CN113541966A - Authority management method, device, electronic equipment and storage medium - Google Patents
Authority management method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113541966A CN113541966A CN202110838423.0A CN202110838423A CN113541966A CN 113541966 A CN113541966 A CN 113541966A CN 202110838423 A CN202110838423 A CN 202110838423A CN 113541966 A CN113541966 A CN 113541966A
- Authority
- CN
- China
- Prior art keywords
- signature
- application
- application program
- party platform
- rights management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 65
- 238000000034 method Methods 0.000 claims abstract description 47
- 238000012795 verification Methods 0.000 claims description 84
- 238000004590 computer program Methods 0.000 claims description 14
- 239000000126 substance Substances 0.000 claims description 4
- 230000008569 process Effects 0.000 abstract description 14
- 230000010354 integration Effects 0.000 abstract description 9
- 238000011161 development Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 3
- 238000009434 installation Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
Abstract
The application provides an image authority management method and device, electronic equipment and a storage medium. The authority management method comprises the following steps: when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program; acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to a private key from a third-party platform; comparing the self-defined system signature with the application signature; and if the custom system signature and the application signature are successfully compared, configuring the system authority for the application program. In the application, the application program does not need to configure the original system signature of the operating system, and also can have the system authority of the operating system, so that the process of acquiring the system authority by the application program can be simplified, and the integration risk caused by the fact that the application program needs to configure the original system signature of the operating system is avoided.
Description
Technical Field
The present application relates to the field of computers, and in particular, to a method and an apparatus for managing permissions, an electronic device, and a storage medium.
Background
The system signature of the android system is the authentication of the android system of a formal release version, and is the authentication of a subject to which software belongs. The android system usually only supports one set of system signatures, and the system signatures are used for authenticating compiled files of the android system and application signatures installed on the android system in the compiling process of the android system. In addition, the android system is not only used for authentication, but also for management and control of system permissions.
If the application program wants to use the system authority of the android system, the application program needs to use the same signature with the android system. The current approach is to change the original application signature of the application program, so that the system signature is used as the application signature of the application program. However, in this way, since the application signature of the application program needs to be modified, the complexity of acquiring the system authority by the application program is increased, and the integration risk of the application program is increased by modifying the application signature of the application program.
Disclosure of Invention
The application provides a method and a device for managing authority, electronic equipment and a storage medium. The method is used for solving the problems that the process is complex and the integration risk of the application program is caused when the existing application program obtains the system authority.
In a first aspect, an embodiment of the present application provides a rights management method, which is applied to an electronic device, and the rights management method includes: when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program; acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to a private key from a third-party platform; comparing the self-defined system signature with the application signature; and if the custom system signature and the application signature are successfully compared, configuring the system authority for the application program.
In one embodiment of the present application, comparing the custom system signature and the application signature includes: acquiring verification data corresponding to the custom system signature, wherein the verification data is acquired by the operating system from a third-party platform corresponding to the application program, and the verification data indicates a comparison mode of the custom system signature and the application signature; and comparing the self-defined system signature with the application signature according to the verification data.
In an embodiment of the present application, before obtaining the verification data corresponding to the custom system signature, the method further includes: receiving verification data sent by a third-party platform, wherein the verification data corresponds to a self-defined system signature; the authentication data is incorporated into the operating system.
In an embodiment of the present application, when it is detected that the application program is acquiring the system right of the operating system, determining an application signature of the application program further includes: receiving a self-defined system signature sent by a third-party platform; and storing the self-defined system signature to a preset storage position.
In an embodiment of the present application, before storing the custom system signature in the preset storage location, the method further includes: receiving identity information sent by a third-party platform; verifying the identity information; and determining that the identity information passes the verification.
In an embodiment of the present application, before obtaining the custom system signature from the preset storage location, the method further includes: acquiring an original system signature of an operating system; comparing the original system signature with the application signature; and if the comparison is unsuccessful, acquiring the custom system signature from the preset storage position.
In a second aspect, an embodiment of the present application provides another rights management method, which is applied to a third-party platform, and the rights management method includes: generating a private key of the application program and a public key corresponding to the private key; sending the public key to the electronic equipment, wherein the public key is used for indicating the electronic equipment to store the public key as a self-defined system signature in a preset storage position; and determining the private key as an application signature of the application program, wherein the application signature is used for indicating whether to configure the system authority for the application program according to the comparison of the custom system signature and the application signature when the application program is detected to acquire the system authority of the operating system.
In one embodiment of the application, verification data for comparing a private key and a public key is generated; and sending the verification data to the electronic equipment, wherein the verification data is used for indicating the electronic equipment to compare the custom system signature and the application signature according to the verified data.
In an embodiment of the present application, the method for rights management further includes: sending the identity information of the third-party platform to the electronic equipment; the identity information is used for indicating the electronic equipment to verify the identity information.
In a third aspect, an embodiment of the present application provides a rights management device, including:
the determining module is used for determining an application signature of the application program when the application program is detected to acquire the system right of the operating system, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program;
the acquisition module is used for acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to the private key from a third-party platform;
the comparison module is used for comparing the custom system signature with the application signature;
and the configuration module is used for configuring the system authority for the application program if the comparison between the self-defined system signature and the application signature is successful.
In an embodiment of the application, the comparison module is specifically configured to obtain verification data corresponding to the custom system signature, where the verification data is obtained by the operating system from a third-party platform corresponding to the application program, and the verification data indicates a comparison manner between the custom system signature and the application signature; and comparing the self-defined system signature with the application signature according to the verification data.
In an embodiment of the application, the right management apparatus is further configured to receive verification data sent by a third party platform, where the verification data corresponds to a custom system signature; the authentication data is incorporated into the operating system.
In an embodiment of the application, the rights management device is further configured to receive a custom system signature sent by a third-party platform; and storing the self-defined system signature to a preset storage position.
In an embodiment of the present application, the rights management unit is further configured to receive identity information sent by a third party platform; verifying the identity information; and determining that the identity information passes the verification.
In an embodiment of the present application, the rights management device is further configured to obtain an original system signature of the operating system; comparing the original system signature with the application signature; and if the comparison is unsuccessful, acquiring the custom system signature from the preset storage position.
In a fourth aspect, an embodiment of the present application provides another rights management apparatus, which is applied to a third party platform, and includes:
the generation module is used for generating a private key of the application program and a public key corresponding to the private key;
the sending module is used for sending the public key to the electronic equipment, and the public key is used for indicating the electronic equipment to store the public key as a self-defined system signature in a preset storage position;
and the determining module is used for determining that the private key is an application signature of the application program, and the application signature is used for indicating whether the system authority is configured for the application program or not according to the comparison of the custom system signature and the application signature when the application program is detected to acquire the system authority of the operating system.
In an embodiment of the application, the right management device is further configured to generate verification data for comparing the private key and the public key; and sending the verification data to the electronic equipment, wherein the verification data is used for indicating the electronic equipment to compare the custom system signature and the application signature according to the verified data.
In an embodiment of the application, the rights management apparatus is further configured to send identity information of the third party platform to the electronic device, where the identity information is used to instruct the electronic device to verify the identity information
In a fifth aspect, an embodiment of the present application provides a first electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the electronic device to perform the method of rights management of any of the first aspect of the present application.
In a sixth aspect, an embodiment of the present application provides a second electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the electronic device to perform the method of rights management of any of the second aspects of the present application.
In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the rights management method of any one of the first aspect or the second aspect of the present application.
In an eighth aspect, an embodiment of the present application provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, the method for managing rights in any of the first aspect or the second aspect of the present application is implemented.
The embodiment of the application provides a method and a device for managing authority, electronic equipment and a storage medium, wherein the method for managing the authority comprises the following steps: when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program; acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to a private key from a third-party platform; comparing the self-defined system signature with the application signature; and if the custom system signature and the application signature are successfully compared, configuring the system authority for the application program. In the embodiment of the application, the application program does not need to configure the original system signature of the operating system, and also has the system authority of the operating system, so that the process of acquiring the system authority by the application program can be simplified, deeper cooperation between the application program and the operating system is increased, and the integration risk caused by the fact that the application program needs to configure the original system signature of the operating system is avoided.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to these drawings without inventive exercise.
Fig. 1 is a scene schematic diagram of a rights management method according to an embodiment of the present application;
fig. 2 is a flowchart illustrating steps of a method for rights management according to an embodiment of the present application;
fig. 3 is a schematic view of a scenario of another rights management method according to an embodiment of the present application;
FIG. 4 is a flowchart illustrating steps of another rights management method according to an embodiment of the present application
FIG. 5 is a flowchart illustrating steps of another rights management method according to an embodiment of the present application;
fig. 6 is a block diagram of a rights management device according to an embodiment of the present application;
fig. 7 is a block diagram of another rights management device according to an embodiment of the present application;
fig. 8 is a schematic hardware structure diagram of an electronic device according to an embodiment of the present application.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. These drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the inventive concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," "third," and the like in the description and in the claims of the present application and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein.
Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a schematic view of a scenario of a rights management method according to an embodiment of the present application, as shown in fig. 1, an application 20, such as a chat application in fig. 1, is installed on an electronic device 10. When the application program is used, the system authority of an operating system of the electronic equipment needs to be acquired, the electronic equipment detects that the application program needs to acquire the system authority, the electronic equipment reads an application signature of the application program, verifies the verification signature, configures the system authority for the application program after the verification is passed, and does not configure the system authority for the application program if the verification is not passed.
Illustratively, in fig. 1, the application 20 is installed on the electronic device 10, the application 20 is a chat application, when a user wants to take a picture or a video for friend a, the electronic device displays on an interface whether the "application" is allowed to take a picture and record a video, after the user clicks "always allowed", the electronic device detects that the application 20 is acquiring system authority, and starts to verify an application signature of the application 20, and if the verification is passed, the user can take a picture or a video and send the picture or the video to friend a. If the verification fails, it indicates that the application 20 is not eligible to use system permissions.
Each electronic device provider may develop its own operating system, which is configured with a system signature for managing and controlling the system privileges of the operating system. For example, the operating system a of handset a has a system signature a and the operating system B of handset B has a system signature B. In addition, each application provider may sign its own developed application, such that the application has its own application signature that characterizes the identity of the application.
At present, in order to acquire the system authority of the operating system, the application program needs to use the same system signature as the operating system, but the system signature is used as an identification of the application program, so that the application program loses an original application signature (i.e., identity) of the application program, and further the application program is influenced to have an integration risk on the operating system, for example: the identity of the publisher of the application cannot be determined from the application signature, since the publisher of the application is required to replace the old application with a new application when the application is updated, wherein the new application needs to have the same application signature as the old application. In addition, the application of signatures can ensure that files in the application package are not replaced, whereas the absence of an application signature can result in the files in the application package being replaced at will.
In view of the above problems, the present application provides a method for managing permissions, which configures a custom system permission in an operating system, and compares the custom system permission with an application signature of an application program to determine whether to configure a system permission for the application program, so that the application program can acquire the system permission without changing its own application signature, and further avoid the risk of application program integration.
The technical solution of the present application will be described in detail below with reference to specific examples. It should be noted that the following specific embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments.
Fig. 2 is a flowchart of a rights management method according to an embodiment of the present application. The embodiment of the application provides a permission management method, which is applied to electronic equipment and specifically comprises the following steps:
s101, when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program.
The application program is developed by a third-party platform, and the application signature is a private key signed for the application program by the third-party platform.
In particular, referring to FIG. 3, a third party platform is used to develop applications. The applications developed by the third-party platform mainly include two types, one is applications requiring system permissions, such as applications for chatting, shopping, games, and the like. Another class is common applications, e.g., applications such as clocks, calendars, weather, etc. The application requiring the system authority can execute some functions only by acquiring the system authority. The common application can execute all functions of the common application without system authority.
Furthermore, when the third-party platform develops the application program, the application program is signed by the private key, so that the application program has the application signature.
Further, in fig. 3, the android system includes a plurality of operating systems, such as an operating system 1 that is allowed on the mobile phone a, and an operating system 2 that runs on the mobile phone B, and the like. When the development agent of the operating system develops the operating system, the development agent of the operating system also configures a system signature for the operating system, and the system signature is an original system signature.
Further, referring to fig. 1, when the application needs to execute a certain function, a request for acquiring the system permission is sent to the operating system, and when the operating system detects that the application is acquiring the system permission, an application signature of the application is acquired.
Specifically, the application signature may be read in a file package corresponding to the application program through a PMS (package management service).
And S102, acquiring the custom system signature from a preset storage position.
The custom system signature is a public key corresponding to the private key from the third-party platform.
Specifically, the public key is a public key in an x.509 format generated by the third party platform. Illustratively, the preset storage location is/system/etc/security/ecarx/directory, and further, the public key ends with a file suffix ". 0".
In an embodiment of the present application, a third party platform generates a signed certificate file. The signature certificate file includes: private key, public key, self-signed CA (Certificate Authority), and authentication data. The private key and the public key form a pair of key pairs, and the verification data is an algorithm by which the private key and the public key can be paired and decrypted. The self-signed CA represents identity information of the third party platform.
Further, the third-party platform signs the self-developed application program by adopting a private key, and sends the public key, the self-signed CA (identity information) and the verification data to the electronic equipment cooperating with the third-party platform, so that the electronic equipment verifies whether the third-party platform is a cooperation platform or not through the self-signed CA (identity information), and then stores the public key in the electronic equipment as a self-defined system signature.
And S103, comparing the custom system signature with the application signature.
The custom system signature and the application signature can be compared according to a preset mode.
For example, the third party platform may set the private key and the public key to be the same, and the preset manner is to compare whether the custom system signature and the application signature are the same. In addition, the private key and the public key are set to be different by the third-party platform, the private key and the public key are set by the third-party platform, the private key and the public key can be successfully compared by adopting verification data, and the preset mode is to compare the self-defined system signature and the application signature by adopting the verification data.
In the embodiment of the application, the custom system signature and the application signature are compared, so that the original system signature of the operating system does not need to be configured for the application program, and the same application program can run on a plurality of operating systems.
For example, referring to fig. 3, if the application a1 is to be run in the operating system 1, the application a1 needs to configure the system signature of the operating system 1, and the application a1 configured with the system signature of the operating system 1 cannot run on the operating system 2 because the system signature is different from the system signature of the operating system 2.
In the embodiment of the present application, when there are multiple operating systems, the user-defined system signature is configured in each of the multiple operating systems, and the application a1 can run in the multiple operating systems only by using its own application signature without modifying the reconfigured system signature.
And S104, if the custom system signature and the application signature are successfully compared, configuring system permission for the application program.
Wherein, the system authority includes: location permissions, call record permissions, camera permissions, album permissions, and the like.
In addition, if the comparison between the user-defined system signature and the application signature is successful, the system authority to be acquired is configured for the application program, and then the application program can execute corresponding functions.
For example, in fig. 1, to acquire the camera right, the application configures the camera right, and the application can perform operations such as shooting using a camera on the operating system.
The embodiment of the application provides a right management method, which comprises the following steps: when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program; acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to a private key from a third-party platform; comparing the self-defined system signature with the application signature; and if the custom system signature and the application signature are successfully compared, configuring the system authority for the application program. In the embodiment of the application, the application program does not need to configure the original system signature of the operating system, and also has the system authority of the operating system, so that the process of acquiring the system authority by the application program can be simplified, deeper cooperation between the application program and the operating system is increased, and the integration risk caused by the fact that the application program needs to configure the original system signature of the operating system is avoided.
Referring to fig. 4, a flowchart of steps of a rights management method according to another embodiment of the present application specifically includes the following steps:
s201, receiving identity information sent by a third party platform.
Wherein the identity information comprises a self-signed CA of the third party platform.
Specifically, the third party platform generates a signed certificate file. The signature certificate file includes: private key, public key, identity information, and authentication data. The third-party platform can simultaneously send the public key, the identity information and the verification data to the electronic equipment, and also can send the identity information first according to the requirement, and after the identity information passes the verification, the public key and the verification data are sent. This is not limited in this application.
And S202, verifying the identity information.
The electronic equipment identity information verification method includes that a third-party platform is a platform for developing an application program, the third-party platform is in cooperation with a development main body for developing an operating system in advance, and the verification of identity information by electronic equipment means that whether the third-party platform corresponding to the verification of identity information is a platform in which cooperation is established in advance.
Specifically, the identity information of the third-party platform can be prestored in the electronic device, after the identity information of the third-party platform is received, the received identity information and the prestored identity information of the third-party platform are compared, if the received identity information and the prestored identity information are the same, the verification is passed, and if the received identity information and the prestored identity information are different, the verification is not passed.
S203, the identity information is confirmed to pass the verification.
And when the identity information is confirmed to pass the verification, determining that the third-party platform is a development platform having a cooperative relationship with the electronic equipment.
And S204, receiving the self-defined system signature sent by the third-party platform.
The user-defined system signature is a public key generated by a third-party platform, and the user-defined system signature is a public key file in an X.509 format.
And S205, storing the custom system signature to a preset storage position.
Illustratively, the predetermined storage location is/system/etc/security/ecarx/directory. The preset storage location may also be other storage locations of the electronic device, and is not limited herein.
And S206, receiving verification data sent by the third-party platform, wherein the verification data corresponds to the self-defined system signature.
The verification data is a patch file, specifically a java code file.
In addition, the verification data has corresponding relations with the custom system signature and the application signature.
In the embodiment of the application, the security of the application program using the system authority can be improved by setting the verification data.
And S207, integrating the verification data into the operating system.
And the verification data is incorporated into the operating system in a mode of modifying the original java code of the operating system through a diff (comparison) instruction. The verification data may be incorporated into the operating system in other ways, which are not limited herein.
In addition, the verification data is imported into the operating system, and the verification data is used for comparing the custom system authority and the application signature.
Further, after the verification data is incorporated into the operating system, the operating system is restarted, whether the operation is normal or not is detected, if the operation is normal, the subsequent steps are executed, and if the operation is abnormal, the step of incorporating the verification data into the operating system is executed again.
And S208, when the application program is detected to acquire the system right of the operating system, determining the application signature of the application program.
The implementation manner of this step specifically refers to S101, and is not described herein again. It should be added that, the application program may determine the application signature of the application program when the application program acquires the system right of the operating system at installation time. Or determining the application signature of the application program when the system right of the operating system is acquired after the operating system is installed. This is not limitative.
In addition, when the application program acquires the system right of the operating system during installation, and determines an application signature of the application program, before S208, the method further includes: downloading an application program package; analyzing the application program package; and installing the application program. Specifically, the application may be installed through an application marketplace or preloaded onto the operating system in an integrated manner.
Further, the user downloads to the application package, and analyzes the application information contained in the application package, where the application information includes: the name of the application program package, the declared authority list, whether the system authority is declared, the contained component configuration, the application signature and other information. And acquiring an application signature of the application program through the application information in the application program package.
S209, acquiring an original system signature of the operating system.
The original system signature is a system signature configured for the operating system by a development subject of the operating system and is used for representing a signature of a unique identity of the operating system.
And S210, comparing the original system signature with the application signature.
In the embodiment of the application, the original system signature and the custom system signature have the same function in the operating system, that is, the system permission of the operating system can be obtained by successfully comparing the application signature with either the original system signature or the custom system signature.
In addition, comparing the original system signature and the application signature may be to determine whether the original system signature and the application signature are the same or to determine whether the original system signature and the application signature belong to the same key pair.
For example, when the development agent of the operating system and the development agent of the application are the same, the original system signature that can be configured for the operating system and the application signature of the application are the same or belong to the same key pair.
S211, judging whether the original system signature and the application signature are successfully compared.
The original system signature and the application signature are preferentially compared, if the original system signature and the application signature are not successfully compared, S212 is executed, and if the original system signature and the application signature are successfully compared, S216 is executed.
In addition, whether the comparison of the original system signature and the application signature is successful comprises: the original system signature and the application signature are the same or the original system signature and the application signature belong to the same key pair.
And S212, acquiring the custom system signature from a preset storage position.
The custom system signature is a public key corresponding to the private key from the third-party platform.
In addition, the specific implementation process of this step refers to S102, and is not described herein again. It should be noted that, after the custom system signature is obtained from the preset storage location, the custom system signature is loaded into the memory, so that the comparison operation is performed subsequently.
S213, obtaining the verification data corresponding to the self-defined system signature.
The verification data is obtained by the operating system from a third-party platform corresponding to the application program, and indicates a comparison mode of the custom system signature and the application signature.
In addition, the verification data and the custom system signature are generated by the same third-party platform and have a corresponding relation.
And S214, comparing the self-defined system signature with the application signature according to the verification data.
In the embodiment of the present application, the verification data is substantially an algorithm. The custom system signature and the application signature are a key pair derived by the algorithm, and the key pair derived by the algorithm is guaranteed to be unique. Thus, the custom system signature and the application signature can also be decrypted with each other using the verification data. If the decryption is successful, the user-defined system signature and the application signature are the same key pair, the comparison is successful, and if the decryption is failed, the user-defined system signature and the application signature are not the same key pair, the comparison is failed.
Additionally, comparing the custom system signature and the application signature includes: and analyzing the self-defined system signature to obtain a public key, analyzing the application signature to obtain a private key, and comparing the public key and the private key.
S215, judging whether the custom system signature and the application signature are successfully compared.
If the comparison between the customized system signature and the application signature is successful, S216 is executed, and if the comparison between the customized system signature and the application signature is unsuccessful, the process is ended.
In addition, the ending process is to not configure the system authority for the application program or configure the common authority for the application program.
S216, configuring system authority for the application program.
The system authority includes at least one of a system signature authority, a system User Identification (UID), a Security-Enhanced Linux (SELinux), or a system signature application flag.
In addition, after the application program configures the system permission, the system-level operation can be executed according to the acquired system permission.
Furthermore, the electronic device has a plurality of custom system signatures and a plurality of verification data, and after the electronic device obtains the application signature, the application signature and each custom system signature can be compared in a polling manner, and as long as one custom system signature is successfully compared with the application signature, the system permission is configured for the application program.
Therefore, in the embodiment of the application, one application program can acquire the corresponding system authority when running on a plurality of operating systems without modifying the application signature. An operating system also supports multiple cooperating applications running on it and multiple applications acquiring system privileges. Therefore, the application program and the operating system can be more conveniently deeply cooperated.
The embodiment of the application provides a right management method, which comprises the following steps: when detecting that the application program acquires the system right of the operating system, determining an application signature of the application program, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program; acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to a private key from a third-party platform; comparing the self-defined system signature with the application signature; and if the custom system signature and the application signature are successfully compared, configuring the system authority for the application program. In the embodiment of the application, the application program does not need to configure the original system signature of the operating system, and also has the system authority of the operating system, so that the process of acquiring the system authority by the application program can be simplified, deeper cooperation between the application program and the operating system is increased, and the integration risk caused by the fact that the application program needs to configure the original system signature of the operating system is avoided.
Referring to fig. 5, a flowchart of steps of a rights management method according to another embodiment of the present application is provided, where the rights management method is applied to a third party platform, and the rights management method specifically includes the following steps:
s301, a private key of the application and a public key corresponding to the private key are generated.
The third-party platform generates a private key of the application program and a public key corresponding to the private key and simultaneously generates verification data for comparing the private key and the public key; and sending the verification data to the electronic equipment, wherein the verification data is used for indicating the electronic equipment to compare the custom system signature and the application signature according to the verified data.
In addition, the method further comprises the following steps: and sending the identity information of the third-party platform to the electronic equipment, wherein the identity information is used for indicating the electronic equipment to verify the identity information.
S302, the public key is sent to the electronic equipment.
The public key is used for indicating the electronic equipment to store the public key as a self-defined system signature in a preset storage position.
S303, determining the private key as an application signature of the application program.
And the application signature is used for indicating whether the system authority is configured for the application program or not according to the comparison of the custom system signature and the application signature when the application program is detected to acquire the system authority of the operating system.
In addition, for the related descriptions of S301 to S303, reference may be made to the above method embodiments, which are not described herein again.
In the embodiment of the application, the third-party platform generates a private key and a public key corresponding to the private key, signs the application program by adopting the private key, and sends the public key to the electronic equipment, so that the electronic equipment stores the public key as a self-defined system signature process. When the application program acquires the system authority, whether the system authority is configured for the application program or not can be determined by comparing the self-defined system signature with the application signature. Therefore, the application program does not need to configure the original system signature of the operating system, the application program can avoid the risk of application program integration, and the process of obtaining the system authority by the application program is simplified.
Fig. 6 is a schematic structural diagram of a rights management device according to an embodiment of the present application. As shown in fig. 6, a rights management apparatus 40 provided in an embodiment of the present application includes:
the determining module 41 is configured to determine an application signature of the application program when it is detected that the application program is acquiring the system right of the operating system, where the application program is developed by a third party platform, and the application signature is a private key signed by the third party platform for the application program;
an obtaining module 42, configured to obtain a custom system signature from a preset storage location, where the custom system signature is a public key corresponding to the private key from a third-party platform;
a comparison module 43, configured to compare the custom system signature and the application signature;
and the configuration module 44 is configured to configure the system permission for the application program if the comparison between the custom system signature and the application signature is successful.
In an embodiment of the present application, the comparison module 43 is specifically configured to obtain verification data corresponding to the custom system signature, where the verification data is obtained by the operating system from a third-party platform corresponding to the application program, and the verification data indicates a comparison manner between the custom system signature and the application signature; and comparing the self-defined system signature with the application signature according to the verification data.
In an embodiment of the present application, the rights management apparatus 40 is further configured to receive verification data sent by a third party platform, where the verification data corresponds to a custom system signature; the authentication data is incorporated into the operating system.
In one embodiment of the present application, the rights management device 40 is further configured to receive a custom system signature sent by a third party platform; and storing the self-defined system signature to a preset storage position.
In one embodiment of the present application, the rights management device 40 is further configured to receive identity information sent by a third party platform; verifying the identity information; and determining that the identity information passes the verification.
In one embodiment of the present application, the rights management device 40 is further configured to obtain an original system signature of the operating system; comparing the original system signature with the application signature; and if the comparison is unsuccessful, acquiring the custom system signature from the preset storage position.
The rights management device provided in the embodiment of the application is configured to execute the technical solution in the method embodiment corresponding to fig. 2 or fig. 3, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 7 is a schematic structural diagram of a rights management device according to another embodiment of the present application. As shown in fig. 7, the rights management apparatus 50 provided in the embodiment of the present application includes:
a generating module 51, configured to generate a private key of the application and a public key corresponding to the private key;
a sending module 52, configured to send a public key to the electronic device, where the public key is used to instruct the electronic device to store the public key as a custom system signature in a preset storage location;
and the determining module 53 is configured to determine that the private key is an application signature of the application program, where the application signature is used to indicate that, when it is detected that the application program is acquiring the system authority of the operating system, whether to configure the system authority for the application program is determined according to comparison of the custom system signature and the application signature.
In one embodiment of the present application, the rights management device 50 is further configured to generate verification data comparing the private key and the public key; and sending the verification data to the electronic equipment, wherein the verification data is used for indicating the electronic equipment to compare the custom system signature and the application signature according to the verified data.
In one embodiment of the present application, the rights management unit 50 is further configured to send identity information of the third party platform to the electronic device, where the identity information is used to instruct the electronic device to verify the identity information
The rights management device provided in the embodiment of the present application is configured to execute the technical solution in the method embodiment corresponding to fig. 4, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 8 is a schematic diagram of a hardware structure of an electronic device (a first electronic device or a second electronic device) according to an embodiment of the present application. As shown in fig. 8, the electronic device 70 of the embodiment of the present application may include: at least one processor 71 (only one processor is shown in FIG. 8); and a memory 72 communicatively coupled to the at least one processor. The memory 72 stores instructions executable by the at least one processor 71, and the instructions are executed by the at least one processor 71, so that the electronic device 70 can execute the technical solution in any of the foregoing method embodiments.
Alternatively, the memory 72 may be separate or integrated with the processor 71.
When the memory 72 is a device separate from the processor 71, the electronic device 70 further includes: a bus 73 for connecting the memory 72 and the processor 71.
The electronic device provided in the embodiment of the present application may execute the technical solution of any one of the foregoing method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
The embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the computer program is used to implement the technical solution in any of the foregoing method embodiments.
The present application provides a computer program product, including a computer program, which, when executed by a processor, implements the technical solutions in any of the foregoing method embodiments.
An embodiment of the present application further provides a chip, including: a processing module and a communication interface, wherein the processing module can execute the technical scheme in the method embodiment.
Further, the chip further includes a storage module (e.g., a memory), where the storage module is configured to store instructions, and the processing module is configured to execute the instructions stored in the storage module, and the execution of the instructions stored in the storage module causes the processing module to execute the technical solution in the foregoing method embodiment.
It should be understood that the Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.
The memory may comprise a high-speed RAM memory, and may further comprise a non-volatile storage NVM, such as at least one disk memory, and may also be a usb disk, a removable hard disk, a read-only memory, a magnetic or optical disk, etc.
The bus may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, the buses in the figures of the present application are not limited to only one bus or one type of bus.
The storage medium may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuits (ASIC). Of course, the processor and the storage medium may reside as discrete components in an electronic device.
Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.
Claims (15)
1. A method for managing authority is applied to an electronic device, and comprises the following steps:
when detecting that an application program acquires the system right of an operating system, determining an application signature of the application program, wherein the application program is developed by a third party platform, and the application signature is a private key signed by the third party platform for the application program;
acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key corresponding to the private key from the third-party platform;
comparing the custom system signature with the application signature;
and if the user-defined system signature is successfully compared with the application signature, configuring the system authority for the application program.
2. The rights management method of claim 1, wherein said comparing the custom system signature and the application signature comprises:
obtaining verification data corresponding to a custom system signature, wherein the verification data is obtained by the operating system from a third-party platform corresponding to the application program, and the verification data indicates a comparison mode of the custom system signature and the application signature;
and comparing the user-defined system signature with the application signature according to the verification data.
3. The rights management method of claim 2, wherein before obtaining the verification data corresponding to the custom system signature, the method further comprises:
receiving the verification data sent by the third-party platform, wherein the verification data corresponds to the self-defined system signature;
incorporating the verification data into the operating system.
4. The rights management method of claim 1, wherein when it is detected that the application program is acquiring the system rights of the operating system, before determining the application signature of the application program, further comprising:
receiving the self-defined system signature sent by the third-party platform;
and storing the self-defined system signature to the preset storage position.
5. The rights management method of claim 4, wherein before storing the custom system signature in the predetermined storage location, further comprising:
receiving identity information sent by the third-party platform;
verifying the identity information;
and determining that the identity information is verified.
6. The rights management method according to any of claims 1 to 5, wherein before obtaining the custom system signature from the preset storage location, the method further comprises:
acquiring an original system signature of the operating system;
comparing the original system signature and the application signature;
and if the comparison is unsuccessful, executing the self-defined system signature acquired from the preset storage position.
7. A method for managing authority is applied to a third-party platform, and comprises the following steps:
generating a private key of an application program and a public key corresponding to the private key;
sending the public key to electronic equipment, wherein the public key is used for indicating the electronic equipment to store the public key as a user-defined system signature in a preset storage position;
and determining that the private key is an application signature of the application program, wherein the application signature is used for indicating whether the system authority is configured for the application program or not according to the comparison of the custom system signature and the application signature when the application program is detected to acquire the system authority of the operating system.
8. The rights management method of claim 7, further comprising:
generating verification data for comparing the private key and the public key;
and sending the verification data to the electronic equipment, wherein the verification data is used for indicating the electronic equipment to compare the custom system signature with the application signature according to the verification data.
9. The rights management method according to claim 7 or 8, further comprising:
and sending the identity information of the third-party platform to the electronic equipment, wherein the identity information is used for indicating the electronic equipment to verify the identity information.
10. A rights management apparatus applied to an electronic device, the rights management apparatus comprising:
the determining module is used for determining an application signature of an application program when the application program is detected to acquire the system right of an operating system, wherein the application program is developed by a third-party platform, and the application signature is a private key signed by the third-party platform for the application program;
the acquisition module is used for acquiring a custom system signature from a preset storage position, wherein the custom system signature is a public key which is from the third-party platform and corresponds to the private key;
the comparison module is used for comparing the custom system signature with the application signature;
and the configuration module is used for configuring the system authority for the application program if the custom system signature and the application signature are successfully compared.
11. A rights management device applied to a third party platform, the rights management device comprising:
the generation module is used for generating a private key of an application program and a public key corresponding to the private key;
the sending module is used for sending the public key to the electronic equipment, and the public key is used for indicating the electronic equipment to store the public key as a user-defined system signature in a preset storage position;
the determining module is used for determining that the private key is an application signature of the application program, and the application signature is used for indicating whether the system authority is configured for the application program or not according to the comparison of the custom system signature and the application signature when the application program is detected to acquire the system authority of the operating system.
12. A first electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the electronic device to perform the rights management method of any of claims 1-6.
13. A second electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the electronic device to perform the rights management method of any of claims 7-9.
14. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the rights management method according to any one of claims 1 to 6 or 7 to 9.
15. A computer program product having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the rights management method of any of claims 1-6 or 7-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110838423.0A CN113541966A (en) | 2021-07-23 | 2021-07-23 | Authority management method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110838423.0A CN113541966A (en) | 2021-07-23 | 2021-07-23 | Authority management method, device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113541966A true CN113541966A (en) | 2021-10-22 |
Family
ID=78088841
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110838423.0A Pending CN113541966A (en) | 2021-07-23 | 2021-07-23 | Authority management method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113541966A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116049799A (en) * | 2022-07-14 | 2023-05-02 | 荣耀终端有限公司 | System authority management method, system and electronic equipment |
| CN117077090A (en) * | 2023-10-16 | 2023-11-17 | 武汉星纪魅族科技有限公司 | Application signature method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
| US20080010458A1 (en) * | 2006-07-07 | 2008-01-10 | Michael Holtzman | Control System Using Identity Objects |
| CN106161036A (en) * | 2016-08-18 | 2016-11-23 | 福建联迪商用设备有限公司 | The mobile station (MS) state transition method of a kind of credit and system |
| WO2017220014A1 (en) * | 2016-06-24 | 2017-12-28 | 中兴通讯股份有限公司 | System permission management method and apparatus, and intelligent terminal |
| US20180367315A1 (en) * | 2017-06-14 | 2018-12-20 | Beijing Xiaomi Mobile Software Co., Ltd. | Method and apparatus for signing and verifying application installation package, and storage medium |
| US20200084042A1 (en) * | 2018-09-10 | 2020-03-12 | Dell Products L.P. | Information handling system entitlement validation |
-
2021
- 2021-07-23 CN CN202110838423.0A patent/CN113541966A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080010458A1 (en) * | 2006-07-07 | 2008-01-10 | Michael Holtzman | Control System Using Identity Objects |
| CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
| WO2017220014A1 (en) * | 2016-06-24 | 2017-12-28 | 中兴通讯股份有限公司 | System permission management method and apparatus, and intelligent terminal |
| CN106161036A (en) * | 2016-08-18 | 2016-11-23 | 福建联迪商用设备有限公司 | The mobile station (MS) state transition method of a kind of credit and system |
| US20180367315A1 (en) * | 2017-06-14 | 2018-12-20 | Beijing Xiaomi Mobile Software Co., Ltd. | Method and apparatus for signing and verifying application installation package, and storage medium |
| US20200084042A1 (en) * | 2018-09-10 | 2020-03-12 | Dell Products L.P. | Information handling system entitlement validation |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116049799A (en) * | 2022-07-14 | 2023-05-02 | 荣耀终端有限公司 | System authority management method, system and electronic equipment |
| CN116049799B (en) * | 2022-07-14 | 2023-11-07 | 荣耀终端有限公司 | System authority management method, system and electronic equipment |
| CN117077090A (en) * | 2023-10-16 | 2023-11-17 | 武汉星纪魅族科技有限公司 | Application signature method, device, equipment and storage medium |
| CN117077090B (en) * | 2023-10-16 | 2024-01-23 | 武汉星纪魅族科技有限公司 | Application signature method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109214168B (en) | Firmware upgrading method and device | |
| CN107615292B (en) | System and method for managing installation of application packages requiring high risk permission access | |
| US8566937B2 (en) | Information processing apparatus and method for preventing unauthorized cooperation of applications | |
| ES2334336T3 (en) | DISTRIBUTION AND EXECUTION OF SAFE APPLICATION IN A WIRELESS ENVIRONMENT. | |
| CN107301343B (en) | Safety data processing method and device and electronic equipment | |
| US20090249071A1 (en) | Managing code entitlements for software developers in secure operating environments | |
| KR101252921B1 (en) | System and method of authorizing execution of software code in a device based on entitlements granted to a carrier | |
| KR20100126478A (en) | System and method of authorizing execution of software code based on accessible entitlements | |
| CN108880859B (en) | Configuration method, device, server, terminal and storage medium of upgrade file | |
| KR20040028597A (en) | Test enabled application execution | |
| US9344406B2 (en) | Information processing device, information processing method, and computer program product | |
| CN112507291B (en) | Method and device for generating unique identifier of Android device | |
| CN113541966A (en) | Authority management method, device, electronic equipment and storage medium | |
| CN104751049A (en) | Application program installing method and mobile terminal | |
| CN110874467B (en) | Information processing method, device, system, processor and storage medium | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| US8229505B2 (en) | Method and apparatus for storing a software license | |
| KR100660641B1 (en) | Secure booting method for mobile terminal and mobile terminal for adopting the same | |
| CN105704296B (en) | Application environment cloning method and device | |
| CN108197469B (en) | Method and device for verifying application program, storage medium and electronic equipment | |
| CN111159657A (en) | Application program authentication method and system | |
| CN114880011A (en) | OTA (over the air) upgrading method and device, electronic equipment and readable storage medium | |
| CN114329358A (en) | Application signature method and system, transaction terminal and service platform | |
| CN107479923A (en) | Application program updating method, apparatus and display terminal | |
| CN116707758A (en) | Authentication method, equipment and server of trusted computing equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220329 Address after: 430051 No. b1336, chuanggu startup area, taizihu cultural Digital Creative Industry Park, No. 18, Shenlong Avenue, Wuhan Economic and Technological Development Zone, Wuhan, Hubei Province Applicant after: Yikatong (Hubei) Technology Co.,Ltd. Address before: 430056 building B, No.7 building, kaidixiexin kechuangyuan, South taizihu innovation Valley, Wuhan Economic and Technological Development Zone, Wuhan City, Hubei Province Applicant before: HUBEI ECARX TECHNOLOGY Co.,Ltd. |