Anti-screenshot processing method, computing device and readable storage medium
阅读说明:本技术 一种防截屏处理方法、计算设备及可读存储介质 (Anti-screenshot processing method, computing device and readable storage medium ) 是由 邸国良 于 2021-07-23 设计创作,主要内容包括:本发明公开了一种防截屏处理方法,在计算设备中执行,计算设备中运行有操作系统,操作系统上运行有一个或多个应用程序,该方法包括:当接收到第一进程发送的防截屏开启指令时,开启防截屏功能;当接收到第二进程发送的防截屏关闭指令时,判断当前是否存在已开启防截屏功能的其他进程;若存在已开启防截屏功能的其他进程,则继续保持防截屏功能的开启状态;若不存在已开启防截屏功能的其他进程,则关闭防截屏功能。本发明一并公开了相应的计算设备及可读存储介质。本发明的防截屏处理方法既能保证涉密文档的安全性,还不会影响用户对非涉密文档的正常截屏。(The invention discloses an anti-screenshot processing method, which is executed in computing equipment, wherein an operating system runs in the computing equipment, and one or more application programs run on the operating system, and the method comprises the following steps: when receiving an anti-screenshot starting instruction sent by a first process, starting an anti-screenshot function; when receiving an anti-screenshot closing instruction sent by a second process, judging whether other processes with an anti-screenshot function started exist at present; if other processes with the screen capture prevention function started exist, the starting state of the screen capture prevention function is continuously kept; and if no other processes with the screen capture prevention function started exist, closing the screen capture prevention function. The invention also discloses corresponding computing equipment and a readable storage medium. The anti-screenshot processing method can ensure the security of the confidential documents and cannot influence the normal screenshot of the non-confidential documents by the user.)
1. An anti-screenshot processing method adapted to be executed in a computing device having an operating system running thereon one or more application programs, the method comprising:
when receiving an anti-screenshot starting instruction sent by a first process, starting an anti-screenshot function, wherein the first process is a process corresponding to an application program of which a window displays a confidential document;
when receiving an anti-screenshot closing instruction sent by a second process, judging whether other processes with an anti-screenshot function started exist at present, wherein the second process is a process corresponding to an application program for performing preset operation on a confidential document displayed on a window, and the preset operation comprises a hiding operation and a closing operation;
if other processes with the screen capture prevention function started exist, the starting state of the screen capture prevention function is continuously kept;
and if no other processes with the screen capture prevention function started exist, closing the screen capture prevention function.
2. The method of claim 1, wherein the step of turning on the anti-screenshot function when receiving the anti-screenshot turning-on command sent by the first process comprises:
when receiving an anti-screenshot starting instruction sent by a first process, judging whether the first process has the authority of starting an anti-screenshot function;
and if the first process has the authority of starting the anti-screenshot function, starting the anti-screenshot function.
3. The method according to claim 1 or 2, wherein the step of judging whether other processes with the screen capture prevention function turned on exist currently when receiving the screen capture prevention turn-off instruction sent by the second process comprises:
when receiving an anti-screenshot closing instruction sent by a second process, judging whether the second process has the permission of closing the anti-screenshot function;
and if the second process has the permission of closing the anti-screenshot function, judging whether other processes with the anti-screenshot function opened exist at present.
4. The method as claimed in claim 2 or 3, wherein the computing device stores therein a first list for recording names of processes having a right to set the anti-screenshot function, so as to determine whether the corresponding process has a right to turn on or off the anti-screenshot function based on the first list.
5. The method of any of claims 1-4, wherein a second list of process numbers for recording that the anti-screenshot function has been turned on is stored in the computing device, the method further comprising, when the anti-screenshot function is turned on:
storing a process number of the first process in the second list.
6. The method of claim 5, wherein the step of determining whether there is currently another process that has turned on the anti-screenshot function comprises:
judging whether the second list only comprises the process number of the second process at present;
if the second list only comprises the process number of the second process, judging that other processes with the screen capture prevention function started do not exist currently;
and if the second list currently comprises process numbers of other processes besides the second process, judging that other processes with the screen capture prevention function started exist currently.
7. The method of claim 5 or 6, wherein when determining whether there is currently another process that has turned on the anti-screenshot function, the method further comprises:
removing the process number of the second process from the second list.
8. The method of any one of claims 1 to 7, wherein the anti-screenshot turn-on command and the anti-screenshot turn-off command are received through a switch control interface registered in the dbus bus.
9. A computing device, comprising:
at least one processor; and
a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the program instructions comprising instructions for performing the method of any of claims 1-8.
10. A readable storage medium storing program instructions that, when read and executed by a computing device, cause the computing device to perform the method of any of claims 1-8.
Technical Field
The invention relates to the field of computers, in particular to an anti-screenshot processing method, computing equipment and a readable storage medium.
Background
In recent years, with the rapid development of enterprise informatization, the problem of potential safety hazard of electronic documents inside enterprises is increasingly prominent. Based on this, a series of schemes for protecting documents from the content of the documents being transmitted out follow, such as anti-screen-capture technology.
However, the granularity of control of existing anti-screenshot technologies can only be application specific. In particular, protected application open content prohibits user screenshots, and unprotected application open content permits user screenshots. Obviously, when the confidential document is opened by the unprotected application, the user can still capture the screen normally, and the security of the confidential document cannot be ensured. When the non-confidential document is opened by the protected application, the user cannot capture the screen, and the use of the user is influenced.
Therefore, a new anti-screenshot processing method is needed to solve the above problem.
Disclosure of Invention
To this end, the present invention provides an anti-screenshot processing method, a computing device and a readable storage medium in an attempt to solve or at least alleviate the above-presented problems.
According to one aspect of the present invention, there is provided an anti-screenshot processing method executed in a computing device having an operating system running thereon and one or more application programs running thereon, the method including: when receiving an anti-screenshot starting instruction sent by a first process, starting an anti-screenshot function, wherein the first process is a process corresponding to an application program of which a window displays a confidential document; when receiving an anti-screenshot closing instruction sent by a second process, judging whether other processes with an anti-screenshot function started exist at present, wherein the second process is a process corresponding to an application program for performing preset operation on a confidential document displayed on a window, and the preset operation comprises a hiding operation and a closing operation; if other processes with the screen capture prevention function started exist, the starting state of the screen capture prevention function is continuously kept; and if no other processes with the screen capture prevention function started exist, closing the screen capture prevention function.
Optionally, in the method for processing screen capture prevention according to the present invention, when receiving a screen capture prevention start instruction sent by a first process, the step of starting the screen capture prevention function includes: when receiving an anti-screenshot starting instruction sent by a first process, judging whether the first process has the authority of starting an anti-screenshot function; and if the first process has the authority of starting the anti-screenshot function, starting the anti-screenshot function.
Optionally, in the screenshot prevention processing method according to the present invention, when receiving a screenshot blocking prevention instruction sent by a second process, the step of determining whether there is another process having a screenshot prevention function already started at present includes: when receiving an anti-screenshot closing instruction sent by a second process, judging whether the second process has the authority of closing the anti-screenshot function; and if the second process has the permission of closing the anti-screenshot function, judging whether other processes with the anti-screenshot function opened exist at present.
Optionally, in the anti-screenshot processing method according to the present invention, a first list for recording names of processes having an authority to set the anti-screenshot function is stored in the computing device, so as to determine whether the corresponding process has an authority to turn on or off the anti-screenshot function based on the first list.
Optionally, in the method for processing anti-screenshot according to the present invention, a second list for recording a process number of the anti-screenshot function that is turned on is stored in the computing device, and when the anti-screenshot function is turned on, the method further includes: the process number of the first process is stored in a second list.
Optionally, in the method for processing screen capture prevention according to the present invention, the step of determining whether there is another process with the screen capture prevention function already started includes: judging whether the second list only comprises the process number of the second process at present; if the second list only comprises the process number of the second process, judging that other processes with the screen capture prevention function started do not exist at present; and if the second process in the second list also comprises the process numbers of other processes besides the second process, judging that other processes with the screen capture prevention function started exist currently.
Optionally, in the method for processing screen capture prevention according to the present invention, when it is determined whether there is another process that has started the screen capture prevention function at present, the method further includes: the process number of the second process is removed from the second list.
Alternatively, in the screen capture prevention processing method according to the present invention, the screen capture prevention on command and the screen capture prevention off command are received through a switch control interface registered in the dbus bus.
Optionally, in the screen capture prevention processing method according to the present invention, the method further includes: monitoring abnormal exit of the processes in the second list; when the third process in the second list is monitored to be abnormally exited, removing the process number of the third process from the second list, and judging whether the second list is an empty list currently; if the second list is an empty list currently, the screen capture prevention function is closed; and if the second list is not an empty list currently, continuing to keep the starting state of the anti-screenshot function.
Optionally, in the screen capture prevention processing method according to the present invention, the step of monitoring abnormal exit of the process in the second list includes: regularly detecting whether each process in the second list exists in a current process directory of the computing equipment or not; and if the third process is detected not to exist in the current process directory of the computing device, judging that the third process is abnormally exited.
Optionally, in the anti-screenshot processing method according to the present invention, when the anti-screenshot function is turned on, the method further includes: when it is monitored that a user operates a certain screenshot tool to capture a screen, judging whether the screenshot tool is the screenshot tool to be intercepted or not; if the screenshot tool is the screenshot tool to be intercepted, intercepting the screenshot function in the screenshot tool through a pre-registered hook function to prohibit a user from screenshot, wherein the hook function is registered in a dynamic library pre-loaded by the screenshot tool.
Optionally, in the anti-screenshot processing method according to the present invention, a third list for recording names of the screenshot tools to be intercepted is stored in the computing device, so as to determine whether the screenshot tool is the screenshot tool to be intercepted based on the third list.
According to yet another aspect of the invention, there is provided a computing device comprising: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the program instructions comprising instructions for performing the anti-screenshot processing method according to the present invention.
According to still another aspect of the present invention, there is provided a readable storage medium storing program instructions that, when read and executed by a computing device, cause the computing device to perform an anti-screenshot processing method according to the present invention.
According to the anti-screenshot processing method, when an anti-screenshot starting instruction sent by a process corresponding to an application program of which the window displays the confidential document is received, the anti-screenshot function is started. When an anti-screenshot closing instruction sent by a process corresponding to an application program for performing preset operation on a confidential document displayed on a window is received, judging whether other processes with an anti-screenshot function are started currently. And if other processes with the screen capture prevention function started exist, continuing to keep the starting state of the screen capture prevention function. And if no other processes with the screen capture prevention function started exist, closing the screen capture prevention function. Therefore, the control granularity of the anti-screenshot processing method can be specific to the confidential documents. When the application program window displays the confidential document, the screen capture prevention function is in an open state, and the other time is in a closed state. Therefore, the screen capture prevention processing method can ensure the security of the confidential documents and cannot influence the normal screen capture of the user on the non-confidential documents.
Drawings
To the accomplishment of the foregoing and related ends, certain illustrative aspects are described herein in connection with the following description and the annexed drawings, which are indicative of various ways in which the principles disclosed herein may be practiced, and all aspects and equivalents thereof are intended to be within the scope of the claimed subject matter. The above and other objects, features and advantages of the present disclosure will become more apparent from the following detailed description read in conjunction with the accompanying drawings. Throughout this disclosure, like reference numerals generally refer to like parts or elements.
FIG. 1 shows a block diagram of a computing device 100, according to one embodiment of the invention;
FIG. 2 illustrates a flow diagram of an anti-screenshot processing method 200 according to one embodiment of the present invention;
FIG. 3 illustrates a flow diagram of an anti-screenshot processing method 300 upon detecting an abnormal exit of a third process in accordance with one embodiment of the present invention;
FIG. 4 shows a schematic diagram of a method 400 of inhibiting user screenshots, in accordance with another embodiment of the present invention;
FIG. 5 shows a schematic diagram of an anti-screenshot processing method 500 according to another embodiment of the invention;
FIG. 6 is a diagram illustrating a method 600 for monitoring process exception exits in a screen shot prevention whitelist according to another embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
FIG. 1 shows a block diagram of a computing device 100, according to one embodiment of the invention. It should be noted that the computing device 100 shown in fig. 1 is only an example, and in practice, the computing device for implementing the anti-screenshot processing method of the present invention may be any type of device, and the hardware configuration thereof may be the same as that of the computing device 100 shown in fig. 1 or different from that of the computing device 100 shown in fig. 1. In practice, the computing device for implementing the anti-screenshot processing method of the present invention may add or delete hardware components of the computing device 100 shown in fig. 1, and the present invention does not limit the specific hardware configuration of the computing device.
As shown in FIG. 1, in a basic configuration 102, a computing device 100 typically includes a system memory 106 and one or more processors 104. A memory bus 108 may be used for communication between the processor 104 and the system memory 106.
Depending on the desired configuration, the processor 104 may be any type of processing, including but not limited to: a microprocessor (μ P), a microcontroller (μ C), a Digital Signal Processor (DSP), or any combination thereof. The processor 104 may include one or more levels of cache, such as a level one cache 110 and a level two cache 112, a processor core 114, and registers 116. The example processor core 114 may include an Arithmetic Logic Unit (ALU), a Floating Point Unit (FPU), a digital signal processing core (DSP core), or any combination thereof. The example memory controller 118 may be used with the processor 104, or in some implementations the memory controller 118 may be an internal part of the processor 104.
Depending on the desired configuration, system memory 106 may be any type of memory, including but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. The physical memory in the computing device is usually referred to as a volatile memory RAM, and data in the disk needs to be loaded into the physical memory to be read by the processor 104. System memory 106 may include an operating system 120, one or more applications 122, and program data 124. In some implementations, the application 122 can be arranged to execute instructions on an operating system with program data 124 by one or more processors 104. Operating system 120 may be, for example, Linux, Windows, etc., which includes program instructions for handling basic system services and performing hardware dependent tasks. The application 122 includes program instructions for implementing various user-desired functions, and the application 122 may be, for example, but not limited to, a browser, instant messenger, a software development tool (e.g., an integrated development environment IDE, a compiler, etc.), and the like. When the application 122 is installed into the computing device 100, a driver module may be added to the operating system 120.
When the computing device 100 is started, the processor 104 reads program instructions of the operating system 120 from the system memory 106 and executes them. The application 122 runs on top of the operating system 120, utilizing the operating system 120 and interfaces provided by the underlying hardware to implement various user-desired functions. When the user launches the application 122, the application 122 is loaded into the system memory 106, and the processor 104 reads and executes the program instructions of the application 122 from the system memory 106.
The computing device 100 also includes a storage device 132, the storage device 132 including removable storage 136 and non-removable storage 138, the removable storage 136 and the non-removable storage 138 each connected to the storage interface bus 134.
Computing device 100 may also include an interface bus 140 that facilitates communication from various interface devices (e.g., output devices 142, peripheral interfaces 144, and communication devices 146) to the basic configuration 102 via the bus/interface controller 130. The example output device 142 includes a graphics processing unit 148 and an audio processing unit 150. They may be configured to facilitate communication with various external devices, such as a display or speakers, via one or more a/V ports 152. Example peripheral interfaces 144 may include a serial interface controller 154 and a parallel interface controller 156, which may be configured to facilitate communication with external devices such as input devices (e.g., keyboard, mouse, pen, voice input device, touch input device) or other peripherals (e.g., printer, scanner, etc.) via one or more I/O ports 158. An example communication device 146 may include a network controller 160, which may be arranged to facilitate communications with one or more other computing devices 162 over a network communication link via one or more communication ports 164.
A network communication link may be one example of a communication medium. Communication media may typically be embodied by computer readable instructions, data structures, program modules, and may include any information delivery media, such as carrier waves or other transport mechanisms, in a modulated data signal. A "modulated data signal" may be a signal that has one or more of its data set or its changes made in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired network or private-wired network, and various wireless media such as acoustic, Radio Frequency (RF), microwave, Infrared (IR), or other wireless media. The term computer readable media as used herein may include both storage media and communication media.
In a computing device 100 according to the present invention, the application 122 includes instructions for performing the anti-screenshot processing method 200 of the present invention, which may instruct the processor 104 to perform the anti-screenshot processing method of the present invention. It will be appreciated by those skilled in the art that the application 122 may include other applications 126 for implementing other functions in addition to instructions for performing the anti-screenshot processing method 200.
FIG. 2 illustrates a flow diagram of an anti-screenshot processing method 200 in accordance with one embodiment of the present invention, the method 200 adapted to be executed in a computing device (e.g., the computing device 100 shown in FIG. 1). An operating system runs in the computing device, and one or more application programs run on the operating system.
At this point, the identification of the confidential documents in the present invention is performed by the application itself. Specifically, when a certain application window displays a document, the application determines whether the document displayed in the current window includes a confidential document. The document displayed in the current window of the application program refers to a document which can be seen by human eyes of a user.
And if the document displayed in the current window contains a confidential document, the application program sends an anti-screenshot starting instruction. That is, only when the application window displays a confidential document, the application will send an anti-screenshot open instruction. And when the confidential documents displayed on a certain application program window are all hidden or closed (the hidden confidential documents comprise the confidential documents are minimized and the confidential documents are blocked by other upper-layer documents), the application program also sends a screen capture prevention closing instruction. That is, when the confidential documents displayed on the application window are minimized or closed or are completely blocked by other non-confidential documents, the application program also sends an anti-screenshot closing instruction. That is, the application may also send an anti-screenshot close instruction when the application window no longer displays a confidential document.
In addition, it is also necessary to explain that when the confidential document displayed in the application window is completely blocked by other documents, the application sends an anti-screenshot closing instruction. The application may also control the occlusion force.
Specifically, the application program may set an occlusion threshold, and when the size of the confidential document displayed on the application program window occluded by the non-confidential document is smaller than the occlusion threshold, the application program sends the anti-screenshot closing instruction. That is, when a confidential document displayed in a window of an application program is blocked by a non-confidential document, the application program will first determine whether the size of the confidential document blocked by the non-confidential document is smaller than a blocking threshold. And if the current screen capture time is less than the shielding threshold, sending an anti-screen capture closing instruction, and if the current screen capture time is not less than the shielding threshold, continuously keeping the starting state of the anti-screen capture function. For example, the occlusion threshold may be set to 80% of the size of the confidential document, and when the size of the confidential document displayed in a window of an application program occluded by the non-confidential document is smaller than 80% of the size of the confidential document, the application program may send an anti-screen-capture close instruction. Of course, the present invention is not limited to setting the occlusion threshold.
The application program can judge whether the document displayed on the window is a confidential document or not through various modes. For example, the present invention is not limited thereto, and the determination may be made by a confidential identifier of the document. In the specific embodiment, a person skilled in the art can set the setting according to actual needs.
As shown in FIG. 2, the anti-screenshot processing method 200 of the present invention begins at step S210. In step S210, when an anti-screenshot starting instruction sent by a first process is received, the anti-screenshot function is started, where the first process is a process corresponding to an application program in which a window displays a confidential document. When the anti-screenshot function is started, the process number of the first process can be stored in the second list. The second list is a list of process numbers stored in the computing device for recording that the anti-screenshot function is currently turned on. In addition, it is preferable to set the default state of the anti-screen capture function to the off state.
According to an embodiment of the invention, when receiving an anti-screenshot starting instruction sent by a first process, whether the first process has the authority of starting an anti-screenshot function or not can be judged first. And if the first process has the authority of starting the anti-screenshot function, starting the anti-screenshot function again, returning a message that the anti-screenshot function is started successfully, and storing the process number of the first process in a second list. And if the first process does not have the authority of starting the anti-screenshot function, the anti-screenshot function is not started, and a message that the anti-screenshot function fails to be started is returned.
In the step of judging whether the first process has the permission to start the anti-screenshot function, whether the first process has the permission to start the anti-screenshot function can be judged by comparing the process name of the first process with the process names in a first list, which is stored in the computing device and used for recording the process names with the set anti-screenshot function permission (namely, the permission to start and close the anti-screenshot function).
Specifically, when the process name of the first process is the same as one of the process names in the first list, it is determined that the first process has the permission to start the anti-screenshot function. And when the process name of the first process is not the same as any process name in the first list, judging that the first process does not have the authority of starting the anti-screenshot function.
And then, step S220 is performed, and when an anti-screenshot closing instruction sent by the second process is received, whether another process with an anti-screenshot function being started exists is judged. The second process is a process corresponding to an application program for performing preset operation on the confidential document displayed by the window, and the preset operation comprises hiding operation and closing operation. That is, the second process is a process corresponding to the application program which performs the hiding or closing operation on the confidential document displayed in the window. Wherein the hiding operation comprises a minimizing operation and an obstructing operation.
According to an embodiment of the invention, when receiving the anti-screenshot closing instruction sent by the second process, whether the second process has the permission to close the anti-screenshot function or not can be judged first. And judging whether the second process has the authority of closing the anti-screen-capture function or not by comparing the process name of the second process with the process name in the first list which is stored in the computing equipment and used for recording the process name with the authority of setting the anti-screen-capture function.
Specifically, when the process name of the second process is the same as one of the process names in the first list, it is determined that the second process has the permission to turn off the anti-screenshot function. And when the process name of the second process is not the same as any one of the process names in the first list, judging that the second process does not have the permission of closing the anti-screenshot function.
And if the second process does not have the permission of closing the anti-screenshot function, not closing the anti-screenshot function and returning a message that the anti-screenshot function fails to be closed. If the second process has the permission of closing the anti-screenshot function, judging whether other processes with the anti-screenshot function opened exist at present.
According to an embodiment of the present invention, it may be determined whether there is another process having the screen capture prevention function turned on currently by determining whether only the process number of the second process is currently included in the second list.
And if the second process in the second list also comprises the process numbers of other processes besides the second process, judging that other processes with the screen capture prevention function started exist currently. I.e., there are still application windows in the current computing device that display confidential documents. At this time, step S230 is entered, the screen capture function is continuously kept on, and a message indicating that the screen capture prevention function fails to be closed is returned. At the same time, the process number of the second process is also removed from the second list.
And if the second list only comprises the process number of the second process currently, judging that other processes with the screen capture prevention function started do not exist currently. That is, no confidential documents are displayed in the windows of all applications currently opened by the computing device. Then, the process proceeds to step S240, the anti-screenshot function is turned off, and the process number of the second process is removed from the second list. And meanwhile, returning a message that the screen capture prevention function is successfully closed.
Therefore, for the application program, when the confidential document tag and the non-confidential document tag are switched, the anti-screenshot function can be turned on or turned off, and therefore the problem that the unified anti-screenshot processing can be performed as long as the confidential document tag is turned on and the other non-confidential document tags are solved.
At this point, the invention receives the screen capture prevention on command sent by the first process and the screen capture prevention off command sent by the second process through the switch control interface. Namely, the application program turns on or off the anti-screen capture function by calling the switch control interface. The switch control interface program can adopt a super user system level dbus service to provide a switch control interface for the outside. Therefore, whether the switch control interface is called by the interface service program can be judged by whether the dbus call is performed or not. And when the interface service program is determined to call the switch control interface, the anti-screen capture function is closed. Otherwise, executing the flow of starting or closing the anti-screen capture function of the application program.
In addition, when any application program starts the anti-screen capture function, the abnormal crash exit condition may occur. In this case, since the application program is abnormally exited, it does not send the anti-screenshot closing instruction, which results in the anti-screenshot function being always in an on state. For this reason, it is also necessary to monitor the abnormal crash exit of the process that has started the anti-screen capture function, that is, monitor the abnormal exit of the process in the second list. Specifically, it is periodically checked whether the processes in the second list are present in the current process directory of the computing device. And if detecting that a process in the second list does not exist in the current process directory of the computing device, judging that the process is abnormally exited. For example, if it is detected that the third process in the second list does not exist in the current process directory of the computing device, it is determined that the third process has exited abnormally.
FIG. 3 shows a flow diagram of an anti-screenshot processing method 300 upon detecting an abnormal exit of a third process in accordance with one embodiment of the present invention. As shown in fig. 3, the method 300 begins at step S310.
In step S310, when it is detected that the third process in the second list exits abnormally, the process number of the third process is removed from the second list, and it is determined whether the second list is currently an empty list. If the second list is currently an empty list, which indicates that no process for starting the anti-screenshot function currently exists, the process proceeds to step S320, and the anti-screenshot function is turned off. If the second list is not an empty list currently, indicating that there is still a process for starting the anti-screenshot function currently, the method goes to step S330 to continue to maintain the start state of the anti-screenshot function.
The conventional screen capture prevention method is to perform screen capture on a confidential document by a user and then blacken the document. That is, the user is allowed to screen-capture, but blacked out after the user has screen-captured. Obviously, the anti-screen capture method does not really inhibit the user from capturing the screen of the confidential document. Based on the method, the call of the screenshot function of the screenshot intercepting tool is tracked by adopting a hook technology to prevent the user from screenshot. Specifically, the screenshot function of the screenshot tool is hook-removed through a hook function registered in a dynamic library pre-loaded by the screenshot tool in advance, so that screenshot prevention is achieved.
According to one embodiment of the invention, when the screen capture prevention function is started, if it is monitored that a user operates a certain screenshot tool to capture the screen, whether the screenshot tool is the screenshot tool to be intercepted is judged. The name of the screenshot tool can be compared with the names of the screenshot tools in a third list, stored in the computing device, of the names of the screenshot tools for recording the intercepted screenshot tools, so that whether the screenshot tool operated by the user is the intercepted screenshot tool or not can be judged.
Specifically, when the name of the screenshot tool operated by the user is the same as the name of one screenshot tool in the third list, it is determined that the screenshot tool operated by the user is the screenshot tool to be intercepted. And when the name of the screenshot tool operated by the user is not the same as that of any screenshot tool in the third list, judging that the screenshot tool operated by the user is not the screenshot tool to be intercepted.
If the screenshot tool operated by the user is the screenshot tool to be intercepted, the screenshot function in the screenshot tool is removed through a pre-registered hook function hook to prohibit the user from screenshot, and an error prompt message is returned to the screenshot tool. If the screenshot tool operated by the user is not the screenshot tool to be intercepted, returning to the original screenshot function of the screenshot tool so as to ensure that the user can normally capture the screen.
When the screen capture prevention function is closed, if the screen capture of the user is monitored, the original screen capture function of the screen capture tool is directly returned to the screen capture tool, so that the user can normally capture the screen.
FIG. 4 shows a schematic diagram of a method 400 of inhibiting user screenshots, in accordance with another embodiment of the present invention. Monitoring screen capture operation of a user, and when it is monitored that the user operates a certain screenshot tool to capture a screenshot, firstly judging whether the screenshot tool is the screenshot tool to be intercepted. If the screenshot tool operated by the user is not the screenshot tool to be intercepted, returning to the original screenshot function of the screenshot tool so as to ensure that the user can normally capture the screen.
And if the screenshot tool operated by the user is the screenshot tool to be intercepted, judging the state of the current screenshot prevention function. If the current screen capture prevention function is in an open state, a screen capture function in the screen capture tool is removed through a hook function hook which is registered in advance to prohibit the screen capture of a user, and an error prompt message is returned to the screen capture tool. If the current screen capture prevention function is in a closed state, the original screen capture function is returned to the screen capture tool, so that the user can normally capture the screen.
According to the anti-screenshot processing method, when an anti-screenshot starting instruction sent by the process of the application program of which the window displays the confidential document is received, the anti-screenshot function is started. When an anti-screenshot closing instruction sent by a process of an application program for performing preset operation on a confidential document displayed on a window is received, judging whether other processes with an anti-screenshot function are started currently. And if other processes with the screen capture prevention function started exist, continuing to keep the starting state of the screen capture prevention function. And if no other processes with the screen capture prevention function started exist, closing the screen capture prevention function. Therefore, the control granularity of the anti-screenshot processing method can be specific to the confidential documents. When the application program window displays the confidential documents, the screen capture prevention function is in an open state, and the screen capture prevention function is in a closed state at the rest of time. Therefore, the screen capture prevention processing method can ensure the security of the confidential documents and cannot influence the normal screen capture of the user on the non-confidential documents.
In order to better understand the anti-screenshot processing method of the present invention, the whole process of the anti-screenshot processing method of the present invention will be described below by using a specific example with reference to fig. 5. Further, when a process of an application calls the switch control interface to set the screenshot prevention switch value (i.e., when the screenshot prevention function is turned on or turned off), a process of the switch control interface is explained.
It is first explained that the switch control interface program provides the switch interface to the outside by using the super user system level dbus service, and the main functions are to provide the switch interface and control the interface call. The switch interface comprises a switch value setting interface, a switch value acquiring interface and a switch value change dbus signal. And when the switch control interface program is started, the switch control interface program reads the configuration file firstly to prepare for the later authentication. The configuration file includes switch defaults and a white list that the switch control interface may be invoked on. The switch default value is set to false (that is, the anti-screen-capture function is set to the off state by default), and each process that can call the switch control interface is recorded in the white list that can call the switch control interface (for convenience of description, the white list that can call the switch control interface is hereinafter referred to as the switch call white list). Next, a process of the switch control interface will be explained.
When a process A calls a switch control interface to set the screenshot prevention switch value (namely, the process A calls the switch control interface to turn on or turn off the screenshot prevention function), the switch control interface program can perform corresponding processing on user authentication and white list authentication of a caller and on switch value setting in combination with other white list processes.
Specifically, the switch control interface first determines whether the call is a dbus call. And if not, judging that the process A is the process corresponding to the switch control interface service program. And then, the screen capture prevention function is closed. If the call is dbus call, the process A is judged not to be the process corresponding to the switch control interface service program. The user is then authenticated.
And if the user authentication fails, returning a message of the user authentication failure. And if the user authentication is successful, continuing to perform white list authentication on the process A, namely judging whether the process A is a white list process. Specifically, it is determined whether process a is a process in the switch call white list. And if the process A is not the process in the white list called by the switch, judging that the process A is not the white list process, and returning a message of failed white list authentication. And if the process A is a process in the white list called by the switch, judging that the process A is a white list process, and continuously reading a switch value to be set by the process A calling the switch control interface.
If the process a calls the switch control interface to set the switch value to true (i.e. the process a calls the switch control interface to turn on the anti-screen-capture function), the anti-screen-capture function is turned on, and the process a is inserted into the white list with the anti-screen-capture turned on (for convenience of description, the white list with the anti-screen-capture turned on is hereinafter collectively referred to as the anti-screen-capture white list). Meanwhile, the switch value true is sent out in a signal form to inform the anti-screen capture program, and then a message that the anti-screen capture function is started successfully is returned.
If the process A calls the switch control interface to set the switch value to false (namely, the process A calls the switch control interface to turn off the screen capture prevention function), judging whether other white list processes turn on the screen capture prevention function currently.
And if other white list processes currently exist and the screen capture prevention function is started, continuing to maintain the current switch value tr ue, and returning messages of other white list processes with the screen capture prevention function started and failure in closing the screen capture prevention function. At the same time, process a is removed from the anti-screenshot whitelist.
If the anti-screen-capture function is started by other white list processes, the anti-screen-capture function is closed, the switch value false is sent out in a signal form to inform the anti-screen-capture program, and then a message that the anti-screen-capture function is closed successfully is returned. At the same time, process a is removed from the anti-screenshot whitelist.
In addition, the switch control interface program can also monitor the crash or abnormal exit of the process in the screen capture prevention white list regularly. As shown in fig. 6, the timed polling of the switch control interface program checks whether the processes in the screen capture prevention white list are exiting abnormally. Specifically, whether each process number pid in the anti-screenshot white list exists in the current process directory of the computing device is detected regularly. And if a certain process number does not exist in the current process directory of the computing equipment and indicates that the process is abnormally exited, removing the process from the anti-screenshot white list, namely refreshing the anti-screenshot white list. Subsequently, it is determined whether the current anti-screenshot white list is an empty list (i.e., no process is recorded). If so, turning off the anti-screen capture function. If not, the screen capture prevention function is continuously kept in the starting state.
Therefore, the anti-screen-capture processing method provides the anti-screen-capture switch control interface for calling the application program. Therefore, when the window of any application program displays the confidential document, the application program can call the switch control interface to set the switch value to start the anti-screen-capture function. And when the confidential documents displayed by the application program window are minimized, closed or completely blocked by other documents, the application program can call a switch control interface to set a switch value to close the anti-screenshot function. Obviously, the control granularity of the anti-screenshot processing method can be embodied in the confidential documents. When the application program window displays the confidential documents, the screen capture prevention function is in an open state, and the screen capture prevention function is in a closed state at the rest of time, so that the security of the confidential documents can be ensured, and the normal screen capture of the non-confidential documents by a user cannot be influenced.
In addition, the switch control interface in the anti-screenshot processing method can also authenticate the user and the process, so that the calling safety of the switch control interface can be ensured.
A9, the method of any one of a5-a7, further comprising: monitoring abnormal exit of the processes in the second list; when the third process in the second list is monitored to be abnormally exited, removing the process number of the third process from the second list, and judging whether the second list is an empty list currently; if the second list is an empty list currently, the screen capture prevention function is closed; and if the second list is not an empty list currently, continuing to keep the starting state of the anti-screenshot function.
A10, the method of A9, wherein the step of monitoring the second list for abnormal exits comprises: periodically detecting whether each process in the second list exists in a current process directory of the computing device; and if the third process is detected not to exist in the current process directory of the computing equipment, judging that the third process is abnormally exited.
A11, the method of any one of a1-a10, wherein when the anti-screenshot function is turned on, the method further comprises: when it is monitored that a user operates a certain screenshot tool to capture a screen, judging whether the screenshot tool is the screenshot tool to be intercepted or not; if the screenshot tool is the screenshot tool to be intercepted, intercepting a screenshot function in the screenshot tool through a pre-registered hook function to prohibit a user from screenshot, wherein the hook function is registered in a dynamic library pre-loaded by the screenshot tool.
A12, the method of A11, wherein a third list for recording names of screenshots tools to be intercepted is stored in the computing device, so as to determine whether the screenshots tools are to be intercepted based on the third list.
The various techniques described herein may be implemented in connection with hardware or software or, alternatively, with a combination of both. Thus, the methods and apparatus of the present invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as removable hard drives, U.S. disks, floppy disks, CD-ROMs, or any other machine-readable storage medium, wherein, when the program is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein the memory is configured to store program code; the processor is configured to execute the document loading method of the present invention according to instructions in the program code stored in the memory.
By way of example, and not limitation, readable media may comprise readable storage media and communication media. Readable storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of readable media.
In the description provided herein, algorithms and displays are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with examples of this invention. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
It should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules or units or components of the devices in the examples disclosed herein may be arranged in a device as described in this embodiment or alternatively may be located in one or more devices different from the devices in this example. The modules in the foregoing examples may be combined into one module or may be further divided into multiple sub-modules.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
Furthermore, some of the described embodiments are described herein as a method or combination of method elements that can be performed by a processor of a computer system or by other means of performing the described functions. A processor having the necessary instructions for carrying out the method or method elements thus forms a means for carrying out the method or method elements. Further, the elements of the apparatus embodiments described herein are examples of the following apparatus: the apparatus is used to implement the functions performed by the elements for the purpose of carrying out the invention.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
While the invention has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this description, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as described herein. Furthermore, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter. Accordingly, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The present invention has been disclosed in an illustrative rather than a restrictive sense, and the scope of the present invention is defined by the appended claims.