CN112261658A - Terminal and method for terminal use - Google Patents

Abstract

The application discloses a terminal and a method for using the terminal, wherein the function set allowed to be used is controlled by a display in response to the information of a management and control device, or the request of using the function is received, and the function is forbidden, so that the illegal use of a specific function in a management and control area is avoided, and the risk of divulging secrets is further reduced.

Description

Terminal and method for terminal use

Technical Field

The present application relates to the field of terminal security management and control, and in particular, to a terminal security management and control device, a terminal security management and control method, a terminal, and a method for using the terminal.

Background

In an intelligent manufacturing plant or some strictly confidential control area, such as a closed-type plant, a mobile terminal (PDA, tablet computer, notebook computer, etc.) is usually controlled, and the control type usually includes restricting the use of a camera, bluetooth, WiFi, etc. Once a mobile terminal can be networked or brought out of a regulated area, a divulgence problem is likely to occur, and the security risk will be greatly increased. Therefore, a factory usually issues a dedicated industrial terminal to a worker who needs to use the terminal in a control area, and the factory may have a plurality of control areas divided therein, where control requirements of different areas are different. How to effectively manage the industrial terminal in a plurality of control areas so as to achieve the purpose that different control areas permit the terminal to use different function sets, and the method has important significance for improving the working efficiency and reducing the risk of divulging a secret.

Disclosure of Invention

In view of the above, it is necessary to provide a terminal security management and control apparatus and method.

Terminal safety control equipment includes: the communicator is used for receiving first networking information sent by the terminal; a processor, coupled to the communicator, to: determining the grade of a first network connected with the terminal as a first grade according to the first networking information; forming a first permission message according to the first grade, the first permission message containing an instruction for permitting the terminal to use a first function; the communicator is further configured to send the first permission message to the terminal to permit the terminal to use the first function.

Further, the communicator is further configured to receive identity information sent by the terminal; the processor is further configured to: determining that the identity information conforms to preset identity information; forming a function list of the terminal based on the identity information conforming to the preset identity information; and forming the first permission message according to the first grade and the function list.

Further, the communicator is further configured to receive second networking information sent by the terminal; the processor is further configured to: determining the grade of a second network connected with the terminal as a second grade according to the second networking information; forming a second permission message according to the second level, the second permission message not containing an instruction for permitting the terminal to use the first function; the communicator is further configured to send the second permission message to the terminal to deny the terminal from using the first function.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; wherein the communicator is further configured to receive an exception record from the terminal, the exception record including the terminal second enablement request; and the processor is further used for judging that the terminal is operated illegally according to the request of the second function and the instruction to form an alarm message.

Further, the processor is further configured to form a positioning instruction that only permits the terminal to use a positioning function according to the alarm message; the communicator further to: sending the positioning instruction to the terminal; and receiving the positioning information sent by the terminal based on sending the positioning instruction to the terminal.

Further, the communicator is further configured to: sending a query instruction to the terminal; receiving third networking information sent by the terminal based on sending a query instruction to the terminal; the processor is further configured to: determining the grade of a third network connected with the terminal as a third grade according to the third networking information; forming a third permission message according to the third grade; the communicator is further configured to send the third grant message to the terminal.

The application also comprises a terminal safety control method, which comprises the following steps: the communicator is further used for receiving a security record sent by the terminal based on sending the third permission message to the terminal; the processor is further used for determining that the terminal operation is illegal according to the safety record; the communicator is further configured to issue a clearing instruction based on the terminal operation being illegal, so as to instruct the terminal to clear data interacted when the terminal is connected to the first network.

Further, receiving first networking information sent by a terminal; determining the grade of a first network connected with the terminal as a first grade according to the first networking information; forming a first permission message according to the first grade, the first permission message containing an instruction for permitting the terminal to use a first function; and sending the first permission message to the terminal to permit the terminal to use the first function.

Further, the step of forming a first grant message includes: receiving identity information sent by the terminal; determining that the identity information conforms to preset identity information; forming a function list of the terminal based on the identity information conforming to the preset identity information; and forming the first permission message according to the first grade and the function list.

Further, receiving second networking information sent by the terminal; determining the grade of a second network connected with the terminal as a second grade according to the second networking information; forming a second permission message according to the second level, the second permission message not containing an instruction for permitting the terminal to use the first function; and sending the second permission message to the terminal to refuse the terminal to use the first function.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; further comprising: receiving an exception record from the terminal, wherein the exception record comprises a second enabling request of the terminal; and determining that the terminal is operated illegally according to the request of the second function and the second instruction to form an alarm message.

Further, according to the alarm message, forming a positioning instruction which only permits the terminal to use a positioning function; sending the positioning instruction to the terminal; and receiving the positioning information sent by the terminal based on sending the positioning instruction to the terminal.

Further, sending a query instruction to the terminal; receiving third networking information sent by the terminal based on sending a query instruction to the terminal; determining the grade of a third network connected with the terminal as a third grade according to the third networking information; forming a third permission message according to the third grade; and sending the third permission message to the terminal. Further, based on sending the third permission message to the terminal, receiving a security record sent by the terminal; according to the safety record, determining that the terminal is operated illegally; and sending a clearing instruction based on the illegal operation of the terminal so as to instruct the terminal to clear the data interacted when the terminal is connected with the first network.

The application also includes a terminal, comprising: a communicator to: connecting a first network, and sending first networking information to the control equipment; receiving a first permission message from the management and control device based on the sending of the first networking information, wherein the first permission message contains a first instruction for permitting the terminal to use a first function; a processor, coupled to the communicator, to: receiving a first enabling request of the first function; enabling the first function according to the first enable request and the first instruction.

Further, further comprising: a display coupled to the processor; the processor is further configured to display a user interaction interface of the first function according to the first instruction.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; further comprising: the processor is further configured to disable enabling of a second function based on the first grant message not including an instruction to grant the terminal use of the second function.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; the processor is further configured to: receiving a second enabling request for the second function; denying the second enablement request based on the first permission message not including a second instruction to permit the terminal to use a second function.

Further, the processor is further configured to form an exception record according to the second enabling request and the first permission message not including a second instruction for permitting the terminal to use a second function; the communicator is further configured to send the exception record to the management and control device.

Further, wherein the communicator is further configured to: the network is switched and connected to a second network, and second network connection information is sent to the control equipment; receiving a second permission message from the management and control device based on the sending of the second networking information, wherein the second permission message contains a second instruction for permitting the terminal to use a second function; the processor is further configured to: receiving a second enabling request for the second function; enabling the second function according to the second enabling request and the second instruction.

Further, wherein the processor is further configured to: and clearing interactive data saved by the terminal during the connection of the first network based on switching from the connection of the first network to the connection of the second network.

Also provided is a terminal using method, comprising: connecting a first network, and sending first networking information to the control equipment; receiving a first permission message from the management and control device based on the sending of the first networking information, wherein the first permission message contains a first instruction for permitting the terminal to use a first function; receiving a first enabling request of the first function; enabling the first function according to the first enable request and the first instruction.

Further, according to the first instruction, displaying a user interaction interface of the first function.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; disabling enabling a second function based on the first permission message not including an instruction to permit the terminal to use the second function.

Further wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; receiving a second enabling request for the second function; denying the second enablement request based on the first permission message not including a second instruction to permit the terminal to use a second function.

Further, according to the second enabling request and the first permission message, not including a second instruction for permitting the terminal to use a second function, forming an exception record; and sending the abnormal record to the management and control equipment.

Further, the network is switched to a second network, and second network connection information is sent to the control device; receiving a second permission message from the management and control device based on the sending of the second networking information, wherein the second permission message contains a second instruction for permitting the terminal to use a second function; receiving a second enabling request for the second function; enabling the second function according to the second enabling request and the second instruction.

Further, based on switching from connecting with the first network to connecting with the second network, the interactive data saved by the terminal during the connection with the first network is cleared.

According to the terminal safety control device and method, the network is graded, the grade of limiting the use of the function formed by the terminal connected with the network is obtained, and the grade is sent to the terminal so as to control the function used by the terminal; different characteristic management terminals of a network can be connected in a plurality of control areas, so that the purpose that different control areas permit the terminals to use different function sets is achieved, the working efficiency is improved, and the risk of divulging secrets is reduced;

the terminal and the method for using the terminal are further provided, and the specific functions are prevented from being illegally used in the control area by responding to the information of the control device, controlling the display to display the function set allowed to be used or accepting the request of using the functions and forbidding the functions, so that the risk of divulging secrets is further reduced.

Drawings

Fig. 1 presents an example operating environment for a governing system according to one or more embodiments of the present application.

FIG. 2 illustrates an example of an operating environment for governing the correspondence of a system physical process domain and a digital replica domain in accordance with one or more embodiments of the present application.

Fig. 3 presents an example of a terminal security management apparatus according to one or more embodiments of the present application.

Fig. 4 presents an example of a permission module of a terminal security management apparatus according to one or more embodiments of the present application.

Fig. 5 presents an example of a terminal according to one or more embodiments of the present application.

Fig. 6 presents an example of a response module of a terminal according to one or more embodiments of the present application.

Fig. 7A-7F illustrate respective examples for terminal security management according to one or more embodiments of the present application.

The following detailed description will further illustrate the present application in conjunction with the above-described figures.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

It will be understood that when an element or component is referred to as being "connected" to another element or component, it can be directly connected to the other element or component or intervening elements or components may also be present. When an element or component is referred to as being "disposed on" another element or component, it can be directly on the other element or component or intervening elements or components may also be present.

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used in the description of the present application in the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.

Various embodiments of the present application may take the form of an entirely or partially hardware embodiment, an entirely or partially software embodiment, or a combination of software and hardware (e.g., a firmware embodiment). Furthermore, as described herein, various embodiments (e.g., systems and methods) of the present application may take the form of a computer program product including a computer-readable non-transitory storage medium having computer-accessible instructions (e.g., computer-readable and/or computer-executable instructions) such as computer software encoded or embodied in such storage medium.

Which may be read or accessed and executed by one or more processors to perform or enable the performance of the operations described herein. The instructions may be provided in any suitable form, such as source code, compiled code, interpreted code, executable code, static code, dynamic code, assembly code, combinations of the foregoing, and the like. Any suitable computer-readable non-transitory storage medium may be used to form the computer program product. For example, a computer-readable medium may include any tangible, non-transitory medium for storing information in a form readable or otherwise accessible by one or more computers or processors functionally coupled thereto. The non-transitory storage medium may be embodied as or may contain ROM; a RAM; a magnetic disk storage medium; an optical storage medium; flash memory, etc.

At least some embodiments of the operating environment and techniques are described herein with reference to block diagrams and flowchart illustrations of methods, systems, devices, and computer program products. It will be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by computer-accessible instructions. In some implementations, computer-accessible instructions may be loaded onto or incorporated into a general purpose computer, special purpose computer, or other programmable information processing apparatus to produce a particular machine, such that the operations or functions specified in the flowchart block or blocks may be implemented in response to execution at the computer or processing apparatus.

Unless expressly stated otherwise, any arrangement, procedure, process, or technique presented herein is not to be construed as requiring that its actions or steps be performed in a particular order. Thus, when a process or method claim does not actually recite an order to be followed by its acts or steps, or it is not otherwise specifically recited in the claims or descriptions of the subject disclosure that the steps are to be limited to a specific order, it is no way intended that an order be inferred, in any respect. This applies to any possible non-explicit basis for interpretation, including: logical matters regarding arrangement of steps or operation flows; plain meaning from grammatical organization or punctuation; the number or type of embodiments described in the specification or drawings, and the like.

As used in this application, the terms "environment," "system," "engine," "module," "component," "architecture," "interface," "unit," and the like refer to a computer-related entity or an entity associated with an operating device having one or more defined functionalities. The terms "environment," "system," "engine," "module," "component," "architecture," "interface," and "unit" may be used interchangeably and generally refer to a functional element. Such entities may be hardware, a combination of hardware and software, or software in execution. For example, a module may be implemented as a process running on a processor, an object, an executable portion of software, a thread of execution, a program, and/or a computing device. Also for example, a software application executing on a computing device and the computing device may both be implemented as a module. Also for example, one or more modules may reside within a process and/or thread of execution. A module may be located on one computing device or distributed between two or more computing devices. As disclosed herein, modules may execute from various computer readable non-transitory storage media having various data structures stored thereon. Modules may communicate via local and/or remote processes in accordance with, for example, a signal (analog or digital) having one or more data packets (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a signal) with another component on, for example, a wide area network having other systems.

Also for example, a module may be implemented as or may comprise a device having a defined functionality provided by mechanical components operated by electrical or electronic circuitry controlled by a software application or a firmware application executed by a processor. Such a processor may be internal or external to the device, and may execute at least a portion of a software or firmware application. As another example, a module may be embodied as or may contain a device that provides a defined function through electronic components without mechanical components. The electronic component may include a processor to execute software or firmware that allows or at least partially facilitates the functionality of the electronic component.

In some implementations, modules may communicate via local and/or remote processes in accordance with, for example, a signal (analog or digital) having one or more data packets (e.g., data from a component interacting with another component in a local system, distributed system, and/or via a signal with another component on, for example, a wide area network having other systems). Additionally, or in other embodiments, the modules may communicate or otherwise be coupled by thermal, mechanical, electrical, and/or electromechanical coupling mechanisms (e.g., conduits, connectors, combinations thereof, etc.). An interface may include Input/Output (I/O) components as well as associated processors, applications, and/or other programming components.

As used in this application, the term "communicator" may refer to any type of communication circuit or device. The communicator may be embodied as or may comprise several types of network elements, including base stations; a router device; a switching device; a server device; an aggregator apparatus; a bus architecture; combinations of the foregoing; or the like. The one or more bus architectures CAN include an industrial bus architecture such as an ethernet-based industrial bus, a Controller Area Network (CAN) bus, Modbus, other types of fieldbus architectures, and the like.

As used in this application, the term "processor" may refer to any type of processing circuit or device. A processor may be implemented as a combination of Processing circuits or computational Processing units (e.g., (Central Processing Unit, CPU), (Graphics Processing Unit, GPU), or a combination of both). Thus, for purposes of description, a processor may refer to a single core processor; a single processor with software multi-threaded execution capability; a multi-core processor; a multi-core processor having software multi-thread execution capability; a multi-core processor having hardware multithreading; a parallel processing (or computing) platform; and a parallel computing platform with distributed shared memory. Additionally, or for another example, a Processor may refer to an Integrated Circuit (IC), an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), a Programmable Logic Controller (PLC), a Complex Programmable Logic Device (CPLD), a discrete Gate or transistor Logic, a discrete hardware component, or any combination thereof designed or configured (e.g., manufactured) to perform the functions described herein. In some embodiments, processors may use nanoscale architectures in order to optimize space usage or enhance performance of systems, devices, or other electronic devices according to the present application. For example, the processor may include molecular transistors and/or quantum dot based transistors, switches, and gates.

Furthermore, in the present specification and drawings, terms such as "store," "memory," "data store," "memory," "repository," and substantially any other information storage means associated with the operation and function of the components of the present application refer to memory means, entities implemented in one or more memory devices, or means forming a memory device. It should be noted that the memory means or memory apparatus described herein implements or includes a non-transitory computer storage medium readable or accessible by a computing device. Such media may be implemented in any method or technology for storing information, such as machine-accessible instructions (e.g., computer-readable instructions), information structures, program modules, or other information objects.

Furthermore, in the present specification and drawings, terms such as "store," "memory," "data store," "memory," "repository," and substantially any other information storage means associated with the operation and function of the components of the present application refer to memory means, entities implemented in one or more memory devices, or means forming a memory device. The memory means or memory device may be implemented as volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. Further, the memory component or memory device may be removable or non-removable, and/or internal or external to the computing apparatus or component. Examples of various types of non-transitory storage media may include hard disk drives, zip drives, CD-ROMs, Digital Versatile Disks (DVDs) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, flash memory cards or other types of memory cards, magnetic cassettes, or any other non-transitory medium suitable for retaining the desired information and accessible by a computing device. For example, the nonvolatile Memory may include a Read-Only Memory (ROM), a Programmable ROM (PROM), an Electrically Programmable ROM (EPROM), an Electrically Erasable Programmable ROM (EEPROM), or a flash Memory. Volatile Memory can include Random Access Memory (RAM), which acts as external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Synchronous RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The disclosed memory devices or memories of an operating or computing environment described herein are intended to comprise one or more of these and/or any other suitable types of memory.

Conditional language such as "may," "can," "might," or "may" is generally intended to convey that certain implementations may include certain features, elements, and/or operations, while other implementations do not, unless specifically stated otherwise or understood otherwise in the context of usage. Thus, such conditional language is not generally intended to imply that features, elements, and/or operations are in any way required for one or more implementations or that one or more implementations must contain logic for deciding, with or without user input or prompting, whether such features, elements, and/or operations are contained or are to be performed in any particular implementation.

The computer-readable program instructions of the present application may be downloaded to a corresponding computing/processing device from a computer-readable storage medium or an external computer or external storage device via a network (e.g., the internet, a local area network, a wide area network, and/or a wireless network). The network may include copper transmission cables, optical transmission fibers, wireless transmissions, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable non-transitory storage medium within the respective computing/processing device.

What has been described in this specification and the accompanying drawings includes examples of systems, apparatus, techniques, and computer program products that, individually and in combination, allow for tracking and tracing of components of products manufactured in industrial facilities. It is, of course, not possible to describe every conceivable combination of components and/or methodologies for purposes of describing the various elements of the present application, but many further combinations and permutations of the disclosed elements are possible. It is therefore evident that various modifications may be made thereto without departing from the scope or spirit of the application. In addition, or in the alternative, other embodiments of the present application may be apparent from consideration of the specification and drawings and practice of the present application as presented herein. The examples set forth in the specification and figures are to be considered in all respects as illustrative and not restrictive. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

In an intelligent manufacturing plant or some strictly confidential control area, such as a closed type plant, a mobile terminal (PDA, tablet computer, notebook computer, etc.) is usually controlled, and the control type usually includes a camera, bluetooth, etc. However, once the mobile terminal can be networked or taken out of the controlled area, the security risk will be greatly increased, and the problem of disclosure is easily caused, so that a dedicated industrial terminal is usually issued to the staff who needs to use the terminal in the controlled area. How to manage the industrial terminals in a plurality of control areas so as to achieve the purpose of allowing the terminals to use different function sets in different control areas, and has important significance for improving the working efficiency and reducing the risk of divulging a secret.

Referring to FIG. 1, an example of an operating environment 10 for an electronic device according to one or more embodiments of the present application is presented, and the exemplary environment 10, or portions thereof, may implement or constitute various operating environments and systems. Environment 10 includes computing device 100, computing device 101, terminal 151, terminal 152, terminal 160, communication link 141, network 130. The computing device 100 and the computing device 101 are the same or similar devices, and the terminal 151 and the terminal 152 are the same or similar terminals. If the number of terminals managed by the computing device 100 does not exceed the maximum load, the computing capability requirement is low, and the environment 10 may only include the computing device 100. If the number of terminals managed by the computing device 100 exceeds the maximum load, the computing capability requirement is high, and since the computing device 101 has substantially the same architecture as the computing device 100, the environment 10 may configure the computing device 100 and the computing device 101 into a parallel processing computing system to meet the computing capability requirement. The following explains the relevant processing procedure of the present application by taking the computing apparatus 100 as an example. Illustratively, the related processing procedure of the present application is also explained by taking the terminal 151 as an example. In some scenarios, environment 10 represents an example of the present application, e.g., may be responsive to execution of one or more software modules in computing device 100. Such one or more software modules make the computing device 100 (or any other computing apparatus that contains the software modules) an apparatus for mobile device security management as described herein.

In some embodiments, terminal 151 may be used to form information (e.g., networking information) and communicate the information to computing device 100 over communication link 141, network 130, the transmission path of communication link 141, to accomplish a defined logical process. The terminal 151 may also be configured to respond to administrative instructions (e.g., to administer the use of the application, or to administer the display of the application) from the terminal 160. The terminal 160 receives information (e.g., verification result, rating, application list corresponding to the rating) of the computing device 100, and presents the information to the administrator to monitor the terminal 151.

Computing device 100 includes a processor 104, one or more I/O interfaces 106, and one or more memory devices (collectively referred to as memory 116). The bus 142 may allow or facilitate the exchange of information (e.g., data, metadata, and/or signaling) between the processor 104, a communicator (e.g., I/O interface 106), and/or memory 116 or other respective functional elements. Bus 142 may include at least one of a system bus, a memory bus, an address bus, or a message bus.

The processor 104 is configured to collect information (e.g., identity information, networking information) of the terminal 151 and perform determination actions (e.g., determining identity information, determining configured level) to form calculation results (e.g., verification results, level) through a communication path formed by the I/O interface 106, the communication link 141, the network 130, and the communication link 141, and send the calculation results (e.g., verification results, level) to the terminal 160. After receiving the calculation result, the terminal 160 forms information (such as a permission instruction and an alarm message) and sends the information to the terminal 151.

The processor 104 may also receive information sent by the terminal 160 to form a calculation result and then send corresponding information (such as a permission instruction) to the terminal 151 to control the terminal 151, but is not limited thereto. When computing device 100 includes multiple processors 104, parallel computing may be implemented by connecting the multiple processors 104 via bus 142.

The memory 116 is a variety of computer readable media. In some embodiments, memory 116 may include an instruction memory 118 and an information memory 120.

Instruction memory 118 may contain computer accessible instructions that are invoked by processor 104 to execute mobile device security management policies that may implement the present application. The computer accessible instructions may be embodied as or may contain one or more software modules shown as a licensing module 230. In particular implementations, the processor 104 executes the licensing module 230, may retrieve information from the information store 120, or may retain information in the information store 120 for programming or configuring functions by the licensing module 230.

The information within the information store 120 may be collectively referred to as permit instructions 254, and the permit instructions 254 may include at least one of code instructions and information structures. For example, at least a portion of such an information structure may indicate or represent a list of applications permitted to be used by the terminal 151 according to the tier definition, historical operating data of the terminal 151, and the like.

The instruction memory 118 and other executable program components (e.g., OS instructions 122) may reside at various times in different memories 116 of the computing device 100 and may be executed by the processor 104. In some cases, implementations of the licensing module 230 may be retained on some form of computer readable media.

Memory 116 may also contain computer-accessible instructions and information (e.g., data, metadata, and/or programming code instructions) that allow or facilitate operation and/or management of computing device 100 (e.g., upgrades, software installation, any other configuration, etc.). Thus, the memory 116 includes memory elements embodied as or including one or more OS instructions 122(Operating System, OS), such as the Windows Operating System, Unix, Linux, Symbian, Android, chrome, and generally any OS suitable for mobile or bound computing devices. In one aspect, the operational and/or architectural complexity of computing device 100 may dictate which suitable OS to select.

Memory 116 also contains system information storage 124 having data, metadata, and/or programming code that may allow or facilitate operation and/or management of computing device 100. The OS instructions 122 and the system information memory 124 may be accessed or operated upon by the processor 104.

Memory 116 also includes an interface 126 for permitting or facilitating communication of information between two or more modules within instruction memory 118.

In some embodiments, the I/O interface 106 may allow or facilitate communication of information between the computing device 100 and external devices. Such communication may include direct communication or indirect communication, such as exchanging information between computing device 100 and an external device via a network or elements thereof. In some embodiments, the I/O interface 106 may include one or more of a network adapter 108, a peripheral adapter 112, and a display unit 114, allowing or facilitating connection between external devices and the processor 104 or memory 116.

The network adapter 108 is used to allow or facilitate the exchange of information (data, metadata, and/or signaling) between the computing device 100 and one or more computing devices 101, either alone or in combination, over one or more networks 130 via one or more communication links (wireless, wired, or a combination thereof). Such network coupling, provided at least in part by at least one of the network adapters 108, may be implemented in a wired environment, a wireless environment, or both.

The peripheral adapter 112 may comprise a set of ports that may comprise at least one of a parallel port, a serial port, an ethernet port, a v.35 port, or an x.21 port for allowing or facilitating a wired connection of the computing device 100 with an external device. In some embodiments, the parallel port may comprise General-Purpose Interface Bus (GPIB), IEEE-1284, and the serial port may comprise Recommended Standard (RS) -232, V.11, Universal Serial Bus (USB), firewire Interface, or IEEE-1394, for wired adaptation to connect different interfaces.

The Display unit 114 may include functional elements (e.g., lights such as Light Emitting diodes; displays, e.g., Liquid Crystal Displays (LCDs), plasma monitors, Light-Emitting Diode (LED) monitors or electrochromic monitors; combinations thereof; or the like) that may allow or facilitate control of the operation of the computing device 100, or may allow the transmission or disclosure of operating conditions of the computing device 100.

In some implementations, the computing device 100 optionally includes a radio unit 102. Radio unit 102 may include one or more antennas and a communication processing unit that may allow wireless communication between computing device 100 and another device (e.g., computing device 101).

Computing device 100 may also contain a power supply (not shown in FIG. 1) that can power up the components or functions within these devices. The power source may be a rechargeable power source, e.g., a rechargeable battery, and it may contain one or more transformers to obtain a power level suitable for operation of the computing device 100 and the components, functional elements, and related circuitry therein. In some cases, a power source may be attached to a conventional power grid to recharge and ensure that such devices are operable. In one aspect, the power supply may include an I/O interface (e.g., one of the network adapters 108) to operatively connect to a conventional power grid. In another aspect, the power source may include an energy conversion means (e.g., a solar panel) to provide additional or alternative power or autonomy for the computing device 100.

In some instances, computing device 100 may be a personal computer, portable computer, a server, a router, a network computer, a peer device or other common network node, and the like.

In some embodiments, terminals 151, 152, 160 may comprise personal computers; a server computer; a laptop device; a handheld computing device, such as a mobile tablet computer or e-reader; a wearable computing device; and multiprocessor systems. Additional examples may include programmable consumer electronics, network Personal Computers (PCs), minicomputers, mainframe computers, blade computers, programmable logic controllers.

Computer readable media can be any available media (transitory and non-transitory) that can be accessed by computing device 100. In an aspect, a computer-readable medium may comprise a computer non-transitory storage medium (or a computer-readable non-transitory storage medium) and a communication medium. Example computer readable non-volatile storage media may include, for example, volatile and non-volatile media, and removable and/or non-removable media.

The bus 142 and all other bus architectures described herein can be implemented over a wired or wireless network connection and each subsystem, including the processor 104, memory 116 and memory elements therein, and the I/O interface 106 can be included within one or more remote computing devices 101 at physically separate locations, connected by this form of bus. In practice a fully distributed system is realized. In some implementations, such a distributed system may implement the functionality described herein in a client-host or client-server configuration, where licensing module 230 or monitoring information 254 or both may be distributed in computing device 100.

In some implementations, the bus 142 represents one or more of several possible types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. Illustratively, such architectures can include an Industry Standard Architecture (ISA) Bus, a Micro Channel Architecture (MCA) Bus, an enhanced ISA (enhanced ISA) Bus, a Video Electronics Standards Association (VESA) local Bus, an Accelerated-Graphics Port (AGP) Bus, a Peripheral Component Interconnect (PCI) Bus, a PCI-Express Bus, a Personal Computer Memory Card International Association (PCMCIA) Bus, a Universal Serial Bus (USB), and the like.

In one or more implementations, one or more of the disclosed methods may be practiced in distributed computing environments (e.g., grid-based environments) where tasks may be performed by remote processing devices (computing devices 101) that are functionally coupled (e.g., communicatively linked or coupled) by at least one of the computing devices 100. In a distributed computing environment, in one aspect, one or more software modules (e.g., program modules) may be located within both a local computing device (e.g., computing apparatus 100) and at least one remote computing device.

In some embodiments, the communication Link 141 may include, for example, an uplink (Up Link, UL) and a downlink (Down Link, DL). Each of the UL and DL may be implemented as or may comprise a wireless link (e.g., a deep space wireless link and/or a terrestrial wireless link), a wired link (e.g., a fiber-optic line, coaxial cable, and/or twisted pair), or a combination thereof.

Network 130 may include several types of network elements, including base stations; a router device; a switching device; a server device; an aggregator apparatus; a bus architecture; combinations of the foregoing; or the like. The network elements may be assembled to form a Local Area Network (LAN), a Metropolitan Area Network (MAN), a Wide Area Network (WAN), and/or other networks (wireless or wireline) having different coverage areas. The network 130 may also include several types of network elements, including base stations; a router device; a switching device; a server device; an aggregator apparatus; a bus architecture; combinations of the foregoing; or the like. The network elements may be assembled to form a Local Area Network (LAN), a Metropolitan Area Network (MAN), a Wide Area Network (WAN), and/or other networks (wireless or wireline) having different coverage areas. The information transmitted by at least one of the network adapters 108 may result from implementation of one or more operations of a method (or technique) in accordance with aspects of the present application. Such output may be any form of visual representation, including text, graphics, animation, audio, tactile, and the like.

The exemplary operating environment 10 is only illustrative and is not intended to suggest or convey any limitation as to the scope of use or functionality of the operating environment's architecture.

The software modules (e.g., license module 230) in environment 10 may be embodied as or may contain one or more computer-accessible instructions (e.g., computer-readable and/or computer-executable instructions). At least a portion of the computer-accessible instructions may be executable to perform one or more of the example methods described herein and/or at least a portion thereof. To implement such purposes, computer-accessible instructions are packaged into program modules and stored in a computer-readable storage non-transitory medium and executed by a processor (e.g., processor 104), which may be compiled, linked, and/or executed by processor 104 at computing device 100.

By way of more specific illustration, FIG. 2 illustrates an example of an operating environment for an electronic device physical process and digital copy correspondence in accordance with one or more embodiments of the present application. The environment 20 shown includes a physical process domain formed by the terminals 151 and 160, which implements the processing. The environment 20 also contains a digital copy domain that contains a computer-implemented environment onto which processes in the physical process domain can be mapped. The digital copy domain contains and utilizes a variety of modeling, computing, and Artificial Intelligence (AI) techniques that, individually or in combination, allow the digital copy of the process to be implemented. Such digital copies embody or constitute a dynamic simulation model of the physical process.

The terminal 151 may implement or perform a defined process to allow the indication information 252 to be developed using the information 251 (e.g., a human hand clicking an application icon in a touch screen). The indication 252 may have the necessary message expressions to provide one or more desired functions (e.g., to indicate to the outside that the terminal 151 is not capable of using an application that is not permitted to be used in the current tier case, or to hide an application that is not permitted to be used in the current tier case). The indication 252 may be embodied as physical representations of imaging data, audio data, and/or haptic data, among others.

In some embodiments, terminal 151 may include function module 204 and may also include multiple sets of function modules, such as function module 206 and function module 208, to respond to usage information 251. The functional module 204 may be integrated into the hardware 202 (not shown) or otherwise coupled (e.g., bus 242) to the hardware 202 to collect data indicative or representative of an operational state of the terminal 151. In some embodiments, the function module 204 is selectively executed or selectively displayed (e.g., graying out the corresponding application icon to indicate that the corresponding application icon is not usable or directly hiding the corresponding application icon) according to a control instruction (e.g., the application list corresponding to the level) issued by the terminal 160. Any of the function modules 204, 206, and 208 may include three types of control, including NFC control, NFC transmission control, camera control, bluetooth control, and USB control, but not limited thereto. The general control items include WiFi control, WiFi white list control, screen capture control, watermark control, and screen locking PIN code control, but are not limited thereto. Configuration management and control items include, but are not limited to, network and internet, connected devices, applications and notifications, battery, memory, display, voice, gesture, advanced, storage, security and location information, account number, barrier free, Google, system, developer options, search box, display or not of a suggestion bar.

Further, to automate the process performed by the terminal 151, the terminal 160 can be functionally coupled (e.g., communicatively coupled, electrically coupled, electromagnetically coupled, and/or electromechanically coupled, not limited to via the network 130 of fig. 1) to the terminal 151. The communication fabric 241 may allow or facilitate the exchange of information (data, metadata, and/or signaling) between the terminal 160 and the terminal 151.

The bus 242 and communication fabric 241 may be implemented as or may include several types of network elements, including base stations; a router device; a switching device; a server device; an aggregator apparatus; a bus architecture; combinations of the foregoing; or the like. The one or more bus architectures CAN include an industrial bus architecture such as an ethernet-based industrial bus, a Controller Area Network (CAN) bus, Modbus, other types of fieldbus architectures, and the like.

In some implementations, some computing devices may permit or facilitate the execution of digital copies. To this end, the digital copy domain may comprise a computing system that may receive a model of a data processing process that may be run automatically by terminal 160 and implemented at least in part by terminal 151. Thus, a computing system may receive data, metadata, and/or code instructions (which may constitute libraries and/or other types of software components) that may allow all or part of a data processing process to be simulated in a physical process domain.

The digital copy domain contains a licensing module 230 for the purpose of licensing the use of functional modules by terminal 151 according to the present application by terminal 160. To this end, in some embodiments, the permission module 230 needs to verify the identity information of the terminal 151 to determine that the terminal 151 is allowed to connect to the network, i.e. to authenticate the terminal 151, and these authentication manners optionally include retrieving one or more data structures 238 (named as identity lists 238), where these identity lists 238 are stored in one or more storage devices 236, and if the identity information corresponding to the terminal 151 can be retrieved, a disabling instruction is formed and sent to the terminal 151 through the indication information 252 to disable all functions of the terminal 151; if yes, the operation of generating the permission instruction is continued.

In some embodiments, the permission module 230 confirms that the identity information of the terminal 151 is legal, and then obtains what level of networks the terminal 151 is currently connected to, such as the first level network 171, the second level network 172 to the nth level network 173, from the networks connected to the terminal 151. The network levels are divided according to the control area, for example, the network outside the control area is a third level network, the network inside the control area is a second level network 172, the network inside the strict control area is a first level network 171, the types, the numbers, and the like of the function modules used by the corresponding admission terminals 151 are different, the network levels correspond to the sets of functions that can be used and are stored in one or more data structures (i.e., function lists 234), and the one or more storage devices 232 are used for storing the function lists 234. After obtaining the network level of the current terminal 151, the permission module 230 forms a permission instruction 253 capable of characterizing the information of the function list 234 according to the function list 234, and maps the permission instruction 253 into a physical process domain through a digital copy domain to form indication information 252 convenient for understanding with an object (e.g., a user or an input signal used by a trigger function) of the interactive terminal 151.

Such digital copies may be referred to as "digital twins" for implementing or constructing a dynamic simulation model of a physical process. In some embodiments, the digital copy may integrate information of the physical process, logic controlling the physical process, and a simulation model of the physical process. The digital copy may use a model-driven approach based on a machine learning approach. Additionally, or in some embodiments, the digital copy may use or utilize model-driven methods based on physical phenomena of real-world processes and rules of such processes. Thus, in some cases, by incorporating a model of a physical real-world process, a digital replica can be synchronized with its physical replica in near real-time. The digital copy also allows or facilitates simulating and evaluating the state of the process before the state is implemented in the corresponding physical system. Digital twins can learn almost continuously and can update themselves from multiple sources to improve a real-time representation of their physical processes.

Referring to fig. 3, in some embodiments, in some scenarios where the data dimension is low and the operation amount is not large, for example, the number of the terminals 151 managed by the terminal 160 is less than 50, but is not limited thereto, the function of terminal security management is implemented by using the management and control device 30 (e.g., integrating or coupling the function of the computing device 100 into the terminal 160). The policing apparatus 30 includes a processor 310, a memory 320, and a communicator 330, wherein the permission module 230 is disposed in the memory 320, and the communicator 330 is configured to be one of UL or DL, and is configured to perform internal coupling or external interaction. The communication fabric 350 may allow or facilitate the exchange of information (data, metadata, and/or signaling) between the governing device 30 and the terminal 50.

In some embodiments, the functions of the elements in the regulating device 30 are: a communicator 330 for receiving the first networking information transmitted by the terminal 50; a processor 310, coupled to the communicator 330, for: determining the level of the first network to which the terminal 50 is connected as a first level according to the first networking information; forming a first permission message containing an instruction to permit the terminal 50 to use the first function according to the first class; the communicator 330 is further configured to send the first permission message to the terminal 50 to permit the terminal 50 to use the first function.

In some embodiments, memory 320 contains a licensing module 230, wherein licensing module 230 is used to implement the functionality of licensing terminal 50 to use a functional module according to the present application by governing device 30.

Referring to fig. 4, in some embodiments, the permission module 230 includes an exception handling module 237, an analysis module 233, and optionally a data structure 235 and a transceiver module 231. The data structure 235 is used to store data (e.g., the function list 234, the identity list 238) stored in the licensing module 230. The transceiver module 231 is used for receiving the networking level (such as the first level) determined by the processor 310, receiving an instruction for adjusting the set of function modules corresponding to the networking level, and controlling the communicator 330 to send a permission instruction to the terminal 50.

In some embodiments, when the connected network is not switched, if the terminal 50 finds that there is a behavior of using the second function in the using process, it needs to draw attention of the management and control personnel, at this time, the exception handling module 237 is configured to determine that the terminal 50 is operated illegally according to the received exception record, and form an alarm message to prompt the management and control personnel to notice the exception, optionally send a positioning instruction to prohibit the terminal 50 from continuing to use all functions except the positioning function, and allow the management and control personnel to obtain the terminal position according to the positioning function, so as to perform manual intervention in time, and prevent information leakage.

In some embodiments, analysis module 233 includes identity information module 2331, rank determination module 2333, and selection module 2335.

In some embodiments, the identity information module 2331 is configured to be invoked by the processor 310 to determine whether the identity information of the terminal 50 received by the communicator 330 matches with the preset identity information in the memory 320, and if the identity information matches with the preset identity information in the memory 320, a verification result is formed to the level decision module 2333, and if the identity information does not match with the preset identity information, a positioning instruction (i.e., an instruction allowing only a positioning function) is directly formed to control the communicator 330 to send to the terminal 50.

In some embodiments, after obtaining the verification result of identity information module 2331, rank determination module 2333 is configured to be invoked by processor 310 to determine the configured rank of the network (e.g., the first network is configured to be the first rank) according to networking information (e.g., the first networking information) formed by the terminal 50 connecting to the network (e.g., the first network, which may be WIFI, cellular, etc.), and send the determination result to selection module 2335.

In some embodiments, after the selecting module 2335 receives the determination result (e.g., the determination result is a first level), the selecting module 2335 selects the function in the memory 320 (e.g., the function list 234 in the data structure 235) according to the determination result, for example, the data structure 235 stores a first level permitted function A, B, C, and the second level permitted function B, C, D, E, and when the determination result of the level determining module 2333 is a second level, the selecting module 2335 selects a permission instruction representing a B, C, D, E function, and sends the permission instruction to the terminal 50 through the communicator 330, so as to control the terminal 50 to use only the B, C, D, E function. Further, in some embodiments, if the terminal 50 only has A, B, F function and does not have E function, the selecting module 2335 forms the identification of the function according to the function list of the terminal 50 (i.e. including A, B, F function) and the determination result (e.g. the first level) (optionally, the intersection of the function list and the function permitted to be used by the first level, i.e. the intersection of A, B, C function and A, B, F function, and then the identification of the function is A, B function), and forms the first permission message according to the identification of the function (e.g. the identification of the first function), where the first permission message is to permit only the terminal 50 to use A, B function when connecting to the first network of the first level.

Further, in some embodiments, when a change in networking information occurs at terminal 50 (e.g., a switch from connecting to a first network to connecting to a second network), communicator 330 receives the second networking information and passes it to processor 310, which processor 310 invokes rank decision module 2333 in memory 320 to determine that the second network is configured at the second rank, and authentication may no longer be performed because authentication results were formed by invoking authentication by identity information module 2331 when terminal 50 connects to the first network. If selection module 2335 permits the use of B, C, D, E for a function according to a second level, e.g., a second level, but does not include the first function (e.g., a function) permitted to be used by terminal 50, then selection module 2335 forms a second permission message that does not include the first permission message permitting the use of a function by terminal 50. The selection module 2335 is invoked by the processor 310 to control the communicator 330 to send a second permission message to the terminal 50, and when an external input requests to use the a function of the terminal 50, the terminal 50 will reject the use request of the a function according to the second permission message. Similarly, for example, when the terminal 50 connects to the first network, the management device 30 issues a permission instruction to refuse the terminal 50 to use the D function, but after the terminal 50 switches to the second network, the terminal 50 is allowed to use the D function under the second level of management, and the specific process is as follows: when the terminal 50 connects to the first network and receives the first permission message, the first permission message does not include a second permission message for permitting the terminal to use the second function, and therefore the terminal 50 rejects the use request of the D function; when the terminal 50 is connected to the second network, the communicator 330 receives the second networking information, the processor 310 will retrieve the memory 320 according to the second networking information, determine that the second network is configured to the second level, and form a second permission message containing permission for the terminal 50 to use the D function according to the verification result and the second level; finally, the processor 310 controls the communicator 330 to send the second permission message to the terminal 50, so that the terminal 50 allows an external input to make a request for using the D function.

Referring to fig. 5, in some embodiments, terminal 50 includes a processor 510, a memory 520, and a communicator 530, and response module 521 is stored in memory 520. The communicator 530 is configured to implement internal coupling or interaction with the outside as one of UL or DL.

In some embodiments, the functions of the various elements in the terminal 50 are: a communicator 530 for connecting a first network configured to a first level; sending first networking information to the management and control device 30, where the first networking information includes identity information of the terminal 50; in response to the sending of the first networking information, a first permission message is received from the management device 30, where the first permission message includes a first permission message for permitting the terminal 50 to use the first function according to the first class and the identity information. A processor 510, coupled to the communicator 530, for obtaining a request to use the first function (e.g., the a function); and according to the first enabling request and the first permission message, the terminal is permitted to use the first function.

In some embodiments, memory 520 includes a response module 521. The response module 521 is configured to implement a response to a request of the terminal 50 to use a function module inside the terminal 50 or outside the terminal 50, after the terminal 50 receives a permission instruction of the management and control device 30 according to the present application, the response is called by the one or more processors 510. The inside of the terminal 50 or the outside of the terminal 50 is simply referred to as inside or outside, and the term "inside" may be selected as data interaction inside the terminal 50 or inside a system formed by the terminal 50 and the management and control device 30, for example, a request for an application program or other function module to use a function, such as the aforementioned permission module, occurs inside the system; the term "external" may be selected as an input external to the terminal 50, for example, the terminal 50 has a touch display screen, and the user makes a request for using the function module by clicking an icon that triggers the touch display screen.

Referring to fig. 6, in some embodiments, the response module 521 includes a processing module 523, optionally a data structure 525, and an input/output module 527. The data structure 525 is used to store data (e.g., a first grant message, a second grant message, a grant instruction, etc.) stored in the response module 521. The input/output module 527 is configured to receive data sent by the management and control device 30 and transmitted through the communicator 530, and output feedback information (e.g., prompt the current network to request that the a function is illegal).

In some embodiments, the processing module 523 includes a validity determination module 5231 and a calling module 5233.

In some embodiments, the validity determining module 5231 is configured to be called by the processor 510, determine whether a request for using a function (for example, a function) input from the outside or inside is valid under the current network environment and network level according to information (such as a first permission message and a second permission message) including a permission instruction sent by the management and control device 30, if so, transmit a determination result to the calling module 5233, and if not, feed back to the outside or inside to prompt that the operation is illegal, and if the same request is determined to be illegal multiple times, form an exception record and send the exception record to the management and control device 30 through the communicator 530.

In some embodiments, the calling module 5233, after receiving the result that the validity judging module 5231 judges to be valid, selects a function module corresponding to the request, for example, an a function, according to the externally or internally input request, so that the processor 530 can call the a function in response to the externally or internally input request.

In some embodiments, if the first permission message does not include a second permission message for permitting the terminal 50 to use a second function (e.g., the aforementioned D function), when the processor 510 obtains an internal or external input request (e.g., a second enabling request) for using the D function, the processor 510 calls the response module 521, determines that the request is illegal according to the request and the first permission message, rejects the request, and further prohibits the external use of the D function.

Further, the behavior of illegally using the D function is prompted to notify that the outside does not allow the D function to be used currently, if the outside still triggers the D function, the abnormal record recording the behavior is actively uploaded to the management and control device 30 through the communicator 530, so as to call the abnormal processing module 237 to request the security management and control personnel to make a judgment, and if the judgment is that the behavior does not relate to the security problem, the behavior is not processed; if it is determined that there is a risk of disclosure, the terminal 50 receives the positioning instruction and disables the functions that may be disclosed except for the positioning function.

In some embodiments, when the terminal 50 changes networking information, for example, switches from the first network to the second network, since the second network is configured to the second level, the communicator 530 receives a second permission message sent by the policing device 30, the second permission message includes a second permission message that permits the terminal 50 to use the second function (for example, the D function) according to the second level and the identity information, and the processor 510 calls the response module 521, and may receive an internal or external request for using the D function. Similarly, processor 510 denies external use of the A-function since the second level does not allow use of the first function (e.g., the A-function).

In some embodiments, the terminal 50 optionally includes a display 540, the display 540 is coupled to the processor 510, and since the processor 510 permits the use of the a function when the terminal 50 is connected to the first network, the display 540 displays a first interface for the a function to interact with the outside of the terminal 50, the first interface includes an identifier (e.g., an icon) for requesting the use of the a function by an external input, and the external input can use the a function of the terminal 50 by clicking on the identifier corresponding to the a function. Similarly, for example, since the processor 510 rejects to use the second function (e.g., the D function) when the terminal 50 is connected to the first network, the display 540 hides the second interface where the D function interacts with the outside of the terminal 50, the second interface does not display an identifier (e.g., an icon) of the external input requesting to use the D function, and the external input cannot actively trigger the D function, thereby avoiding a risk of misuse; in combination with the foregoing exception handling module 237, it is also possible to alarm in time to avoid disclosure when the right of the terminal 50 to use the D function in the first network is broken for an illegal purpose.

Referring to fig. 7, a corresponding example for terminal security management according to one or more embodiments of the present application is shown, and for convenience of description, a terminal security management method is described together with a method used by a terminal, except that the terminal security management method is a method of a controller and the method used by the terminal is a method of a controlled party, and the present example is performed in a system having an electronic device 411 (e.g., the computing device 100 in fig. 1 or the management and control device 30 in fig. 3), the terminal 412. Some of the operations in this example 40 are optionally combined, and/or the order of some of the operations is optionally changed.

In some embodiments, the electronic device 411 pre-stores the preset identity information of the terminal, such as a string or an identification code, biometric information, NFC data information, for example. The preset identity information includes the legal identity recorded in the electronic device 411, and database normal operations such as adding, modifying, deleting, querying and the like can be performed.

In some embodiments, the terminal 412 connects to the first network, forms first networking information and sends the first networking information (422), and the electronic device 411 receives the first networking information (424), wherein the optional first networking information includes identity information of the terminal 412.

Optionally, the electronic device 411 determines whether the identity information matches the preset identity information (426), if not, sends an alarm message (428), and if so, continues to determine the network level. In this way it can be ensured that the connected terminal 412 is a legitimate terminal, rather than a counterfeit terminal, reducing the risk of compromise.

In some embodiments, after determining the identity match via step 426, the electronic device 411 determines the level of the first network to which the terminal is connected as a first level according to the first networking information (430), forms a first permission message according to the first level, and sends the first permission message (432). The terminal 412 receives a first permission message (434) constituting a set of functions permitted to be used internally or externally, and when a request for using a certain function is sent internally or externally, it can be called if it is in the set, and it can be rejected if it is out of the set, in such a way as to avoid misusing the functions of the terminal 412, causing the possibility of a compromise.

Specifically, referring to fig. 7B, step 432 may further include: forming a function list of the terminal based on the identity information of the terminal being consistent with the preset identity information (4322); forming an identification of the first function from the list of functions (4324); based on the identification of the first function, a first permission message is formed (4326) containing the first instruction. In some cases, for example, the terminal 412 has only the A, B, F function and no E-function, and based on the function list (i.e. including the A, B, F function) of the terminal 412 and the networking level (e.g. the first level), an identification of the function is formed (optionally, the intersection of the function list and the function permitted to be used by the first level, i.e. the intersection of the A, B, C function and the A, B, F function, and then the identification of the function is A, B function), and based on the identification of the function (e.g. the identification of the first function), a first permission message is formed, where the first permission message is at least one of the functions that the terminal 412 is permitted to use A, B when connecting to the first network of the first level.

In other embodiments, the terminal 412 receives a first enablement request for the first function (436), and enables the first function according to the first enablement request and the first instruction (438) in such a way as to permit the terminal 412 to have limited access to the permitted functions of the set of functions.

In some embodiments, the terminal 412 receives a second enablement request for the second function (440); based on the second enablement request and the first permission message, use of a second function is denied (442). In this manner, the use of unlicensed features in the set of features by the terminal 412 is disabled.

As shown in fig. 7C, optionally, in some embodiments, after the terminal 412 executes step 434, the terminal 412 can use the first function due to the first instruction, and then according to the first instruction, a user interaction interface (4342) of the first function is displayed, so that the user can enable the first function by means of a touch screen, for example. If the first instruction does not exist, the interface of the first function and the user interaction can be hidden, external calling is avoided, and the risk of disclosure is further reduced. However, the first permission message does not contain a second instruction to permit the terminal to use the second function; according to the first permission message, a second interface (4344) for the second function to interact with the outside of the terminal is hidden, so that the user can be prevented from touching the second interface by mistake, and the user cannot open the function which is refused to be used in the terminal 412.

As shown in fig. 7D, in some embodiments, the terminal 412 finds that the steps 4422 to 4424 are initiated multiple times (e.g. 3 times) internally or externally, since the second function does not obtain the permission for use, an exception record (4442) is formed according to the second enabling request and the first permission message, and is sent to the electronic device 411(4444), the electronic device 411 receives the exception record, the exception record includes the terminal second enabling request (446), a third party (e.g. a manager) determines whether the terminal operation is illegal (448), and if not, the processing of the exception record is ended (450); if yes, an alarm message is formed (452), related personnel (such as the personnel controlling the management and control terminal 412, the supervisor at the upper level thereof or other security management and control personnel) are notified of the abnormal condition, a positioning instruction which only permits the terminal to use the positioning function is formed, and the positioning instruction is sent to the terminal 412 (454). After receiving the positioning instruction (456), the terminal 412 forms positioning information of the terminal and sends the positioning information to the electronic device 411(458), and the electronic device 411 receives the position of the terminal 412 and prompts a manager to process the position (460). By the method, the abnormal operation can be fed back in time, so that the problem that greater loss is caused when a possible secret divulging action occurs is solved.

As shown in fig. 7E, in some embodiments, when the terminal 412 switches to connect the first network to connect the second network, second networking information is formed and sent to the electronic device 411 (462). After receiving the second networking information (464), the electronic device 411 determines the level of the second network to which the terminal is connected as a second level (466) according to the second networking information, and further forms a second permission message, where the second permission message includes the second instruction for permitting the terminal to use the second function according to the second level and the identity information, and sends the second instruction (468). Here, step 426 does not need to be executed again, because the authentication of the identity is already completed when the terminal 412 is connected to the first network, which can speed up the efficiency and speed of managing and controlling the terminal 412 when responding to the handover network.

In some embodiments, the terminal 412 forms a set of licensed functions after receiving the second license message (470), and upon obtaining the second enabling request (472), licenses the second function (474) according to the second enabling request and the second license instruction. The terminal 412 receives a first enablement request (476) to use the first function and denies (478) use of the first function based on the first enablement request and the second permission message. The first function is permitted to be used when the terminal 412 is connected to the first network, and the second function is denied to be used when the terminal 412 is connected to the first network, so that the terminal 412 is synchronously updated with the list of permitted functions through step 470.

In some embodiments, the electronic device 411 may not periodically query the terminal 412 for networking conditions for supervisory control considerations. When the inquiry occurs, the electronic device 411 forms an inquiry command, and then transmits the inquiry command to the terminal 412 (480). The terminal 412 forms third networking information (482) when the currently connected network is the third network, and sends the third networking information to the electronic device 411(484), the electronic device 411 determines the grade of the third network connected with the terminal as a third grade according to the third networking information (486), and forms a third permission message according to the third grade, and sends the third permission message to the terminal 412 (488). The terminal 412 receives the third permission message, forms a security record (490) based on the third permission information, and sends the security record to the electronic device 411 (492). The security record may include when to switch the connection from the first network to a third network, which may include any network other than the first network (e.g., the second network), and what data is uploaded and downloaded after connecting to the third network. Since the electronic device 411 previously confirms that the terminal 412 is connected to the first network, the security record may further include a switching time and a switching duration to help the electronic device 411 determine whether the security record is legal (494), and if the security record is legal, it is determined that the security record may be caused by unstable network connection rather than being subjected to an illegal attack, and the inquiry process is ended (4962); if not, a clear command is formed and issued (4964) to enable the terminal 412 to clear 498 data exchanged by the terminal when it is connected to the first network, and if necessary, the terminal 412 may be formatted to avoid serious consequences due to further information leakage.

According to the terminal safety control device and method, the network is graded, the grade of limiting the use of the function formed by the terminal connected with the network is obtained, and the grade is sent to the terminal so as to control the function used by the terminal; different characteristic management terminals of a network can be connected in a plurality of control areas, so that the purpose that different control areas permit the terminals to use different function sets is achieved, the working efficiency is improved, and the risk of divulging secrets is reduced;

the terminal and the method for using the terminal are further provided, and the specific functions are prevented from being illegally used in the control area by responding to the information of the control device, controlling the display to display the function set allowed to be used or accepting the request of using the functions and forbidding the functions, so that the risk of divulging secrets is further reduced.

Each of the modules and applications identified above corresponds to a set of executable instructions for performing one or more of the functions described above and the methods described in this application. These modules (i.e., sets of instructions) need not be implemented as separate software programs, procedures or modules, and thus various subsets of these modules are optionally combined or otherwise rearranged in various embodiments. In some embodiments, the memory optionally stores a subset of the modules and data structures described above. In addition, the memory optionally stores additional modules and data structures not described above.

In addition, other changes may be made by those skilled in the art within the spirit of the application, and it is understood that such changes are encompassed within the scope of the invention as claimed. The foregoing description, for purpose of explanation, has been described with reference to specific embodiments. However, the exemplary discussions above are not intended to be exhaustive or to limit the application to the precise forms disclosed. Many modifications and variations are possible in light of the above teaching, for example the sequential structure of the flowcharts may be defaulted or adjusted. The embodiments were chosen and described in order to explain the principles of the present application and its practical application to thereby enable others skilled in the art to best utilize the present application and various described embodiments with various modifications as are suited to the particular use contemplated.

Claims (14)

1. A terminal, comprising:

a communicator to:

connecting a first network, and sending first networking information to the control equipment;

receiving a first permission message from the management and control device based on the sending of the first networking information, wherein the first permission message contains a first instruction for permitting the terminal to use a first function;

a processor, coupled to the communicator, to:

receiving a first enabling request of the first function;

enabling the first function according to the first enable request and the first instruction.

2. The terminal of claim 1, further comprising:

a display coupled to the processor;

the processor is further configured to display a user interaction interface of the first function according to the first instruction.

3. The terminal of claim 1, wherein the first permission message does not contain a second instruction to permit the terminal to use a second function; further comprising:

the processor is further configured to disable enabling of a second function based on the first grant message not including an instruction to grant the terminal use of the second function.

4. The terminal of claim 1, wherein the first permission message does not contain a second instruction to permit the terminal to use a second function;

the processor is further configured to:

receiving a second enabling request for the second function;

denying the second enablement request based on the first permission message not including a second instruction to permit the terminal to use a second function.

5. The terminal of claim 4, wherein

The processor is further configured to form an exception record according to the second enabling request and the first permission message not including a second instruction for permitting the terminal to use a second function;

the communicator is further configured to send the exception record to the management and control device.

6. The terminal of claim 4, wherein

The communicator further to:

the network is switched and connected to a second network, and second network connection information is sent to the control equipment;

receiving a second permission message from the management and control device based on the sending of the second networking information, wherein the second permission message contains a second instruction for permitting the terminal to use a second function;

the processor is further configured to:

receiving a second enabling request for the second function;

enabling the second function according to the second enabling request and the second instruction.

7. The terminal of claim 6, wherein the processor is further configured to:

and clearing interactive data saved by the terminal during the connection of the first network based on switching from the connection of the first network to the connection of the second network.

8. A method for use by a terminal, comprising:

connecting a first network, and sending first networking information to the control equipment;

receiving a first permission message from the management and control device based on the sending of the first networking information, wherein the first permission message contains a first instruction for permitting the terminal to use a first function;

receiving a first enabling request of the first function;

enabling the first function according to the first enable request and the first instruction.

9. The method of claim 8, further comprising:

and displaying the user interaction interface of the first function according to the first instruction.

10. The method of claim 8, wherein the first permission message does not contain a second instruction to permit the terminal to use a second function;

disabling enabling a second function based on the first permission message not including an instruction to permit the terminal to use the second function.

11. The method of claim 8, wherein the first permission message does not contain a second instruction to permit the terminal to use a second function;

receiving a second enabling request for the second function;

denying the second enablement request based on the first permission message not including a second instruction to permit the terminal to use a second function.

12. The method of claim 11, further comprising:

forming an exception record according to the second enabling request and the first permission message without containing a second instruction for permitting the terminal to use a second function;

and sending the abnormal record to the management and control equipment.

13. The method of claim 8, further comprising:

the network is switched and connected to a second network, and second network connection information is sent to the control equipment;

receiving a second permission message from the management and control device based on the sending of the second networking information, wherein the second permission message contains a second instruction for permitting the terminal to use a second function;

receiving a second enabling request for the second function;

enabling the second function according to the second enabling request and the second instruction.

14. The method of claim 13, further comprising:

and clearing interactive data saved by the terminal during the connection of the first network based on switching from the connection of the first network to the connection of the second network.

Images