobile terminal of judgement, this first connection judge module calls this connection mode judge module when the user will read and write this memory.
Because most of synchronizing software is all to need the user to log in the rear transfer of data that just allows to carry out with legal account number, therefore this data-transmission mode is still safer in most cases.And only when this mobile terminal is connected with computer with safe not pattern; when for example being connected with computer with the mass storage pattern; just start the protection to the file in this read-write protection district, can obtain better balance between resources occupation rate and Information Security.
Wherein, this mobile terminal is mobile phone.
Preferably, this cryptographic algorithm is MD5 (a kind of hash encryption algorithm can be encrypted as the character of random length the character string of one regular length (16 bytes), and the character string that encryption generates is unique).Encrypt the length of the character string that obtains and fix, can facilitate the comparison procedure between character string and character string, thus the reduce resources occupation rate.
The present invention also aims to provide a kind of data guard method of mobile terminal, its characteristics are, this data guard method utilizes above-mentioned mobile terminal to realize, this data guard method comprises:
S
1, this mobile terminal is connected with a computer;
S
2, judge whether this mobile terminal is to be connected with computer first, if enter S
3, if not, enter S
5
S
3, utilize this cryptographic algorithm that the IMEI number of this mobile terminal and the MAC Address of this computer are generated as a character string;
S
4, with S
3This character string of middle generation writes in this user sightless space;
S
5, the user will read and write this memory;
S
6, the judgement user will read and write or will read and write non-protection area to this and read and write this read-write protection district, if will read and write this read-write protection district, enters S
7If, read and write non-protection area to this and read and write, allow the user to read and write and process ends;
S
7, utilize S
3In this cryptographic algorithm the IMEI number of this mobile terminal and the MAC Address of this computer are generated as a character string;
S
8, the judgement S
7Whether this character string of middle generation is identical with character string in this user sightless space, if identical, allows the user to read and write and process ends, if not identical, do not allow the user to read and write and process ends.
Wherein, this memory is internal storage or the external memory storage of this mobile terminal, and perhaps, this memory comprises internal storage and the external memory storage of this mobile terminal.
Preferably, at S
5With S
6Between also comprise a connection mode determining step: judge whether this mobile terminal is to be connected with this computer with the synchronizing software pattern, if, allow the user to read and write and process ends, if not, enter S
6
Wherein, this mobile terminal is mobile phone.
Preferably, this cryptographic algorithm is MD5.
Positive progressive effect of the present invention is: the present invention can carry out solid protection to the significant data in the read-write protection district of mobile terminal; thereby the illegal user who prevents this mobile terminal carries out any read-write operation to these significant datas, guarantees thus the fail safe of user's significant data.
Description of drawings
Fig. 1 is the structural representation of an embodiment of this mobile terminal of the present invention.
Fig. 2 is the flow chart of an embodiment of this data guard method of the present invention.
Embodiment
Provide preferred embodiment of the present invention below in conjunction with accompanying drawing, to describe technical scheme of the present invention in detail.
With reference to shown in Figure 1, in this mobile terminal of the present invention, its memory 1 comprises a read-write protection district 11 and a read-write non-protection area 12.In addition, this mobile terminal also comprises: a character string generation module 2, a character string writing module 3, a character string comparison module 4, a writable area judge module 5 and a first connection judge module 6.
This character string generation module 2 is used for utilizing a cryptographic algorithm, MD5 for example, and the MAC Address of the computer that the IMEI number of this mobile terminal is being connected with this mobile terminal is generated as a character string.
This character string writing module 3 is used for the character string that this character string generation module generates is write a user sightless space of this mobile terminal.
Whether the character string that this character string comparison module 4 is used for judge this character string generation module generation is identical with the character string in the sightless space of this user, if identical, allows the user to read and write, if not identical, do not allow the user to read and write.
This writable area judge module 5 is used for the judgement user and will reads and writes or will read and write non-protection area to this and read and write this read-write protection district; if will read and write this read-write protection district; call successively this character string generation module 2 and this character string comparison module 4; read and write if will read and write non-protection area to this, allow the user to read and write.
This first connection judge module 6 is used for judging when this mobile terminal is connected with a computer whether this mobile terminal is to be connected with computer first, if, call successively this character string generation module 2 and this character string writing module 3, then call this writable area judge module 5 when the user will read and write this memory, if not, when will reading and writing this memory, the user calls this writable area judge module 5.
This mobile terminal in the present invention both can be mobile phone, also can be the various mobile devices that do not have the cell phone network communication function.This memory 1 is not limited only to the internal storage of this mobile terminal, and it also can be the external memory storage of this mobile terminal, perhaps can also contain simultaneously internal storage and the external memory storage of this mobile terminal.
In addition, only also can select when this mobile terminal is not connected with computer with safest synchronizing software pattern, just start the protection to the file in this read-write protection district.At this moment, this mobile terminal also will comprise a connection mode judge module 7, and it is used for judging when the user will read and write this memory whether this mobile terminal is to be connected with computer with the synchronizing software pattern, if, allow the user to read and write, if not, call this writable area judge module 5.Therewith correspondingly, not when being connected with computer first at this mobile terminal of judgement, this first connection judge module 6 will no longer directly call but this writable area judge module 5 of indirect call when the user will read and write this memory, and namely this first connection judge module 6 will only directly call this connection mode judge module 7 this moment.
Each functional module in the present invention all can be realized in conjunction with existing software programming means under existing hardware condition, does not give unnecessary details therefore at this, its concrete methods of realizing is not all done.
Below with reference to Fig. 2, to contain situation to the deterministic process of the connection mode between this mobile terminal and computer as example, this data guard method of the present invention is elaborated.Certainly, it will be appreciated by those skilled in the art that as mentioned above, the deterministic process of this connection mode is also omissible.
Step 100, this mobile terminal is connected with a computer.
Step 101 judges whether this mobile terminal is to be connected with computer first, if, enter step 102, if not, enter step 104.
Step 102 utilizes a cryptographic algorithm mentioned above that the IMEI number of this mobile terminal and the MAC Address of this computer are generated as a character string.
Step 103 writes this character string that generates in step 102 in this user sightless space, in case the user modifies to it accidentally.
Step 104, the user begins to attempt this memory is read and write.
Step 105 judges whether this mobile terminal is to be connected with this computer with the synchronizing software pattern, if, enter step 106, if not, enter step 107.
Step 106 allows the user that this read-write protection district and this read-write non-protection area of this memory are read and write arbitrarily, and after completing read-write operation process ends.
Step 107; the judgement user is attempting this read-write protection district is read and write or attempting this read-write non-protection area is read and write; if attempting, this read-write non-protection area is read and write; enter step 108; if attempting this read-write protection district is read and write, entering step 109.
Step 108 allows the user that this read-write non-protection area of this memory is read and write arbitrarily, and after completing read-write operation process ends.
Step 109 utilizes this cryptographic algorithm in step 102 that the IMEI number of this mobile terminal and the MAC Address of this computer are generated as a character string.
Step 110, whether this character string that generates in determining step 109 is identical with character string in this user sightless space, if identical, enters step 111, if not identical, enters step 112.
Step 111 allows the user that this read-write protection district of this memory is read and write arbitrarily, and after completing read-write operation process ends.
Step 112 does not allow the user to carry out any read-write to this read-write protection district of this memory, and process ends immediately.
For example:
The IMEI number of one above-mentioned mobile terminal is 369656254587523, and the MAC Address of the computer of its validated user is 06:20:45:89:45:11.When this validated user is connected this mobile terminal for the first time with the computer of oneself, according to the md5 encryption algorithm by this IMEI number and this MAC Address calculate character string will be F8BC536F2C436968, then this character string will be written in this user sightless space of this mobile terminal.
The capacity of the memory of this mobile terminal is 2G, and wherein the capacity in read-write protection district is 512M, and the capacity of read-write non-protection area is 1536M.This validated user is put into this read-write protection district with MSN chat record msg.log and these two files of music.mp3, and voice.rmvb is put into this read-write non-protection area.
One day, this validated user need to read this file of music.mp3, so he is connected this mobile terminal with the computer of oneself, this moment this mobile terminal according to himself IMEI number and the MAC Address of this computer calculate character string be still F8BC536F2C43696, in full accord with the character string of preserving in the user of this mobile terminal sightless space, this mobile terminal can know that just the active user is validated user like this, and allows this validated user to read this file of music.mp3.
Again one day, this validated user need to read this file of voice.rmvb, so he is connected this mobile terminal with the computer of oneself, because this document is arranged in this read-write non-protection area, so this validated user will directly be allowed to this document is read.
Again one day, an illegal user has held this mobile terminal, then this mobile terminal is connected with the computer of oneself with the mass storage pattern, and wishes to read this file of msg.log.The MAC Address of supposing this computer is 54:20:55:49:45:13, this illegal user Once you begin attempts to carry out read operation, this mobile terminal just can be calculated to get character string F58C536F2FGT846 according to the IMEI number of himself and the MAC Address of this computer, and the character string F8BC536F2C43696 that preserves in this character string and the user of this mobile terminal sightless space is fully different, this mobile terminal can know that just the active user is illegal user like this, thereby refusal read-write, and this illegal user " file reads failure " of prompting.
Although more than described the specific embodiment of the present invention, it will be understood by those of skill in the art that these only illustrate, protection scope of the present invention is limited by appended claims.Those skilled in the art can make various changes or modifications to these execution modes under the prerequisite that does not deviate from principle of the present invention and essence, but these changes and modification all fall into protection scope of the present invention.