Display device and method for controlling same

Abstract

A method for controlling a display device according to an example may comprise the operations of: obtaining identification information of an object around the display device; and registering identification information which does not satisfy a verification requirement in an unidentified identification information database. When the execution of a locked first application is requested, data for detecting identification information of a first requester is obtained, and if the corresponding identification information is not detected and unidentified identification information is present, an authentication may be requested. Even when the execution of an unlocked second application is requested, data for detecting identification information of a second requester is obtained, and if the corresponding identification information is not detected and unidentified identification information is present, an authentication may be requested.

Description

Display device and control method thereof

[0001] The present invention relates to a display device for controlling the execution of an application and a method for controlling the same.

[0002] A display device is a type of device that converts acquired or stored electrical information into visual information and displays it to a user, and is used in various fields such as homes, schools, or workplaces.

[0003] Display devices may include portable terminals such as portable computers, personal digital assistants (PDAs), cellular phones, smartphones, or tablet PCs, monitors connected to electronic devices such as personal computers or server computers, navigation terminals, televisions, Internet Protocol television (IPTV), various display devices used to display images such as advertisements or movies in industrial settings, stereoscopic display devices for displaying 3D content, or various other types of audio / video systems.

[0004] The display device may allow the installation of applications that provide services based on user accounts. For example, the application may use the user's personal information and / or display the user's personal information through the display device.

[0005] For example, if a specific user runs an application with their account on a display device accessible to multiple users, that user's account for the application may be stored on the display device. On the display device, other users may run the application using the stored account. Consequently, there is a risk that the user's personal information used within the application may be leaked to other users.

[0006] The information described above may be provided as related art for the purpose of aiding understanding of this document. None of the foregoing is to be claimed as prior art related to this document, nor is it to be used to determine prior art.

[0007] The present disclosure provides a display device for controlling the execution of an application and a method for controlling the same.

[0008] A display device according to one example comprises: a memory including one or more storage media for storing instructions; and at least one processor including a processing circuit, wherein when the instructions are executed individually or collectively by at least one processor, the display device performs the operation of obtaining identification information of an individual surrounding the display device; the operation of registering the obtained identification information in an unidentified identification information database as the obtained identification information does not satisfy verification requirements; the operation of obtaining first data for detecting the first identification information of a first requester in response to a request to execute a first application that is locked; the operation of requesting authentication for the execution of the first application in response to the fact that the first identification information is not detected based on the obtained first data and that identification information registered in the unidentified identification information database exists; and the operation of obtaining second data for detecting the second identification information of a second requester in response to a request to execute a second application that is not locked. And based on the second data obtained above, the second identification information is not detected, and in response to the existence of identification information registered in the unidentified identification information database, it may cause an operation to request authentication for the execution of the second application.

[0009] A control method for a display device according to one example may include: an operation of acquiring identification information of an individual surrounding the display device; an operation of registering the acquired identification information in an unidentified identification information database as the acquired identification information does not satisfy verification requirements; an operation of acquiring first data to detect the first identification information of a first requester in response to a request to execute a first application that is locked; an operation of requesting authentication for the execution of the first application in response to the fact that the first identification information is not detected based on the acquired first data and that identification information registered in the unidentified identification information database exists; an operation of acquiring second data to detect the second identification information of a second requester in response to a request to execute a second application that is not locked; and an operation of requesting authentication for the execution of the second application in response to the fact that the second identification information is not detected based on the acquired second data and that identification information registered in the unidentified identification information database exists.

[0010] FIG. 1 is a block diagram of an exemplary display device capable of performing the operations described in the present disclosure.

[0011] FIG. 2 is a block diagram showing a configuration for controlling the execution of an application on a display device according to one example.

[0012] FIG. 3 is a flowchart illustrating a method for controlling the execution of an application on a display device according to one example.

[0013] FIG. 4 is a flowchart illustrating a method for controlling the execution of an application on a display device according to one example.

[0014] FIGS. 5a and 5b are flowcharts for explaining a method for controlling the execution of an application on a display device according to one example.

[0015] The display device according to the various examples disclosed in this document may be a device of various forms. The display device may include, for example, a portable communication device (e.g., a smartphone), a computer device, a portable multimedia device, a portable medical device, a camera, a wearable device, or a consumer electronics device. The display device according to the examples in this document is not limited to the devices described above.

[0016] The various examples and terms used in this document are not intended to limit the technical features described in this document to specific examples, and should be understood to include various modifications, equivalents, or substitutions of such examples. In connection with the description of the drawings, similar reference numerals may be used for similar or related components. The singular form of a noun corresponding to an item may include one or more of said items unless the relevant context clearly indicates otherwise. In this document, phrases such as "A or B," "at least one of A and B," "at least one of A or B," "A, B or C," "at least one of A, B and C," and "at least one of A, B, or C" may each include any one of the items listed together in the corresponding phrase, or any possible combination thereof. Terms such as "first," "second," or "first" or "second" may be used simply to distinguish a component from another corresponding component and do not limit the components in any other aspect (e.g., importance or order). Where any (e.g., 1st) component is referred to as "coupled" or "connected" to another (e.g., 2nd) component, with or without the terms "functionally" or "communicationly," it means that said any component may be connected to said other component directly (e.g., via a wire), wirelessly, or through a third component.

[0017] The term "module" as used in the various examples of this document may include a unit implemented in hardware, software, or firmware, and may be used interchangeably with terms such as logic, logic block, component, or circuit, for example. A module may be a component formed as a whole, or a minimum unit of said component or a part thereof that performs one or more functions. For example, according to one example, a module may be implemented in the form of an application-specific integrated circuit (ASIC).

[0018] Hereinafter, electronic devices according to various examples are described with reference to the attached drawings. In this document, the term "user" may refer to a person using the electronic device or a device using the electronic device (e.g., an artificial intelligence electronic device).

[0019] FIG. 1 is a block diagram of an exemplary display device (100) capable of performing the operations described in the present disclosure.

[0020] Referring to FIG. 1, the display device (100) may be one of various types of electronic devices, such as a liquid crystal display (LCD), light emitting diodes (LED), or organic light emitting diodes (OLED) television (TV), monitor, tablet, or other similar devices (not shown). The components, their relationships, and their functions illustrated in FIG. 1 are illustrative only and are not intended to limit the implementations described or claimed herein.

[0021] The display device (100) can communicate with an external electronic device (103) (e.g., a smartphone) through a first network (101) (e.g., a short-range wireless communication network) in a network environment. The display device (100) can communicate with at least one of an external electronic device (104) (e.g., a smartphone) or a server (105) (e.g., a smart home server) through a second network (102) (e.g., a long-range wireless communication network) in a network environment. The display device (100) can communicate with an external electronic device (e.g., a refrigerator, a washing machine, a vacuum cleaner, an air conditioner, or lighting, etc.) through the server (105). Each of the external electronic devices (103 or 104) may be the same as the display device (100) or a different type of device. All or part of the operations performed on the display device (100) may be performed on one or more of the external electronic devices (103, 104, or 105). For example, if a display device (100) needs to perform a function or service automatically or in response to a request from a user or another device, the display device (100) may request one or more external electronic devices to perform at least a part of the function or service instead of performing the function or service itself or additionally. One or more external electronic devices that receive the request may perform at least a part of the requested function or service, or additional functions or services related to the request, and transmit the result of the execution to the display device (100). The display device (100) may provide the transmitted result as is or additionally processed as at least part of the response to the request. To this end, cloud computing, distributed computing, mobile edge computing (MEC), or client-server computing technologies may be used.The display device (100) can provide ultra-low latency services using, for example, distributed computing or mobile edge computing. The external electronic device (104) may include an Internet of Things (IoT) device. The server (105) may be an intelligent server using machine learning and / or neural networks. The external electronic device (104) or the server (105) may be included within the second network (102). The display device (100) may be applied to intelligent services (e.g., smart home, smart city, smart car, or healthcare) based on 5G communication technology and IoT-related technology.

[0022] The display device (100) may include, as components, a communication circuit (110), a processor (120), a sensor (130), a speaker (140), a display (150), and / or memory (160) (e.g., volatile memory (161) and / or non-volatile memory (162)). Here, the components may be connected to each other based on a certain communication method (e.g., a bus, GPIO (general purpose input and output), SPI (serial peripheral interface), or MIPI (mobile industry processor interface)), or may exchange signals (e.g., commands or data) with each other. The components described above are merely exemplary. For example, the display device (100) may include other components (e.g., PMIC (power management integrated circuit), connection terminals, or input / output interfaces). At least one of the components included in the display device (100) may be omitted, or one or more other components may be added. Some of the components included in the display device (100) may be integrated into a single component.

[0023] The processor (120) can control at least one other component (e.g., hardware or software component) of the display device (100) by executing software (e.g., application, driving program, and / or system program). To this end, the processor (120) can perform various data processing and / or operations. As at least part of the data processing and / or operations, the processor (120) can store commands or data received from other components (e.g., communication circuit (110) or sensor (130)) in the volatile memory (161). The processor (120) can process the commands or data stored in the volatile memory (161) and store the resulting data in the non-volatile memory (162).

[0024] The processor (120) can be implemented with one or more IC (integrated circuit) chips and can perform various data processing operations. For example, the processor (120) (or application processor, AP) may be implemented as a system on chip (SoC) (e.g., a single chip or chipset). The processor (120) may, for example, execute software to control at least one other component (e.g., a hardware or software component) of the display device (100) connected to the processor (120) and may perform various data processing or operations. According to one example, as at least part of the data processing or operations, the processor (120) may store commands or data received from other components (e.g., a communication circuit (110) or a sensor (130)) in volatile memory (161), process the commands or data stored in volatile memory (161), and store the result data resulting from the processing in non-volatile memory (162). According to one example, the processor (120) may operate independently of or together with the main processor (121) (e.g., a central processing unit (CPU) or AP) or an auxiliary processor (120). It may include a processor (123) (e.g., a graphic processing unit (GPU), a neural processing unit (NPU), an image signal processor (ISP), or a communication processor (CP)). For example, if the display device (100) includes a main processor (121) and an auxiliary processor (123), the auxiliary processor (123) may be configured to use less power than the main processor (121) or to be specialized for a specified function.The auxiliary processor (123) can be implemented separately from the main processor (121) or as part thereof.

[0025] The auxiliary processor (123) can control at least some of the functions or states associated with at least one component of the display device (100) (e.g., communication circuit (110), sensor (130), speaker (140), or display (150)) on behalf of the main processor (121) while the main processor (121) is in an inactive (e.g., sleep) state, or together with the main processor (121) while the main processor (121) is in an active (e.g., application execution) state. According to one example, the auxiliary processor (123) (e.g., image signal processor or communication processor) may be implemented as part of another functionally related component (e.g., communication circuit (110)). According to one example, the auxiliary processor (123) (e.g., neural network processing unit) may include a hardware structure specialized for processing an artificial intelligence model. The artificial intelligence model may be generated through machine learning. Such learning may be performed, for example, on the display device (100) itself where the artificial intelligence is performed, or through a separate server (e.g., server (108)). The learning algorithm may include, for example, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning, but is not limited to the examples described above. The artificial intelligence model may include a plurality of artificial neural network layers.An artificial neural network may be a deep neural network (DNN), a convolutional neural network (CNN), a recurrent neural network (RNN), a restricted Boltzmann machine (RBM), a deep belief network (DBN), a bidirectional recurrent deep neural network (BRDNN), a deep Q-network, or a combination of two or more of the above, but is not limited to the examples described above. In addition to the hardware structure, the artificial intelligence model may include a software structure, either additionally or substantially.

[0026] The communication circuit (110) can support the establishment of a direct (e.g., wired) communication channel or a wireless communication channel between the display device (100) and an external electronic device (e.g., electronic device (103, 104), or server (105)), and the performance of communication through the established communication channel. The communication circuit (110) can support direct (e.g., wired) communication or wireless communication. The communication circuit (110) may include a wireless communication module (e.g., cellular communication module, short-range wireless communication module, or GNSS (global navigation satellite system) communication module) or a wired (e.g., LAN (local area network) communication module, or power line communication module). Among the communication modules, the corresponding communication module can communicate with an external electronic device (104) through a first network (101) (e.g., a short-range communication network such as Bluetooth, WiFi (wireless fidelity) direct, or IrDA (infrared data association)) or a second network (102) (e.g., a legacy cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., LAN or WAN)). These various types of communication modules may be integrated into a single component (e.g., a single chip) or implemented as multiple separate components (e.g., multiple chips).

[0027] The sensor (130) can detect the operating state of the display device (100) (e.g., power or temperature) or the external environmental state (e.g., user state) and generate an electrical signal or data value corresponding to the detected state. The sensor (130) may include, for example, a gesture sensor, a gyroscope sensor, a barometric pressure sensor, a magnetic sensor, an accelerometer sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biosensor, a temperature sensor, a humidity sensor, or an illuminance sensor.

[0028] According to one example, the sensor (130) may include a microphone (131). The microphone (131) can receive voice spoken by the user.

[0029] According to one example, the sensor (130) may include a camera (133). The camera (133) may include a component that converts light into a digital image, such as an image sensor. For example, the camera (133) may be positioned on the front of the display device (100). For example, the camera (133) may acquire a user image including a user located on the front of the display device (100).

[0030] The speaker (140) can output a sound signal (or audio signal) to the outside of the display device (100). The speaker (140) can be used for general purposes, such as multimedia playback or recording playback. The volume of the speaker (140) can be increased or decreased in response to the control of the processor (120).

[0031] The display (150) can visually output information to the outside of the display device (100) (e.g., a user). The display (150) may include a display panel that substantially displays a screen. The display (150) may include, for example, a display, a holographic device, or a projector and a control circuit for controlling said device. The display (150) may include a touch sensor configured to detect a touch, or a pressure sensor configured to measure the intensity of the force generated by the touch.

[0032] The memory (160) can store various data used by at least one component of the display device (100) (e.g., processor (120) or sensor (130)). The data stored in the memory (160) may include, for example, input data or output data for software (e.g., program) and / or related commands. The memory (160) may include volatile memory (161) or non-volatile memory (162). The memory (160) may store programs and data for processing video signals and / or audio signals. The memory (160) may temporarily store data generated during the processing of video signals and / or audio signals.

[0033] The display device (100) may further include an interface or a connection terminal. The interface may support one or more specified protocols that can be used to connect the display device (100) directly or wirelessly to an external electronic device (e.g., electronic device (103)). The interface may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface. The connection terminal may include a connector through which the display device (100) can be physically connected to an external electronic device (e.g., electronic device (103)). The connection terminal may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (e.g., a headphone connector).

[0034] A display device (100) may use a wakeup recognition model (hereinafter referred to as a wakeup model). For example, the display device (100) may execute a voice agent program using a specified wakeup word (e.g., Hi Bixby). The display device (100) may recognize the reception of a wakeup word by processing the wakeup word based on the wakeup model and a specified algorithm (e.g., a hidden Markov model (HMM) or an artificial neural network).

[0035] According to one example, the method according to the various examples disclosed in this document may be provided as included in a computer program product. The computer program product may be traded between a seller and a buyer as a product. The computer program product may be distributed in the form of a device-readable storage medium (e.g., compact disc read-only memory (CD-ROM)), or distributed online (e.g., download or upload) through an application store (e.g., Play Store™) or directly between two user devices (e.g., smartphones). In the case of online distribution, at least a portion of the computer program product may be temporarily stored or temporarily created on a device-readable storage medium, such as the memory of a manufacturer's server, an application store's server, or a relay server.

[0036] According to various examples, the aforementioned components may each (e.g., modules or programs) comprise a singular or multiple entities, and some of the multiple entities may be separated and placed in other components. According to various examples, one or more of the aforementioned components or operations may be omitted, or one or more other components or operations may be added. Generally or additionally, multiple components (e.g., modules or programs) may be integrated into a single component. In such a case, the integrated component may perform one or more functions of each of the multiple components in the same or similar manner as those performed by the corresponding components among the multiple components prior to the integration. According to various examples, operations performed by modules, programs, or other components may be executed sequentially, in parallel, iteratively, or heuristically, or one or more of the operations may be executed in a different order, omitted, or one or more other operations may be added.

[0037] FIG. 2 is a block diagram showing a configuration for controlling the execution of an application in a display device according to one example (e.g., the display device (100) of FIG. 1).

[0038] Referring to FIG. 2, the display device (100) may include or be composed of at least some of an application (200), an application installer (211), an application lock manager (213), an identification manager (215), a settings manager (217), an application launcher (220), an input handler (230), a remote controller data receiver (240), a mic data receiver (250), and / or a camera data receiver (260). The application execution control unit (210) may include or be composed of at least some of an application installer (211), an application lock manager (213), an identification manager (215), and / or a settings manager (217). The components included in the display device (100) may be software or firmware executed by the processor (120). The components included in the display device (100) may be hardware modules included in the processor (120) or existing independently.

[0039] The application (200) may be contained in memory (e.g., memory (160) of FIG. 1). Some or all of the components of the application execution control unit (210), application launcher (220), input handler (230), remote control data receiver (240), microphone data receiver (250), and / or camera data receiver (260) may be contained in a processor (e.g., processor (120) of FIG. 1). Some or all of the components contained in the application execution control unit (210) may be contained in a processor (e.g., processor (120) of FIG. 1). The microphone data receiver (250) and / or camera data receiver (260) may be contained in a sensor (e.g., sensor (130) of FIG. 1). For example, the microphone data receiver (250) may be contained in a microphone (e.g., microphone (131) of FIG. 1). The camera data receiver (260) may be included in the camera (e.g., the camera (133) of FIG. 1). The input handler (230) and / or the remote control data receiver (240) may be included in the communication circuit (e.g., the communication circuit (110) of FIG. 1).

[0040] The application (200) may include a value as metadata indicating whether it uses the user's personal information. For example, personal information may include sensitive information such as medical records, payment information, photos, contacts, or phone numbers. The application (200) may display the user's personal information on a User Interface (UI) using the user's personal information. Metadata including a value indicating whether the application (200) uses the user's personal information may be obtained by an electronic device (100). The application (200) may include a plurality of applications (201; 203; 205; 207; 209) installed within the display device (100). The number of applications shown in FIG. 2 is exemplary and is not limited thereto.

[0041] The application execution control unit (210) can control the execution of an application. The application execution control unit (210) can acquire data in response to receiving an execution request of the application (200). The execution of the application (200) can be controlled based on the data acquired by the application execution control unit (210).

[0042] The application installer (211) may store metadata containing a value indicating whether the application (200) uses the user's personal information in the application installer database (221) when the application (200) is installed. The application installer (211) may obtain metadata containing a value indicating whether the application (200) uses the user's personal information. The application installer (211) may store information about the application, such as the name of the application (200), along with the metadata in the application installer database (221). The application installer (211) may manage the application installer database (221). The application installer (211) may edit the application installer database (221). The application installer (211) may delete the application stored in the application installer database (221).

[0043] The application lock manager (213) can set a lock on the use of an application (200) based on user input. When the execution of a locked application (200) is requested, the application lock manager (213) may require authentication for the execution of the application (200). Authentication for the execution of the application (200) may involve requesting the input of a security password set for the application (200). For example, the security password may consist of multiple characters and / or numbers that the user inputs to execute the application (200). A different security password may be set for each application (200). Locking of the application may be performed by a known method. The application lock manager (213) may provide a UI that displays a list of applications (200) installed on the display device (100). The application lock manager (213) may set a lock on one or more applications (200) selected by user input from the list of applications (200) displayed on the UI. User input can be input via a remote control device (e.g., a TV remote) that remotely controls the display device (100). The application lock manager (213) can store a list of locked applications in the application lock manager database (223). The application lock manager (213) can manage the application lock manager database (223). The application lock manager (213) can edit the list of locked applications. The application lock manager (213) can provide a UI that displays the list of locked applications. The application lock manager (213) can delete one or more applications selected by user input from among the applications included in the list of locked applications.

[0044] The ID manager (215) acquires user identification information or identity (hereinafter referred to as 'identification information') around the display device (100) and can classify the acquired user identification information into either verified identity or unverified identity. The ID manager (215) can acquire user identification information around the display device (100) in the background state through a sensor (e.g., sensor (130) of FIG. 1). User identification information may be, for example, a user ID (or password) or biometric information such as facial information, voice information, or fingerprint information. The ID manager (215) can register verified identity information in a verified identity information database. The ID manager (215) can register unverified identity information in an unverified identity information database. The ID manager (215) can create and / or manage a verified identity information database and / or an unverified identity information database. The ID manager (215) can store a verified identification information database and / or an unidentified identification information database in the ID manager database (225).

[0045] According to one example, the verified identification information may refer to the identification information of a user who is determined to be a safe (or trusted) identity. For example, the verified identification information may be the identification information of a member (e.g., a member within the household) residing in a space (e.g., a house) where the display device (100) is installed.

[0046] According to one example, unidentified identification information may refer to identification information of a user determined to be an unsafe (or untrustworthy) identity. For example, unidentified identification information may not be identification information of a member residing in the space (e.g., a house) where the display device (100) is installed. For example, unidentified identification information may refer to identification information of an outsider other than a resident, such as a cleaner, a neighbor, a visiting teacher, a service technician, or an intruder.

[0047] The ID manager (215) may include a user recognition module (not shown). The user recognition module may acquire user identification information and identify a user by comparing the acquired user identification information with previously stored user identification information. The user recognition module may include a voice recognition module (216) and / or a face recognition module (218).

[0048] The voice recognition module (216) can perform voice recognition on the received voice. Voice recognition may identify the user of the received voice. Voice recognition may be performed by a known voice recognition algorithm. The voice recognition module (216) can receive sound data including user voice data from the microphone data receiver (250). The voice recognition module (216) can detect the user voice based on a voice recognition method and analyze the features of the detected user voice. The voice recognition module (216) can store voice identification information including the feature information of the analyzed voice in the ID manager database (225). For example, the voice feature information may include various attribute information such as the frequency of the voice signal, the length of the voice, the amplitude, the number of phonemes, or the length of phonemes. The voice recognition module (216) can perform machine learning (or deep learning) on ​​voice recognition based on the received voice data. The voice recognition module (216) can generate a voice recognition model based on the feature information of the received user voice. A speech recognition model can be generated by training a Gaussian Mixture Model - Universal Background Model (GMM-UBM) using the maximum likelihood linear regression (MLLR) or maximum a posteriori (MAP) method. When a received voice is analyzed based on the speech recognition model and it is determined that the analyzed voice is the voice of a stored user, the speech recognition module (216) can train and update the speech recognition model based on the input voice. The speech recognition module (216) can train the speech recognition model by including the input voice in addition to the existing voice information and using the method described above and / or other methods.

[0049] The face recognition module (218) can perform face recognition on a received face. Face recognition may identify the user of the received face. Face recognition may be performed by a known face recognition algorithm. The face recognition algorithm may be an eigenface algorithm or a local binary patterns (LBP) algorithm, but is not limited thereto. The face recognition module (218) can receive a captured image containing a user from a camera data receiver (260). The face recognition module (218) can detect a user face from the captured image based on a face recognition method and analyze the features of the detected user face. The face recognition module (218) can store face identification information containing the analyzed face feature information in an ID manager database (225). The face recognition module (218) can analyze the received face to determine whether the analyzed face identification information is stored in the ID manager database (225). If the face recognition module (218) does not find face identification information corresponding to the received face in the ID manager database (225), it can determine that the user is a new user and store the corresponding face identification information in the ID manager database (225). The face recognition module (218) can perform machine learning (or deep learning) on ​​face recognition based on the received face data. The face recognition module (218) can generate a face recognition model based on feature information regarding the received user face. The face recognition model can be generated using a statistical model such as a neural network model. If the input face is analyzed based on the face recognition model and it is determined that the analyzed face is the face of a stored user, the face recognition module (218) can train and update the face recognition model based on the input face.The face recognition module (218) can train a face recognition model by including a face that is additionally input into the existing face information and using the method described above and / or other methods.

[0050] In the initial state of the display device (100), both the unidentified identification information database and the identified identification information database may be empty.

[0051] The identification information of an authenticated user may be registered in the verification identification information database. According to one example, the display device (100) may request the registration of the user's identification information when the user sets the application execution control mode to automatic mode. A user who has registered identification information with the display device (100) may be referred to as an "authenticated user." For example, to register voice identification information, the display device (100) may display a UI on the display to acquire the user's voice. The UI may display text and / or images requesting the user to utter a specific phrase (e.g., "Hello") a specified number of times. The ID manager (215) may analyze the acquired user voice and register the analyzed voice identification information in the verification identification information database. To register face identification information, the display device (100) may display a UI on the display to acquire the user's image. The UI may display text and / or images requesting the user to be located within the camera's field of view. The ID manager (215) can analyze the user face included in the acquired user image and register face identification information containing feature information of the analyzed face in the identification information database. According to one example, when registering user identification information, the display device (100) may require additional authentication information for identity verification from the user. For example, the additional authentication information may be information that can verify the user's identity, such as the user's mobile communication terminal information.

[0052] The ID manager (215) can obtain identification information of objects around the display device (100) based on data obtained through a sensor (130) that collects information periodically or non-periodically in a background state. The voice recognition module (216) can obtain voice identification information of a user around the display device (100) based on data obtained through a camera that collects user images periodically or non-periodically in a background state. The face recognition module (218) can obtain face identification information of a user around the display device (100) based on data obtained through a camera that collects user images periodically or non-periodically in a background state. The ID manager (215) can obtain identification information of objects around the display device (100) while the display device (100) is in an active state (e.g., running an application). The ID manager (215) can obtain identification information of objects around the display device (100) by waking up periodically or non-periodically while the display device (100) is in an inactive state (e.g., sleep or idle).

[0053] The ID manager (215) can register newly acquired identification information in the unidentified identification information database. The newly acquired identification information may not be identification information stored in the ID manager database (225). The ID manager (215) can determine whether the acquired identification information is stored in the ID manager database (225). If the ID manager (215) determines that the acquired identification information is not found in the ID manager database (225), it can determine that the identification information is new and register the identification information in the unidentified identification information database. If the ID manager (215) determines that the acquired voice identification information is not found in the ID manager database (225), it can determine that the voice identification information is new and register the voice identification information in the unidentified identification information database. If the ID manager (215) determines that the acquired face identification information is not found in the ID manager database (225), it can determine that the face identification information is new and register the face identification information in the unidentified identification information database.

[0054] If identification information existing in the unidentified identification information database satisfies the verification requirements, the ID manager (215) may delete the identification information from the unidentified identification information database and register it in the verified identification information database. For example, the verification requirements may include the frequency of acquisition of identification information being above a threshold level. If identification information existing in the unidentified identification information database is recognized at a frequency above a threshold level during a first time interval, the ID manager (215) may delete the identification information from the unidentified identification information database and register it in the verified identification information database. For example, the first time interval may be '5 days', but is not limited thereto. A frequency above a threshold level may mean, for example, at least once per day. For example, the ID manager (215) may register identification information recognized at least once a day for 5 days in the verified identification information database.

[0055] If identification information existing in the verification identification information database is not recognized during the second time interval, the ID manager (215) may delete the identification information from the verification identification information database. For example, the second time interval may be '10 days', but is not limited thereto.

[0056] If identification information existing in the unidentified identification information database is not recognized during the third time interval, the ID manager (215) may delete the identification information from the unidentified identification information database. For example, the third time interval may be '2 days', but is not limited thereto.

[0057] The ID manager (215) can exclusively manage the verified identification information database and the unidentified identification information database so that there is no identification information included in both the verified identification information database and the unidentified identification information database. When specific identification information is registered in the verified identification information database, the ID manager (215) can identify whether specific identification information exists in the unidentified identification information database, and if it exists, delete specific identification information from the unidentified identification information database.

[0058] The ID manager (215) can acquire data to detect the identification information of the user who requested the execution of the application in response to the execution of the application (200). The ID manager (215) can detect the identification information of the user who requested the execution of the application based on the acquired data. Hereinafter, the user who requested the execution of the application may be referred to as the "requester." The ID manager (215) can acquire data to detect the voice identification information of the requester in response to the execution of the application (200). When a user executes the application (200) through a voice recognition function (e.g., "Hi Bixby, launch the gallery app"), the ID manager (215) can acquire the requester's voice. The ID manager (215) can acquire the requester's voice identification information based on the acquired voice. The ID manager (215) can acquire an image captured by a camera in response to the execution of the application (200). The ID manager (215) can acquire the requester's face identification information based on the captured image. The ID manager (215) can search for the acquired identification information in the ID manager database (225) to determine whether the acquired identification information is unidentified identification information or confirmed identification information. If the acquired identification information is new identification information, the ID manager (215) can identify the acquired identification information as unidentified identification information. The ID manager (215) can notify the main processor (121) that the acquired identification information is unidentified identification information. If it is determined that the acquired identification information is confirmed identification information, the ID manager (215) can notify the main processor (121) that the acquired identification information is confirmed identification information.

[0059] The ID manager (215) may not be able to detect the requester's identification information based on data obtained in response to the execution of the application (200). If the user is outside the field of view of the camera (133) provided in the display device (100) when requesting the execution of the application (200), the ID manager (215) will not be able to detect the user's face identification information. If the user's spoken voice is not received when requesting the execution of the application (200), the ID manager (215) will not be able to detect the user's voice identification information. The ID manager (215) may notify the main processor (121) that the requester's identification information is not detected.

[0060] The setting manager (217) may store a value in the setting manager database (227) that indicates the mode for executing application execution control. For example, the application execution control function may refer to a function that controls application execution. The mode set for the application execution control function may be referred to as the 'application execution control mode'. The setting manager (217) may display a UI on the display for setting the application execution control mode. The setting manager (217) may store a value in the setting manager database (227) that indicates the application execution control mode selected by user input. The application execution control mode may include off, manual mode, and / or auto mode. For example, the application execution control mode may be any one of off, manual mode, or auto mode. If the application execution control mode is off, the application execution control function is not executed. In this case, when an application (200) is executed on the display device (100), the display device (100) does not control the execution of the application (200) (i.e., does not request authentication for the execution of the application (200)). If there is no user input regarding the application execution control mode, the setting manager (217) may set the application execution control mode to off. If the application execution control mode is manual mode, the display device (100) may request authentication for the execution of the application (200) when a locked application is executed. If the application execution control mode is automatic mode, the display device (100) may automatically control the application execution control function based on data provided by the application installer (211), the application lock manager (213), and / or the ID manager (215).A detailed explanation of this will be provided later with reference to Fig. 5.

[0061] The microphone data receiver (250) can receive the user's spoken voice (hereinafter abbreviated as 'user voice') periodically or non-periodically through a microphone (e.g., the microphone (131) of FIG. 1). The microphone data receiver (250) can receive the user voice through the microphone (131) that collects the user voice in the background state. The microphone data receiver (250) can receive the user voice through the microphone (131) in response to an application execution request. The microphone data receiver (250) can transmit voice data corresponding to the user voice to the ID manager (215). The microphone data receiver (250) can transmit the voice data to the voice recognition module (216) of the ID manager (215).

[0062] The camera data receiver (260) can receive images captured by a camera (e.g., the camera (133) of FIG. 1) periodically or non-periodically. The camera (133) may be located in front of the display device (100). The images captured by the camera (133) may include user images including a user located in front of the display device (100). The camera data receiver (260) can receive images captured through the camera (133) which captures images in a background state. The camera data receiver (260) can receive user images through the camera (131) in response to an application execution request. The camera data receiver (260) can transmit image data corresponding to the captured images to the ID manager (215). The camera data receiver (260) can transmit image data to the face recognition module (218) of the ID manager (215).

[0063] The remote control data receiver (240) can receive control information through a remote control device (e.g., a TV remote). For example, the control information received from the remote control device may represent a signal corresponding to a user operation (e.g., pressing or touching) on ​​a button (or key) on the remote control device. The remote control device may include an optical (e.g., infrared (IR)) output unit and may output an IR signal through the optical output unit in response to a user operation on a button (or key) on the remote control device. The remote control data receiver (240) can convert the received control information into an electrical signal. The remote control data receiver (240) can transmit the converted electrical signal to an input handler (230).

[0064] The input handler (230) can transmit a signal requesting the execution of a specific application (200) to the application launcher (220) based on a signal received from the remote control data receiver (240).

[0065] The application launcher (220) can execute an application (200). The application launcher (220) can execute the application (200) based on a signal received from an input handler (230). The application launcher (220) can execute an application (200) selected by user operation on a remote control device. Although not shown in FIG. 2, the application launcher (220) can execute the application (200) based on data obtained through a sensor (130). The application launcher (220) can execute the application (200) based on a user's control voice obtained through a microphone (e.g., "Hi Bixby, open the gallery app").

[0066] The application launcher (220) can transmit information about the execution of a specific application (200) to the application installer (211), application lock manager (213), ID manager (215), and / or setting manager (217).

[0067] An application installer (211), an application lock manager (213), an ID manager (215), and / or a setting manager (217) may transmit data to a main processor (e.g., the main processor (121) of FIG. 1) in response to receiving information regarding the execution of a specific application (200). An application installer (211) may transmit data regarding whether the specific application (200) uses personal information stored in the application installer database (221) to the main processor (121) in response to receiving information regarding the execution of a specific application (200). An application lock manager (213) may transmit data regarding the lock settings of a specific application (200) stored in the application lock manager database (223) to the main processor (121) in response to receiving information regarding the execution of a specific application (200). In response to receiving information regarding the execution of a specific application (200), if the ID manager (215) detects that the identification information of the user who requested the application execution is not detected, the ID manager (215) may notify the main processor (121) that the identification information is not detected. If the identification information is detected, the ID manager (215) may search for the detected identification information in the identification information stored in the ID manager database (225) and transmit the searched information to the main processor (121). In response to receiving information regarding the execution of a specific application (200), the setting manager (217) may transmit data regarding the application execution control mode stored in the setting manager database (227) to the main processor (121).

[0068] The main processor (121) can perform application execution control functions based on data provided by the application installer (211), application lock manager (213), ID manager (215), and / or setting manager (217). For example, when an application (200) is executed, the main processor (121) can determine whether to request the input of a security password for the application (200) based on data provided by the application installer (211), application lock manager (213), ID manager (215), and / or setting manager (217).

[0069] According to one example, the main processor (121) may perform the following operations: acquiring identification information of an individual surrounding a display device (100); registering the acquired identification information in an unidentified identification information database as the acquired identification information does not satisfy verification requirements; acquiring first data to detect the first identification information of a first requester in response to a request to execute a first application that is locked; requesting authentication for the execution of the first application in response to the fact that the first identification information is not detected based on the acquired first data and that identification information registered in the unidentified identification information database exists; acquiring second data to detect the second identification information of a second requester in response to a request to execute a second application that is not locked; and requesting authentication for the execution of the second application in response to the fact that the second identification information is not detected based on the acquired second data and that identification information registered in the unidentified identification information database exists.

[0070] According to one example, the main processor (121) can perform the operation of registering the acquired identification information in the verification identification information database as the acquired identification information satisfies the verification requirements.

[0071] According to one example, the main processor (121) may perform the operation of executing the first application when the first identification information is detected based on the first acquired data and the identified first requester is an authenticated user; and the operation of requesting authentication for executing the first application when the first identification information is detected based on the first acquired data and the identified first requester is not an authenticated user.

[0072] According to one example, the main processor (121) detects the first identification information based on the first data obtained, and determines whether the detected first identification information is registered in the verification identification information database when the identified first requester is not an authenticated user; and if the first identification information is registered in the verification identification information database, it may perform an operation to request authentication for the execution of the first application.

[0073] According to one example, the main processor (121) may perform the operation of executing the second application when the second identification information is detected based on the second data obtained above and the identified second requester is an authenticated user; and the operation of executing the second application when the second identification information is detected based on the second data obtained above and the identified second requester is not an authenticated user.

[0074] According to one example, the main processor (121) can perform the operation of determining whether the detected second identification information is registered in the verification identification information database when the second identification information is detected based on the second data obtained, and when the identified second requester is not an authenticated user; and if the second identification information is registered in the verification identification information database, the operation of executing the second application.

[0075] According to one example, the main processor (121) may perform an operation to request authentication for the execution of the first application, which includes: an operation to determine whether the first requester can be identified based on the detected first identification information; an operation to determine whether there is identification information registered in the unidentified identification information database if the first requester cannot be identified based on the detected first identification information; an operation to determine whether the first application uses the user's personal information if there is identification information registered in the unidentified identification information database; and an operation to request authentication for the execution of the first application if the first application uses the user's personal information.

[0076] According to one example, the main processor (121) may perform an operation to request authentication for the execution of the second application, an operation to determine whether the second identification information is detected based on the acquired second data; an operation to determine whether there is identification information registered in the unidentified identification information database if the second identification information is not detected based on the acquired second data; an operation to determine whether the second application uses the user's personal information if there is identification information registered in the unidentified identification information database; and an operation to request authentication for the execution of the second application if the second application uses the user's personal information.

[0077] According to one example, the identification information may include face identification information and / or voice identification information.

[0078] According to one example, the verification requirement may include the frequency of acquiring the identification information being above a threshold level.

[0079] FIG. 3 is a flowchart illustrating a method for controlling the execution of an application of a display device (e.g., the display device (100) of FIG. 1) according to one example.

[0080] For example, the display device (100) may have the application execution control mode set to off or on. For example, if the application execution control mode is off, the display device (100) does not control application execution. For example, if the application execution control mode is off, the display device (100) may execute an application upon any application execution request. For example, if the application execution control mode is on, the display device (100) may control application execution. For example, if the application execution control mode is on, the display device (100) may request authentication for the execution of an application when a locked application is executed.

[0081] In the following examples of operations, each operation may be performed sequentially, but is not necessarily performed sequentially. For example, the order of each operation may be changed, or at least two operations may be performed in parallel. According to one example, at least one of the following operations may be performed on an external server.

[0082] Referring to FIG. 3, the display device (100) may receive a request to execute a specific application in operation 301. The display device (100) may receive the request to execute the application, for example, through a remote control device (e.g., user operation on a button of the remote control device). The display device (100) may receive the request to execute the application (e.g., "Hi Bixby, open the Gallery app") through a microphone (e.g., the microphone (131) in FIG. 1).

[0083] The display device (100) can identify whether the application execution control mode is on in operation 303.

[0084] If the application execution control mode is not on (i.e., off), the display device (100) can execute the application in operation 305.

[0085] When the application execution control mode is on, the display device (100) can identify whether the application is locked in operation 307.

[0086] If the application is not locked, the display device (100) can perform operation 305.

[0087] If the application is locked, the display device (100) may request authentication for the execution of the application in operation 309. The display device (100) may display a password input window on the display for entering a pre-set security password for the application.

[0088] When the application execution control mode is off on the display device (100), the display device (100) can execute all applications without requesting the input of a security password at the request of any user. For example, the display device (100) may be an electronic device shared within a home. Various applications such as messenger applications, mail applications, OTT (Over the Top) applications, and game applications that provide services based on the user's account may be installed on the display device (100). Various applications on the display device (100) may be executed with one person's account. For example, User A may log in to an OTT application on the display device (100) with a personal account to watch videos. In this case, household members B, C, and / or D may log in to the OTT application with User A's account to watch videos. In this case, an outsider E may visit and log in to the OTT application with User A's account to watch videos. As described above, if User A logs into an OTT application with a personal account, household members B, C, and / or D, as well as an outsider E, can access personal information such as User A's viewing history.

[0089] To prevent this, the display device (100) may lock the application and request authentication for the execution of the locked application (e.g., turning on the application execution control mode). In this case, when executing the locked application on the display device (100), all users of the display device (100) must enter a security password. While this method can protect the user's sensitive personal information, it can significantly restrict the usability of the display device (100) in general situations. For example, the user of the display device (100) has a need to allow members of the household residing in the place where the display device (100) is installed (e.g., home) to freely access the application with their account, but to restrict outsiders visiting or intruding into the home from accessing the application with their account.

[0090] A display device (100) according to one example of the present disclosure can safely protect sensitive personal information of a user processed by an application without significantly restricting usability.

[0091] According to one example, if there is a possibility that an outsider may access the display device (100) (e.g., if an outsider has visited and an outsider may be present), the display device (100) may request authentication for the execution of an application in response to a request to execute an application that is not locked.

[0092] FIG. 4 is a flowchart illustrating a method for controlling the execution of an application of a display device (e.g., the display device (100) of FIG. 1) according to one example.

[0093] Referring to FIG. 4, in the following examples of operations, each operation may be performed sequentially, but is not necessarily performed sequentially. For example, the order of each operation may be changed, or at least two operations may be performed in parallel. According to one example, one or more operations may be omitted. According to one example, at least one of the following operations may be performed on an external server.

[0094] In operation 401, the display device (100) can acquire identification information about objects surrounding the display device (100). For example, the identification information may be a user ID (or password) or biometric information such as a face, voice, or fingerprint. The display device (100) can acquire identification information about objects surrounding it periodically or non-periodically through at least one sensor (e.g., sensor (130) of FIG. 1) in a background state. The display device (100) can acquire sound data including the user's voice through a microphone and acquire voice information of the user by analyzing the acquired sound data. The display device (100) can acquire a captured image including the user's image through a camera and acquire face information of the user by analyzing the acquired captured image. The above operation may be performed while the display device is in an active state (e.g., application execution). The above operation may be performed while the display device is in an inactive state (e.g., sleep, standby).

[0095] The display device (100) may register the acquired identification information in the unidentified identification database as the acquired identification information does not satisfy the verification requirements in operation 403. The display device (100) may determine whether the acquired identification information satisfies the verification requirements. The display device (100) may register the identification information that does not satisfy the verification requirements in the unidentified identification database. An object with a trusted identity may satisfy the verification requirements. If a certain identification information is acquired at a frequency greater than or equal to a threshold level, the certain identification information may satisfy the verification requirements. An object that does not have a trusted identity does not satisfy the verification requirements. If a certain identification information is acquired at a frequency less than or equal to a threshold level, the certain identification information does not satisfy the verification requirements.

[0096] The display device (100) can receive an application execution request in operation 405. The display device (100) can receive an application execution request, for example, through a remote control device (e.g., user operation on a button of the remote control device). The display device (100) can receive an application execution request (e.g., "Hi Bixby, open the Gallery app"), for example, through a microphone (e.g., the microphone (131) of FIG. 1).

[0097] The display device (100) can determine, in operation 407, whether the application requested for execution is locked. When executing a locked application, the display device (100) may request authentication for the execution of the application. Authentication for the execution of the application may include authentication such as the input of a security password set for the application. When executing an application that is not locked, the display device (100) may not request authentication for the execution of the application.

[0098] In operation 408, the display device (100) may acquire first data for detecting first identification information of the first requester in response to receiving a first application execution request that is locked. The first requester may refer to a user who requested the execution of the first application. For example, the first identification information may include first voice identification information and / or first face identification information. For example, the first data may be acquired by at least one sensor (e.g., sensor (130) of FIG. 1). At least one sensor may include a microphone (e.g., microphone (131) of FIG. 1) and / or a camera (camera (133) of FIG. 1). In response to receiving a first application execution request that is locked, the display device (100) may receive sound through the microphone (131) to detect the first voice identification information of the first requester and acquire the received sound. The display device (100) can take a picture with a camera (133) to detect the first face identification information of the first requester in response to receiving a lock-set first application execution request, and can acquire the captured image.

[0099] The display device (100) may request authentication for the execution of the first application in response to the fact that, in operation 410, the first identification information is not detected based on the first data obtained, and that identification information registered in the unidentified identification database exists. In the following cases, the first identification information is not detected based on the first data. For example, if the user is silent or speaks in a low voice, the user's voice identification information cannot be detected through the microphone (131). For example, if the user is outside the field of view of the camera (133), the user's image cannot be detected through the camera (133). In operation 401 and 403, identification information registered in the unidentified identification database may exist. In this case, the display device (100) may request authentication for the execution of the first application.

[0100] In operation 409, the display device (100) may acquire second data for detecting second identification information of the second requester in response to a request to execute the second application that is not locked. The second requester may refer to a user who requested the execution of the second application. Since operation 409 can be performed by substantially the same procedure as operation 408, a detailed description is omitted. The second application may not be set to a locked state by the user. Even if the second application is not set to a locked state by the user, the display device (100) may manage the lock state of the second application so that authentication can be requested when the second application is executed.

[0101] The display device (100) may request authentication for the execution of the second application in response to the fact that, in operation 411, the second identification information is not detected based on the second data obtained, and that identification information registered in the unidentified identification database exists. Since operation 411 can be performed by substantially the same procedure as operation 410, a detailed description is omitted.

[0102] The display device (100) may request authentication for the execution of an application that is not locked, in response to receiving a request to execute an application, if the requester's identification information is not detected and identification information registered in the application unidentified identification database exists. The display device (100) may request authentication when executing an application if the possibility of an intrusion or visit by an outsider is detected (e.g., identification information registered in the unidentified identification database exists) even if the user has not set the application to a locked state.

[0103] FIGS. 5a and 5b are flowcharts for explaining a method of controlling application execution of a display device (e.g., the display device (100) of FIG. 1) according to one example.

[0104] In the display device (100) of FIG. 5, the application execution control mode can be set to on or off. For example, if the application execution control mode is on, the application execution control mode can be set to manual mode or automatic mode. In this case, the application execution control mode can be set to off, manual mode, or automatic mode. For example, if the application execution control mode is off, the display device (100) does not control application execution. For example, if the application execution control mode is manual mode, the display device (100) may request authentication for application execution when executing a locked application. For example, if the application execution control mode is automatic mode, the display device (100) can control the execution of the application based on data provided by an application installer (e.g., application installer (211) of FIG. 2), an application lock manager (e.g., application lock manager (213) of FIG. 2), an ID manager (e.g., ID manager (215) of FIG. 2), and / or a setting manager (e.g., setting manager (217) of FIG. 2) when the application is executed.

[0105] In the following examples of operations, each operation may be performed sequentially, but is not necessarily performed sequentially. For example, the order of each operation may be changed, or at least two operations may be performed in parallel. According to one example, one or more operations may be omitted. According to one example, at least one of the following operations may be performed on an external server.

[0106] Referring to FIG. 5, the display device (100) can perform each of operations 501, 503, 505, 507, and 509. Since operations 501, 503, 505, 507, and 509 are substantially identical to or overlap with operations 301, 303, 305, 307, and 309, a detailed description will be omitted.

[0107] If the application execution control mode is on in operation 503, the display device (100) can identify whether the application execution control mode is manual mode in operation 511. If the application execution control mode is manual mode, the display device (100) can perform operation 507.

[0108] If the application execution control mode is not manual mode (i.e., the application execution control mode is set to automatic mode), the display device (100) can determine whether identification information of the user who requested the application execution is detected in operation 513. Hereinafter, the user who requested the application execution may be abbreviated as "the requester." According to one example, the display device (100) can acquire sound received by a microphone (e.g., the microphone (131) of FIG. 1) in response to an application execution request through a remote control device. The display device (100) can acquire user voice identification information based on the user voice included in the received sound. If there is no user voice in the received sound (e.g., if the user is silent), the display device (100) cannot detect the requester's voice identification information. If the requester executes the application through a voice recognition function (e.g., "Hi Bixby, launch the Gallery app"), the display device (100) can detect the requester's voice identification information. The display device (100) can acquire an image captured by a camera (e.g., camera (133) of FIG. 1) in response to a request to execute an application through a remote control device. The display device (100) can acquire face identification information of the requester based on the image of the requester included in the captured image. If the requester is not present in the captured image (e.g., if the requester operates the remote control device outside the camera's field of view), the display device (100) cannot detect the face identification information of the requester. If there are multiple users around the display device (100) when an application execution request is made, the display device (100) can detect identification information of each of the multiple users.

[0109] When the requester's identification information is detected, the display device (100) can determine in operation 515 whether the requester is an authenticated user. For example, the authenticated user may be a user who has previously registered identification information (e.g., voice identification information and / or face identification information). The display device (100) can determine whether at least one of the face identification information recognized through the camera at the time of the application execution request via the remote control substantially matches the previously registered face identification information. The display device (100) can determine whether at least one of the voice identification information recognized through the microphone at the time of the application execution request substantially matches the previously registered voice identification information. The display device (100) can determine whether the voice identification information matches the previously registered voice identification information when the application is executed via the voice recognition function. For example, the authenticated user may be the owner of an account that can access the application requested for execution. If the requester is an authenticated user, the display device (100) can perform operation 505. If the requester is not an authenticated user, the display device (100) can determine in operation 519 whether the requester's identification information is registered in the verified identification information database. If the requester's identification information is registered in the verified identification information database, the display device (100) can perform operation 507.

[0110] If the requester's identification information is not registered in the verified identification information database (i.e., if the requester's identification information is unverified identification information), the display device (100) can determine, in operation 521, whether the application uses personal information. For example, the display device (100) can determine whether personal information is displayed in the UI when the application is executed. Whether personal information is displayed in the UI when the application is executed can be determined based on data provided by the application installer (211). If the application uses personal information, the display device (100) can perform operation 509. If the application does not use personal information, the display device (100) can perform operation 507.

[0111] If the requester's identification information is not detected according to the execution of operation 513, the display device (100) may determine in operation 517 whether there is identification information registered in the unidentified identification information database. If there is identification information registered in the unidentified identification information database, the display device (100) may determine in operation 521 whether the application uses personal information. If the application uses personal information, the display device (100) may perform operation 509. If the application does not use personal information, the display device (100) may perform operation 505. If it is determined according to operation 517 that there is no identification information registered in the unidentified identification information database, the display device (100) may perform operation 507.

[0112] For example, a user may have a need to restrict other users' access to an application depending on the application. For example, a user of the display device (100) may have a need to allow users with a trusted identity to freely access the application with their account, but to restrict users with an untrusted identity from accessing the application with their account. For example, a user may have a need to restrict other users' access to a specific application that uses sensitive personal information and displays it on the display.

[0113] Referring to FIG. 5, when the application execution control mode in the display device (100) is set to automatic mode, the display device (100) may request authentication (e.g., entering a security password) when executing a locked application according to the user's selection. According to one example, the display device (100) may identify the user who requested the execution of the application based on information obtained through at least one sensor and may omit the request for authentication (e.g., entering a security password) for the execution of the application depending on the user. According to one example, the display device (100) may determine whether the application uses personal information and may request authentication (e.g., entering a security password) for the execution of the application when executing an application that uses personal information.

[0114] Table 1 below is a table for explaining how to control the execution of an application in a display device (100) according to one example.

[0115] Time Date Description Application Execution Control Mode Privacy Usage Status Lock Setting Status Check Identification Information Database Unconfirmed Identification Information Database 18 / 1 Display Device Initialization Status Off 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: False 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False -- 28 / 1 Change Application Execution Control Mode and Set Specific Application Locks Manual Mode 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: True 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False -- 38 / 2 Change Application Execution Control Mode and Register Authenticated User (1st User) Automatic Mode 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: True 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False 1st User's 1st Facial Identification Information 1st User's 1st Voice Identification Information - 48 / 2 days Household member (2nd User) first recognized 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: True 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False 1st User's 1st Facial Identification Information 1st User's 1st Voice Identification Information 2nd User's 2nd Facial Identification Information 2nd User's 2nd Voice Identification Information 5… ------ 68 / 6 days Household member (2nd User) identification information confirmedRegistered in identification information database 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: True 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False 1st User's 1st Facial Identification Information 1st User's 1st Voice Identification Information 2nd User's 2nd Facial Identification Information 2nd User's 2nd Voice Identification Information - 78 / 7 Days Outsider (3rd User) Visit 1st Application: False 2nd Application: True 3rd Application: False 4th Application: True 5th Application: False 1st Application: True 2nd Application: False 3rd Application: False 4th Application: False 5th Application: False 1st User's 1st Facial Identification Information 1st User's 1st Voice Identification Information 2nd User's 2nd Facial Identification Information 2nd User's 2nd Voice Identification Information 3rd User's 3rd Facial Identification Information 3rd User's 3rd Voice Identification Information

[0116] In Table 1 above, it is assumed that the display device (100) is an electronic device shared among members of a household. For example, it can be assumed that a first user, who has a login account for the first to fifth applications installed on the display device (100), is registered as an authenticated user. At the first point in time, the display device (100) is in an initial state. For example, at the first point in time, the display device (100) may be newly purchased and installed in a household. At the first point in time, the first to fifth applications may be installed on the display device (100). The first to fifth applications may be executed based on the first user's account. The second and fifth applications may use personal information. The second and fifth applications may display personal information on the UI. The application execution control mode is off at the first point in time and may be changed to manual mode at the second point in time. At the second point in time, the first application may be locked. At the third point in time, the application execution control mode may be changed to automatic mode. At the third point in time, the first user may register identification information including their face information and voice information. The display device (100) can register the identification information of the first user in the verified identification database. At the fourth point in time, the display device (100) can detect the identification information of the second user (including face identification information and voice identification information) for the first time. At the fourth point in time, the display device (100) can register the identification information of the second user in the unidentified identification database. For example, at the sixth point in time, which is the fifth day from the fourth point in time when the second user is first detected, the display device (100) can register the second user in the verified identification database and delete them from the unidentified identification database. The second user may be a member of the household.For example, at the seventh point in time when a third user visits, the display device (100) may register the third user's identification information in an unidentified identification database. The third user may be, for example, an outsider who is not a member of the household. In summary, the first application is a locked application. The second and fourth applications are applications that use personal information, and there is a risk of personal information leakage if access by users other than members of the household is allowed. In the case of the third and fifth applications, the risk of personal information leakage may be low even if access by other users is allowed.

[0117] In the description to be provided below, it is assumed that the display device (100) can recognize the user who requested the execution of the application. After the third point in time, the first user who has registered identification information can execute all applications without performing authentication for execution on all applications. At the fourth point in time, the second user registered in the unidentified identification database must enter a security password when executing the first application, the second application, and / or the fourth application, but may not enter a security password when executing the third application and / or the fifth application. After the sixth point in time, the second user identified as a family member must enter a security password when executing the first application, but may not enter a security password when executing the second application, the third application, the fourth application, and / or the fifth application. At the seventh point in time, the third user who is an outsider must enter a security password when executing the first application, the second application, and / or the fourth application, but may not enter a security password when executing the third application and / or the fifth application.

[0118] In the description to be provided below, a case is assumed in which the display device (100) cannot recognize the user who requested the execution of the application. If the unidentified identification database is empty, all users must perform authentication for the execution of the first application when executing the first application. If the unidentified identification database is not empty, all users must perform authentication for the execution of each application when executing the first application, the second application, and / or the fourth application.

[0119] In this way, if there is a concern that a user with an untrusted identity (e.g., an outsider) may execute an application installed on the display device (100), the display device (100) controls the execution of the application based on whether the application uses personal information, even if the user has not set a lock on the application, thereby safely protecting personal information from a user with an untrusted identity. Furthermore, even if the user has not set a lock on the application, if there is no concern that a user with an untrusted identity may execute the display device (100), the display device (100) executes the application without a separate authentication procedure when a member of the household executes the application, thereby resolving the inconvenience associated with performing authentication.

[0120] In the above description, it is assumed that one user is registered as an authenticated user in the display device (100). However, multiple users may be registered as authenticated users, and each of the multiple users may protect their personal information by performing the procedure described above based on their own account.

[0121] According to one example, a display device comprises: a memory including one or more storage media for storing instructions; and at least one processor including a processing circuit, wherein when the instructions are executed individually or collectively by at least one processor, the display device performs the operation of obtaining identification information of an individual surrounding the display device; the operation of registering the obtained identification information in an unidentified identification information database based on the fact that the obtained identification information does not satisfy verification requirements; the operation of obtaining first data for detecting the first identification information of a first requester in response to a request to execute a locked first application; the operation of requesting authentication for the execution of the first application based on the fact that the first identification information is not detected based on the obtained first data and that there is identification information registered in the unidentified identification information database; and the operation of obtaining second data for detecting the second identification information of a second requester in response to a request to execute a second application that is not locked. And based on the second data obtained above, the second identification information is not detected, and based on the existence of identification information registered in the unidentified identification information database, it may cause an operation to request authentication for the execution of the second application.

[0122] According to one example, when the above instructions are executed individually or collectively by at least one processor, the display device may be caused to perform the operation of registering the acquired identification information in a verified identification information database based on the fact that the acquired identification information satisfies the verification requirements.

[0123] According to one example, when the instructions are executed individually or collectively by at least one processor, the display device may be caused to perform: an operation of executing the first application based on the first identification information detected based on the acquired first data and the identified first requester being an authenticated user; and an operation of requesting authentication for the execution of the first application based on the first identification information detected based on the acquired first data and the identified first requester being not an authenticated user.

[0124] According to one example, when the instructions are executed individually or collectively by at least one processor, the display device may be caused to: detect the second identification information based on the acquired second data, and perform the operation of executing the second application based on the fact that the identified second requester is an authenticated user.

[0125] According to one example, when the above instructions are executed individually or collectively by at least one processor, the display device may be caused to perform an operation of: detecting the second identification information based on the acquired second data, and identifying whether the detected second identification information is registered in the verification identification information database based on the fact that the identified second requester is not an authenticated user.

[0126] According to one example, when the above instructions are executed individually or collectively by at least one processor, the display device may be caused to perform: an operation of executing the second application based on whether the second identification information is registered in the verification identification information database; and an operation of identifying whether the second application uses the user's personal information based on whether the second identification information is not registered in the verification identification information database.

[0127] According to one example, when the above instructions are executed individually or collectively by at least one processor, the display device may be caused to perform: an action of requesting authentication for the execution of the second application based on the second application using the user's personal information; and an action of executing the second application based on the second application not using the user's personal information.

[0128] According to one example, when the above instructions are executed individually or collectively by at least one processor, the display device may be caused to perform: an operation of identifying whether the second identification information is detected based on the acquired second data; an operation of identifying whether there is identification information registered in the unidentified identification information database based on the fact that the second identification information is not detected based on the acquired second data; an operation of determining whether the second application uses the user's personal information based on the fact that there is identification information registered in the unidentified identification information database; and an operation of requesting authentication for the execution of the second application based on the fact that the second application uses the user's personal information.

[0129] According to one example, the identification information may include face identification information and / or voice identification information.

[0130] According to one example, the verification requirement may include the frequency of acquiring the identification information being above a threshold level.

[0131] According to one example, a control method for a display device may include: an operation of acquiring identification information of an individual surrounding the display device; an operation of registering the acquired identification information in an unidentified identification information database based on the fact that the acquired identification information does not satisfy verification requirements; an operation of acquiring first data to detect the first identification information of a first requester in response to a request to execute a first application that is locked; an operation of requesting authentication for the execution of the first application based on the fact that the first identification information is not detected based on the acquired first data and that identification information registered in the unidentified identification information database exists; an operation of acquiring second data to detect the second identification information of a second requester in response to a request to execute a second application that is not locked; and an operation of requesting authentication for the execution of the second application based on the fact that the second identification information is not detected based on the acquired second data and that identification information registered in the unidentified identification information database exists.

[0132] According to one example, the method may include an operation of registering the acquired identification information in a verified identification information database based on the fact that the acquired identification information satisfies the verification requirements.

[0133] According to one example, the method may include: an operation of executing the first application based on the first identification information detected based on the first acquired data and the first identified requester being an authenticated user; and an operation of requesting authentication for executing the first application based on the first identification information detected based on the first acquired data and the first identified requester being an authenticated user.

[0134] According to one example, the method may include the operation of detecting the second identification information based on the second acquired data and executing the second application based on the fact that the identified second requester is an authenticated user.

[0135] According to one example, the method may include an operation of detecting the second identification information based on the acquired second data, and identifying whether the detected second identification information is registered in the verification identification information database based on the fact that the identified second requester is not an authenticated user.

[0136] According to one example, the method may include: an operation of executing the second application based on whether the second identification information is registered in the verification identification information database; and an operation of identifying whether the second application uses the user's personal information based on whether the second identification information is not registered in the verification identification information database.

[0137] According to one example, the method may include: an action of requesting authentication for the execution of the second application based on the second application using the user's personal information; and an action of executing the second application based on the second application not using the user's personal information.

[0138] According to one example, the operation of requesting authentication for the execution of the second application may include: an operation of identifying whether the second identification information is detected based on the acquired second data; an operation of identifying whether there is identification information registered in the unidentified identification information database based on the fact that the second identification information is not detected based on the acquired second data; an operation of identifying whether the second application uses the user's personal information based on the fact that there is identification information registered in the unidentified identification information database; and an operation of requesting authentication for the execution of the second application based on the fact that the second application uses the user's personal information.

[0139] According to one example, the identification information may include face identification information and / or voice identification information.

[0140] According to one example, the verification requirement may include the frequency of acquiring the identification information being above a threshold level.

[0141] The various examples of the invention disclosed in this specification and drawings are provided merely to facilitate the explanation of the technical content of the invention and to aid in understanding the invention, and are not intended to limit the scope of the invention. Accordingly, the scope of the invention should be interpreted to include all modifications or variations derived based on the technical concept of the invention, in addition to the examples disclosed herein.

Claims

In a display device (100), Memory (160) comprising one or more storage media for storing instructions; and It includes at least one processor (120) including a processing circuit, and When the above instructions are executed individually or collectively by at least one processor, the display device, An operation to obtain identification information of an individual surrounding the above-mentioned display device; The operation of registering the acquired identification information in an unidentified identification information database based on the fact that the acquired identification information does not satisfy verification requirements; An operation to acquire first data for detecting first identification information of a first requester in response to an execution request of a first application that is locked; An operation to request authentication for the execution of the first application based on the fact that the first identification information is not detected based on the first data obtained above, and that identification information registered in the unidentified identification information database exists; An operation to acquire second data for detecting second identification information of a second requester in response to an execution request of a second application that is not locked; and An operation to request authentication for the execution of the second application based on the fact that the second identification information is not detected based on the second data acquired above, and that identification information registered in the unidentified identification information database exists. A display device that causes to perform. In paragraph 1, When the above instructions are executed individually or collectively by at least one processor, the display device: The operation of registering the acquired identification information in the verified identification information database based on the fact that the acquired identification information satisfies the verification requirements. A display device that causes to perform. In paragraph 1 or 2, When the above instructions are executed individually or collectively by at least one processor, the display device: An operation of detecting the first identification information based on the first data obtained above, and executing the first application based on the fact that the identified first requester is an authenticated user; and An operation in which the first identification information is detected based on the first data obtained above, and the identified first requester is not an authenticated user, and an authentication is requested for the execution of the first application based on that. A display device that causes to perform. In any one of paragraphs 1 through 3, When the above instructions are executed individually or collectively by at least one processor, the display device: Based on the second data acquired above, the second identification information is detected, and based on the fact that the identified second requester is an authenticated user, the operation of executing the second application A display device that causes to perform. In any one of paragraphs 2 through 4, When the above instructions are executed individually or collectively by at least one processor, the display device: An operation to detect the second identification information based on the second data obtained above, and to determine whether the detected second identification information is registered in the verification identification information database based on the fact that the identified second requester is not an authenticated user. A display device that causes to perform. In paragraph 5, When the above instructions are executed individually or collectively by at least one processor, the display device: An action of executing the second application based on the fact that the second identification information is registered in the verification identification information database; and An operation to identify whether the second application uses the user's personal information based on the fact that the second identification information is not registered in the verification identification information database. A display device that causes to perform. In paragraph 6, When the above instructions are executed individually or collectively by at least one processor, the display device: An action of requesting authentication for the execution of the second application based on the second application using the user's personal information; and An operation to execute the second application based on the fact that the second application does not use the user's personal information. A display device that causes to perform. In any one of paragraphs 1 through 7, When the above instructions are executed individually or collectively by at least one processor, the display device: An operation to identify whether the second identification information is detected based on the second data obtained above; An operation to identify whether there is identification information registered in the unidentified identification information database based on the fact that the second identification information is not detected based on the second data obtained above; An action of identifying whether the second application uses the user's personal information based on the existence of identification information registered in the aforementioned unidentified identification information database; and An operation to request authentication for the execution of the second application based on the second application using the user's personal information. A display device that causes to perform. In any one of paragraphs 1 through 8, A display device comprising the above identification information, which includes face identification information and / or voice identification information. In any one of paragraphs 1 through 9, A display device, wherein the above verification requirement includes the acquisition frequency of the above identification information being above a threshold level. In a method for controlling a display device, An operation to obtain identification information of an individual surrounding the above-mentioned display device; The operation of registering the acquired identification information in an unidentified identification information database based on the fact that the acquired identification information does not satisfy verification requirements; An operation to acquire first data for detecting first identification information of a first requester in response to an execution request of a first application that is locked; An operation to request authentication for the execution of the first application based on the fact that the first identification information is not detected based on the first data obtained above, and that identification information registered in the unidentified identification information database exists; An operation to acquire second data for detecting second identification information of a second requester in response to an execution request of a second application that is not locked; and An operation to request authentication for the execution of the second application based on the fact that the second identification information is not detected based on the second data acquired above, and that identification information registered in the unidentified identification information database exists. A control method including In Paragraph 11, The operation of registering the acquired identification information in the verified identification information database based on the fact that the acquired identification information satisfies the verification requirements. A control method including In Article 11 or Article 12, An operation of detecting the first identification information based on the first data obtained above, and executing the first application based on the fact that the identified first requester is an authenticated user; and An operation in which the first identification information is detected based on the first data obtained above, and the identified first requester is not an authenticated user, and an authentication is requested for the execution of the first application based on that. A control method including In any one of paragraphs 11 through 13, Based on the second data acquired above, the second identification information is detected, and based on the fact that the identified second requester is an authenticated user, the operation of executing the second application A control method including In any one of paragraphs 12 through 14, An operation to detect the second identification information based on the second data obtained above, and to determine whether the detected second identification information is registered in the verification identification information database based on the fact that the identified second requester is not an authenticated user. A control method including

Images