Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal device" may also be a communication terminal, a web-enabled terminal, and a music/video playing terminal, and may be, for example, a PDA, an MID (Mobile internet device) and/or a Mobile phone with a music/video playing function, and may also be a smart tv, a set-top box, and the like.
In the embodiment of the invention, the access control method of the application is improved. After receiving an access request of the application, the container system sends the access request to the master control system through a pre-established container channel; after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system and returns an authority verification result through a container channel; and when the container system determines that the received permission verification result is allowed, operating according to the access request of the application. It can be seen that, in the embodiment of the present invention, the access permission policies are all set in the master control system, after receiving the access request applied therein, the container system on the upper layer of the master control system forwards the access request to the master control system, the master control system performs permission verification on the access request according to the access permission policy preset therein, and when the permission verification result is permission, the container system is notified to operate according to the access request. Even if the container system is invaded by the malicious program, the malicious program cannot acquire the access authority policy from the container system because the access authority policy does not exist in the container system; the access authority strategy can not be obtained from the main control system because the communication mode and channel between the container system and the main control system can not be obtained; therefore, the security of the access authority policy can be ensured in the process of managing and controlling the access request of the application, and the security of the access management control of the application is improved on the whole.
The technical solution of the embodiments of the present invention is specifically described below with reference to the accompanying drawings.
In the technical solution of the present invention, a schematic frame diagram of an internal structure of a terminal device is shown in fig. 1, and includes: a master control system and at least one container system.
Wherein the at least one container system may comprise a first container system, a second container system, … …, an nth container system. N is a positive integer of 2 or more.
The container system in the embodiment of the present invention is an operating system provided in a container created by the Linux container virtualization technology. The operating system may be a Linux operating system or a Unix operating system in the conventional sense, an Android system or an Ubuntu system derived from the Linux operating system, or a Windows system based on a Windows platform. In fact, the container system of the present invention is not limited to the aforementioned exemplary operating systems, and may cover all operating systems capable of operating in a container. For convenience of description, the technical solution of the present invention is described below by taking an Android system as a container system as an example.
The master control system may be the above-mentioned conventional operating system, or may be an operating system obtained by modifying the conventional operating system. The master control system includes a kernel. The kernel is a kernel, or an enhanced kernel obtained after a functional module is added on the basis of the kernel. Preferably, the container system sends the call request or the access request to the main control system, and the main control system calls the kernel to implement various functions.
The main control system is mainly used for performing foreground and background management on a plurality of container systems, interacting with each container system and the like.
Preferably, the master control system may communicate with the container system through a container channel. Further, the container channel may be a socket channel. A container system sends a container channel creation request to a master control system; after receiving the request of the container system, the main control system creates a socket file and a pair of descriptors (socket pair) of the socket file, and names the pair of descriptors; registering the pair of descriptors and the Name thereof in NSS (Domain Space Server) virtual equipment of a master control system; returning the name of one descriptor in the pair of descriptors which are successfully registered to the container system; after the container system acquires the corresponding descriptor from the NSS virtual device according to the name of the descriptor, the container system can communicate with a master control system having another descriptor of the socket file through the descriptor.
In the embodiment of the invention, the access authority strategy is stored in the master control system. Preferably, the access right policy in the embodiment of the present invention may specifically be an MDM (Mobile Device Management) policy.
The terminal equipment in the embodiment of the invention is pre-registered in the cloud server. The cloud server records information including the identification, communication number and currently used access authority strategy of the terminal equipment, the affiliated unit and post of the user of the terminal equipment and the like. The access right policy comprises: the access authority of the application and the corresponding application scene; the application scenario includes at least one of: the container system, the foreground and background states of the container system and the time are applied.
The embodiment of the invention provides a dynamic updating method of a terminal device access authority strategy, the flow diagram of the method is shown in figure 2, and the method comprises the following steps:
s201: and after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
For example, a specific access right policy of the terminal device in the cloud server includes that a user can use a camera in the terminal device during non-working hours and cannot use the camera during working hours; and when the cloud server receives that the working time of the terminal equipment user changes from 9 to 18 points of Monday to Friday to 8 to 19 points, updating the working time of the user in the specific access authority strategy. And the cloud server determines that the access authority policy stored in the terminal equipment needs to be updated.
For another example, the cloud server records the professional information of the user of the terminal device as a police, and the access authority policy of the terminal device includes: the photographing function of the terminal device may be used during the user non-task and the photographing function of the terminal device is prohibited from being used during the user performing the task. When the cloud server receives information that the police user needs to execute a task and determines that the access authority policy which is issued to the terminal device last time for storage is a policy containing a shooting function which can use the terminal device, the access authority policy stored in the terminal device is determined to be required to be updated to a shooting function which can prohibit the application of the terminal device.
And after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
S202: and after receiving the access authority updating notification, the master control system acquires a corresponding access authority strategy from the cloud server.
Preferably, after receiving the access permission update notification issued by the cloud server, the main control system obtains, from the cloud server, the access permission policy to be updated of the terminal device, the digest value of the access permission policy, which is encrypted by the private key, and the public key corresponding to the private key, which are determined by the cloud server.
S203: the master control system carries out validity verification on the obtained access right strategy and determines whether the validity verification result is valid or not; when the validity verification result is valid, executing step S204; and when the result of the validity verification is illegal, ignoring the acquired access authority strategy.
Preferably, the master control system decrypts the acquired encrypted data according to the acquired public key.
When the decryption is successful, the secret key encrypted digest value is not tampered and is safe, and therefore the decrypted digest value is obtained. When the decryption fails, the digest value encrypted by the private key is probably tampered and is no longer safe, and the acquired access authority policy, the digest value encrypted by the private key of the access authority policy and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox.
After determining the abstract value of the obtained access authority strategy, the master control system compares the abstract value with the decrypted abstract value; and when the comparison result is consistent, the obtained access right policy is not tampered and is safe, the validity verification result is determined to be valid, and step S204 is executed.
When the master control system determines that the comparison result is inconsistent, the obtained access right strategy is probably tampered and is not safe any more, the validity verification result is determined to be illegal, and the obtained access right strategy, the digest value of the access right strategy encrypted by the private key and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox. Further, the master control system may retrieve the access permission policy.
S204: and updating the access authority strategy stored in the master control system.
And the master control system updates the access authority strategy stored in the master control system according to the acquired access authority strategy.
Because the main control system is positioned at the lower layer of the container system, direct interaction with a user is generally avoided, a malicious program generally cannot acquire a communication mode and a channel between the container system and the main control system in the embodiment of the invention, and is difficult to invade the main control system and tamper or destroy an access authority strategy stored in the main control system; therefore, the security of the access authority policy stored in the master control system is far higher than that of the access authority policy stored in the traditional container system.
The embodiment of the invention provides another method for dynamically updating the access right policy of the terminal equipment, and the flow diagram of the method is shown in fig. 3, and the method comprises the following steps:
s301: and after determining that the access authority policy stored in the terminal equipment needs to be updated, the cloud server issues an access authority update notification to the terminal equipment.
The method in this step is the same as the method in step S201, and is not described herein again.
S302: and after receiving the access authority updating notification, the container system acquires a corresponding access authority strategy from the cloud server.
Preferably, after receiving the access right update notification issued by the cloud server, the container system obtains, from the cloud server, the access right policy to be updated of the terminal device, the digest value of the access right policy encrypted by the private key, and the public key corresponding to the private key, which are determined by the cloud server.
S303: and the container system sends the acquired access right strategy to the master control system through the container channel.
And the application in the container system sends the acquired access right strategy to the master control system through a container channel which is pre-established between the container system and the master control system.
S304: the master control system carries out validity verification on the obtained access right strategy and determines whether the validity verification result is valid or not; when the validity verification result is valid, step S305 is executed; and when the result of the validity verification is illegal, ignoring the acquired access authority strategy.
The method in this step is the same as the method in step S203, and is not described herein again.
S305: and updating the access authority strategy stored in the master control system.
Preferably, after the master control system receives the access right policy and before the access right policy stored in the master control system is updated, determining whether the application in the container system sending the access right policy through the container channel is consistent with the application requesting to establish the container channel; if the access authority policies are consistent with the access authority policies, the access authority policies stored in the master control system are updated, and the fact that the applications sending the access authority policies are not invaded by malicious programs is indicated; if the access authority policies are inconsistent, the application sending the access authority policies is probably invaded by a malicious program, and the obtained access authority policies, the digest values of the access authority policies encrypted by the private key and the public key corresponding to the private key are deleted; or the obtained access authority policy, the digest value of the access authority policy encrypted by the private key and the public key corresponding to the private key are moved into the security sandbox.
Other methods in this step are the same as those in step S204, and are not described herein again.
Based on the obtained access right policy, a flowchart of the access control method for the application according to the embodiment of the present invention is shown in fig. 4, and includes the following steps:
s401: and after receiving the access request of the application, the container system sends the access request to the master control system through a pre-established container channel.
And after receiving an inquiry request of the application in the container system for the system resource, the container system sends the inquiry request to the master control system through a pre-established container channel between the container system and the master control system.
S402: after receiving the access request of the application, the master control system carries out authority verification on the received access request of the application according to the access authority strategy currently stored in the master control system, and returns an authority verification result through the container channel.
Specifically, after receiving an access request of an application, the master control system searches the authority of the function related to the request for question from the access authority policy currently stored in the master control system, and uses the authority as an authority verification result. The authority verification result may be permission information and prohibition information of authority for the at least one function. The at least one function may comprise at least one of: shooting, recording, network access, mobile communication, instant communication and the like.
Preferably, in the process of executing the flow shown in fig. 4 according to the embodiment of the present invention, the flows shown in fig. 2 or 3 according to the embodiment of the present invention are likely to be executed at the same time. That is, during execution of the flow shown in fig. 4, it is highly likely that the access right policy stored in the terminal device is updated.
Therefore, when the authority verification result is allowed, the master control system records the access request of the application, the belonged container system and the involved access authority policy.
And when the master control system detects that the access authority policy is updated and the authority verification result of the updated access authority policy on the access request of the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
Preferably, the access right policy may include: the access authority policy of the master control system and the access authority policy of the container system.
And according to the access authority policy of the container system currently stored in the master control system, performing container-level authority verification on the received access request of the application. Specifically, the master control system determines a container system to which an application sending an access request belongs, and further determines an access authority policy of the container system stored in the master control system; and according to the determined access authority policy of the container system, performing authority verification on the received access request of the application, and taking the authority verification as container-level authority verification.
And when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission policy of the main control system currently stored in the main control system. Specifically, according to the access authority policy of the master control system currently stored in the master control system, the received access request of the application is subjected to authority verification, and the authority verification is used as master-level authority verification.
And when the permission verification result of the container level is allowed and the permission verification result of the master control level is forbidden, determining that the final permission verification result is forbidden and returning the final permission verification result to the container system through the container channel.
It is easy to see that, because the priority of the access right policy of the main control system is higher than that of the container system, even if the permission verification result of the container level determined according to the access right policy of the container system is allowed, as long as the permission verification result of the main control level determined according to the access right policy of the main control system is forbidden, the final permission verification result is forbidden. Even if the access authority policy of the container system is leaked and tampered by a malicious program, the authority prohibited by the access authority policy of the main control system cannot be acquired, and the security of the terminal device is improved.
In addition, when the authority verification result of the container level is forbidden and the authority verification result of the master control level is allowed, the final authority verification result is determined to be forbidden and is returned to the container system through the container channel.
And when the permission verification result of the container level is allowed and the permission verification result of the master control level is allowed, determining that the final permission verification result is allowed, and returning the final permission verification result to the container system through the container channel.
Further, the access right policy of the container system may include: the access authority policy of the secure domain container system and the access authority policy of the non-secure domain container system.
And when the access request of the application simultaneously relates to the access authority strategy of the security domain system and the access authority strategy of the non-security domain system which are currently stored in the main control system, performing container-level authority verification on the access request of the application according to the access authority strategy of the security domain system.
It is easy to see that, because the access right policy of the secure domain system has a higher priority than the access right policy of the non-secure domain system, when the function required to be accessed by the access request of the application relates to the access right policy of the secure domain system and the access right policy of the non-secure domain system, which are currently stored in the master control system, the container-level right authentication is performed on the access request of the application according to the access right policy of the secure domain system. Even if the access policy of the non-security domain system is leaked and tampered by a malicious program, the access policy of the non-security domain system cannot acquire the access prohibited by the access policy of the security domain system, and the security of the terminal device is improved.
Preferably, the access right policy includes: the access authority of the application and the corresponding application scene; the application scenario includes at least one of: the container system, the foreground and background states of the container system and the time are applied.
And the master control system can determine the access authority strategies respectively corresponding to the container system in the foreground or the background according to the foreground and background states of the container system to which the application sending the access request belongs. When the container system to which the application sending the access request belongs is in the foreground, the access request of the received application is subjected to authority verification according to the access authority strategy corresponding to the container system in the foreground, which is currently stored in the main control system, and an authority verification result is returned through the container channel.
S403: and when the container system determines that the received permission verification result is allowed, operating according to the access request of the application.
Specifically, an application sending an access request in the container system determines whether an authority verification result is allowed or forbidden after receiving the authority verification result through a container channel; when the permission verification result is determined to be allowable, operating according to the access request of the application; and when the permission verification result is determined to be forbidden, ignoring the access request of the application.
Preferably, when the last received permission verification result of the container system is allowed and in the operation process of the access request according to the application, an updated permission verification result for the same access request is received. And when the container system determines that the received updated authority verification result is forbidden, stopping responding to the access request of the application, for example, terminating the operation according to the access request of the application.
Based on the above access control method for the application, an embodiment of the present invention further provides an access control device for the application, where the device is disposed in the terminal device in the embodiment of the present invention, and a frame schematic diagram of an internal structure of the device is shown in fig. 5, where the frame schematic diagram includes: a master control system and at least one container system.
Each container system comprising: an access request processing module 501.
The access request processing module 501 is configured to send an access request to the master control system through a pre-established container channel after receiving the access request of the application; and when the received permission verification result is determined to be allowable, performing operation according to the access request of the application.
The master control system comprises: an access right verification module 511.
The access right verifying module 511 is configured to, after receiving the access request of the application sent by the access request processing module 501 through the container channel, perform right verification on the received access request of the application according to the currently stored access right policy in the master control system, and return a right verification result through the container channel.
Preferably, as shown in fig. 5, the master control system of the embodiment of the present invention further includes: an access authority policy acquisition module 512 and an access authority policy update module 513.
The access authority policy obtaining module 512 is configured to obtain a corresponding access authority policy from the cloud server after receiving the access authority update notification.
The access authority policy updating module 513 is configured to perform validity verification on the obtained access authority policy; and when the result of the validity verification is legal, updating the access authority strategy stored in the main control system.
Preferably, the access right verification module 511 in the main control system is further configured to, after returning a right verification result through the container channel, record, by the main control system, the access request of the application, the container system to which the access right verification module belongs, and the access right policy related to the access request when the right verification result is allowable; and when the access authority policy is detected to be updated and the authority verification result of the access request of the updated access authority policy to the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
And the access request processing module 501 in the container system is further configured to stop responding to the access request of the application when determining that the updated authorization verification result is prohibited.
Preferably, the access authority policy obtaining module 512 is specifically configured to obtain, from the cloud server, the corresponding access authority policy, the encrypted digest value thereof, and the corresponding public key.
The access authority policy updating module 513 is specifically configured to decrypt the obtained encrypted data according to the obtained public key; when the decryption is successful, obtaining a decrypted digest value; after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value; and when the comparison result is consistent, determining that the validity verification result is legal.
Preferably, the access right verification module 511 is specifically configured to perform container-level right verification on the received access request of the application according to an access right policy of a container system currently stored in the master control system; when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission strategy of the main control system currently stored in the main control system; when the authority verification result of the master control level is forbidden, determining that the final authority verification result is forbidden, and returning to the container system through the container channel; wherein, the access authority policy comprises: the access authority policy of the master control system and the access authority policy of the container system.
Preferably, the access right verification module 511 is specifically configured to, when the access request of the application simultaneously relates to an access right policy of a secure domain system and an access right policy of a non-secure domain system currently stored in the main control system, perform container-level right verification on the access request of the application according to the access right policy of the secure domain system; the access authority policy of the container system comprises an access authority policy of a secure domain container system and an access authority policy of a non-secure domain container system.
The above-mentioned method for implementing the functions of the access request processing module 501 in the container system, the access right verifying module 511, the access right policy obtaining module 512 and the access right policy updating module 513 in the main control system may refer to the specific contents of the above-mentioned flow steps in fig. 2 and fig. 4, and is not described here again.
Based on the above access control method for the application, an embodiment of the present invention further provides an access control device for the application, where the device is disposed in the terminal device in the embodiment of the present invention, and a frame schematic diagram of an internal structure of the device is shown in fig. 6, where the frame schematic diagram includes: a master control system and at least one container system.
Each container system comprising: an access request processing module 601.
The access request processing module 601 is configured to send an access request to the master control system through a pre-established container channel after receiving the access request; and when the received permission verification result is determined to be allowable, performing operation according to the access request of the application.
The master control system comprises: an access right verification module 611.
The access right verification module 611 is configured to, after receiving the access request of the application sent by the access request processing module 601 through the container channel, perform right verification on the received access request of the application according to the access right policy currently stored in the main control system, and return a right verification result through the container channel.
Preferably, as shown in fig. 6, the container system according to the embodiment of the present invention further includes: an access right policy obtaining module 602.
The access authority policy obtaining module 602 is configured to obtain a corresponding access authority policy from the cloud server after receiving the access authority update notification; and sending the acquired access authority strategy to the master control system through the container channel.
As shown in fig. 6, the master control system according to the embodiment of the present invention further includes: access rights policy update module 612.
The access right policy updating module 612 is configured to perform validity verification on the obtained access right policy; and when the result of the validity verification is legal, updating the access authority strategy stored in the main control system.
Preferably, the access right verification module 611 in the master control system is further configured to, after returning the right verification result through the container channel, record, by the master control system, the access request of the application, the container system to which the access right verification module belongs, and the access right policy related to the access request when the right verification result is allowable; and when the access authority policy is detected to be updated and the authority verification result of the access request of the updated access authority policy to the application is updated to be forbidden, returning the updated authority verification result to the container system to which the application belongs through the container channel.
And the access request processing module 601 in the container system is further configured to stop responding to the access request of the application when determining that the updated authorization verification result is prohibited.
Preferably, the access authority policy obtaining module 602 is specifically configured to obtain, from the cloud server, the corresponding access authority policy, the encrypted digest value thereof, and the corresponding public key.
The access right policy updating module 612 is specifically configured to decrypt the obtained encrypted data according to the obtained public key; when the decryption is successful, obtaining a decrypted digest value; after the abstract value of the obtained access authority strategy is determined, comparing the abstract value with the decrypted abstract value; and when the comparison result is consistent, determining that the validity verification result is legal.
Preferably, the access right verification module 611 is specifically configured to perform container-level right verification on the received access request of the application according to the access right policy of the container system currently stored in the main control system; when the permission verification result of the container level is allowable, performing the permission verification of the main control level on the received access request of the application according to the access permission strategy of the main control system currently stored in the main control system; when the authority verification result of the master control level is forbidden, determining that the final authority verification result is forbidden, and returning to the container system through the container channel; wherein, the access authority policy comprises: the access authority policy of the master control system and the access authority policy of the container system.
Preferably, the access right verifying module 611 is specifically configured to perform container-level right verification on the application access request according to the access right policy of the secure domain system when the application access request relates to both the access right policy of the secure domain system and the access right policy of the non-secure domain system currently stored in the main control system; the access authority policy of the container system comprises an access authority policy of a secure domain container system and an access authority policy of a non-secure domain container system.
The above-mentioned access request processing module 601, access right policy obtaining module 602 in the container system, and the access right verification module 611 and access right policy updating module 612 in the main control system may refer to the specific contents of the above-mentioned flow steps in fig. 3 and fig. 4, and are not described herein again.
In the embodiment of the invention, the access permission policies are all set in the main control system, the container system on the upper layer of the main control system receives the access request applied in the container system and then forwards the access request to the main control system, the main control system carries out permission verification on the access request according to the access permission policies preset in the main control system, and when the permission verification result is permission, the container system is informed to operate according to the access request. Even if the container system is invaded by the malicious program, the malicious program cannot acquire the access authority policy from the container system because the access authority policy does not exist in the container system; because the main control system is positioned at the lower layer of the container system and does not provide the function of directly interacting with the user, the user cannot install the program into the main control system, even if the malicious program is disguised as the application or is parasitic in the application, the malicious program cannot be installed into the main control system, and the safety of the main control system is greatly enhanced; the malicious program is difficult to acquire the communication mode and the communication path between the container system and the main control system, even though the container system is invaded, the malicious program is difficult to invade the main control system, cannot acquire the access authority strategy from the main control system, still needs to be controlled by the access authority strategy, and is difficult to steal confidential information in the terminal equipment; therefore, the security of the access authority strategy can be ensured in the process of managing and controlling the access request of the application, and the security of the information in the terminal equipment is improved on the whole.
In addition, in the embodiment of the present invention, after receiving the permission policy update notification issued by the cloud server, the master control system or the container system in the terminal device may automatically acquire the access permission policy from the cloud server without manual intervention of a technician or updating the version of the entire operating system, and automatically update the access permission policy stored in the terminal device, thereby implementing dynamic update of the access permission policy in the terminal device, and greatly improving convenience in updating the access permission policy. And the master control system carries out validity verification on the obtained access authority strategy, and when the verification is legal, the obtained access authority strategy can be ensured not to be tampered, so that the access authority strategy is updated according to the legal access authority strategy, and the safety of the access authority strategy in the dynamic updating process can be ensured. Therefore, the embodiment of the invention can realize the dynamic update of the access authority policy on the basis of ensuring the security of the access authority policy, and manage and control the access request of the application based on the dynamically updated access authority policy; the method and the device protect the secret-related information in the terminal equipment, can conveniently and dynamically update the access authority strategy, and improve the efficiency of the access request of the management and control application.
Further, in the embodiment of the present invention, when the access permission policy is acquired from the cloud server, the master control system or the container system may acquire the encrypted digest value of the access permission policy and the public key together, and perform validity verification on the acquired access permission policy by the master control system. Judging whether the obtained access authority strategy is tampered or not according to whether the obtained public key can decrypt the obtained abstract value or not; comparing and verifying whether the obtained access authority strategy is tampered according to the digest value; when the decryption is successful and the comparison results of the digest values are consistent, determining that the validity verification result is legal, and updating the strategy according to a legal access authority strategy; therefore, the probability of tampering the obtained access authority strategy is further reduced, the security of the dynamic updating access authority strategy of the embodiment of the invention is further enhanced, the security of the access control process of the application based on the dynamic updating access authority strategy is further enhanced on the whole, and the security of the information in the terminal equipment is improved.
In addition, in the embodiment of the present invention, when the right verification result is permission, the master control system records the access request of the application, the belonging container system, and the involved access right policy. When the master control system detects that the access authority strategy is updated and the authority verification result of the updated access authority strategy to the access request of the application is updated to be forbidden, returning to the container system to which the application belongs; stopping, by the container system, responding to the application's access request. Therefore, when the access authority policy stored in the terminal device of the embodiment of the invention is sent and dynamically updated, the authority verification is immediately carried out on the applied access request again according to the updated access authority policy, so that the updated access authority policy can generate effectiveness in time, the access request is limited in time, the leakage of confidential information in the terminal device can be prevented, and the safety of the information in the terminal device is further improved.
Those skilled in the art will appreciate that the present invention includes apparatus directed to performing one or more of the operations described in the present application. These devices may be specially designed and manufactured for the required purposes, or they may comprise known devices in general-purpose computers. These devices have stored therein computer programs that are selectively activated or reconfigured. Such a computer program may be stored in a device (e.g., computer) readable medium, including, but not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magnetic-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable programmable Read-Only memories), EEPROMs (Electrically Erasable programmable Read-Only memories), flash memories, magnetic cards, or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a bus. That is, a readable medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the features specified in the block or blocks of the block diagrams and/or flowchart illustrations of the present disclosure.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.