CN111339523B - Authorization method and device for embedded equipment - Google Patents
Authorization method and device for embedded equipment Download PDFInfo
- Publication number
- CN111339523B CN111339523B CN202010108567.6A CN202010108567A CN111339523B CN 111339523 B CN111339523 B CN 111339523B CN 202010108567 A CN202010108567 A CN 202010108567A CN 111339523 B CN111339523 B CN 111339523B
- Authority
- CN
- China
- Prior art keywords
- embedded
- authorization
- authorized
- machine code
- codes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 117
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000004590 computer program Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 3
- 238000013473 artificial intelligence Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000002513 implantation Methods 0.000 description 3
- 238000013135 deep learning Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008094 contradictory effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an authorization method and device of embedded equipment, wherein the authorization method of the embedded equipment comprises the following steps: acquiring information to be authorized of the embedded equipment; determining an authorization scheme for the embedded equipment according to the information to be authorized; and authorizing the embedded equipment according to the authorization scheme. By implementing the technical scheme of the invention, the authorization operation of the embedded equipment can be facilitated, the authorization flexibility is increased, and the requirements of different equipment and different safety can be met.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an authorization method and apparatus for an embedded device, an embedded terminal, and a readable storage medium.
Background
With the advent of artificial intelligence, many artificial intelligence algorithm companies have emerged in the industry that are responsible for developing artificial intelligence algorithms only and then integrating artificial intelligence algorithm modules into embedded devices (hereinafter referred to as devices). In the prior art, a customized specific authorization scheme is mostly adopted, the flexibility of design is lacking, and the requirements of different devices cannot be met. Thus, in integrating the artificial intelligence algorithm module into the embedded device, how to implement a set of authorization methods meeting different devices and different requirements is particularly important.
Disclosure of Invention
In order to solve at least one of the above problems, a main object of the present invention is to provide an authorization method and apparatus for an embedded device, an embedded terminal and a readable storage medium.
In order to achieve the above object, the first technical scheme adopted by the present invention is as follows: provided is an authorization method of an embedded device, comprising:
acquiring information to be authorized of the embedded equipment;
Determining an authorization scheme for the embedded equipment according to the information to be authorized;
and authorizing the embedded equipment according to the authorization scheme.
When the authorization scheme is a hardware encryption chip scheme, the authorizing the embedded device according to the authorization scheme specifically includes:
acquiring the hardware encryption chip information;
Analyzing the burning information in the hardware encryption chip to obtain authorization scheme information, wherein the authorization scheme information comprises an authorization period, an authorization algorithm function and an authorization algorithm resource; and
And authorizing the embedded equipment according to the authorization scheme information.
When the authorization scheme is a single licence scheme, the authorizing the embedded device according to the authorization scheme specifically includes:
Acquiring a machine code of the embedded equipment;
After receiving the encrypted machine code to generate licence files, importing licence files into embedded equipment, and decrypting licence files; and
And authorizing the embedded equipment according to the decrypted licence file.
When the authorization scheme is a combination scheme of otp and licence, the authorizing the embedded device according to the authorization scheme specifically includes:
Acquiring a machine code of the embedded equipment;
After receiving the encrypted machine code written into otp resources, extracting the machine code of the embedded equipment to be authorized from otp resources;
After receiving a licence file generated according to the machine code of the embedded equipment to be authorized, importing the licence file into the embedded equipment, and decrypting the licence file; and
And authorizing the embedded equipment according to the decrypted licence file.
The method for acquiring the machine code of the embedded equipment specifically comprises the following steps:
acquiring ID codes of main chips in a plurality of embedded devices;
Determining whether the ID codes of the plurality of master chips are unique;
When the ID codes of the plurality of main chips are unique, the ID codes are used as the machine codes of the embedded device.
Wherein the determining whether the ID codes of the plurality of main chips are unique further comprises:
When at least two ID codes of the plurality of main chips are identical, the IP address or mac address of the embedded device is used as the machine code of the embedded device.
After decrypting licence the file, the method further includes:
performing secondary decryption on the decryption result of the licence file to obtain an authorized machine code;
Comparing whether the authorized machine code is the same as the machine code of the embedded device itself;
If the authorized machine code is the same as the machine code of the embedded device, authorizing the embedded device according to the decrypted licence file.
In order to achieve the above object, the second technical scheme adopted by the present invention is as follows: there is provided an authorization apparatus of an embedded device, comprising:
the acquisition module is used for acquiring information to be authorized of the embedded equipment;
the determining module is used for determining an authorization scheme for the embedded equipment according to the information to be authorized;
and the authorization module is used for authorizing the embedded equipment according to the authorization scheme.
In order to achieve the above object, a third technical scheme adopted by the present invention is as follows: provided is an embedded terminal including: the computer program comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the steps in the method are realized when the processor executes the computer program.
In order to achieve the above object, a fourth technical scheme adopted by the present invention is as follows: there is provided a readable storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a processor, implements the steps of the above method.
The technical scheme of the invention is that firstly, the information to be authorized of the embedded equipment is obtained; then determining an authorization scheme for the embedded equipment according to the information to be authorized; and finally, authorizing the embedded equipment according to the authorization scheme. By acquiring the information to be authorized of the embedded equipment, hardware resources of the embedded equipment, use occasions, different security requirements and convenience in an authorization process can be comprehensively considered, different authorization schemes are correspondingly provided, each authorization scheme can independently authorize each embedded equipment, the authorization operation of the embedded equipment can be facilitated, the authorization flexibility is improved, and the requirements of different equipment and different security can be met.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to the structures shown in these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a method flow chart of an authorization method for an embedded device according to a first embodiment of the present invention;
FIG. 2 is a flow chart of a method of authorizing a single licence scheme of the present invention;
FIG. 3 is a flow chart of a method of combining scheme authorization of otp and licence of the present invention;
FIG. 4 is a block diagram of an authorization apparatus of an embedded device according to a second embodiment of the present invention;
Fig. 5 is a block diagram of an embedded terminal according to a third embodiment of the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that the description of "first," "second," etc. in this disclosure is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be considered to be absent and not within the scope of protection claimed in the present invention.
Referring to fig. 1, fig. 1 is a flowchart illustrating an authorization method of an embedded device according to a first embodiment of the present invention. In the embodiment of the invention, the authorization method of the embedded equipment comprises the following steps:
S101, obtaining information to be authorized of the embedded equipment;
s102, determining an authorization scheme for the embedded equipment according to the information to be authorized;
s103, authorizing the embedded equipment according to the authorization scheme.
Specifically, when authorization of a plurality of embedded devices is realized by using an artificial intelligence algorithm, information to be authorized of the embedded devices is obtained. The information to be authorized comprises hardware resources of the embedded equipment, use occasions, different security requirements, convenience of an authorization process and the like. It will be appreciated that the above information to be authorized may be set according to actual requirements, and is not limited herein. And determining an authorization scheme for the embedded equipment according to the information to be authorized, wherein three authorization schemes are respectively a hardware encryption chip scheme, a single licence scheme and a combined scheme of otp and licence, and each equipment can be independently authorized no matter which authorization scheme. Finally, the embedded equipment is authorized according to the determined authorization scheme, so that the authorization requirements of different embedded equipment can be met, and the flexibility and convenience of authorization are improved. The security level of the single licence scheme, the combined scheme of otp and licence and the hardware encryption chip scheme is improved in sequence. It can be understood that in the above scheme, the encryption of the model file of the artificial intelligence algorithm is further included, the current main stream of the artificial intelligence algorithm is a deep learning algorithm, and the most valuable part of the deep learning algorithm is that the model file is obtained after a large amount of data is trained, so that the encryption of the model file is needed to prevent the secret leakage of the model file copied by equipment manufacturers. The artificial intelligence algorithm is implanted at the algorithm implantation end by an intelligent algorithm company, and in authorization, the intelligent algorithm company also needs to provide sdk of an algorithm module, wherein sdk contains an algorithm library, a use document of the algorithm library, a corresponding tool, demo of the algorithm library and the like.
Further, when the authorization scheme is a hardware encryption chip scheme, authorizing the embedded device according to the authorization scheme specifically includes:
acquiring the hardware encryption chip information;
Analyzing the burning information in the hardware encryption chip to obtain authorization scheme information, wherein the authorization scheme information comprises an authorization period, an authorization algorithm function and an authorization algorithm resource; and
And authorizing the embedded equipment according to the authorization scheme information.
In this embodiment, when the scheme of the hardware encryption chip is adopted, the authorization date, the authorization function and the authorized resources need to be written into the hardware encryption chip in advance, then the hardware encryption chip is externally connected to the embedded device, after the algorithm module operates, the content of the hardware encryption chip is read at regular time, so that relevant authorization is performed, and if no hardware encryption chip is found, or the hardware encryption chip is damaged, the content is problematic, the algorithm module cannot work normally. Considering that each embedded device needs to be externally connected with an encryption chip, the security is very high, the device is not required to provide machine codes, the licence is not required to be imported, the use is convenient, and the cost of a hardware chip is required to be additionally increased. The hardware encryption chip can only write 1 time and can read many times.
Referring to fig. 2, fig. 2 is a flowchart of a method for authorizing a single licence scheme according to the present invention. In a specific embodiment, when the authorization scheme is a single licence scheme, the authorizing the embedded device according to the authorization scheme specifically includes:
s201, acquiring a machine code of the embedded equipment;
s202, after receiving the encrypted machine code to generate licence files, importing licence files into embedded equipment, and decrypting licence files; and
And S203, authorizing the embedded equipment according to the decrypted licence file.
In this embodiment, the obtained machine code is encrypted at the algorithm implantation end, and the encrypted data is added with an authorization period, an authorization algorithm function and an authorization algorithm resource, and then is encrypted for the second time to form an authorization licence file, and the authorization licence file can be imported into the embedded device to be authorized. And the intelligent algorithm module on the embedded device decrypts the licence file twice, and then authorizes the embedded device according to the licence file decrypted twice.
Referring to fig. 3, fig. 3 is a flowchart illustrating a method for authorizing a combination scheme of otp and licence according to the present invention. Specifically, when the authorization scheme is a combination scheme of otp and licence, the authorizing the embedded device according to the authorization scheme specifically includes:
s301, acquiring a machine code of the embedded equipment;
S302, after the encrypted machine code is written into otp resources, the machine code of the embedded equipment to be authorized is extracted from otp resources;
s303, after receiving a licence file generated according to a machine code of the embedded equipment to be authorized, importing the licence file into the embedded equipment, and decrypting the licence file; and
S304, authorizing the embedded equipment according to the decrypted licence file.
Specifically, if the main chip is provided with otp resources, since otp has the characteristics of write once and read many times, the machine code is encrypted by using a HASH algorithm (such as md 5), the encrypted value is stored in otp resources, after the device is started, the algorithm module can acquire the machine code of the device, the same HASH algorithm is performed on the machine code, the obtained encrypted value is compared with the value read by otp, if the obtained encrypted value is the same, it is indicated that the device is authorized, the algorithm can be normally used, and otherwise, the algorithm cannot normally work. Considering that the HASH algorithm is an irreversible algorithm, the use of otp authorization methods is very secure, but requires writing the unique machine code of the device into otp, thereby achieving the purpose of individually authorizing each device.
Specifically, the obtained machine code is encrypted at the algorithm implantation end, and the encrypted machine code can be written into otp resources. The above-mentioned encrypted data can add authorization period, authorization algorithm function and authorization algorithm resource, and make secondary encryption so as to form authorization licence file, and import it into the embedded equipment to be authorized. After receiving the licence file generated according to the machine code of the embedded device to be authorized, extracting the machine code of the embedded device to be authorized from otp resources, importing the licence file into the embedded device, decrypting the licence file, and authorizing the embedded device according to the decrypted licence file.
Further, the acquiring the machine code of the embedded device specifically includes:
acquiring ID codes of main chips in a plurality of embedded devices;
Determining whether the ID codes of the plurality of master chips are unique;
when the ID codes of the plurality of main chips are unique, the ID codes are used as the machine codes of the embedded equipment;
When at least two ID codes of the plurality of main chips are identical, the IP address or mac address of the embedded device is used as the machine code of the embedded device.
In this embodiment, if the master chip can provide the ID code of the master chip and the ID codes of different master chips are different, the ID code of the master chip is used as the machine code of the device. If the host chip cannot provide an ID code or if different host chip ID codes are not unique, the IP address or mac address of the embedded device may be considered as the machine code, considering that the IP address or mac address of different devices during operation is unique.
Further, after decrypting the licence file, the method further includes:
performing secondary decryption on the decryption result of the licence file to obtain an authorized machine code;
Comparing whether the authorized machine code is the same as the machine code of the embedded device itself;
If the authorized machine code is the same as the machine code of the embedded device, authorizing the embedded device according to the decrypted licence file.
Specifically, after the licence file is decrypted, an authorized period, an authorized function and an authorized algorithm resource are obtained, and the decryption result of the licence file is decrypted for the second time to obtain an authorized machine code, and the authorized machine code is compared with the machine code of the former equipment, if the machine code is the same, the machine code works according to the authorized period, the authorized function and the authorized resource, otherwise, the machine code cannot work normally. If the simple licence authorization is the soft authorization, the method is used in the occasion that the algorithm authorization level is not particularly high.
Referring to fig. 4, fig. 4 is a block diagram of an authorization apparatus of an embedded device according to a second embodiment of the present invention. In an embodiment of the present invention, the authorization apparatus of the embedded device includes:
an obtaining module 101, configured to obtain information to be authorized of the embedded device;
A determining module 102, configured to determine an authorization scheme for the embedded device according to the information to be authorized;
And the authorization module 103 is used for authorizing the embedded equipment according to the authorization scheme.
Wherein, when the authorization scheme is a hardware encryption chip scheme, the authorization module 103 is specifically configured to:
acquiring the hardware encryption chip information;
Analyzing the burning information in the hardware encryption chip to obtain authorization scheme information, wherein the authorization scheme information comprises an authorization period, an authorization algorithm function and an authorization algorithm resource; and
And authorizing the embedded equipment according to the authorization scheme information.
When the authorization scheme is a single licence scheme, the authorization module 103 is specifically configured to: :
Acquiring a machine code of the embedded equipment;
After receiving the encrypted machine code to generate licence files, importing licence files into embedded equipment, and decrypting licence files; and
And authorizing the embedded equipment according to the decrypted licence file.
When the authorization scheme is a combination scheme of otp and licence, the authorization module 103 is specifically configured to:
Acquiring a machine code of the embedded equipment;
After receiving the encrypted machine code written into otp resources, extracting the machine code of the embedded equipment to be authorized from otp resources;
After receiving a licence file generated according to the machine code of the embedded equipment to be authorized, importing the licence file into the embedded equipment, and decrypting the licence file; and
And authorizing the embedded equipment according to the decrypted licence file.
Wherein, the authorization module 103 is further configured to:
acquiring ID codes of main chips in a plurality of embedded devices;
Determining whether the ID codes of the plurality of master chips are unique;
When the ID codes of the plurality of main chips are unique, the ID codes are used as the machine codes of the embedded device.
Wherein the determining whether the ID codes of the plurality of main chips are unique further comprises:
When at least two ID codes of the plurality of main chips are identical, the IP address or mac address of the embedded device is used as the machine code of the embedded device.
Wherein, the authorization module 103 is further configured to:
performing secondary decryption on the decryption result of the licence file to obtain an authorized machine code;
Comparing whether the authorized machine code is the same as the machine code of the embedded device itself;
If the authorized machine code is the same as the machine code of the embedded device, authorizing the embedded device according to the decrypted licence file.
Referring to fig. 5, fig. 5 is a schematic diagram of an embedded terminal according to a third embodiment of the present application. The embedded terminal can be used for realizing the authorization method of the embedded terminal in the previous embodiment. As shown in fig. 5, the embedded terminal mainly includes: memory 301, processor 302, bus 303, and a computer program stored on memory 301 and executable on processor 302, memory 301 and processor 302 being connected by bus 303. The processor 302 implements the authorization method of the embedded terminal in the foregoing embodiment when executing the computer program. Wherein the number of processors may be one or more.
The memory 301 may be a high-speed random access memory (RAM, random Access Memory) memory or a non-volatile memory (non-volatile memory), such as a disk memory. The memory 301 is used for storing executable program code, and the processor 302 is coupled to the memory 301.
Further, the embodiment of the present application further provides a readable storage medium, which may be an embedded terminal provided in each of the above embodiments, and the readable storage medium may be a memory in the embodiment shown in fig. 5.
The readable storage medium has stored thereon a computer program which, when executed by a processor, implements the authorization method of the embedded terminal in the foregoing embodiment. Further, the computer-readable medium may be any medium capable of storing a program code, such as a usb (universal serial bus), a removable hard disk, a Read-Only Memory (ROM), a RAM, a magnetic disk, or an optical disk.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of modules is merely a logical function division, and there may be additional divisions of actual implementation, e.g., multiple modules or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or modules, which may be in electrical, mechanical, or other forms.
The modules illustrated as separate components may or may not be physically separate, and components shown as modules may or may not be physical modules, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module. The integrated modules may be implemented in hardware or in software functional modules.
The integrated modules, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a readable storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods of the embodiments of the present application. And the aforementioned readable storage medium includes: a usb disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk, etc.
It should be noted that, for the sake of simplicity of description, the foregoing method embodiments are all expressed as a series of combinations of actions, but it should be understood by those skilled in the art that the present application is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present application. Further, those skilled in the art will appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily all required for the present application.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, and all the structural equivalents of the invention described in the specification and drawings are included in the scope of the invention, or the invention may be directly/indirectly applied to other related technical fields.
Claims (5)
1. An authorization method for an embedded device, wherein the authorization method for the embedded device comprises the following steps:
Obtaining information to be authorized of the embedded equipment, wherein the information to be authorized comprises hardware resources of the embedded equipment, use occasions, different security requirements and convenience of an authorization process;
Determining an authorization scheme for the embedded equipment according to the information to be authorized, wherein the authorization scheme is a combination scheme of otp and licence;
Authorizing the embedded device according to the authorization scheme, including: the method for acquiring the machine code of the embedded equipment specifically comprises the following steps: acquiring ID codes of main chips in a plurality of embedded devices; determining whether the ID codes of the plurality of master chips are unique; when the ID codes of the plurality of main chips are unique, the ID codes are used as the machine codes of the embedded equipment; writing the encrypted machine code into otp resources and carrying out secondary encryption, and extracting the machine code of the embedded equipment to be authorized from otp resources; after receiving a licence file generated according to the machine code of the embedded equipment to be authorized, importing the licence file into the embedded equipment, and decrypting the licence file; and authorizing the embedded equipment according to the decrypted licence file, which specifically comprises the following steps: performing secondary decryption on the decryption result of the licence file to obtain an authorized machine code; comparing whether the authorized machine code is the same as the machine code of the embedded device itself; if the authorized machine code is the same as the machine code of the embedded device, authorizing the embedded device according to the decrypted licence file.
2. The method of authorizing an embedded device as recited in claim 1, wherein determining whether the ID codes of the plurality of master chips are unique further comprises:
When at least two ID codes of the plurality of main chips are identical, the IP address or mac address of the embedded device is used as the machine code of the embedded device.
3. An authorization apparatus for an embedded device, wherein the authorization apparatus for an embedded device comprises:
The system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring information to be authorized of the embedded equipment, and the information to be authorized comprises hardware resources of the embedded equipment, use occasions, different security requirements and convenience of an authorization process;
The determining module is used for determining an authorization scheme of the embedded equipment according to the information to be authorized, wherein the authorization scheme is a combination scheme of otp and licence;
The authorization module is used for authorizing the embedded equipment according to the authorization scheme, and comprises the following steps: acquiring machine codes of the embedded devices, wherein the machine codes are specifically used for acquiring ID codes of main chips in a plurality of embedded devices; determining whether the ID codes of the plurality of master chips are unique; when the ID codes of the plurality of main chips are unique, the ID codes are used as the machine codes of the embedded equipment; writing the encrypted machine code into otp resources and carrying out secondary encryption, and extracting the machine code of the embedded equipment to be authorized from otp resources; after receiving a licence file generated according to the machine code of the embedded equipment to be authorized, importing the licence file into the embedded equipment, and decrypting the licence file; and authorizing the embedded equipment according to the decrypted licence file, which specifically comprises the following steps: performing secondary decryption on the decryption result of the licence file to obtain an authorized machine code; comparing whether the authorized machine code is the same as the machine code of the embedded device itself; if the authorized machine code is the same as the machine code of the embedded device, authorizing the embedded device according to the decrypted licence file.
4. An embedded terminal, comprising: memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any one of claims 1 to 2 when executing the computer program.
5. A readable storage medium having stored thereon a computer program, which, when executed by a processor, implements the steps of the method of any of claims 1 to 2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010108567.6A CN111339523B (en) | 2020-02-21 | 2020-02-21 | Authorization method and device for embedded equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010108567.6A CN111339523B (en) | 2020-02-21 | 2020-02-21 | Authorization method and device for embedded equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111339523A CN111339523A (en) | 2020-06-26 |
| CN111339523B true CN111339523B (en) | 2024-04-23 |
Family
ID=71185551
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010108567.6A Active CN111339523B (en) | 2020-02-21 | 2020-02-21 | Authorization method and device for embedded equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111339523B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112632476A (en) * | 2020-12-31 | 2021-04-09 | 四川虹微技术有限公司 | Algorithm authorization protection method and device, integrated circuit chip and electronic equipment |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102622538A (en) * | 2011-02-01 | 2012-08-01 | 中国电信股份有限公司 | Method and system for software licensing control |
| WO2018119644A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳配天智能技术研究院有限公司 | Software authorization method, system and device |
| CN109150834A (en) * | 2018-07-20 | 2019-01-04 | 武汉虹信通信技术有限责任公司 | A kind of embedded device license authorization management method |
| CN109241789A (en) * | 2018-07-19 | 2019-01-18 | 上海集成电路研发中心有限公司 | A kind of chip identification method |
| CN109460639A (en) * | 2018-12-04 | 2019-03-12 | 郑州云海信息技术有限公司 | A kind of license authentication control method, device, terminal and storage medium |
| CN109740306A (en) * | 2018-12-27 | 2019-05-10 | 苏州思必驰信息科技有限公司 | The method and device that application software is authorized based on hybrid plan |
| CN110602140A (en) * | 2019-09-29 | 2019-12-20 | 苏州思必驰信息科技有限公司 | Encryption and decryption method and system for chip authorization |
| CN110704814A (en) * | 2018-07-09 | 2020-01-17 | 中移物联网有限公司 | Anti-copy method and device, and storage medium |
-
2020
- 2020-02-21 CN CN202010108567.6A patent/CN111339523B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102622538A (en) * | 2011-02-01 | 2012-08-01 | 中国电信股份有限公司 | Method and system for software licensing control |
| WO2018119644A1 (en) * | 2016-12-27 | 2018-07-05 | 深圳配天智能技术研究院有限公司 | Software authorization method, system and device |
| CN110704814A (en) * | 2018-07-09 | 2020-01-17 | 中移物联网有限公司 | Anti-copy method and device, and storage medium |
| CN109241789A (en) * | 2018-07-19 | 2019-01-18 | 上海集成电路研发中心有限公司 | A kind of chip identification method |
| CN109150834A (en) * | 2018-07-20 | 2019-01-04 | 武汉虹信通信技术有限责任公司 | A kind of embedded device license authorization management method |
| CN109460639A (en) * | 2018-12-04 | 2019-03-12 | 郑州云海信息技术有限公司 | A kind of license authentication control method, device, terminal and storage medium |
| CN109740306A (en) * | 2018-12-27 | 2019-05-10 | 苏州思必驰信息科技有限公司 | The method and device that application software is authorized based on hybrid plan |
| CN110602140A (en) * | 2019-09-29 | 2019-12-20 | 苏州思必驰信息科技有限公司 | Encryption and decryption method and system for chip authorization |
Non-Patent Citations (2)
| Title |
|---|
| Dan Blacharski.《混合环境下的网络安全》.广东世界图书出版公司,1998,(第1版),第178-179页. * |
| 郝玉洁 等.《信息安全概论》.电子科技大学出版社,2007,(第第1版版),第211页. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111339523A (en) | 2020-06-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108898005B (en) | Hard disk identification method, system, equipment and computer readable storage medium | |
| JP2012234362A (en) | Information processing device, secure module, information processing method and information processing program | |
| US10565381B2 (en) | Method and apparatus for performing firmware programming on microcontroller chip, and associated microcontroller chip | |
| WO2011134207A1 (en) | Method for protecting software | |
| CN110334531B (en) | Virtual machine key management method, master node, system, storage medium and device | |
| CN110188555A (en) | A kind of hard disk data protection method, system and associated component | |
| US10387653B2 (en) | Secure provisioning of semiconductor chips in untrusted manufacturing factories | |
| CN111339523B (en) | Authorization method and device for embedded equipment | |
| CN110704814B (en) | Anti-copy method and device, and storage medium | |
| CN109344656B (en) | Database data encryption/decryption method, device and equipment | |
| CN101447009A (en) | Method, device and system for installing software | |
| CN101447013A (en) | Method, device and system for running software | |
| US20100138916A1 (en) | Apparatus and Method for Secure Administrator Access to Networked Machines | |
| CN110880965A (en) | Outgoing electronic document encryption method, system, terminal and storage medium | |
| KR101043255B1 (en) | Usb hub device for providing datasecurity and method for providing datasecurity using the same | |
| CN114816549B (en) | Method and system for protecting bootloader and environment variable thereof | |
| CN112099901B (en) | Method and device for configuring virtual machine memory data encryption mode and CPU chip | |
| CN114153672A (en) | Chip verification method, system, equipment and storage medium | |
| CN111339578A (en) | Key access method, device, system, equipment and storage medium | |
| CN111241005A (en) | Key value pair-based safe partition storage method and system | |
| CN110659509B (en) | Memory snapshot file generation method and device, electronic equipment and medium | |
| CN114629643B (en) | Key processing method, device and medium | |
| CN111506324B (en) | Method for realizing MCU chip safety by combining traditional ROM with storage island | |
| CN113032265B (en) | Asymmetric encryption algorithm testing method and device, computer equipment and storage medium | |
| CN109564615B (en) | Method, device, equipment and storage medium for loading model data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230111 Address after: 518000 Yingfei Haocheng Science Park, Guansheng 5th Road, Luhu Community, Guanhu Street, Longhua District, Shenzhen, Guangdong 1515 Applicant after: Shenzhen Infineon Information Co.,Ltd. Address before: 518110 Room 301, Infineon Technology Co., Ltd., No. 12, Guanbao Road, Luhu community, Guanhu street, Longhua District, Shenzhen City, Guangdong Province Applicant before: SHENZHEN INFINOVA INTELLIGENT TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |