Specific embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from start to finish
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one
It is individual ", " described " and " being somebody's turn to do " may also comprise plural form.It is to be further understood that arranging used in the description of the present invention
Diction " including " refers to there is the feature, integer, step, operation, element and/or component, but it is not excluded that existing or adding
One or more other features, integer, step, operation, element, component and/or their group.It should be understood that when we claim unit
Part is " connected " or during " coupled " to another element, and it can be directly connected or coupled to other elements, or can also exist
Intermediary element.Additionally, " connection " used herein or " coupling " can include wireless connection or wireless coupling.It is used herein to arrange
Diction "and/or" includes one or more associated wholes for listing item or any cell and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined all terms used herein are (including technology art
Language and scientific terminology), with art of the present invention in those of ordinary skill general understanding identical meaning.Should also
It is understood by, those terms defined in such as general dictionary, it should be understood that with the context with prior art
The consistent meaning of meaning, and unless by specific definitions as here, will not otherwise use idealization or excessively formal implication
To explain.
Those skilled in the art of the present technique are appreciated that " terminal " used herein above, " terminal unit " had both included wireless communication
The equipment of number receptor, which only possesses the equipment of the wireless signal receiver of non-emissive ability, includes again receiving and launches hardware
Equipment, which has the equipment of the reception that on bidirectional communication link, can carry out two-way communication and transmitting hardware.This equipment
Can include:Honeycomb or other communication equipments, there is single line display or multi-line display or no multi-line to show for which
The honeycomb of device or other communication equipments;PCS (Personal Communications Service, PCS Personal Communications System), which can
With combine voice, data processing, fax and/or its communication ability;PDA (Personal Digital Assistant, it is personal
Digital assistants), which can include radio frequency receiver, pager, the Internet/intranet access, web browser, notepad, day
Go through and/or GPS (Global Positioning System, global positioning system) receptor;Conventional laptop and/or palm
Type computer or other equipment, its have and/or conventional laptop and/or palmtop computer including radio frequency receiver or its
His equipment." terminal " used herein above, " terminal unit " they can be portable, can transport, installed in the vehicles (aviation,
Sea-freight and/or land) in, or be suitable for and/or be configured in local runtime, and/or with distribution form, operate in the earth
And/or any other position in space is run." terminal " used herein above, " terminal unit " can also be communication terminal, on
Network termination, music/video playback terminal, for example, can be PDA, MID (Mobile Internet Device, mobile Internet
Equipment) and/or the equipment such as the mobile phone with music/video playing function, or intelligent television, Set Top Box.
In the embodiment of the present invention, the access management-control method to applying is improved.Containment system receives its application
After access request, sent to master control system by the container path of built in advance;After master control system receives the access request of application, root
According to access rights strategy currently stored in master control system, the access request of the application to receiving carries out Authority Verification, and leads to
Cross container path and return authority the result;When containment system determines the Authority Verification result for receiving for allowing, according to application
Access request operated.It can be seen that, in the embodiment of the present invention, access rights strategy is all arranged in master control system, master control system
After the containment system on system upper strata receives the access request wherein applied, access request is forwarded to into master control system, by master control system
System basis is preset in access rights strategy therein carries out Authority Verification to access request, when authority the result is for allowing,
Notify that the containment system is operated according to access request.Even if containment system is invaded by rogue program, due in containment system
There is no access rights strategy, rogue program cannot obtain access rights strategy from containment system;Again as appearance cannot be obtained
Communication mode and channel between device system and master control system, it is impossible to obtain access rights strategy from master control system;Therefore can
To be managed in control process the safety for ensureing access rights strategy in the access request to applying, so as to be lifted on the whole
Conduct interviews the safety of management control to application.
The technical scheme of the embodiment of the present invention is introduced below in conjunction with the accompanying drawings specifically.
In technical scheme, the block schematic illustration of the internal structure of terminal unit as shown in figure 1, including:Master control
System and at least one containment system.
Wherein, at least one containment system can include the first containment system, second container system ..., N containers system
System.N is more than 2 positive integer.
Containment system in the embodiment of the present invention, is provided in creating with Linux container (container) Intel Virtualization Technology
Operating system in the container built.Operating system can be traditional (SuSE) Linux OS or Unix operating systems,
Can be android system or Ubuntu systems for being derived based on (SuSE) Linux OS etc., can also be with Windows
Windows systems based on platform etc..In fact, the containment system in the present invention is not limited to the aforementioned operation system for enumerating
System, can cover all operating systems that can be run in a reservoir.For ease of description, below using android system as appearance
Technical scheme is illustrated as a example by device system.
Master control system can be that above-mentioned traditional operating system, or be improved to traditional operating system is obtained
Operating system.Master control system includes kernel.Kernel is kernel, or is obtained after increasing functional module on the basis of kernel
Enhancement mode kernel for arriving.It is preferred that said vesse system sends call request or access request to master control system, by master control
System is called kernel to realize various functions.
Master control system is mainly used in carrying out AM/BAM management to multiple containers system, interacts with each containment system.
It is preferred that master control system can be communicated with containment system by container path.Further, container path can be with
It is socket (socket) passage.One containment system sends container path request to create to master control system;Master control system is connected to
After the request of the containment system, a pair of descriptors (socketpair) of a socket file and the socket files are created,
And name for this pair of descriptor;By this pair of descriptor and its name registration master control system NSS (Name Space Server,
Name space is serviced) in virtual unit;The title of a descriptor in a pair of the descriptors for succeeding in registration is returned to into the appearance
Device system;The containment system is obtained after corresponding descriptor from NSS virtual units according to the title of descriptor, can be retouched by this
State to accord with and communicated with the master control system for possessing the socket files another descriptors.
In the embodiment of the present invention, the access rights that are stored with master control system strategy.It is preferred that the visit in the embodiment of the present invention
Ask that authorization policy can be specifically MDM (Mobile Device Management, mobile device management) tactful.
Terminal unit in the embodiment of the present invention is all registered in advance in cloud server.Bag has been recorded in cloud server
Include mark, communicating number and the currently used access rights strategy of terminal unit, and list belonging to the user of terminal unit
Position, and the information such as post.Access rights strategy includes:Using access rights and corresponding application scenarios;Application scenarios include
It is following at least one:Using affiliated containment system, the AM/BAM state of containment system, time.
Embodiments provide a kind of dynamic updating method of terminal unit access rights strategy, the flow process of the method
Schematic diagram is as shown in Fig. 2 comprise the steps:
S201:After the access rights strategy that cloud server is stored in determining terminal unit needs to update, to the terminal
Equipment issues access rights update notification.
For example, in cloud server, one of terminal unit specific access rights strategy includes that user can be in inoperative
Photographic head in time using terminal equipment, operationally between can not use photographic head;When cloud server receives the terminal
When 9 points to the 18 points changes from Monday to Friday of the working time of equipment user turn at 8 points to 19 points, the concrete access right is updated
The working time of the user in limit strategy.The access rights strategy that further cloud server is stored in determining the terminal unit is needed
It is updated.
For another example, cloud server record terminal unit user occupational information be police, the access right of the terminal unit
Limit strategy includes:Can be forbidden during user's execution task with the shoot function of using terminal equipment during user's non task
The shoot function of using terminal equipment.Need the information of execution task and determine when cloud server receives the Police users
Going out last time, to be handed down to the access rights strategy stored by the terminal unit be comprising can be with the shoot function of using terminal equipment
It is tactful when, determine needs by the access rights policy update stored in the terminal unit for forbidding using setting using the terminal
Standby shoot function.
After the access rights strategy that cloud server is stored in determining terminal unit needs to update, under the terminal unit
Send out access rights update notification.
S202:After master control system receives access rights update notification, corresponding access rights are obtained from cloud server
Strategy.
It is preferred that after master control system receives the access rights update notification that cloud server is issued, from cloud server
Obtaining needs the Jing of the access rights strategy of renewal, the access rights strategy private by the terminal unit that cloud server is determined
The digest value and public key corresponding with the private key of key encryption.
S203:Master control system carries out legitimate verification to the access rights strategy for obtaining, and determines the legitimate verification result
It is whether legal;When legitimate verification result is legal, execution step S204;When legitimate verification result is illegal, suddenly
The access rights strategy for slightly obtaining.
It is preferred that master control system is according to the public key for obtaining, the encrypted data to obtaining are decrypted.
When successful decryption, illustrate that the digest value of Jing private key encryptions is not tampered with, be safe, so as to obtain plucking for decryption
It is worth.When decryption failure, illustrate that the digest value of Jing private key encryptions is likely to be tampered, it is no longer safe, delete the visit for obtaining
Ask authorization policy, the digest value of the Jing private key encryptions of the access rights strategy and public key corresponding with the private key;Or, will
The access rights strategy of acquisition, the digest value of the Jing private key encryptions of the access rights strategy and public key corresponding with the private key
Move in security sandbox.
After master control system determines the digest value of access rights strategy of acquisition, it is compared with the digest value after decryption;
When comparative result is consistent, illustrates that the access rights strategy for obtaining is not tampered with, be safe, determine legitimate verification result
For legal, execution step S204.
When it is inconsistent that master control system determines comparative result, illustrate that the access rights strategy for obtaining is likely to be usurped
Change, it is no longer safe, legitimate verification result is determined for illegal, the access rights strategy of deletion acquisition, the access rights plan
The digest value and public key corresponding with the private key of Jing private key encryptions slightly;Or, by the access rights strategy for obtaining, the visit
Ask that the digest value and public key corresponding with the private key of the Jing private key encryptions of authorization policy are moved in security sandbox.Further, it is main
Control system can reacquire access rights strategy.
S204:Access rights strategy to having been stored in master control system is updated.
Master control system is carried out more according to the access rights strategy for obtaining, the access rights strategy to having been stored in master control system
Newly.
Due to lower floor of the master control system in containment system, generally direct interaction is not carried out with user, rogue program is usual
The communication mode and channel of the containment system in the embodiment of the present invention and master control system cannot be obtained, it is difficult to invade master control system,
Distort or destroy the access rights strategy stored in master control system;The safety of the access rights strategy for therefore storing in master control system
Property, the safety of the access rights strategy stored in significantly larger than traditional containment system.
Embodiments provide the dynamic updating method of another kind of terminal unit access rights strategy, the stream of the method
Journey schematic diagram is as shown in figure 3, comprise the steps:
S301:After the access rights strategy that cloud server is stored in determining terminal unit needs to update, to the terminal
Equipment issues access rights update notification.
Method in this step is consistent with the method in above-mentioned steps S201, and here is omitted.
S302:After containment system receives access rights update notification, corresponding access rights are obtained from cloud server
Strategy.
It is preferred that after containment system receives the access rights update notification that cloud server is issued, from cloud server
Obtaining needs the Jing of the access rights strategy of renewal, the access rights strategy private by the terminal unit that cloud server is determined
The digest value and public key corresponding with the private key of key encryption.
S303:The access rights strategy for obtaining is sent to master control system by containment system by container path.
The access rights strategy that application in containment system will be obtained, by advance between the containment system and master control system
The container path of foundation, sends to master control system.
S304:Master control system carries out legitimate verification to the access rights strategy for obtaining, and determines the legitimate verification result
It is whether legal;When legitimate verification result is legal, execution step S305;When legitimate verification result is illegal, suddenly
The access rights strategy for slightly obtaining.
Method in this step is consistent with the method in above-mentioned steps S203, and here is omitted.
S305:Access rights strategy to having been stored in master control system is updated.
It is preferred that master control system receive access rights strategy after, and the access rights strategy to storing in master control system
Before being updated, it is determined that the application in the containment system of access rights strategy is sent by container path, set up with request and hold
Whether the application of device passage is consistent;If consistent, illustrate that the application for sending access rights strategy is not invaded by rogue program, then to master
The access rights strategy stored in control system is updated;If inconsistent, illustrate that the application for sending access rights strategy is likely to
Invaded by rogue program, then delete access rights strategy, the summary of the Jing private key encryptions of the access rights strategy of acquisition
Value, and public key corresponding with the private key;Or, the Jing private keys of the access rights strategy of acquisition, the access rights strategy are added
Close digest value and public key corresponding with the private key are moved in security sandbox.
Other methods in this step are consistent with the method in above-mentioned steps S204, and here is omitted.
Based on the access rights strategy of above-mentioned acquisition, the flow process of the access management-control method of the application of the embodiment of the present invention is illustrated
Figure is as shown in figure 4, comprise the steps:
S401:After containment system receives the access request of its application, sent out to master control system by the container path of built in advance
Send.
The application that containment system is received in the containment system is asked after request, by being pre-created for putting for system resource
The containment system and master control system between container path, to master control system send.
S402:After master control system receives the access request of application, according to access rights currently stored in master control system
Strategy, the access request of the application to receiving carry out Authority Verification, and return authority the result by container path.
Specifically, after master control system receives the access request of application, the currently stored access rights from master control system
The authority for putting the function of asking that request is related to is found out in strategy, as Authority Verification result.Authority Verification result can be pin
Permission information to the authority of at least one function and forbid information.At least one function can include it is following at least one:Clap
Take the photograph, record, network insertion, mobile communication, instant messaging etc..
It is preferred that in the flow process implementation procedure as shown in Figure 4 of the embodiment of the present invention, such as Fig. 2 in the embodiment of the present invention
Or the flow process shown in 3 is likely to also perform at the same time.That is, in flow process implementation procedure as shown in Figure 4, terminal unit
The access rights strategy of middle storage is likely to be occurred to update.
Therefore, when authority the result for allow when, master control system record application access request, said container system and
Involved access rights strategy.
When master control system detect access rights strategy occur update, and update after access rights strategy to apply visit
When asking that the Authority Verification result of request is updated to forbid, after the containment system belonging to container path to application is returned and is updated
Authority Verification result.
It is preferred that access rights strategy can include:The access rights strategy and the access right of containment system of master control system
Limit strategy.
And, according to the access rights strategy of containment system currently stored in master control system, to the application that receives
Access request carries out the Authority Verification of container levels.Specifically, master control system determines the affiliated appearance of the application for sending access request
Device system, and then the access rights strategy of the containment system stored in determining master control system;According to the container determined
The access rights strategy of system, the access request of the application to receiving carry out Authority Verification, using the Authority Verification as container
The Authority Verification of level.
When the Authority Verification result of container levels is for allowing, according to the access of master control system currently stored in master control system
Authorization policy, the access request of the application to receiving carry out the Authority Verification of master stage.Specifically, according in master control system when
The access rights strategy of the master control system of front storage, the access request of the application to receiving carry out Authority Verification, by the authority
Verify the Authority Verification as master stage.
When the Authority Verification result of container levels be allow, and master stage Authority Verification result for forbid when, it is determined that finally
Authority Verification result for forbidding, and returned to containment system by container path.
It can easily be seen that as the priority of the access rights strategy of master control system is higher than the access rights plan of containment system
Omit, therefore, the Authority Verification result of the container levels determined even from the access rights strategy of containment system is permission, as long as
The Authority Verification result of the master stage determined according to the access rights strategy of master control system for forbidding, tie by final Authority Verification
Fruit is to forbid.Even if the authority access strategy of containment system occurs leakage, distorted by rogue program, cannot also obtain by master control system
The authority forbidden by the access rights strategy of system, improves the safety of terminal unit.
Additionally, when the Authority Verification result of container levels be forbid, and master stage Authority Verification result for allow when, it is determined that
Final Authority Verification result is for forbidding, and is returned to containment system by container path.
When the Authority Verification result of container levels be allow, and master stage Authority Verification result for allow when, it is determined that finally
Authority Verification result for allow, and by container path to containment system return.
Further, the access rights strategy of containment system can include:The access rights strategy of security domain containment system and
The access rights strategy of non-secure domains containment system.
And, the access rights of currently stored safe domain system in the access request of application is related to master control system simultaneously
Strategy, and non-secure domains system access rights strategy when, the visit according to the access rights strategy of safe domain system, to applying
Ask that request carries out the Authority Verification of container levels.
It can easily be seen that as the priority of the access rights strategy of safe domain system is higher than the access right of non-secure domains system
Limit strategy, therefore, when the function of accessing required by the access request applied while safety currently stored in being related to master control system
During the access rights strategy of the access rights strategy of domain system and non-secure domains system, according to the access right of safe domain system
Limit strategy, the access request to applying carry out the Authority Verification of container levels.Even if the authority access strategy of non-secure domains system is sent out
It is raw to leak, distorted by rogue program, the authority forbidden by the access rights strategy of safe domain system cannot be also obtained, is improved
The safety of terminal unit.
It is preferred that access rights strategy includes:Using access rights and corresponding application scenarios;Under application scenarios include
State at least one:Using affiliated containment system, the AM/BAM state of containment system, time.
And, master control system can according to send access request application said container system AM/BAM state, it is determined that
Go out containment system in foreground or during backstage, the corresponding access rights strategy of difference.When the affiliated appearance of application for sending access request
When device system is in foreground, the corresponding access rights strategy in foreground is according to currently stored containment system in master control system,
The access request of the application to receiving carries out Authority Verification, and returns authority the result by container path.
S403:When containment system determines the Authority Verification result for receiving for allowing, carried out according to the access request of application
Operation.
Specifically, the application of access request is sent in containment system, after container path receives Authority Verification result,
The result that defines the competence is allowed or is forbidden;When the result is defined the competence for allowing, according to the access request of application
Operated;When the result being defined the competence for forbidding, ignore the access request of application.
It is preferred that when the Authority Verification result that the containment system last time receives be allow, and according to application visit
In asking the operating process of request, the Authority Verification result after the renewal for same access request is received.Containment system determines
When the Authority Verification result after updating is received for forbidding, stop responding the access request applied, for example, terminate basis
Using access request operation.
Based on the access management-control method of above-mentioned application, the embodiment of the present invention additionally provides a kind of access management and control dress of application
Put, the device is arranged in the terminal unit of the embodiment of the present invention, block schematic illustration such as Fig. 5 institutes of the internal structure of the device
Show, including:Master control system and at least one containment system.
Each containment system includes:Access request processing module 501.
Wherein, it is after access request processing module 501 is used for receiving the access request which is applied, logical by the container of built in advance
Road is sent to master control system;It is determined that when the Authority Verification result for receiving is for allowing, being operated according to the access request of application.
Master control system includes:Access authority verification module 511.
Access authority verification module 511 is used for receiving access request processing module 501 by answering that container path sends
After access request, according to access rights strategy currently stored in master control system, the access request of the application to receiving
Authority Verification is carried out, and authority the result is returned by container path.
It is preferred that as shown in figure 5, the master control system of the embodiment of the present invention also includes:Access rights strategy acquisition module 512
With access rights policy update module 513.
Wherein, after access rights strategy acquisition module 512 is used for receiving access rights update notification, from cloud server
Obtain corresponding access rights strategy.
Access rights policy update module 513 carries out legitimate verification for the access rights strategy to obtaining;When legal
Property the result for it is legal when, the access rights strategy to having been stored in master control system is updated.
It is preferred that the access authority verification module 511 in master control system is additionally operable to return Authority Verification by container path
As a result after, when authority the result is for allowing, the access request of master control system record application, said container system and involved
Access rights strategy;When detect access rights strategy occur update, and update after access rights strategy to apply visit
When asking that the Authority Verification result of request is updated to forbid, after the containment system belonging to container path to application is returned and is updated
Authority Verification result.
And, the access request processing module 501 in containment system is additionally operable to determine the Authority Verification received after updating
As a result for, when forbidding, stopping is responded to the access request applied.
It is preferred that access rights strategy acquisition module 512 is specifically for obtaining corresponding access rights from cloud server
Tactful and its encrypted digest value and corresponding public key.
And, access rights policy update module 513 is specifically for the encrypted number according to the public key for obtaining to acquisition
According to being decrypted;When successful decryption, the digest value decrypted is obtained;After determining the digest value of access rights strategy of acquisition,
It is compared with the digest value after decryption;When comparative result is consistent, determine that legitimate verification result is legal.
It is preferred that access authority verification module 511 is specifically for according to containment system currently stored in master control system
Access rights strategy, the access request of the application to receiving carry out the Authority Verification of container levels;When the Authority Verification of container levels
When as a result for allowing, according to the access rights strategy of master control system currently stored in master control system, to the application that receives
Access request carries out the Authority Verification of master stage;When the Authority Verification result of master stage is for forbidding, it is determined that final authority is tested
Card result is for forbidding, and is returned to containment system by container path;Wherein, access rights strategy includes:The visit of master control system
Ask the access rights strategy of authorization policy and containment system.
It is preferred that access authority verification module 511 is specifically for when the access request applied is while be related in master control system
During the access rights strategy of the access rights strategy of currently stored safe domain system and non-secure domains system, according to safety
The access rights strategy of domain system, the access request to applying carry out the Authority Verification of container levels;Wherein, the access of containment system
Authorization policy includes the access rights strategy of the access rights strategy and non-secure domains containment system of security domain containment system.
The access authority verification module 511 in access request processing module 501, master control system in said vesse system,
The implementation method of 513 function of access rights strategy acquisition module 512 and access rights policy update module, may be referred to as described above
The particular content of the process step of Fig. 2 and Fig. 4, here is omitted.
Based on the access management-control method of above-mentioned application, the embodiment of the present invention additionally provides a kind of access management and control dress of application
Put, the device is arranged in the terminal unit of the embodiment of the present invention, block schematic illustration such as Fig. 6 institutes of the internal structure of the device
Show, including:Master control system and at least one containment system.
Each containment system includes:Access request processing module 601.
Wherein, it is after access request processing module 601 is used for receiving the access request which is applied, logical by the container of built in advance
Road is sent to master control system;It is determined that when the Authority Verification result for receiving is for allowing, being operated according to the access request of application.
Master control system includes:Access authority verification module 611.
Access authority verification module 611 is used for receiving access request processing module 601 by answering that container path sends
After access request, according to access rights strategy currently stored in master control system, the access request of the application to receiving
Authority Verification is carried out, and authority the result is returned by container path.
It is preferred that as shown in fig. 6, the containment system of the embodiment of the present invention also includes:Access rights strategy acquisition module
602。
After access rights strategy acquisition module 602 is used for receiving access rights update notification, obtain from cloud server
Corresponding access rights strategy;The access rights strategy for obtaining is sent to master control system by container path.
And, as shown in fig. 6, the master control system of the embodiment of the present invention also includes:Access rights policy update module 612.
Access rights policy update module 612 carries out legitimate verification for the access rights strategy to obtaining;When legal
Property the result for it is legal when, the access rights strategy to having been stored in master control system is updated.
It is preferred that the access authority verification module 611 in master control system is additionally operable to return Authority Verification by container path
As a result after, when authority the result is for allowing, the access request of master control system record application, said container system and involved
Access rights strategy;When detect access rights strategy occur update, and update after access rights strategy to apply visit
When asking that the Authority Verification result of request is updated to forbid, after the containment system belonging to container path to application is returned and is updated
Authority Verification result.
And, the access request processing module 601 in containment system is additionally operable to determine the Authority Verification received after updating
As a result for, when forbidding, stopping is responded to the access request applied.
It is preferred that access rights strategy acquisition module 602 is specifically for obtaining corresponding access rights from cloud server
Tactful and its encrypted digest value and corresponding public key.
And, access rights policy update module 612 is specifically for the encrypted number according to the public key for obtaining to acquisition
According to being decrypted;When successful decryption, the digest value decrypted is obtained;After determining the digest value of access rights strategy of acquisition,
It is compared with the digest value after decryption;When comparative result is consistent, determine that legitimate verification result is legal.
It is preferred that access authority verification module 611 is specifically for according to containment system currently stored in master control system
Access rights strategy, the access request of the application to receiving carry out the Authority Verification of container levels;When the Authority Verification of container levels
When as a result for allowing, according to the access rights strategy of master control system currently stored in master control system, to the application that receives
Access request carries out the Authority Verification of master stage;When the Authority Verification result of master stage is for forbidding, it is determined that final authority is tested
Card result is for forbidding, and is returned to containment system by container path;Wherein, access rights strategy includes:The visit of master control system
Ask the access rights strategy of authorization policy and containment system.
It is preferred that access authority verification module 611 is specifically for when the access request applied is while be related in master control system
During the access rights strategy of the access rights strategy of currently stored safe domain system and non-secure domains system, according to safety
The access rights strategy of domain system, the access request to applying carry out the Authority Verification of container levels;Wherein, the access of containment system
Authorization policy includes the access rights strategy of the access rights strategy and non-secure domains containment system of security domain containment system.
Access request processing module 601 in said vesse system, and access rights strategy acquisition module 602, Yi Jizhu
Access authority verification module 611 in control system, and 612 function of access rights policy update module implementation method, Ke Yican
The particular content of the process step such as above-mentioned Fig. 3 and Fig. 4 is examined, here is omitted.
In the embodiment of the present invention, access rights strategy is all arranged in master control system, the containment system on master control system upper strata
After receiving the access request wherein applied, access request is forwarded to into master control system, by master control system according to it is default wherein
Access rights strategy Authority Verification is carried out to access request, when authority the result for allow when, notify the containment system root
Operated according to access request.Even if containment system is invaded by rogue program, due to there is no access rights plan in containment system
Slightly, rogue program cannot obtain access rights strategy from containment system;As master control system is located at the lower floor, no of containment system
The function of directly being interacted with user is provided, user cannot installation procedure into master control system, even if rogue program disguises oneself as
Using or parasitism also cannot be installed in master control system in the application, greatly strengthen the safety of master control system;Malice journey
Sequence is difficult to obtain the communication mode and approach between containment system and master control system, even if having invaded containment system, it is also difficult to invade
Enter master control system, it is impossible to obtain access rights strategy from master control system, still will be controlled by access rights strategy, it is difficult to
Steal the classified information in terminal unit;Therefore can be managed in control process in the access request to applying and ensure to access
The safety of authorization policy, so that improve the safety to the information in terminal unit on the whole.
And, in the embodiment of the present invention, the master control system or containment system in terminal unit is received under cloud server
After the authorization policy update notification sent out, manually intervened without the need for technical staff, the version of whole operation system need not be updated, just
Access rights strategy, and the access rights for having been stored in automatically updating this terminal unit can be obtained from cloud server automatically
Strategy, realizes the dynamic renewal of access rights strategy in this terminal unit, greatly improves renewal access rights strategy just
Profit.And, master control system carries out legitimate verification to the access rights strategy for obtaining, when being verified as legal, it is ensured that obtain
The access rights strategy for taking is not tampered with, and then the renewal of the authorization policy that conducted interviews according to legal access rights strategy, can
To ensure safety of the access rights strategy in dynamic updating process.Therefore, the embodiment of the present invention can ensure access right
On the basis of limit security policy, the dynamic renewal of access rights strategy, and the access rights strategy updated based on dynamic are realized
Access request to applying carries out management and control;Both the classified information in terminal unit had been protected, easily dynamic can have been updated and visited again
Authorization policy is asked, the efficiency of the access request of management and control application is lifted.
Further, in the embodiment of the present invention, master control system or containment system can obtain access right from cloud server
During limit strategy, the digest value and public key of the encrypted access rights strategy is obtained in the lump, and by master control system to acquisition
Access rights strategy carries out legitimate verification.Whether the digest value for obtaining can be decrypted according to the public key for obtaining, be sentenced
Whether the disconnected access rights strategy for obtaining is tampered;Whether the access rights strategy for comparing checking acquisition according to digest value is usurped
Change;When the comparative result of successful decryption and digest value is consistent, determine that the legitimate verification result is legal, according to legal visit
Ask that authorization policy carries out policy update;So as to the probability that the access rights strategy that reduce further acquisition is tampered, further
Strengthen the safety of the dynamic renewal access rights strategy of the embodiment of the present invention, and then enhancing updates access based on dynamic on the whole
The safety of the access management and control process of the application of authorization policy, lifts the safety of information in terminal unit.
Additionally, in the embodiment of the present invention, when authority the result is for allowing, the access of master control system record application please
Ask, said container system and involved access rights strategy.When master control system detect access rights strategy occur update, and
When the Authority Verification result of access request of the access rights strategy after renewal to applying is updated to forbid, to the appearance belonging to application
Device system is returned;Stop responding the access request applied by the containment system.So as to the terminal in the embodiment of the present invention
When the transmission dynamic of the access rights strategy stored in equipment updates, immediately according to the access rights strategy after renewal to application
Access request re-starts Authority Verification, so that the access rights strategy after updating produces effect in time, asks to accessing in time
Ask and limited, can prevent the classified information in terminal unit from leaking, further lift the safety of information in terminal unit.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for performing in operation described herein
One or more of equipment.These equipment can be for needed for purpose and specially design and manufacture, or can also include general
Known device in computer.These equipment have the computer program being stored in which, and these computer programs are optionally
Activation is reconstructed.During such computer program can be stored in equipment (for example, computer) computer-readable recording medium or it is stored in
It is suitable to store and e-command is coupled in any kind of medium of bus respectively, the computer-readable medium is included but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memorizer), RAM (Random Access Memory, immediately memorizer), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, EEPROM), flash memory, magnetic card or light line card
Piece.It is, computer-readable recording medium include being stored in the form of it can read by equipment (for example, computer) or transmission information any Jie
Matter.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or
The combination of each frame and these structure charts and/or block diagram and/or the frame in flow graph in block diagram and/or flow graph.This technology is led
Field technique personnel be appreciated that can by these computer program instructions be supplied to general purpose computer, special purpose computer or other
The processor of programmable data processing method realizing, so as to pass through the process of computer or other programmable data processing methods
Device is performing the scheme specified in the frame or multiple frames of structure chart disclosed by the invention and/or block diagram and/or flow graph.
Various operations that those skilled in the art of the present technique had been discussed in being appreciated that the present invention, method, in flow process
Step, measure, scheme can be replaced, changed, combined or deleted.Further, it is each with what is discussed in the present invention
Kind of operation, method, other steps in flow process, measure, scheme can also be replaced, changed, reset, decomposed, combined or deleted.
Further, it is of the prior art with the various operations disclosed in the present invention, method, flow process in step, measure, scheme
Can also be replaced, changed, reset, decomposed, combined or deleted.
The above is only some embodiments of the present invention, it is noted that for the ordinary skill people of the art
For member, under the premise without departing from the principles of the invention, some improvements and modifications can also be made, these improvements and modifications also should
It is considered as protection scope of the present invention.