CN115130132A - Access control method for accurately revoking authority, related device and system - Google Patents
Access control method for accurately revoking authority, related device and system Download PDFInfo
- Publication number
- CN115130132A CN115130132A CN202210211570.XA CN202210211570A CN115130132A CN 115130132 A CN115130132 A CN 115130132A CN 202210211570 A CN202210211570 A CN 202210211570A CN 115130132 A CN115130132 A CN 115130132A
- Authority
- CN
- China
- Prior art keywords
- agent
- callee
- permission
- electronic device
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 152
- 230000008569 process Effects 0.000 claims abstract description 37
- 230000006870 function Effects 0.000 claims description 56
- 230000006854 communication Effects 0.000 claims description 54
- 238000004891 communication Methods 0.000 claims description 53
- 230000015654 memory Effects 0.000 claims description 38
- 230000004044 response Effects 0.000 claims description 36
- 238000003860 storage Methods 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 13
- 239000003795 chemical substances by application Substances 0.000 description 231
- 238000013475 authorization Methods 0.000 description 75
- 238000007726 management method Methods 0.000 description 41
- 238000012545 processing Methods 0.000 description 37
- 239000010410 layer Substances 0.000 description 28
- 238000010295 mobile communication Methods 0.000 description 17
- 238000010586 diagram Methods 0.000 description 13
- 101150053844 APP1 gene Proteins 0.000 description 12
- 101100189105 Homo sapiens PABPC4 gene Proteins 0.000 description 12
- 102100039424 Polyadenylate-binding protein 4 Human genes 0.000 description 12
- 230000005236 sound signal Effects 0.000 description 9
- 101100055496 Arabidopsis thaliana APP2 gene Proteins 0.000 description 8
- 101100016250 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) GYL1 gene Proteins 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 7
- 238000003825 pressing Methods 0.000 description 7
- 230000001360 synchronised effect Effects 0.000 description 7
- 239000011230 binding agent Substances 0.000 description 6
- 238000011161 development Methods 0.000 description 6
- 230000018109 developmental process Effects 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 238000012546 transfer Methods 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 5
- 238000013508 migration Methods 0.000 description 5
- 230000005012 migration Effects 0.000 description 5
- 230000032683 aging Effects 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 229920001621 AMOLED Polymers 0.000 description 3
- 238000013528 artificial neural network Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 230000000007 visual effect Effects 0.000 description 3
- 230000003796 beauty Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 239000003999 initiator Substances 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000007493 shaping process Methods 0.000 description 2
- 101100264195 Caenorhabditis elegans app-1 gene Proteins 0.000 description 1
- 230000001133 acceleration Effects 0.000 description 1
- 230000003321 amplification Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000003416 augmentation Effects 0.000 description 1
- 230000003190 augmentative effect Effects 0.000 description 1
- 238000013529 biological neural network Methods 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 210000000988 bone and bone Anatomy 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000019771 cognition Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 239000012792 core layer Substances 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 210000002569 neuron Anatomy 0.000 description 1
- 238000003199 nucleic acid amplification method Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
- 238000001824 photoionisation detection Methods 0.000 description 1
- 239000002096 quantum dot Substances 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/4881—Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
The application provides an access control method for accurate revocation authority, a related device and a system. In the method, a subject device can send an access request and authority information required by the access request granted by a user to a guest device, and the guest device can create a first agent and grant the authority required by the access request to the first agent. Then, the object device may respond to the access request through the first agent, and may revoke the authority acquired by the object device by revoking the authority granted to the first agent or terminating the first agent. The scheme can ensure that the object device obtains accurate authority, and can accurately and flexibly revoke the authority as required, thereby protecting the data security of the object device in the resource calling process.
Description
The present application claims priority of chinese patent application entitled "access control method for precise revocation of rights, related apparatus and system" filed by the chinese patent office on 26/3/2021, application number 202110327079.9, which is incorporated herein by reference in its entirety.
Technical Field
The present application relates to the field of computer and communication technologies, and in particular, to an access control method, a related device, and a system for accurately revoking permissions.
Background
In a single-machine scene containing a single device, Applications (APPs) in the device can be mutually called, and various resources in the device can be accessed. With the development of intelligent terminals, the types and the number of devices in the life of users are increasing, and a distributed scene of intercommunication and interconnection of the devices is gradually realized. In a distributed scenario, it will become a future trend that devices share resources with each other, such as computing power, storage resources, network resources, and so on.
In order to protect the privacy of the user, the related art requires that the called electronic device must acquire the authority to access the sensitive information and can access the sensitive information after the authority check is passed.
How to ensure that the called electronic equipment obtains an accurate authority in the calling process and how to revoke the authority according to needs are a problem which needs to be solved urgently at present.
Disclosure of Invention
The application provides an access control method, a related device and a system for accurately revoking the authority, which can ensure that the object equipment acquires the accurate authority, and can accurately revoke the authority as required to protect the data security in the object equipment.
In a first aspect, an embodiment of the present application provides an access control method for accurately revoking an authority, where the method is applied to a communication system including a first device and a second device, a callee is installed in the first device, a first caller is installed in the second device, the callee and the first caller are an application APP or a functional component, the APP is a program entity for implementing multiple functions, and the functional component is a program entity for implementing a single function.
The method of the first aspect comprises: the second device sends a first access request and first permission information to the first device, wherein the first access request is used for a first caller to call a callee to access a first resource in the first device, the first permission information indicates a first permission, and the first permission comprises a permission for calling the callee and/or a permission for accessing the first resource; the first equipment responds to the first access request, grants a first permission to a first agent, and grants the permission for accessing the first agent to a callee, wherein the first agent is a service, a process or a thread; the first equipment runs the callee, accesses the first agent and accesses the first resource through the first authority of the first agent; the first device terminates the first agent or the first device revokes the first right possessed by the first agent.
In the method of the first aspect, the first device may be referred to as a guest device, and the second device may be referred to as a host device.
By implementing the method provided by the first aspect, the object device accesses the first resource through the first agent, and avoids directly granting the authority required by the access request to the callee, even if the callee transfers the acquired authority to other callees for the second time, the authority transferred for the second time is invalid by executing the method, thereby achieving the purpose of accurately revoking the authority. In addition, through the first agent, the object device does not need to store a large amount of authority delegation information, and storage resources of the object device are saved.
In addition, in the method provided by the first aspect, the subject device applies for the right required for the access request to the user, and the subject device can acquire the right required for the access request as long as the subject device or the caller has the authorization condition, regardless of whether the subject device or the callee has the authorization condition. Therefore, the access request initiated by the caller can be successfully responded, the resource calling among the devices is realized, and the actual requirements of the user are met.
With reference to the first aspect, in some embodiments, the first device may revoke the right required by the access request transferred by the second device in any one of the following cases:
1, if the first authority information further indicates the time effectiveness of the first authority, and if the time effectiveness is effective once, the first equipment terminates the access to the first resource and terminates the first agent or cancels the first authority of the first agent; if the time limit is valid within the first time or within the first area, the first device terminates the first authority or revokes the first authority possessed by the first agent after the first time when the first authority information is received or when the first device is located in the non-first area.
And 2, after the first device finishes accessing the first resource or finishes accessing the first resource for a second time, terminating the first agent or revoking the first authority possessed by the first agent.
Through the 2 nd mode, the object device can cancel the right after successfully responding to the access request, and does not need to cancel the right by transmitting the time efficiency information, so that the condition that the right is invalid when the resource calling is not completed is avoided, and the purpose of accurately canceling the right according to the actual user requirement is realized.
With reference to the first aspect, in some embodiments, the first device may grant the right to access the first agent to the first instance of the callee, and run the first instance to access the first agent.
In the above embodiment, the communication system further includes a third device, where the third device has a second caller installed therein, and the second caller is an APP or a functional component. The third device may send a second access request and second permission information to the first device, where the second access request is used for a second caller to call a callee to access the first resource, and the second permission information indicates a second permission, where the second permission includes a permission to call the callee and/or a permission to access the first resource; the first device responds to the second access request, grants a second permission to the second agent, grants the permission for accessing the second agent to a second instance of the callee, and the second agent is a service, a process or a thread; the first equipment runs the second instance, accesses the second agent and accesses the first resource through the second authority possessed by the second agent; the first instance and the second instance are processes or threads running in a Random Access Memory (RAM), the second instance is different from the first instance, and the second instance and the first instance are isolated from each other.
Through the above embodiment, the object device provides services for multiple callers by multiple instances, and can grant the authority acquired by the host device to the revocation proxy corresponding to the instance of the callee created for the caller. Therefore, the authority of a caller can be guaranteed to be only given to the revocation agent corresponding to the instance, and the problems of authority mixing and authority expansion can be avoided, so that the data security in the object equipment is guaranteed, and data abuse and leakage are prevented.
With reference to the first aspect, in some embodiments, before the first device grants the first instance of the callee the right to access the first agent, the first instance may be created in response to the first access request.
In combination with the first aspect, in some embodiments, the first agent comprises: a first routing agent, a first revocation agent; the first routing agent and the first withdrawing agent are services, processes or threads. The first device may grant a first right to the first revocation agent and grant a right to access the first routing agent to the callee. And the first device can run the callee, access the first revocation agent through the first routing agent, and access the first resource through the first right possessed by the first revocation agent. Further, the first device may terminate the first routing agent and/or the first revocation agent, or the first device may revoke the first right possessed by the first revocation agent.
In the above embodiment, if the first device further includes a second agent, and the second agent includes a first routing agent and a first revocation agent, the first routing agent and the second routing agent may be synthesized into the same agent. This may reduce resource consumption in the first device.
With reference to the first aspect, in some implementations, the first agent may be created in response to the first access request before the first device grants the first right to the first agent in response to the first access request.
With reference to the first aspect, in some embodiments, the first authority specifically includes: the second equipment calls the authority of the callee and/or the authority of the second equipment for accessing the first resource; and/or the first caller calls the authority of the callee, and/or the authority of the first caller to access the first resource.
With the above embodiment, if the right required by the access request includes information of the host device and/or the caller, the user can know more detailed information about the right required by the access request received by the current guest device, and thus can decide whether to grant the right. Therefore, the authorization operation can be executed under the condition that the user fully knows the authority required by the access request, the misoperation or the false authorization of the user can be avoided, and the data security in the object device is ensured.
With reference to the first aspect, in some embodiments, the second device may send the first access request to the first device directly, while sending the first access request to the first device, based on a capability (capability) access control technology. For example, the authority information required for the first access request granted by the user may be carried in the first access request. Therefore, time overhead caused by permission synchronization in a centralized permission management mechanism can be avoided, and the efficiency of resource calling is improved.
With reference to the first aspect, in some embodiments, before the second device sends the first permission information to the first device, prompt information may be output, where the prompt information is used to prompt the first permission; the second device may transmit the first right information to the first device in response to the received user operation. In this way, the user can grant the first right by inputting a user operation on the second device.
In conjunction with the above embodiment, the operation received by the second device includes one or more of: the user operation acting on the display screen, the preset face image, the preset fingerprint, the preset voice command or the user operation acting on the key is realized.
In a second aspect, an embodiment of the present application provides an access control method for accurately revoking permissions, where the method is applied to an electronic device, a callee is installed in the electronic device, the callee is an application APP or a functional component, the APP is a program entity that implements multiple functions, and the functional component is a program entity that implements a single function.
The method of the second aspect comprises: the electronic equipment receives a first access request and first permission information sent by second equipment, wherein the first access request is used for a first caller in the second equipment to call a callee to access a first resource in the electronic equipment, the first permission information indicates a first permission, and the first permission comprises a permission for calling the callee and/or a permission for accessing the first resource; the first caller is an APP or a functional component; the electronic equipment responds to the first access request, grants a first permission to the first agent, and grants the permission for accessing the first agent to the callee, wherein the first agent is a service, a process or a thread; the electronic equipment runs the callee, accesses the first agent, and accesses the first resource through the first authority of the first agent; the electronic device terminates the first agent, or the electronic device revokes the first right possessed by the first agent.
By implementing the method provided by the second aspect, the first device accesses the first resource through the first agent, and avoids directly granting the right required by the access request to the callee, even if the callee transfers the right acquired by the callee to other callees for two times, the right transferred for two times is invalid by implementing the method, so that the purpose of accurately revoking the right is achieved. In addition, through the first agent, the first device does not need to store a large amount of authority delegation information, and storage resources of the first device are saved.
In addition, in the method provided by the second aspect, the host device applies the user for the right required for the access request, and the guest device can acquire the right required for the access request as long as the host device or the caller has the authorization condition, regardless of whether the guest device or the callee has the authorization condition. Therefore, the access request initiated by the caller can be successfully responded, the resource calling among the devices is realized, and the actual requirements of the user are met.
In the method provided by the second aspect, for each operation performed by the electronic device, reference may be made to the relevant description on the first device side in the method provided by the first aspect, and details are not repeated here.
In a third aspect, an embodiment of the present application provides an access control method for accurately revoking an authority, where the method is applied to an electronic device, and a first caller and a callee are installed in the electronic device, where the first caller and the callee are application applications or functional components, the applications are program entities for implementing multiple functions, and the functional components are program entities for implementing a single function.
The method of the third aspect comprises: the electronic equipment generates a first access request and acquires a first authority, wherein the first access request is used for a first caller to call a callee to access a first resource in the electronic equipment, and the first authority comprises the authority for calling the callee and/or the authority for accessing the first resource; the electronic equipment responds to the first access request, grants a first permission to the first proxy, and grants the permission for accessing the first proxy to the callee; the electronic equipment runs the callee, accesses the first agent, and accesses the first resource through the first authority of the first agent; the electronic device terminates the first agent, or the electronic device revokes the first right possessed by the first agent.
By implementing the method provided by the third aspect, the electronic device can revoke the right accurately and flexibly through the first agent.
In the first aspect, the second aspect, or any one of the foregoing embodiments, the operations performed by the first device, the second device, or the third device are all performed by the same electronic device in the method provided by the third aspect, and the interaction between the second device or the third device and the third device may be omitted, which may specifically refer to the foregoing related description and is not repeated here.
In a fourth aspect, an embodiment of the present application provides an electronic device, including: a memory, one or more processors; the memory is coupled to the one or more processors and is configured to store computer program code comprising computer instructions that are invoked by the one or more processors to cause the electronic device to perform a method as described in the second aspect or any one of the embodiments of the second aspect.
In a fifth aspect, an embodiment of the present application provides an electronic device, including: a memory, one or more processors; the memory is coupled to the one or more processors, the memory for storing computer program code, the computer program code including computer instructions, the one or more processors invoking the computer instructions to cause the electronic device to perform a method as in any one of the third aspect or the implementation of the third aspect.
In a sixth aspect, an embodiment of the present application provides a communication system, which includes a first device and a second device, where the first device is configured to perform the method as in any one of the second aspect or the second aspect.
In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, which includes instructions that, when executed on an electronic device, cause the electronic device to perform a method as described in the second aspect or any one of the implementation manners of the second aspect.
In an eighth aspect, the present application provides a computer program product, which when run on a computer, causes the computer to execute the method of the second aspect or any one of the embodiments of the second aspect.
In a ninth aspect, the present application provides a computer-readable storage medium, which includes instructions that, when executed on an electronic device, cause the electronic device to perform the method as described in any one of the third aspect or the third aspect.
In a tenth aspect, the present application provides a computer program product, which when run on a computer, causes the computer to execute the method of any one of the third aspect or the third aspect.
By implementing the technical scheme provided by the application, the host device can send an access request for calling a callee to the object device, and transfer the authority information required by the access request granted by the user to the object device, and the object device can create a first agent and grant the authority required by the access request to the first agent. The guest device may then respond to the access request through the first agent. And the guest device may revoke the authority acquired by the guest device by revoking the authority granted to the first agent or terminating the first agent. The scheme can ensure that the object equipment obtains accurate authority, and can accurately and flexibly revoke the authority as required, thereby protecting the data security in the object equipment.
Drawings
FIG. 1A and FIG. 1B are schematic diagrams of an authorization checking method respectively;
fig. 2A is a schematic structural diagram of a communication system 10 according to an embodiment of the present application;
fig. 2B is a distributed scenario provided in the embodiment of the present application;
fig. 3A is a hardware structure diagram of an electronic device according to an embodiment of the present disclosure;
fig. 3B is a software structure diagram of an electronic device according to an embodiment of the present application;
fig. 4 is a flowchart of an access control method for accurately revoking permissions according to an embodiment of the present application;
fig. 5A-5C are diagrams illustrating a set of user interfaces implemented on the main device 200 according to an embodiment of the present application;
fig. 5D-5F are a set of user interfaces implemented on the main device 300 according to the embodiment of the present application;
FIG. 6A is a diagram illustrating the creation of agents and granting of permissions according to an embodiment of the present disclosure;
FIG. 6B is a diagram of another example of creating proxies and granting permissions according to the embodiments of the present application;
fig. 7A is a software structure diagram of a main device according to an embodiment of the present application;
fig. 7B is a software structure diagram of an object device according to an embodiment of the present application;
fig. 8 is a flowchart of a method for implementing access control by a single electronic device based on a binder according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described in detail and clearly with reference to the accompanying drawings. Wherein in the description of the embodiments of the present application, "/" indicates an inclusive meaning, for example, a/B may indicate a or B; "and/or" in the text is only an association relationship describing an associated object, and means that three relationships may exist, for example, a and/or B may mean: three cases of a alone, a and B both, and B alone exist, and in addition, "a plurality" means two or more than two in the description of the embodiments of the present application.
In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as implying or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature, and in the description of embodiments of the application, unless stated otherwise, "plurality" means two or more.
The term "User Interface (UI)" in the following embodiments of the present application is a media interface for interaction and information exchange between an application program or an operating system and a user, and implements conversion between an internal form of information and a form acceptable to the user. The user interface is source code written by java, extensible markup language (XML) and other specific computer languages, and the interface source code is analyzed and rendered on the electronic equipment and finally presented as content which can be identified by a user. A commonly used presentation form of the user interface is a Graphical User Interface (GUI), which refers to a user interface related to computer operations and displayed in a graphical manner. It may be a visual interface element such as text, an icon, a button, a menu, a tab, a text box, a dialog box, a status bar, a navigation bar, a Widget, etc. displayed in a display of the electronic device.
In a distributed system including multiple electronic devices, if an accessed electronic device does not have an authorization condition, or an invoked application does not have an authorization condition, the electronic device cannot acquire the right granted by a user to access a resource, and therefore, resource invocation in a stand-alone device or between devices cannot be realized, and actual requirements of the user cannot be met. The electronic device is provided with the authorization condition, that is, the electronic device supports one or more authorization modes for authorization of the user. Authorization means may include, but are not limited to: the method includes, but is not limited to, pop-up box authorization, fingerprint authentication authorization, face authentication authorization, voice command authorization, key press authorization, and the like. The application does not have the authorization condition means that the application cannot use various authorization modes provided by the electronic equipment. For example, when an application does not provide a user interface, the application does not support pop-box authorization.
Referring to fig. 1A, in a stand-alone device or a distributed system including a plurality of electronic devices, a centralized rights management mechanism may be adopted, that is, an access control module (i.e., a rights management service) performs the same management on the access policy and the authorization status when a resource is called. Specifically, when one application (e.g., APP1) calls another application (e.g., APP2), the APP2 checks whether the APP1 has the right to access the corresponding resource through the access control module, which may generate additional time overhead. In addition, when resource calling is performed across devices, the device where the APP1 is located needs to separately send an access policy and an authorization state of a user to the device where the APP2 is located, and time overhead is large.
Referring to fig. 1B, a resource call based on a cloud service platform adopts a capability (capability) based access control technology. Specifically, when the service caller requests to access the service provided by the cloud service platform, the service caller directly transmits the authority required for accessing the service to the service entity, so that the service entity is provided to access the corresponding resource and return an access result. Therefore, the service entity can directly carry out authority check without carrying out additional authority check through an access control module, and the time overhead is reduced. In addition, there is a problem that it is difficult for a service caller to revoke the authority after transferring the authority to a service entity. On one hand, when the service caller transmits the authority to the service entity, the service caller also transmits the aging information, and after the service entity is aged, the authority is automatically aged. This approach may lead to a situation where the right has already been revoked when the resource call is not completed, thus invalidating the exact revocation of the right as required. On the other hand, the cloud service platform needs to record a large amount of authority delegation information, which wastes storage resources, and the service entity may secondarily transfer the acquired authority, and when the cloud service platform revokes the authority according to the authority delegation information, the authority owned by all the service entities acquiring the authority cannot be accurately revoked.
In order to solve the above problem, the following embodiments of the present application provide an access control method for accurately revoking an authority, where the access control method may be applied to a stand-alone device, and may also be applied to a distributed system including multiple electronic devices.
When the method is applied to a distributed system, a subject device sends an access request for calling a callee to an object device, and transmits authority information required by the access request granted by a user to the object device, and the object device can create a proxy module, grant the authority for accessing the proxy module to the callee, and grant the authority required by the access request to the proxy module. The object device can create and run the instance of the callee, and respond to the access request initiated by the host device through the proxy module. Then, when the right required by the access request needs to be revoked, the guest device may revoke the right granted to the proxy module, or may terminate the proxy module.
By the method, the host device and the caller apply for the authority required by the access request to the user, and the object device can acquire the authority required by the access request as long as the host device or the caller has the authorization condition regardless of whether the object device or the callee has the authorization condition. Therefore, the access request initiated by the caller can be successfully responded, the resource calling among the devices is realized, and the actual requirements of the user are met.
And the object device responds to the access request by creating the proxy module, and the authority check is directly carried out by the instance of the callee and the proxy module in the second process, so that additional authority check is not required to be carried out by the access control module, and the time overhead is reduced.
In addition, the object device can accurately and flexibly revoke the authority required by the access request by creating the proxy module. The object device can revoke the authority required by the access request after acquiring the access result, and does not need to revoke the authority by transmitting the aging information, so that the condition that the authority is invalid when the resource calling is not completed is avoided. Through the agent module, the object device does not need to store a large amount of authority delegation information, and even if the object device transmits the acquired authority for the second time, the method provided by the embodiment of the application can recover all the authorities owned by the instances acquiring the authority, so that accurate revocation is realized.
In some embodiments, when the host device sends the access request, an access control technology based on capability (capability) may be adopted to directly send the permission information required by the access request to the object device, thereby avoiding the time overhead caused by permission synchronization in a centralized permission management mechanism.
In the following embodiments of the present application, the agent module may be an application, a service, or an instance, a process, or a thread. A process is one execution activity of an application on a computer. A thread is a single sequential control flow in the execution of an application. A process may include multiple threads.
In some embodiments, the agent module may specifically include a routing agent and a revocation agent, which is not limited in this embodiment of the present application. Specifically, the guest device may grant the right to access the routing agent to the callee, and grant the right required by the access request to the revocation agent. The guest device can create and run an instance of the callee, find a corresponding revocation agent through the routing agent, and respond to the access request initiated by the host device through the revocation agent. Thereafter, when the rights required for revoking the access request are required, the guest device may revoke the rights granted to the revocation agent, and may also terminate the revocation agent and/or the routing agent.
When the object device obtains a plurality of access requests, different routing agents and revocation agents can be respectively created, and a pair of routing agent and revocation agent is used for responding to one access request. In other embodiments, when the object device obtains multiple access requests, a routing agent and multiple revocation agents may be created, where the routing agent and each revocation agent cooperate with each other to respond to each access request.
In some embodiments, when the guest device receives access requests sent by multiple host devices for invoking the same callee, the guest device may create multiple instances of the callee, where an instance of a callee is used to respond to an access request initiated by a caller. The object device can grant the authority acquired by the caller in the subject device to the proxy module corresponding to the instance of the caller created for the caller. Therefore, the object device uses multiple instances to provide services for multiple callers respectively, the authority of one caller can be guaranteed to be only given to the agent module corresponding to the instance, and the problems of mixed use and authority expansion can be avoided, so that the data security in the object device is guaranteed, and data abuse and leakage are prevented.
When the access control method provided by the embodiment of the application is applied to the stand-alone device, the electronic device can acquire the authority required by the access request granted by the user after generating a plurality of access requests for calling the callee in the process of operating the caller. Then, the electronic device can create a proxy module, grant the authority for accessing the proxy module to the callee, and grant the authority required by the access request to the proxy module. The electronic device can create and run an instance of the callee, responding to the access request through the proxy module. Thereafter, the electronic device may revoke the rights granted to the proxy module and may also terminate the proxy module when the rights needed for the access request need to be revoked.
In the stand-alone device, a caller in the electronic device applies for the authority required for the access request to the user, and the electronic device can acquire the authority required for the access request as long as the caller has the authorization condition regardless of whether the callee has the authorization condition. Therefore, the access request initiated by the caller can be successfully responded, the resource calling in the single machine equipment is realized, and the actual requirements of the user are met.
And the electronic equipment can accurately and flexibly revoke the authority required by the access request by establishing the proxy module. In addition, the proxy module can directly carry out authority verification without an additional access control module, and time overhead brought by the authority verification can be avoided. Reference is made in particular to the description relating to the implementation of the access control method in a distributed system.
In some embodiments, when the electronic device obtains multiple access requests for calling the same callee, multiple instances of the callee may be created, where an instance of a callee is used for responding to an access request initiated by a caller. The electronic device may grant the authority acquired by the caller to the proxy module corresponding to the instance of the callee created for the caller. Therefore, the multi-instance mode is used for providing services for a plurality of callers respectively, the permission of one caller can be guaranteed to be only given to the agent module corresponding to the instance, and the problems of permission mixing and permission expansion can be avoided, so that the data safety in the electronic equipment is guaranteed, and data abuse and leakage are prevented.
In the following embodiments of the present application, an instance is an APP or a functional component in a running state. An instance may refer to a process or a thread.
The examples are isolated from each other. The electronic device may allocate physical addresses in Random Access Memory (RAM) for different instances in units of processes. When the electronic device needs to run the instance, the space corresponding to the instance in the RAM is found according to the virtual address, and the instance is run in the space. Wherein the virtual address is mapped with the physical address assigned to the instance by the electronic device, and the mapping relation is stored in the controller of the electronic device. That is, the instance is implemented by a virtual address to find the actual storage location of the memory data. Under the mechanism, different instances can only access the physical address corresponding to the virtual address of the instances through the virtual address of the instances, namely, cannot access the physical space of the other instances in the RAM, so the instances are isolated from each other.
The definitions of the host device, the guest device, the caller, and the callee refer to the following description of the embodiments.
Next, a communication system provided in an embodiment of the present application will be described first.
As shown in fig. 2A, the present embodiment provides a communication system 10. The communication system 10 includes: a plurality of electronic devices. Communication system 10 may also be referred to as a distributed system 10.
The multiple electronic devices included in the distributed system 10 are all intelligent terminal devices, and may be of various types, and the embodiment of the present application does not limit the specific types of the multiple electronic devices. For example, the plurality of electronic devices include mobile phones, and may further include tablet computers, desktop computers, laptop computers, handheld computers, notebook computers, smart screens, wearable devices, Augmented Reality (AR) devices, Virtual Reality (VR) devices, Artificial Intelligence (AI) devices, car machines, smart headsets, game machines, and may further include internet of things (IOT) devices or smart home devices such as smart water heaters, smart lamps, smart air conditioners, and the like. Without being limited thereto, the plurality of devices in the distributed system 10 may also include a laptop computer (laptop) with a touch-sensitive surface or touch panel, a non-portable terminal device such as a desktop computer with a touch-sensitive surface or touch panel, and the like.
When the plurality of electronic devices in the distributed system 10 are all devices deployed in a home, the distributed system 10 may also be referred to as a home distributed system.
Multiple electronic devices in the distributed system 10 may connect by logging into the same account. For example, multiple electronic devices may log into the same wonder account and remotely connect and communicate through a server.
Multiple electronic devices in the distributed system 10 may also log into different accounts, but connect in a binding manner. After one electronic device logs in an account, different accounts or other electronic devices which are not logged in can be bound and logged in the device management application, and then the electronic devices can communicate through the device management application.
The plurality of electronic devices in the distributed system 10 may also establish a connection by scanning a two-dimensional code, performing Near Field Communication (NFC), searching for a bluetooth device, and the like, which is not limited herein.
In general, the communication connections established between the plurality of electronic devices in the distributed system 10 may include, but are not limited to: wired connections, wireless connections such as Bluetooth (BT) connections, Wireless Local Area Networks (WLANs) such as wireless fidelity point-to-point (Wi-Fi P2P) connections, Near Field Communication (NFC) connections, Infrared (IR) connections, and remote connections (e.g., connections established through a server), among others.
In addition, a plurality of electronic devices in the distributed system may also be connected and communicate in any of the above manners, which is not limited in this embodiment of the application.
Multiple electronic devices in distributed system 10 may be configured with different software Operating Systems (OSs), including but not limited to
And so on. Wherein,
is a grandma system of Huashi.
The plurality of electronic devices may all be configured with the same software operating system, for example, may all be configured with
The software systems of the electronic devices are all
The distributed system 10 may be considered a super-terminal.
In the embodiment of the present application, each device in the distributed system 10 may install a conventional Application (APP), such as a camera application, a gallery application, a setup application, and the like. In the following embodiments, the conventional APP may be abbreviated as APP.
In addition, the distributed system 10 provided in the embodiment of the present application may install distributed application (distributed application). The distributed application may be a system application or a third-party application, and is not limited herein. System applications refer to applications provided or developed by manufacturers of electronic devices, and third party applications refer to applications provided or developed by manufacturers of non-electronic devices. A manufacturer of an electronic device may include a manufacturer, supplier, provider, or operator of the electronic device, etc. A manufacturer may refer to a manufacturer that manufactures electronic devices from parts and materials that are either self-made or purchased. The supplier may refer to a manufacturer that provides the complete machine, stock, or parts of the electronic device. The operator may refer to a vendor responsible for the distribution of the electronic device.
Unlike APPs that contain multiple capabilities, distributed applications support deployment in units of a single capability. A distributed application includes one or more functional components.
The functional component is the minimum capacity unit which can run independently in the electronic equipment, and is the concept of abstract packaging of single capacity. The APP integrates a plurality of functions, and the functional components independently exist each function as independent service basic capability. That is, a functional component is a program entity that implements a single function.
Each functional component can be downloaded, installed and run independently. The functional components that form the same distributed application may be deployed in the same electronic device in the distributed system 10, or may be deployed in different electronic devices.
The functional component is only a word used in this embodiment, and the meaning of the functional component has been described in this embodiment, and the name of the functional component does not set any limit to this embodiment. In addition, in some other embodiments of the present application, a functional component may also be referred to as a system component, a system service, a business function, or other terminology. The subsequent embodiments of the present application are collectively described as "functional components".
To be provided with
For the purpose of example only,
the functional components in (a) may include the following two categories:
(1)feature ability,FA。
an FA is a functional component that contains one or several sets of UIs, which can provide the ability to interact with a user. For example, a navigation interface in a map application, a video call interface in an instant messaging application, etc., may be implemented as the FA.
In some embodiments, the FA separates the view UI and the service logic based on MVVM (model-view-view-model) mode development, and the service logic code and the view UI code are deployed separately. For example, one electronic device may install business logic code integrated with other APPs, while view UI code may be installed into other electronic devices. The equipment where the view UI code is located can communicate with the equipment where the service logic code is located to acquire data required for displaying the UI.
FA's Ability to support page templates, such as Empty Abiliity, Login Abiliity, Setting Abiliity, and the like. FA adopts a scripting language (JS) to provide a declarative development mode, adopts a HTML-like and Cascading Style Sheet (CSS) declarative programming language as a development language of page layout and page style, and supports the JS language of ECMAScript specification to provide page service logic.
The FA has the capabilities of installation-free, independent operation, cross-device UI migration, cross-device binary migration and the like. The FA also has the property of multi-end deployment, distributed execution.
The FA can call AA or APP to achieve more, more complex functionality.
(2)particle ability,PA。
The PA is a functional component without a UI and can provide support for the FA, for example, the PA can provide computing capability as a background service or data access capability as a data warehouse. For example, the beautifying function, the positioning function, the audio/video encoding and decoding function, etc. may be packaged as a PA.
The PA also has the characteristics of multi-end deployment, distributed execution and the like. The PA has a dependency only on system services, and there is no dependency between other PAs.
The PA encapsulates the remote virtualization, the remote call, the PA management, the cross-platform compatibility, the safety and the like, and opens the service enabling and calling of the cross-equipment for developers, so that other equipment can call the computing capability of the equipment and complete the computing work in cooperation with other equipment. PA supports Service accessibility, Data accessibility, and the like. Service availability is used to provide the capability to run tasks in the background. Data accessibility is used to provide a uniform abstraction of Data access to the outside.
The PA may call FA or APP to implement more, more complex functionality.
It is understood that "FA" and "PA" are only one word used in this embodiment, and may also be referred to as other nouns in other embodiments of the present application. For example, "PA," "FA," may also be referred to by other terms such as atomic capability (AA), atomic application, meta-capability, atomic service, property capability, and so on.
The functional components that make up a distributed application may be developed or provided by the same developer, or may be developed or provided separately by multiple developers, without limitation. Different developers jointly develop the functional components, and the development efficiency of the distributed application can be improved.
In the embodiment of the application, the functional component provides a standardized interface for external use, so as to be called. The APP can call the functional components. In some cases, functional components may also call other functional components or APPs. In addition, the called functional component may also continue to call another functional component or APP, so the manner of multi-level calling may be referred to as chained calling.
After each device in the distributed system 10 establishes a communication connection, each device synchronizes the functional component information and APP information of other devices in the distributed system. Specifically, each device may synchronize the self-installed functional component and the name of the APP to other devices, so as to subsequently call the FA, PA, and other functional components of other devices in the distributed system 10. In other embodiments, each device may also synchronize its device identification, device type, etc. to other devices in the distributed system.
Referring to FIG. 2B, FIG. 2B illustrates one possible distributed remote tutorial service scenario.
As shown in fig. 2B, the distributed system includes electronic devices such as a smart phone, a tablet computer, and a smart screen. Each device in the distributed system is connected with each other two by two. The smart phone, the tablet computer and the smart screen can be configured with different software Operating Systems (OSs), for example, the smart phone and the tablet computer can be configured with
The system, the smart screen can be configured
And (4) a system.
An online classroom is installed in the smart phone. An "online classroom" is an application installed in an electronic device and providing remote lessons for teachers and students, and the name of the application is not limited in the embodiments. An "online classroom" can include several functional components: the device comprises a blackboard functional component, a whiteboard functional component, an audio and video coding and decoding functional component and a network connection functional component. The blackboard functional component and the whiteboard functional component belong to FA, and the audio and video coding and decoding functional component and the network connection functional component belong to PA. The blackboard function component provides the function of remotely explaining the lesson. The whiteboard functionality provides functionality for remotely answering questions. The audio and video coding and decoding function component provides the audio and video coding and decoding functions.
On the teacher side, when the teacher uses "online classroom" on the smart mobile phone, can move or switch blackboard functional component to on the wisdom screen to explain the course on the wisdom screen.
On the student side, when the student uses an "online classroom" on the smartphone, the whiteboard functional component can be migrated or switched to the tablet computer, so that the question is answered on the tablet computer.
Migrating or switching functional components from one device a to another device B may include the following two: 1, UI migration. When the view UI and the service logic of the FA are separated, and the device a can run the service logic code, and trigger the device B to run the code of the view UI, the user appears as if the functional component is migrated from the device a to the device B. And 2, overall migration. The whole migration means that after the device B downloads and installs the functional component from the device a or from the network, the functional component is operated and the corresponding function is provided.
In the remote teaching business scene, an 'online classroom' is a caller, and a white board functional component in a tablet personal computer and a blackboard functional component in a smart screen are callees.
Fig. 2B also illustrates another possible distributed video call service scenario.
As shown in fig. 2B, the smartphone may also be installed with other distributed applications, such as an instant messaging application. Instant messaging applications may provide video calls, voice calls, and other communication functions. The instant messaging application may include the following functional components: the device comprises a video call functional component, an audio and video coding and decoding functional component and a network connection functional component.
When the user uses the instant messaging application on the smart mobile phone, can move or switch the video conversation functional component of this application to on the wisdom screen to utilize the camera and the display screen of wisdom screen to carry out video conversation.
The blackboard functional component in the "online classroom" and the video call functional component in the instant messaging application can be the same functional component. That is to say, this functional component in the wisdom screen can be called by the "online classroom" and the instant messaging application of installing on the smart mobile phone respectively.
In the video call service scenario, the instant messaging application is a caller, and the video call functional component (i.e., the video call functional component) in the smart screen is the callee.
It should be noted that the service scenario shown in fig. 2B is only used to assist in describing the technical solution of the embodiment of the present application. In an actual service scenario, the distributed system shown in fig. 2B may include more terminal devices, more or less functional components may be deployed in each device, and each distributed application may include more or less functional components.
Through the distributed system 10 shown in fig. 2A and the distributed scenario shown in fig. 2B, the software and hardware capabilities of different devices can be integrated, and an intelligent full-scenario experience can be achieved.
In some embodiments, after each device in distributed system 10 establishes a communication connection, each device synchronizes functional component information and APP information of other devices in the distributed system. Specifically, each device may synchronize the function component installed by itself and the name of the APP to other devices, so as to subsequently call the APP, the function component, and the like of other devices in the distributed system 10.
In the subsequent embodiments of the present application: the party that initiates the call to the functional component or APP may be referred to as the caller. The caller may be, for example, APP, FA, or PA. The initial initiator of the entire call chain may be referred to as the first caller. The first party may be, for example, APP or FA. For example, the call chain is: APP1 calls PA1, PA1 calls PA2, PA2 calls FA1, and APP1 is the first-key. By way of further example, the call chain is: FA1 calls PA1, PA1 calls PA2, and FA1 is the first key.
The party that is called in the middle and the party that is called in the end in the whole call chain can be called as the callee. The callee may be, for example, APP, FA, or PA.
In some embodiments of the present application, the caller may also be referred to as a subject application, and the callee may also be referred to as a guest application.
In the call chain, the caller and the callee may be deployed in the same electronic device or different electronic devices.
The device where the caller is located is called a subject device, and the device where the callee is located is called a guest device.
The applications referred to in the following embodiments of the present application may include APP and also include functional components.
In the distributed system 10 provided in the embodiment of the present application:
after the host device generates an access request for calling a callee in the guest device, the host device may request the user to grant an authority required by the access request, and then may send the access request and authority information required by the access request granted by the user to the guest device.
After receiving the access request sent by the host device, the guest device may create a proxy module, grant the authority required by the access request to the proxy module, and grant the authority to access the proxy module to the callee. The object device can create and run the instance of the callee, and respond to the access request initiated by the host device through the proxy module. Then, when the right required by the access request needs to be revoked, the guest device may revoke the right granted to the proxy module, and may also terminate the proxy module.
In some embodiments, when the guest device receives access requests sent by multiple host devices for invoking the same callee, the guest device may create multiple instances of the callee, where an instance of a callee is used to respond to an access request initiated by a caller.
In some embodiments, when the subject device and the object device are the same electronic device, the electronic device may obtain the authority required by the access request granted by the user after generating a plurality of access requests for invoking the callee during the process of running the caller. Then, the electronic device can create a proxy module, grant the authority for accessing the proxy module to the callee, and grant the authority required by the access request to the proxy module. The electronic device can create and run an instance of the callee, responding to the access request through the proxy module. Thereafter, the electronic device may revoke the rights granted to the agent module and may also terminate the agent module when the rights required for the access request need to be revoked.
In some embodiments, when the host device and the object device are the same electronic device, if the electronic device obtains multiple access requests for invoking the same callee, the electronic device may create multiple instances of the callee, where an instance of a callee is used to respond to an access request initiated by a caller.
For specific implementation of operations performed by each electronic device in the distributed system 10, reference may be made to the following description of the method embodiment, which is not repeated here.
Referring to fig. 3A, fig. 3A is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present disclosure. The electronic device may be any one of the electronic devices in the distributed system 10 shown in fig. 2A. The electronic device may be a host device, an object device, or both.
As shown in fig. 3A, the electronic device may include a processor 110, an external memory interface 120, an internal memory 121, a Universal Serial Bus (USB) interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, a button 190, a motor 191, an indicator 192, a camera 193, a display screen 194, a Subscriber Identification Module (SIM) card interface 195, and the like. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.
It is to be understood that the illustrated structure of the embodiments of the present application does not constitute a specific limitation to electronic devices. In other embodiments of the present application, an electronic device may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components may be used. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
The controller can generate an operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetching and instruction execution.
A memory may also be provided in processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 110. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 110, thereby increasing the efficiency of the system.
The wireless communication function of the electronic device may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modem processor, the baseband processor, and the like.
The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in an electronic device may be used to cover a single or multiple communication bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.
The mobile communication module 150 may provide a solution including wireless communication of 2G/3G/4G/5G, etc. applied to the electronic device. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 150 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the electromagnetic wave to the modem processor for demodulation. The mobile communication module 150 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the same device as at least some of the modules of the processor 110.
The modem processor may include a modulator and a demodulator. The modulator is used for modulating a low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then passes the demodulated low frequency baseband signal to a baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then transferred to the application processor. The application processor outputs a sound signal through an audio device (not limited to the speaker 170A, the receiver 170B, etc.) or displays an image or video through the display screen 194. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be provided in the same device as the mobile communication module 150 or other functional modules, independent of the processor 110.
The wireless communication module 160 may provide solutions for wireless communication applied to electronic devices, including Wireless Local Area Networks (WLANs) (e.g., wireless fidelity (Wi-Fi) networks), Bluetooth (BT), Global Navigation Satellite System (GNSS), Frequency Modulation (FM), Near Field Communication (NFC), Infrared (IR), and the like. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, demodulates and filters electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves through the antenna 2 to radiate the electromagnetic waves.
In some embodiments, antenna 1 of the electronic device is coupled to the mobile communication module 150 and antenna 2 is coupled to the wireless communication module 160 so that the electronic device can communicate with the network and other devices through wireless communication techniques. The wireless communication technology may include global system for mobile communications (GSM), General Packet Radio Service (GPRS), code division multiple access (code division multiple access, CDMA), Wideband Code Division Multiple Access (WCDMA), time-division code division multiple access (time-division code division multiple access, TD-SCDMA), Long Term Evolution (LTE), LTE, BT, GNSS, WLAN, NFC, FM, and/or IR technologies, etc. The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).
The electronic device implements the display function through the GPU, the display screen 194, and the application processor, etc. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.
The display screen 194 is used to display images, video, and the like. The display screen 194 includes a display panel. The display panel may adopt a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), and the like. In some embodiments, the electronic device may include 1 or N display screens 194, N being a positive integer greater than 1.
The electronic device may implement a shooting function through the ISP, the camera 193, the video codec, the GPU, the display screen 194, the application processor, and the like.
The ISP is used to process the data fed back by the camera 193. For example, when a photo is taken, the shutter is opened, light is transmitted to the camera photosensitive element through the lens, the optical signal is converted into an electrical signal, and the camera photosensitive element transmits the electrical signal to the ISP for processing and converting into an image visible to naked eyes. The ISP can also carry out algorithm optimization on noise, brightness and skin color of the image. The ISP can also optimize parameters such as exposure, color temperature and the like of a shooting scene. In some embodiments, the ISP may be provided in camera 193.
The camera 193 is used to capture still images or video. The object generates an optical image through the lens and projects the optical image to the photosensitive element. The photosensitive element may be a Charge Coupled Device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The light sensing element converts the optical signal into an electrical signal, which is then passed to the ISP where it is converted into a digital image signal. And the ISP outputs the digital image signal to the DSP for processing. The DSP converts the digital image signal into image signal in standard RGB, YUV and other formats. In some embodiments, the electronic device may include 1 or N cameras 193, N being a positive integer greater than 1.
The digital signal processor is used for processing digital signals, and can process digital image signals and other digital signals. For example, when the electronic device selects a frequency point, the digital signal processor is used for performing fourier transform and the like on the frequency point energy.
Video codecs are used to compress or decompress digital video. The electronic device may support one or more video codecs. In this way, the electronic device can play or record video in a variety of encoding formats, such as: moving Picture Experts Group (MPEG) 1, MPEG2, MPEG3, MPEG4, and the like.
The NPU is a neural-network (NN) computing processor that processes input information quickly by using a biological neural network structure, for example, by using a transfer mode between neurons of a human brain, and can also learn by itself continuously. The NPU can realize applications such as intelligent cognition of electronic equipment, for example: image recognition, face recognition, speech recognition, text understanding, and the like.
The internal memory 121 may include one or more Random Access Memories (RAMs) and one or more non-volatile memories (NVMs).
The random access memory may include static random-access memory (SRAM), dynamic random-access memory (DRAM), synchronous dynamic random-access memory (SDRAM), double data rate synchronous dynamic random-access memory (DDR SDRAM), such as fifth generation DDR SDRAM generally referred to as DDR5 SDRAM, and the like; the nonvolatile memory may include a magnetic disk storage device, a flash memory (flash memory).
The random access memory may be read and written directly by the processor 110, may be used to store executable programs (e.g., machine instructions) of an operating system or other programs in operation, and may also be used to store data of users and applications, etc.
The nonvolatile memory may also store executable programs, data of users and application programs, and the like, and may be loaded in advance into the random access memory for the processor 110 to directly read and write.
The external memory interface 120 may be used to connect an external nonvolatile memory to extend the storage capability of the electronic device. The external non-volatile memory communicates with the processor 110 through the external memory interface 120 to implement data storage functions. For example, files such as music, video, etc. are saved in an external nonvolatile memory.
The electronic device may implement audio functions via the audio module 170, the speaker 170A, the receiver 170B, the microphone 170C, the headset interface 170D, and the application processor. Such as music playing, recording, etc.
The audio module 170 is used to convert digital audio information into analog audio signals for output, and also used to convert analog audio inputs into digital audio signals. The audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be disposed in the processor 110, or some functional modules of the audio module 170 may be disposed in the processor 110.
The speaker 170A, also called a "horn", is used to convert the audio electrical signal into an acoustic signal. The electronic device can listen to music through the speaker 170A or listen to a hands-free call.
The receiver 170B, also called "earpiece", is used to convert the electrical audio signal into a sound signal. When the electronic device answers a call or voice information, it can answer the voice by placing the receiver 170B close to the ear of the person.
The microphone 170C, also referred to as a "microphone," is used to convert sound signals into electrical signals. When making a call or sending voice information, the user can input a voice signal into the microphone 170C by uttering a voice signal by the mouth of the user near the microphone 170C. The electronic device may be provided with at least one microphone 170C. In other embodiments, the electronic device may be provided with two microphones 170C to achieve a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device may further include three, four or more microphones 170C to collect sound signals, reduce noise, identify sound sources, perform directional recording, and the like.
The fingerprint sensor 180H is used to collect a fingerprint. The electronic equipment can utilize the collected fingerprint characteristics to realize fingerprint unlocking, access to an application lock, fingerprint photographing, fingerprint incoming call answering and the like.
The keys 190 include a power-on key, a volume key, and the like. The keys 190 may be mechanical keys. Or may be touch keys. The electronic device may receive a key input, and generate a key signal input related to user settings and function control of the electronic device.
The motor 191 may generate a vibration cue.
Indicator 192 may be an indicator light that may be used to indicate a state of charge, a change in charge, or a message, missed call, notification, etc.
The pressure sensor 180A is used for sensing a pressure signal, and can convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194.
The touch sensor 180K is also called a "touch device". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is used to detect a touch operation acting thereon or nearby. The touch sensor can communicate the detected touch operation to the application processor to determine the touch event type. Visual output associated with the touch operation may be provided through the display screen 194. In other embodiments, the touch sensor 180K may be disposed on a surface of the electronic device at a different position than the display screen 194.
When the electronic apparatus shown in fig. 3A is a main apparatus:
the mobile communication module 150 or the wireless communication module 160 may be used to establish a communication connection with other electronic devices (e.g., object devices) in the distributed system 10, and the specific manner of establishing the communication connection may refer to the description related to fig. 2A.
The mobile communication module 150 or the wireless communication module 160 may also be configured to receive the APP information and the function component information synchronized with other electronic devices after establishing a communication connection with the other electronic devices.
The display screen 194, the fingerprint sensor 180H, the camera 193, the audio module 170, the key 190, and other modules may be configured to provide various authorization manners, so as to request the user to grant the required permission for the access request after the host device generates the access request for invoking the callee in the guest device. The processor 110 may respond to the user operations received by the above modules to obtain the rights required by the access request granted by the user.
The mobile communication module 150 or the wireless communication module 160 may also be configured to transmit an access request and permission information granted by the user to the object device.
The display screen 194 may also be used to display a user interface provided by the subsequent embodiments for display on the subject device.
The internal memory 121 may be used for storing APP information and functional component information synchronized by other electronic devices in the distributed system 10.
The internal memory 121 may also be used to store a call relationship between a caller in the subject device and a callee in the guest device. The calling relation comprises: the calling relationship ID, information of the caller, and information of the callee. The specific content of the calling relationship can refer to the relevant description of the subsequent embodiments.
When the electronic device shown in fig. 3A is an object device:
the mobile communication module 150 or the wireless communication module 160 may be used to establish a communication connection with other electronic devices (e.g., a main device) in the distributed system 10, and a specific manner of establishing a communication connection may be described with reference to fig. 2A.
The mobile communication module 150 or the wireless communication module 160 may also be configured to synchronize the functional component information and the APP information with other electronic devices after establishing a communication connection with the other electronic devices.
The mobile communication module 150 or the wireless communication module 160 may be further configured to receive an access request sent by one or more host devices for invoking the same callee, and receive permission information required by the access request granted by the user sent by the host device.
The processor 110 may be configured to create a plurality of instances of the callee in response to the received access requests sent by the plurality of principal devices, where an instance of a callee is used to respond to an access request initiated by a caller.
The processor 110 may be used to create a proxy module, grant the callee rights to access the proxy module, and grant the proxy module rights required for the access request. The processor 110 may create and run an instance of the callee in response to the access request initiated by the principal equipment through the proxy module. Thereafter, the processor 110 may revoke the rights granted to the agent module and may also terminate the agent module when the rights required for the access request need to be revoked.
In some embodiments, when the guest device receives access requests sent by multiple host devices for invoking the same callee, the processor 110 may create multiple instances of the callee, where one instance of the callee is used for responding to an access request initiated by one caller. Processor 110 may grant the permissions obtained by a caller in the principal device to an instance of the callee created for the caller.
The display screen 194 may also be used to display a user interface displayed on the object device provided by the subsequent embodiments.
The internal memory 121 may be used to store authority information, age information, and the like required for an access request transmitted by each subject device.
The internal memory 121 may also be used to store a call relationship between a callee in the guest device and a caller in the host device. The calling relationship comprises: the calling relationship ID, the callee's instance information, and, the caller's information for each call to that instance. The specific content of the calling relationship can refer to the relevant description of the subsequent embodiments.
When the electronic device shown in fig. 3A is a host device and an object device at the same time, operations performed by the respective modules in the host device and the object device are performed by the electronic device, and a communication step between the host device and the object device may be omitted. The operations executed by the modules in the electronic device may refer to the related descriptions above, and are not described herein again.
Referring to fig. 3B, fig. 3B is a schematic diagram of a software structure of an electronic device according to an embodiment of the present application. The electronic device may be any one of the electronic devices in the distributed system 10 shown in fig. 2A. The electronic device may be a host device, an object device, or both.
The software system of the electronic device may adopt a layered architecture, an event-driven architecture, a micro-core architecture, a micro-service architecture, a cloud architecture, or the like. Illustratively, software systems of electronic devices include, but are not limited to
Linux, or other operating systems.
The layered architecture divides the software into several layers, each layer having a clear role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, an application layer, an application framework layer, an Android runtime (Android runtime) and system library, and a kernel layer from top to bottom.
The application layer may include a series of application packages.
As shown in fig. 3B, the application package may include APPs such as camera, gallery, calendar, phone, map, navigation, WLAN, bluetooth, music, video, short message, etc. applications. The application layer may also include functional components such as FA, PA, and the like.
The application framework layer provides an Application Programming Interface (API) and a programming framework for the application program of the application layer. The application framework layer includes a number of predefined functions.
As shown in FIG. 3B, the application framework layers may include a window manager, content provider, view system, phone manager, resource manager, notification manager, and the like.
The window manager is used for managing window programs. The window manager can obtain the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.
The content provider is used to store and retrieve data and make it accessible to applications. The data may include video, images, audio, calls made and answered, browsing history and bookmarks, phone books, etc.
The view system includes visual controls such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.
The phone manager is used to provide communication functions of the electronic device. Such as management of call status (including on, off, etc.).
The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and the like.
The notification manager enables the application to display notification information in the status bar, can be used to convey notification-type messages, can disappear automatically after a short dwell, and does not require user interaction. Such as a notification manager used to notify download completion, message alerts, etc. The notification manager may also be a notification that appears in the form of a chart or scroll bar text at the top status bar of the system, such as a notification of a background running application, or a notification that appears on the screen in the form of a dialog window. For example, prompting text information in the status bar, sounding a prompt tone, vibrating the electronic device, flashing an indicator light, etc.
The Android Runtime comprises a core library and a virtual machine. The Android runtime is responsible for scheduling and managing an Android system.
The core library comprises two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.
The application layer and the application framework layer run in a virtual machine. And executing java files of the application program layer and the application program framework layer into a binary file by the virtual machine. The virtual machine is used for performing the functions of object life cycle management, stack management, thread management, safety and exception management, garbage collection and the like.
The system library may include a plurality of functional modules. For example: surface managers (surface managers), Media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., OpenGL ES), 2D graphics engines (e.g., SGL), and the like.
The surface manager is used to manage the display subsystem and provide fusion of 2D and 3D layers for multiple applications.
The media library supports a variety of commonly used audio, video format playback and recording, and still image files, among others. The media library may support a variety of audio-video encoding formats, such as MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, and the like.
The three-dimensional graphic processing library is used for realizing three-dimensional graphic drawing, image rendering, synthesis, layer processing and the like.
The 2D graphics engine is a drawing engine for 2D drawing.
The kernel layer is a layer between hardware and software. The inner core layer at least comprises a display driver, a camera driver, an audio driver and a sensor driver.
Based on the distributed system 10 shown in fig. 2A, the hardware structure of the electronic device shown in fig. 3A, and the software structure of the electronic device shown in fig. 3B, the access control method for accurately revoking the right according to the embodiment of the present application is described in detail below.
Referring to fig. 4, fig. 4 is a schematic flowchart of an access control method for accurately revoking permissions according to an embodiment of the present application. The method shown in fig. 4 is described by taking the example that the host device calls the resource in the guest device.
As shown in fig. 4, the method may include the steps of:
s101, the object equipment and the host equipment are connected, and the number of the host equipment is one or more.
The number of the object devices is one, and the object device may be any one electronic device in the distributed system 10.
The number of the main devices may be one or more. The subject device may be any electronic device in the distributed system 10.
The method for establishing the communication connection between the object device and the host device in the embodiment of the application is not limited, and the communication connection may be established by logging in the same account, binding the device, scanning the two-dimensional code, and the like. The type of the communication connection established between the subject device and the object device is not limited in the embodiments of the present application, and may include, for example, a wired connection, a wireless connection such as a bluetooth connection, a Wi-Fi P2P connection, an NFC connection, an IR connection, a remote connection, and the like. Reference may be made specifically to the description associated with fig. 2A.
In some embodiments, after the guest device and the host device establish a connection, the guest device may send self-installed function component information that can be called and APP information, such as an identifier, to the host device. The functional components or APPs available for calling are declared or defined by developers in the development stage, and the available calling only means that the functional components or APPs can be called by the users, and does not mean that the functional components or APPs are opened or authorized for a certain device to be called.
In some embodiments, after the guest device and the host device establish a connection, the guest device may send, to the host device, capability information open to the host device, where the capability information indicates an APP, a functional component, a resource, and the like that the guest device opens to the host device for calling. Here, the capability information opened to the main device means that the corresponding APP, functional component, and resource can be called by the main device. The capability of the object device to be opened to the host device may be preset by the object device or may be set by the user. For example, the electronic device may open APP or functional components with lower confidentiality or lower sensitivity to other devices, for example, the electronic device may open a camera application, a gallery application, and the like to other devices, but not open a bank-type application to other devices. The capabilities of the guest device opened to different host devices may be the same or different, and are not limited herein.
S102, the main body device generates an access request, and the access request is used for a caller in the main body device to call a callee in the object device so as to access the first resource.
In the embodiment of the present application, a caller is installed in a host device, and a callee is installed in an object device. The caller and the callee can be both APP or functional components. The definition of APP and functional components can refer to the related description.
The access request generated by the subject device may include: an identification of the caller, an identification of the callee, and an identification of the first resource. In some embodiments, the access request may further include: the identification of the subject device, and the identification of the object device.
The identifier of the subject device or the object device may be a device type, a device model, a device name, and the like, which is not limited in this embodiment of the application. The device types may be viewed from device functions, and may include, for example, a mobile phone, a tablet computer, a smart headset, an IOT device, a smart home device, or the like.
The caller ID and the callee ID may be application identifiers (APP IDs).
In the embodiment of the present application, the first resource may be a software resource or a hardware resource. The hardware resources may include, for example, a camera, fingerprint sensor, audio device, display screen, motor, flash, etc. provided with the device. The software resources may include, for example, memory resources, computing capabilities (e.g., beauty algorithm capabilities, audio-video codec capabilities), network capabilities, positioning functions, and so forth, which the device is capable of. The first resource may include one or more resources, which are not limited herein.
In some cases, the identity of the callee and the identity of the first resource may be the same. For example, when the first resource is a camera, the identifier of the callee may also be an identifier of the camera, and is used to indicate that the callee is a camera application.
In the embodiment of the present application, each access request corresponds to an initiator (i.e., a principal device), a caller, a callee, and a first resource that requires access. The callee and the first resource corresponding to different access requests are the same, and the main device and the caller corresponding to different access requests can be different.
In some embodiments, the principal device may generate an access request in response to a received user operation in the course of running the caller.
The following description will be given taking as an example that the host device 200 and the host device 300 each generate an access request to the guest device 100. The host device 200 may be a tablet computer, the host device 300 may be a smart screen, and the object device 100 may be a smart phone.
Fig. 5A exemplarily shows the user interface 51 provided by the "gallery" in the main apparatus 200. The gallery is an application program for managing pictures installed on the electronic device, and may also be referred to as an "album," and this embodiment does not limit the name of the application program. The "gallery" supports a user to perform various operations, such as browsing, editing, deleting, selecting and the like, on the pictures stored on the electronic device or the cloud server.
As shown in fig. 5A, the user interface 51 has displayed therein: a status bar 501, a return key 502, a page indicator 503, a picture 504, one or more device options 505.
Wherein, the status bar 501 may include: one or more signal strength indicators for Wi-Fi signals, battery status indicators, time indicators, and the like.
The return key 502 is used to return a page at the upper level provided by "gallery".
The page indicator 503 is used to indicate the page that the current page provides for "gallery". The page indicator 503 may be implemented as text, such as the text "gallery," an icon, or other form.
The picture 504 may be a picture stored in the main device 200 or the cloud server. The picture 504 may be taken by the main apparatus 200, downloaded by the main apparatus 200 from a network, or shared by other apparatuses.
One or more device options 505 may correspond to devices in distributed system 10 that may provide image processing capabilities to meet the image processing requirements of subject device 200, such as a smart phone or the like. The device options 505 may be implemented as images, icons, text, and the like, without limitation.
As shown in fig. 5A, the subject device 200 may detect a user operation applied to the device option 505, and generate an access request in response to the user operation, where the "gallery" application in the subject device 200 calls an image processing Function (FA) and an image processing resource in the smartphone 1 (i.e., the object device 100) corresponding to the device option 505.
Fig. 5D exemplarily shows the user interface 52 provided by the "gallery" in the main apparatus 300. As shown in fig. 5D, displayed in the user interface 52 are: a status bar, a return key, a page indicator, a picture 508, one or more device options 509.
Status bar, return key, page indicator, picture 508, one or more device options 509, as described with respect to FIG. 5A.
As shown in fig. 5D, the subject device 300 may detect a user operation applied to the device option 509, for example, a user operation in which the user selects the device option 509 through a remote controller, and generate an access request in response to the user operation, where the "gallery" application in the subject device 300 calls an image processing function component (FA) and an image processing resource in the smartphone 1 (i.e., the object device 100) corresponding to the device option 505.
In other embodiments, the host device may also autonomously generate an access request for the guest device in some cases during the execution of the caller. For example, the host device may default to generate an access request for the instant messaging application in the host device to call the video call function component and the camera resource in the smart screen (i.e., the object device 100) each time a video call is made.
In some embodiments, after generating the access request, the subject device may further query whether the guest device opens the right to access the callee and/or the first resource in the access request to the subject device. If yes, further executing the subsequent steps. Therefore, the host device can be ensured to initiate the access request within the capability range of the object device opened to the host device, but the access request is not initiated outside the opening capability range, the probability of the access request being responded can be improved, and the invalid communication between the devices is reduced.
In other embodiments, the main device may also perform the subsequent steps directly after generating the access request.
S103, the main body device requests the user to grant the authority required by the access request generated by the main body device.
In some embodiments, after the subject device generates the access request, S103 may be directly performed.
In other embodiments, after the master device generates the access request, S103 may be executed on the premise that the callee and/or the first resource is determined to be a sensitive resource. Therefore, when sensitive resources in the object equipment are accessed, the authorization of the user can be obtained, and the safety of user data is ensured. Sensitive resources may refer to resources that pose a greater risk to user privacy when compromised, e.g., resources with a degree of privacy above a threshold. Sensitive resources may include hardware resources, software resources, and stored data in the electronic device. The hardware resources may include, for example, cameras, audio devices, display screens, and so forth. The software resources may include, for example, memory resources, computing capabilities (e.g., beauty algorithm capabilities, audio-video codec capabilities), network capabilities, location functions, highly confidential APPs (e.g., bank-like APPs), and so forth. The stored data may include, for example, stored user information, photos, videos, passwords that the user logged into the application, and so on.
In some other embodiments of the present application, the main device may also perform S103 first and then perform S102, that is, the main device may first request the user to grant the right, and generate the access request after acquiring the right.
When the electronic device supports one or more authorization modes for authorization of a user, the electronic device is provided with an authorization condition. When a caller supports one or more authorization methods for authorization by a user, the caller is provided with an authorization condition.
Authorization means may include, but are not limited to: the method includes, but is not limited to, pop box authorization, fingerprint authentication authorization, face authentication authorization, voice command authorization, key press authorization, and the like.
Whether the electronic device has the authorization condition and the types of supported authorization manners depend on the hardware and/or software configuration of the electronic device. For example, supporting pop-box authorization requires the electronic device to configure the display screen. Supporting fingerprint authentication authorization requires the electronic device to be equipped with a fingerprint sensor. Face authentication authorization is supported, and the electronic equipment is required to be configured with a camera and a face recognition algorithm. Supporting voice command authorization requires that the electronic device be equipped with a microphone or other sound pickup device. Supporting key authorization requires the electronic device to configure physical keys.
Whether or not the caller has the authorization condition depends on the function of the caller itself. For example, a caller may support pop box authorization when the caller is able to provide a user interface. As another example, a caller may support fingerprint authentication authorization when the caller is able to invoke a fingerprint sensor.
The rights required by the access request generated by the subject device include: and calling the authority of the callee in the object equipment and/or the authority of accessing the first resource in the object equipment.
In some embodiments, the rights required by the access request specifically include: the subject device invokes the callee in the object device and/or the right to access the first resource.
In some embodiments, the rights required by the access request specifically include: the caller invokes the callee in the guest device and/or the permissions to access the first resource.
In some embodiments, the rights required by the access request specifically include: the caller in the subject device invokes the callee in the object device and/or the right to access the first resource.
In S103, the principal device may request the user to grant the authority required by the access request generated by the principal device using the authorization method supported by both the principal device and the caller during the process of running the caller. Different authorization schemes are described below.
When the main body device supports the popup box authorization, prompt information can be output on the display screen, and the prompt information is used for prompting the authorization required by the access request. Thereafter, the main device may detect a user operation acting on the display screen, and acquire the authority required by the access request in response to the user operation.
Referring to fig. 5B, fig. 5B exemplarily shows a user interface 51 displayed when the main apparatus 200 requests user authorization in a manner of pop-up box authorization.
The user interface 51 is displayed with a window 506. The window 506 includes: prompt 506a, control 506b, and control 506 c. The prompt information 506a is used to prompt the user to grant the right required for the access request generated by the body device 200. The prompt message 506a may be, for example, a text, "gallery," which needs to access your image processing resource, and after authorization, the following application will use the right: an image processing Function (FA) ", where" gallery "indicates a caller," image processing Function (FA) "indicates a callee, and" image processing resource "indicates that the first resource is a camera resource. In combination with the provision device of the current user interface 51, the user may also know that the host device is a tablet computer and the object device is the smartphone 1 corresponding to the device option 505, in the device option 505 selected by the user in fig. 5A. In other embodiments, the reminder 506a may include information for the subject device and the object device.
That is, the prompt information 506a is used to prompt the user to grant the right to the "gallery" application in the subject device 200 to call the image processing function component (FA) in the smartphone 1 (i.e., the object device 100) to access the image processing resource.
The specific content of the hint information 506a depends on the rights required for the access request, and is not limited to the form shown by the hint information 506 a.
The control 506b may be used to monitor a user operation, and the main device 200 learns that the right required for the access request generated by the main device 200 cannot be acquired currently in response to the user operation.
The control 506c may be configured to monitor a user operation, and in response to the user operation, the main device 200 successfully obtains the right required by the access request generated by the main device 200, and the right is aged for one time. That is, the authority required for the access request acquired by the main apparatus 200 is valid at one time, and after the access request is responded, the main apparatus 200 does not have the authority.
The control 506d may be configured to monitor a user operation, in response to which the main apparatus 200 successfully acquires the right required by the access request generated by the main apparatus 200, and the right is permanently aged. That is, the authority required for the access request acquired by the main apparatus 200 is permanently valid.
As shown in fig. 5B, the host apparatus 200 receives a user operation acting on the control 506c, acquires an authority for the "gallery" in the host apparatus 200 to call the image processing function component (FA) in the object apparatus 100 and access the image processing resource, and the time limit of the authority is valid once.
Referring to fig. 5E, fig. 5E exemplarily shows the user interface 52 displayed when the main device 300 requests the user authorization in a manner of the pop-up box authorization. The window 510 included in the user interface 52 can refer to the window 506 in the user interface 51 described in fig. 5B, which is not described herein.
As shown in fig. 5E, the main device 300 may receive a user operation acting on the control 510a, in response to which the main device 300 successfully acquires the right required by the access request generated by the main device 300, and the right is permanently aged.
When the main body equipment supports fingerprint verification authorization, the fingerprint of the user can be collected through the fingerprint sensor, the collected fingerprint is compared with the preset fingerprint, and if the two fingerprints are consistent, the main body equipment acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of fingerprints, and acquire the rights required for access requests with different timeliness when different preset fingerprints are acquired.
When the main body equipment supports face verification authorization, the face image of the user can be collected through the camera, the collected face image is compared with a preset face image, and if the collected face image is consistent with the preset face image, the main body equipment acquires the authorization required by the access request.
When the main body equipment supports the authorization of the voice instruction, the voice instruction input by the user can be collected through the microphone, the telephone receiver or other sound pickup equipment, the collected voice instruction is compared with the preset voice instruction, and if the collected voice instruction is consistent with the preset voice instruction, the main body equipment acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of voice commands, and acquire the rights required by the access request with different timeliness when acquiring different preset voice commands.
When the main device supports key authorization, the pressing operation of the user can be collected through the physical key, and if a preset pressing operation (for example, one-time pressing operation, long-time pressing operation, two continuous pressing operations, and the like) is collected on the physical key, the main device acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of pressing operations, and acquire the authority required by the access request with different timeliness when different preset pressing operations are acquired.
In the embodiment of the present application, when a host device requests a user to grant an authority required by an access request generated by the host device, if the authority required by the access request includes information of the host device and/or a caller, the user may obtain more detailed information about the authority required by the access request received by a current guest device, thereby determining whether to grant the authority. Therefore, the authorization operation can be executed under the condition that the user fully knows the authority required by the access request, the misoperation or the false authorization of the user can be avoided, and the data security in the object device is ensured.
As can be seen, in S103, the main device may acquire, in response to the received user operation, the right granted by the user and required for the access request generated by the main device, and the right granted by the user may be time-efficient. The authority may be validated in various ways, not limited to being validated once, validated permanently as shown in fig. 5B or fig. 5E, but there may be more cases, such as validated within a week, validated within a month, validated within the first area, etc., without limitation.
In some embodiments, the subject device may perform S103 after each generation of an access request. In other embodiments, after generating the access request, the subject device may first determine whether the subject device has the right required by the access request, and apply for the right to the user through S103 in the absence of the right, so that interaction between the subject and object devices may be reduced, and efficiency of invoking resources across devices in the distributed system may be improved.
In step S103, the subject device and the caller apply for the right required for the access request to the user, and the subject device can acquire the right required for the access request as long as the subject device or the caller has the authorization condition regardless of whether the subject device or the caller has the authorization condition. Therefore, the access request initiated by the caller can be successfully responded, the resource calling among the devices is realized, and the actual requirements of the user are met.
And S104, the host device sends the generated access request and the authority information required by the access request granted by the user to the object device.
In the embodiment of the application, the authority information indicates one or more of the following items: whether the main body equipment acquires the authority required by the access request, the authority required by the access request acquired by the main body equipment, and the time efficiency of the authority acquired by the main body equipment.
In some embodiments, the host device may send the access request to the guest device directly with permission information required for the access request based on a capability (capability) access control technology. For example, the authority information required for the access request granted by the user may be carried in the access request. Therefore, time overhead caused by permission synchronization in a centralized permission management mechanism can be avoided, and the efficiency of resource calling is improved.
In some embodiments, the host device may send an access request to the guest device, respectively, and the rights information required for the access request granted by the user.
Executing the above S103-S104 can ensure that the main device sends the access request after acquiring the right required by the access request, and can ensure the security of the whole calling process.
In other embodiments of the present application, the host device may send an access request to the object device first, and after the object device receives the access request, the object device may confirm that the host device does not have the right required by the access request, or directly send an authorization request to the host device, where the authorization request is used to request the user to apply for the right required by the access request. Thereafter, the subject device may respond to the authorization request, perform operation S103, and send the authority information required by the access request granted by the user to the object device. That is, the host device can apply for the rights required by the access request to the user under the trigger of the object device, without actively applying for the rights required by the access request to the user by itself.
In some embodiments, the host device may find the object device corresponding to the access request according to the stored call relationship, and send the access request and the acquired permission information required by the access request to the object device.
In some embodiments, after the host device executes S104, the authority information acquired by the callee in the guest device may also be recorded or stored.
Optional step S105, the guest device creates multiple instances of the callee in response to the received access request.
Specifically, after receiving a plurality of access requests, the object device may enable different instances according to one or more of the following: a caller, a principal device, a developer of the caller, an account of a user or principal device to which the caller belongs, and the like. When one or more of the above are different, the guest device may enable different callee instances to provide services for the corresponding callers.
For example, if an application identified as "ID 2" in the host device 200 and an application identified as "ID 3" in the host device 300 are simultaneously invoked, and an application identified as "ID 1" in the guest device 100, the guest device 100 may create two instances, respectively providing services to two callers.
For another example, an application identified as "ID 3" in the host device 300, an application identified as "ID 4" in the host device 400, and an application identified as "ID 1" in the object device 100 are simultaneously called, and since developers of two callers are the same, the object device 100 can create an instance and provide services for two callers at the same time.
In some embodiments, if there is an instance of the callee in the guest device that provides the service for the caller in the subject device, that is, the guest device has created the instance before, the guest device does not need to perform S105 to recreate the instance. If there is no instance of the callee in the guest device that provides the service for the caller in the subject device, the guest device performs S105 to create the instance.
Referring to the examples in fig. 5A and 5D, after the object device 100 receives the access requests sent by the host device 200 and the host device 300, two instances of image processing function components (FAs) are created to provide services for the host device 200 and the host device 300, respectively.
In some embodiments, the callee may be installed in advance in the guest device. In other embodiments, the guest device may download and install the callee from the network after receiving the access request sent by the guest device, or download and install the callee directly from the host device.
When the guest device creates an instance of a callee, a User Identifier (UID) and a Process Identifier (PID) may be assigned to the instance. In some embodiments, the guest device may assign different UIDs for different instances of the callee. In some embodiments, the guest device may assign different PIDs for different instances of the callee. Thus, the guest device can distinguish different instances of the same callee by UID or PID.
In some embodiments, after the guest device creates the instance of the callee, a call relationship formed by the caller and the instance of the callee may be saved, and the specific content of the call relationship may refer to the following related description. The object device may also synchronize part of the contents in the call relationship, such as the call relationship ID, UID and PID of the callee instance created for the caller in the host device, to the host device, so that the host device can store the call relationship.
In some embodiments, after receiving the permission information sent by the host device, the object device may further record or store the permission information.
In some embodiments, the guest device may query whether the right to access the callee and/or to access the first resource is open to the host device, and in the case of yes, the subsequent steps are only performed. Therefore, invalid communication between the subject and object devices can be reduced, and the efficiency of resource calling is improved.
Optional step S106, the guest device creates a routing agent and a revocation agent for the instance of the callee.
In the embodiment of the present application, the routing agent and the revocation agent may be an application program or a service, and may also be an instance, a process, or a thread.
In some embodiments, the guest device may create a routing agent and a revocation agent for each instance of the callee, and grant the right to access the routing agent to the instance of the callee and grant the right required by the access request to the revocation agent. For example, referring to fig. 6A, fig. 6A illustrates a case where the guest device 100 creates an instance and a routing agent and a revocation agent, and respective rights are granted to the instance and the respective agents. As shown, the object device 100 creates 2 instances of image processing Function (FA), and creates a routing agent and a revocation agent for each of the two instances, respectively.
In other embodiments, the guest device may create a revocation agent for each instance of the callee, but the two instances share a routing agent. That is, the routing agents may be multiplexed. Therefore, the overhead in the object equipment can be reduced, and the efficiency of resource access can be improved. Referring to fig. 6B, fig. 6B illustrates another case where the guest device 100 creates an instance and a routing agent and a revocation agent, and grants the instance and the respective agents the corresponding rights.
In this embodiment of the application, the routing agent and the revocation agent may be created by a system of the guest device, or may be created by the guest device through the callee, which is not limited herein. Also, the guest device may create the routing agent and the revocation agent along with the identity of the caller, e.g., using the caller's UID passed by the host device. The routing agent and the revocation agent are created by the system of the object device, so that the condition that the callee acquires the right required by the access request can be avoided, the condition that the right is expanded or the right is abused can be avoided, and the data security in the electronic device can be further protected.
In some embodiments, if there are a routing agent and a withdrawal agent in the guest device corresponding to the instance of the callee, the guest device does not need to perform S106 to recreate the routing agent and the withdrawal agent. If there are no routing agent and revocation agent corresponding to the instance of the callee in the guest device, the guest device may perform S106 to create a routing agent and a revocation agent.
In some embodiments, the routing agent and the revocation agent corresponding to the same callee's instance may be combined into one agent.
Through the S106, the object device can create a plurality of examples of the callee, create revocation proxies for the examples respectively, and grant the authority required by each access request to different revocation proxies, so that one revocation proxy can only obtain the authority required by one access request, and the problems of authority mixing and authority expansion are avoided through the revocation proxies which are isolated from each other, so that the data security in the object device can be ensured, and the data abuse and leakage are prevented.
S107, the object device grants the authority of accessing the routing agent to the instance of the callee, and grants the authority required by the access request to the revocation agent.
After S107 is executed, the routing agent corresponding to the same callee instance may access the revocation agent corresponding thereto, and meanwhile, the callee instance may not access the revocation agent. That is, the access path in the embodiment of the present application may only be the first resource, routing agent, withdrawal agent, of the instance of the callee.
And S108, the object equipment runs the instance of the callee, accesses the routing agent corresponding to the instance, finds the withdrawal agent corresponding to the instance through the routing agent, and accesses the first resource through the withdrawal agent.
Specifically, since the callee instance has the right to access the routing agent, the guest device running the callee instance may access the routing agent. And then, the object device finds the revocation proxy corresponding to the instance of the callee through the routing proxy, and because the revocation proxy has the authority required by the access request, the object device can access the first resource through the revocation proxy. When the right required for the access request includes a right to call the callee, it can be regarded that the right includes a right to call the callee to perform various operations, and therefore also includes a right to access the first resource.
It can be seen that, when S108 is executed, the guest device gives the respective permissions to the instance, routing agent, and revocation agent of the callee, and when the access request is responded, the respective permissions are directly checked by the instance, routing agent, and revocation agent of the callee, without performing additional permission check through the access control module, thereby reducing time overhead.
In the embodiment of the application, different revocation proxies are isolated from each other, so that the situations of mixed use and authority expansion of the authorities possessed by the revocation proxies do not occur.
In some embodiments, the object device responds to the access request to access the first resource, which may specifically include one or more of the following:
the object device runs an instance of a callee created for the caller, and accesses a first resource to perform a series of operations, such as displaying a video call interface through a display screen, capturing images through a camera, performing a calculation operation, processing the images, acquiring location information, and the like.
And 2, the object device sends an access result of accessing the first resource to the host device, for example, sends an image acquired by the camera to the host device, so that the host device sends the image to another device performing a video call with the host device, and for example, sends the calculation result and the acquired position information to the host device.
And 3, the object device receives the data sent by the host device, accesses the first resource by using the data and executes a series of operations. For example, the object device may receive an image, which is sent by the host device and acquired by another device performing a video call, and display the image in a video call interface of the display screen.
Here, the operation executed when the guest device responds to the access request to access the first resource may be determined by default by the guest device, may be determined by a user on the guest device side, and may be determined by the access request sent by the host device side, which is not limited herein.
Exemplarily, referring to fig. 5C, fig. 5C is a user interface 51 displayed by the host device 200 after receiving an access result of the guest device 100 accessing the first resource. The subject device 200 may first send the picture 504 in fig. 5A to the object device 100, where the picture 504 may be carried in the access request, and then the object device 100 may run an instance of an image processing function component (FA) created for the "gallery" in the subject device 200, and access the image processing resource in the object device 100 through a specific operation in S107, and send an access result of the image processing resource to the picture 504 to the subject device 200. As shown in fig. 5C, the subject device 200 may display a picture 506 processed by the object device 100 in the user interface 51 according to the access result. Clearly, the sharpness of picture 506 is higher compared to picture 504 in fig. 5A. The process of adjusting the sharpness of the picture 504 by the object device 100 may be selected by the user on the object device side on the object device, or performed by the object device by default. In some embodiments, a prompt message 507 for prompting the resource calling result may also be displayed in the user interface 51.
Similarly, referring to fig. 5F, fig. 5F is a user interface 52 displayed by the host device 300 after receiving the access result of the guest device 100 accessing the first resource. The host device 300 may first send the picture 508 in fig. 5D to the object device 100, where the picture 508 may be carried in the access request, and then the object device 100 may run an instance of an image processing function component (FA) created as a "gallery" in the host device 300, and access an image processing resource in the object device 100 through a specific operation in S107, and send an access result of the image processing resource to the picture 508 to the host device 300. As shown in fig. 5F, the host device 300 may display a picture 511 processed by the object device 100 in the user interface 52 according to the access result. Obviously, the person image in the picture 511 is subjected to the slimming and shaping process, compared with the picture 508 in fig. 5D. The slimming and shaping process performed by the object device 100 on the character image in the picture 508 may be selected by the user on the object device side on the object device, or may be performed by the object device by default. In some embodiments, a prompt message 512 may also be displayed in the user interface 52 for prompting the resource invocation result.
And S109, the object device revokes the authority required by the access request.
In this embodiment of the application, the guest device may revoke the right required by the access request transferred by the host device under any one of the following conditions:
1, if the authority information transmitted by the host device includes the time-efficiency information, the guest device may revoke the authority required for the access request according to the time efficiency indicated by the time-efficiency information.
For example, if the age information indicates validity once, the guest device may revoke the rights required for the access request after successfully responding to the access request, i.e., ending access to the first resource. For example, in the examples of fig. 5A to 5C, after the guest device 100 receives the access request sent by the host device 200, the rights required by the access request may be revoked immediately after responding to the access request.
For another example, if the aging information indicates validity within the first time, the guest device may revoke the rights required for the access request after the first time when the aging information is received.
For another example, if the age information indicates validity in the first zone, the guest device may revoke the rights required for the access request while located in a non-first zone.
2, the guest device may revoke the right required by the access request according to its own right revoking policy after successfully responding to the access request, that is, after finishing accessing the first resource.
Rights revocation policies in guest devices may include, for example, but are not limited to: the method comprises the steps of immediately revoking the authority required by the access request, revoking the authority required by the access request after a second time of successfully responding to the access request, revoking the authority required by the access request when the first resource in the object device is not accessed by the instance of the callee for more than a preset time, or revoking the authority required by the access request under the condition that other conditions are met, and the like.
Through the 2 nd mode, the object device can cancel the right after successfully responding to the access request, and does not need to cancel the right by transmitting the time efficiency information, so that the condition that the right is invalid when the resource calling is not completed is avoided, and the purpose of accurately canceling the right according to the actual user requirement is realized.
Specifically, in this embodiment of the application, the guest device may revoke the right required by the access request through any one or more of the following:
the guest device revokes the rights required for the access request granted to the revocation agent 1.
After the object device recovers the authority required by the access request granted to the revocation proxy, the subsequent revocation proxy cannot continuously access the first resource, and the instance of the callee and the routing proxy cannot access the first resource through the revocation proxy, so that the purpose of recovering the authority can be realized.
And 2, the object device terminates the routing agent and/or the revocation agent.
Terminating a routing agent and/or a revocation agent may refer to a guest device completely emptying data related to the routing agent and/or the revocation agent, which no longer exists in the guest device. Therefore, the subsequent instances of the callee can not access the first resource through the routing agent and the revocation agent, and the purpose of recovering the authority can be realized.
In the embodiment of the present application, the first resource is accessed by the routing agent and the revocation agent, so that the condition that the authority required by the access request is directly granted to the instance of the callee is avoided, even if the instance of the callee secondarily transfers the authority of the callee to other callees, after the step S108 is executed, the secondarily transferred authority is also invalidated, and thus the purpose of accurately revoking the authority is achieved. In addition, through the routing agent and the revocation agent, the object device does not need to store a large amount of authority delegation information, and storage resources of the object device are saved.
In the method shown in fig. 4, the guest device may also manage a life cycle of an instance of the callee created for the caller in the host device. In some embodiments, the object device may stop running or destroy the instance after running the instance and successfully responding to the access request, may stop running or destroy the instance after a preset time elapses, and may also stop running or destroy the instance when the running instance does not access the resource in the object device for a certain period of time. Stopping the running instance means that the instance still exists in the guest device, but the instance is not in a running state. The destruction instance means that the object device deletes all data related to the instance, and the instance no longer exists in the object device.
In the access control method shown in fig. 4:
the guest device (e.g., guest device 100) may be referred to as a first device, one host device (e.g., host device 200) may be referred to as a second device, and another host device (e.g., host device 300) may be referred to as a third device.
A caller in the second device, for example, a "gallery" in the main device 200, may be referred to as a first caller, and a caller in the third device, for example, a "gallery" in the main device 300, may be referred to as a second caller.
The access request sent by the second device to the first device may be referred to as a first access request. The access request sent by the third device to the first device may be referred to as a second access request. The right required for the first access request may be referred to as a first right. The right required for the second right information may be referred to as a second right.
The authority information transmitted by the second device to the first device may be referred to as first authority information. The right information transmitted from the third device to the first device may be referred to as second right information.
The instance of the callee that the first device runs in response to the first access request may be referred to as a first instance. The instance of the callee that the first device runs in response to the second access request may be referred to as the second instance.
The routing agent and the revocation agent, which the first device operates in response to the first access request, may be referred to as a first routing agent and a first revocation agent, respectively. When the first routing agent and the first revocation agent are combined into one agent, the agent may be referred to as a first agent.
The routing agent and the revocation agent, which the first device operates in response to the second access request, may be referred to as a second routing agent and a second revocation agent, respectively. When the second routing agent and the second revocation agent are combined into one agent, the agent may be referred to as a second agent.
The method shown in fig. 4 may also be applied to a single electronic device, without being limited to the exemplary enumerated distributed systems described above. For example, one or more callers and a callee are installed in the electronic device, and the electronic device is both a host device and a guest device. The electronic device may generate one or more access requests for invoking the same callee, the access requests for the caller to invoke the callee to access the first resource in the electronic device. The access request generation timing and manner can refer to the relevant description of the main device generating the access request in S102 of fig. 4. After the electronic device generates the access request, S103-S109 in the method shown in fig. 4 may be performed, except that the communication process between the client device and the host device in fig. 4 may be omitted.
In addition, the electronic device can create a routing agent and a revocation agent through a caller or a system, so that the condition that the callee acquires the right required by the access request can be avoided, the condition that the right is expanded or misused is avoided, and the data security in the electronic device can be protected. Also, the electronic device may create the routing agent and the revocation agent using the identity of the caller, e.g., may create both agents using the UID of the caller.
How a single electronic device executes the access control method provided in the embodiments of the present application may refer to the related description of fig. 4, and details are not described here again.
Referring to fig. 8, fig. 8 illustrates a simple flow for implementing the access control method provided by the embodiment of the present application on a binder basis by a single electronic device. As shown in FIG. 8, the electronic device includes a user space including a caller (e.g., APP1) and a callee (e.g., APP2), and a kernel space including a binder driver.
As shown in fig. 8, the process may include the following steps:
1, APP1 informs the system creation or APP1 itself to create routing agents and revocation agents, while providing that routing agents can only be accessed through P2 permissions.
2, APP1 requests invocation of APP 2.
3, the binder driver passes the P2 rights to the routing agent and the P1 rights to the revocation agent through processing commands. The P1 permissions are the permissions required by the APP1 to request invocation of the APP2, which permissions are used to access the first resource.
4, the APP2 initiates a request to invoke the first resource in response to the request of APP 1.
5, the system (such as application scheduling management module) starts the routing agent according to the request of APP 2. Because APP2 already has P2 privileges, routing agents may be started.
6, the routing agent forwards the request initiated by APP2 directly to the revocation agent.
7, the revocation proxy calls the first resource, which can be called since the revocation proxy already has the P1 privilege.
After the calling of the first resource is finished, the APP1 may request the system to delete or the APP1 deletes the revocation agent and/or the routing agent itself, or the P1 authority of the revocation agent may be recovered through binder driving, so that the authority revocation may be completed.
In the distributed system, the grant and revocation of the rights may also be implemented based on the binder in a manner similar to that in fig. 8, and detailed implementation is not described here again.
In the stand-alone device, the electronic device can accurately and flexibly revoke the authority required by the access request through the routing agent and the revocation agent. Reference may be made in particular to the description relating to the implementation of the access control method in a distributed system.
When the method for controlling access to precise revocation of authority provided by the embodiment of the present application is executed in a stand-alone device, one caller in an electronic device may be referred to as a first caller, and another caller may be referred to as a second caller. The access request generated when the electronic device executes the first caller to call the first caller and access the first resource may be referred to as a first access request. The access request generated when the electronic device executes the second caller to call the callee and access the first resource may be referred to as a second access request. The right required for the first access request may be referred to as a first right. The right required for the second right information may be referred to as a second right.
The instance of the callee that the electronic device runs in response to the first access request may be referred to as a first instance. The instance of the callee that the third device runs in response to the second access request may be referred to as the second instance.
The routing agent and the revocation agent, which the electronic device operates in response to the first access request, may be referred to as a first routing agent and a first revocation agent, respectively. When the first routing agent and the first revocation agent are combined into one agent, the agent may be referred to as a first agent.
The routing agent and the revocation agent operated by the electronic device in response to the second access request may be referred to as a second routing agent and a second revocation agent, respectively. When the second routing agent and the second revocation agent are combined into one agent, the agent may be referred to as a second agent.
Referring to fig. 7A, fig. 7A is a schematic diagram of a software structure of a main device according to an embodiment of the present application. The host device may be the host device 200 or the host device 300 in the embodiment of fig. 4.
As shown in fig. 7A, the main body apparatus may include several modules as follows: the system comprises an application information management module, an authority application module, an authority delegation module, a calling relation management module and a calling relation library. Wherein:
and the application information management module is used for managing information, such as names and the like, of each APP and functional components installed on the main body equipment. The application information management module is further configured to synchronize information of the native APP and the native functional component with other devices, and receive information of the APP and the native functional component synchronized with other devices (e.g., the guest device).
And the permission application module is used for applying for the user to obtain the permission required by the access request when the subject device generates the access request for calling the callee in the object device.
And the permission delegation module is used for sending the permission information applied by the permission application module to the object device according to the calling relation. In some embodiments, the permission delegation module is configured to send the permission information applied by the permission application module and the access request generated by the subject device to the object device at the same time.
And the call relation management module is responsible for maintaining a call relation formed by a caller and a callee instance providing service for the caller and storing the call relation into the call relation library.
And the call relation library is used for storing a call relation formed by the caller and the callee instance. The calling relation comprises: the calling relationship ID, the callee's instance information, and, the caller's information for each call to that instance.
The invocation relationship ID may be assigned by the principal device. For the same call relationship, the object device and the subject device may share the same call relationship ID, and the call relationship ID may be carried in an access request sent to the object device and sent to the object device after being allocated by the subject device.
The instance information of the callee may include one or more of: the device identification (device ID) of the guest device, APP ID of the callee, UID and PID of the instance. The PID is an identity of an instance, and running an instance by the electronic device assigns a unique PID to the instance. The PID and UID can be synchronized by the object device to the host device.
The caller information includes an application identification (APP ID) of the caller, and may further include one or more of: a device ID (device ID) of the main device, a developer signature (developer ID) of the caller, a User ID (UID) of the caller, and an account ID (account ID) of the main device. Wherein:
an APP ID for identifying an APP or functional component.
A device ID for identifying the device. The device ID may be, for example, a name of a device, a serial number, a Media Access Control (MAC) address, and the like.
A developer signature to identify the developer.
And the UID is used for identifying the user to which the APP or the functional component belongs. Typically, the electronic device will assign different UIDs to different APPs or functional components installed to distinguish. In some embodiments, the electronic device may assign the same UID to each APP or functional component developed by the same developer. The same APP or functional component may own different UIDs in different electronic devices.
The account ID is used to identify a user currently logged in to the electronic device, and may be a huacheng account, for example.
Fig. 7A is only an exemplary illustration, and the main device provided in the embodiment of the present application may further include more or fewer modules, which is not limited herein.
The modules in the main device mentioned in fig. 7A may be located in an application layer, an application framework layer, a system service layer, a kernel layer, and the like in the electronic device shown in fig. 3B, which is not limited herein.
Referring to fig. 7B, fig. 7B is a schematic diagram of a software structure of an object device according to an embodiment of the present application. The object device may be the object device 100 in the embodiment of fig. 4.
As shown in fig. 7B, the object device may include the following modules: the system comprises an application information management module, an instance management module, a permission delegation module, a routing agent management module, a revocation agent management module, a delegation revocation management module, a calling relation management module and a calling relation library. Wherein:
and the application information management module is used for managing information, such as names and the like, of each APP and functional component installed in the object equipment. The application information management module is further configured to synchronize information of the APP and the functional component of the application to other devices, and receive information of the APP and the functional component synchronized by other devices (e.g., the main device).
And the instance management module is responsible for dynamically starting the instance of the callee according to the information of the caller and providing service for the caller. Specifically, the instance management module may enable instances of different callers for different callers. The instance management module is also used to manage the life cycle of the respective instance, such as start, stop, destroy, restart, and the like.
And the authority delegation module is used for receiving authority information required by the access request sent by the main body equipment. And the authority for accessing the proxy module is granted to the callee, and the authority required by the access request is granted to the proxy module. The agent module may include a revocation agent and a routing agent.
And the routing agent management module is used for creating a routing agent. In some embodiments, the routing agent management module may create different routing agents in response to different access requests. In other embodiments, the routing agent management module may create a routing agent for responding to all access requests acquired by the object device.
And the revocation agent management module is used for creating a revocation agent. In some embodiments, the revocation agent management module may create different revocation agents in response to different access requests.
And the delegation revocation management module is used for revoking the authority granted to the revocation agent or terminating the revocation agent and/or the routing agent when the object equipment needs the revocation management module.
And the call relation management module is responsible for maintaining a call relation formed by a caller and a callee instance providing service for the caller and storing the call relation into the call relation library.
And the calling relation library is used for storing calling relations formed by the caller and the callee instances. The calling relation comprises: the calling relationship ID, the callee's instance information, and, the caller's information for each call to that instance. The specific content of the calling relationship can refer to the related description of the main device in fig. 7A.
Fig. 7B is a schematic example only, and the object device provided in the embodiment of the present application may further include more or fewer modules, which is not limited herein.
The modules in the object device mentioned in fig. 7B may be located in an application layer, an application framework layer, a system service layer, a kernel layer, and the like in the electronic device shown in fig. 3B, which is not limited herein.
The embodiments of the present application can be combined arbitrarily to achieve different technical effects.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the procedures or functions described in accordance with the present application are generated, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
One of ordinary skill in the art will appreciate that all or part of the processes in the methods of the above embodiments may be implemented by hardware related to instructions of a computer program, which may be stored in a computer-readable storage medium, and when executed, may include the processes of the above method embodiments. And the aforementioned storage medium includes: various media capable of storing program codes, such as ROM or RAM, magnetic or optical disks, etc.
In short, the above description is only an example of the technical solution of the present application, and is not intended to limit the protection scope of the present application. Any modifications, equivalents, improvements and the like made in accordance with the disclosure of the present application should be included in the scope of the present application.
Claims (32)
1. An access control method for accurate permission revocation is characterized in that the method is applied to a communication system comprising first equipment and second equipment, a callee is installed in the first equipment, a first caller is installed in the second equipment, the callee and the first caller are application programs (APPs) or functional components, the APPs are program entities for realizing multiple functions, and the functional components are program entities for realizing a single function;
the method comprises the following steps:
the second device sends a first access request and first permission information to the first device, wherein the first access request is used for the first caller to call the callee to access a first resource in the first device, and the first permission information indicates first permission which comprises the permission to call the callee and/or the permission to access the first resource;
the first device responds to the first access request, grants the first permission to a first proxy, grants the permission for accessing the first proxy to the callee, and the first proxy is a service, a process or a thread;
the first equipment runs the callee, accesses the first agent, and accesses the first resource through the first authority possessed by the first agent;
the first device terminates the first agent, or the first device revokes the first right possessed by the first agent.
2. The method of claim 1, wherein the first privilege information further indicates a time limit of the first privilege, the time limit being any one of: once active, active for a first time or active in a first area;
the terminating, by the first device, the first agent, or revoking, by the first device, the first right possessed by the first agent specifically includes:
if the time is valid for one time, the first device terminates the first agent or revokes the first authority possessed by the first agent after finishing accessing the first resource;
if the time limit is valid within the first time or within the first area, the first device terminates the first agent or revokes the first right possessed by the first agent after receiving the first right information or when the first device is located in a non-first area.
3. The method according to claim 1, wherein the terminating, or revoking, by the first device the first authority possessed by the first agent, the first agent by the first device specifically includes:
and after the first device finishes accessing the first resource or finishes accessing the first resource for a second time, terminating the first agent or revoking the first authority possessed by the first agent.
4. The method according to any one of claims 1 to 3,
the granting, by the first device, the right to access the first agent to the callee specifically includes: the first device granting the first instance of the callee a right to access the first agent;
the running of the callee by the first device to access the first agent specifically includes: the first device runs the first instance and accesses the first agent;
the communication system further comprises third equipment, wherein a second caller is installed in the third equipment, and the second caller is the APP or the functional component; the method further comprises the following steps:
the third device sends a second access request and second permission information to the first device, wherein the second access request is used for the second caller to call the callee to access the first resource, the second permission information indicates second permission, and the second permission comprises permission for calling the callee and/or permission for accessing the first resource;
the first device responds to the second access request, grants the second permission to a second agent, grants the permission for accessing the second agent to a second instance of the callee, and the second agent is a service, a process or a thread;
the first device runs the second instance, accesses the second agent, and accesses the first resource through the second authority possessed by the second agent;
wherein the first instance, the second instance are processes or threads running in random access memory, RAM, the second instance is different from the first instance, and the second instance and the first instance are isolated from each other.
5. The method of claim 4, wherein before the first device grants the first instance of the callee the right to access the first agent, the method further comprises:
the first device creates the first instance in response to the first access request.
6. The method according to any one of claims 1-5, wherein the first agent comprises: a first routing agent, a first revocation agent; the first routing agent and the first revocation agent are services, processes or threads;
the granting, by the first device, the first right to a first agent, and granting, by the first device, a right to access the first agent to the callee specifically includes: the first device grants the first permission to the first revocation agent, and grants permission for accessing the first routing agent to the callee;
the running of the callee by the first device, accessing the first agent, and accessing the first resource through the first authority possessed by the first agent specifically includes: the first device runs the callee, accesses the first revocation agent through the first routing agent, and accesses the first resource through the first authority possessed by the first revocation agent;
the terminating, by the first device, the first agent, or revoking, by the first device, the first right possessed by the first agent specifically includes: the first device terminates the first routing agent and/or the first revocation agent, or the first device revokes the first right possessed by the first revocation agent.
7. The method of any of claims 1-6, wherein before the first device grants the first privilege to the first agent in response to the first access request, the method further comprises:
the first device creates the first proxy in response to the first access request.
8. The method according to any of claims 1-7, wherein the first right specifically comprises:
the second device calls the authority of the callee and/or the authority of the second device for accessing the first resource;
and/or the presence of a gas in the gas,
the first caller calls the authority of the callee and/or the authority of the first caller to access the first resource.
9. The method according to any one of claims 1 to 8, wherein the sending, by the second device, the first access request and the first permission information to the first device specifically includes:
and the second equipment sends a first access request to the first equipment, wherein the first access request carries first authority information.
10. The method according to any of claims 1-9, wherein before the second device sends the first permission information to the first device, the method further comprises:
the second equipment outputs prompt information, and the prompt information is used for prompting the first permission;
and the second equipment receives user operation.
11. An access control method for accurately revoking permissions is applied to electronic equipment, a callee is installed in the electronic equipment, the callee is an application program APP or a functional component, the APP is a program entity for realizing multiple functions, and the functional component is a program entity for realizing a single function;
the method comprises the following steps:
the electronic device receives a first access request and first permission information sent by the second device, wherein the first access request is used for a first caller in the second device to call the callee to access a first resource in the electronic device, and the first permission information indicates first permission which comprises permission for calling the callee and/or permission for accessing the first resource; the first caller is the APP or the functional component;
the electronic equipment responds to the first access request, grants the first permission to a first proxy, grants the permission for accessing the first proxy to the callee, and the first proxy is a service, a process or a thread;
the electronic equipment runs the callee, accesses the first agent, and accesses the first resource through the first authority possessed by the first agent;
the electronic device terminates the first agent, or the electronic device revokes the first right possessed by the first agent.
12. The method of claim 11, wherein the first privilege information further indicates a time limit of the first privilege, the time limit being any one of: once active, active for a first time or active in a first area;
the terminating, by the electronic device, the first agent, or revoking, by the electronic device, the first right possessed by the first agent specifically includes:
if the time limit is valid for one time, the electronic equipment terminates the access to the first resource and terminates the first agent or revokes the first authority possessed by the first agent;
if the time limit is valid within the first time or valid within the first area, the electronic device terminates the first agent or revokes the first authority possessed by the first agent after receiving the first time of the first authority information or when the electronic device is located in a non-first area.
13. The method according to claim 11, wherein the terminating, or revoking, by the electronic device the first authority possessed by the first agent, the electronic device specifically includes:
after the electronic device finishes accessing the first resource or finishes accessing the first resource for a second time, terminating the first agent or revoking the first authority possessed by the first agent.
14. The method of any one of claims 11-13,
the granting, by the electronic device, the right to access the first agent to the callee specifically includes: the electronic device granting the first instance of the callee permission to access the first agent;
the running of the callee by the electronic device to access the first agent specifically includes: the electronic equipment runs the first instance and accesses the first agent;
the method further comprises the following steps:
the electronic device receives a second access request and second permission information sent by a third device, the second access request is used for a second caller in the third device to call the callee to access the first resource, the second permission information indicates second permission, and the second permission comprises permission for calling the callee and/or permission for accessing the first resource; the second caller is the APP or the functional component;
the electronic equipment responds to the second access request, grants the second permission to a second agent, grants the permission for accessing the second agent to a second instance of the callee, and the second agent is a service, a process or a thread;
the electronic equipment runs the second instance, accesses the second agent and accesses the first resource through the second permission possessed by the second agent;
wherein the first instance, the second instance are processes or threads running in random access memory, RAM, the second instance is different from the first instance, and the second instance and the first instance are isolated from each other.
15. The method of claim 14, wherein before the electronic device grants the first instance of the callee the right to access the first agent, the method further comprises:
the electronic device creates the first instance in response to the first access request.
16. The method according to any of claims 11-15, wherein the first agent comprises: a first routing agent, a first revocation agent; the first routing agent and the first revocation agent are services, processes or threads;
the granting, by the electronic device, the first right to a first proxy, and granting, by the electronic device, a right to access the first proxy to the callee specifically includes: the electronic equipment grants the first permission to the first revocation agent, and grants the permission for accessing the first routing agent to the callee;
the electronic device runs the callee, accesses the first agent, and accesses the first resource through the first right possessed by the first agent, specifically including: the electronic equipment runs the callee, accesses the first revocation agent through the first routing agent, and accesses the first resource through the first authority possessed by the first revocation agent;
the terminating, by the electronic device, the first agent, or revoking, by the electronic device, the first right possessed by the first agent specifically includes: the electronic device terminates the first routing agent and/or the first revocation agent, or the electronic device revokes the first right possessed by the first revocation agent.
17. The method of any of claims 11-16, wherein before the electronic device grants the first right to the first agent in response to the first access request, the method further comprises:
the electronic device creates the first proxy in response to the first access request.
18. The method according to any one of claims 11-17, wherein the first right specifically comprises:
the second device calls the authority of the callee and/or the authority of the second device for accessing the first resource;
and/or the presence of a gas in the gas,
the first caller calls the authority of the callee and/or the authority of the first caller to access the first resource.
19. The method according to any one of claims 11 to 18, wherein the receiving, by the electronic device, the first access request and the first permission information sent by the second device specifically includes:
and the electronic equipment receives a first access request sent by the second equipment, wherein the first access request carries first permission information.
20. An access control method for accurate permission revocation is characterized in that the method is applied to electronic equipment, a first caller and a callee are installed in the electronic equipment, the first caller and the callee are application programs (APPs) or functional components, the APPs are program entities for realizing multiple functions, and the functional components are program entities for realizing a single function; the method comprises the following steps:
the electronic equipment generates a first access request and acquires a first permission, wherein the first access request is used for the first caller to call the callee to access a first resource in the electronic equipment, and the first permission comprises the permission for calling the callee and/or the permission for accessing the first resource;
the electronic equipment responds to the first access request, grants the first authority to a first proxy, and grants the authority of accessing the first proxy to the callee;
the electronic equipment runs the callee, accesses the first agent, and accesses the first resource through the first authority possessed by the first agent;
the electronic device terminates the first agent, or the electronic device revokes the first right possessed by the first agent.
21. The method of claim 20, wherein the first privilege has an age, the age being any one of: once active, active for a first time or active in a first area;
the terminating, by the electronic device, the first agent, or revoking, by the electronic device, the first right possessed by the first agent specifically includes:
if the time is valid for one time, the electronic equipment terminates the first agent or revokes the first authority possessed by the first agent after finishing accessing the first resource;
if the time limit is valid within the first time or within the first area, the electronic device terminates the first agent or revokes the first authority possessed by the first agent after receiving the first time of the first authority information or when the electronic device is located in a non-first area.
22. The method according to claim 20, wherein the terminating, or revoking, by the electronic device the first authority possessed by the first agent, the electronic device specifically includes:
after the electronic device finishes accessing the first resource or finishes accessing the first resource for a second time, terminating the first agent or revoking the first authority possessed by the first agent.
23. The method according to any of claims 20-22, wherein a second caller is also installed in the electronic device, and the second caller is the APP or the functional component;
the granting, by the electronic device, the right to access the first agent to the callee specifically includes: the electronic device grants the authority to access the first agent to a first instance of the callee;
the electronic device runs the callee, and accesses the first agent, which specifically includes: the electronic equipment runs the first instance and accesses the first agent;
the method further comprises the following steps:
the electronic equipment generates a second access request and acquires a second permission, wherein the second access request is used for the second caller to call the callee to access the first resource, and the second permission comprises the permission for calling the callee and/or the permission for accessing the first resource;
the electronic equipment responds to the second access request, grants the second permission to a second agent, grants the permission for accessing the second agent to a second instance of the callee, and the second agent is a service, a process or a thread;
the electronic equipment runs the second instance, accesses the second agent and accesses the first resource through the second permission possessed by the second agent;
wherein the first instance, the second instance are processes or threads running in Random Access Memory (RAM), the second instance is different from the first instance, and the second instance and the first instance are isolated from each other.
24. The method of claim 23, wherein before the electronic device grants the first instance of the callee the right to access the first agent, the method further comprises:
the electronic device creates the first instance in response to the first access request.
25. The method of any of claims 20-24, wherein the first agent comprises: a first routing agent, a first revocation agent; the first routing agent and the first withdrawing agent are services, processes or threads;
the granting, by the electronic device, the first right to a first agent, and granting, to the callee, a right to access the first agent specifically include: the electronic equipment grants the first permission to the first revocation agent, and grants the permission for accessing the first routing agent to the callee;
the electronic device runs the callee, accesses the first agent, and accesses the first resource through the first right possessed by the first agent, specifically including: the electronic equipment runs the callee, accesses the first revocation agent through the first routing agent, and accesses the first resource through the first authority possessed by the first revocation agent;
the terminating, by the electronic device, the first agent, or revoking, by the electronic device, the first right possessed by the first agent specifically includes: the electronic device terminates the first routing agent and/or the first revocation agent, or the electronic device revokes the first right possessed by the first revocation agent.
26. The method of any of claims 20-25, wherein before the electronic device grants the first right to the first agent in response to the first access request, the method further comprises:
the electronic device creates the first proxy in response to the first access request.
27. The method according to any of claims 20-26, wherein the first right specifically comprises:
the electronic equipment calls the authority of the callee and/or the authority of the electronic equipment for accessing the first resource;
and/or the presence of a gas in the gas,
the first caller calls the authority of the callee and/or the authority of the first caller to access the first resource.
28. The method of any of claims 20-27, wherein prior to the electronic device obtaining the first permission, the method further comprises:
the electronic equipment outputs prompt information, and the prompt information is used for prompting the first permission;
the electronic device receives a user operation.
29. An electronic device, comprising: a memory, one or more processors; the memory coupled with the one or more processors, the memory to store computer program code, the computer program code comprising computer instructions that the one or more processors invoke to cause the electronic device to perform the method of any of claims 11-19 or 20-28.
30. A computer-readable storage medium comprising instructions that, when executed on an electronic device, cause the electronic device to perform the method of any of claims 11-19 or 20-28.
31. A computer program product, characterized in that it causes a computer to perform the method according to any of claims 11-19 or 20-28 when said computer program product is run on a computer.
32. A communication system, the communication system comprising: a first device, a second device, the first device to perform the method of any of claims 11-19.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2022/082869 WO2022199672A1 (en) | 2021-03-26 | 2022-03-24 | Access control method for precise permission revocation, related apparatus, and system |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110327079 | 2021-03-26 | ||
| CN2021103270799 | 2021-03-26 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115130132A true CN115130132A (en) | 2022-09-30 |
Family
ID=83376285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210211570.XA Pending CN115130132A (en) | 2021-03-26 | 2022-03-04 | Access control method for accurately revoking authority, related device and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115130132A (en) |
| WO (1) | WO2022199672A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116702100A (en) * | 2022-10-21 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and electronic equipment |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101097592B (en) * | 2006-06-26 | 2011-10-05 | 华为技术有限公司 | Method and apparatus for operating authority |
| US8995646B2 (en) * | 2013-06-13 | 2015-03-31 | Jacada Inc. | System and method for identifying a caller via a call connection, and matching the caller to a user session involving the caller |
| CN107784221B (en) * | 2016-08-30 | 2021-07-27 | 斑马智行网络(香港)有限公司 | Authority control method, service providing method, device and system and electronic equipment |
| CN111859418B (en) * | 2020-06-24 | 2024-07-05 | 华为技术有限公司 | Atomic capability calling method and terminal equipment |
-
2022
- 2022-03-04 CN CN202210211570.XA patent/CN115130132A/en active Pending
- 2022-03-24 WO PCT/CN2022/082869 patent/WO2022199672A1/en active Application Filing
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116702100A (en) * | 2022-10-21 | 2023-09-05 | 荣耀终端有限公司 | Authority management method and electronic equipment |
| CN116702100B (en) * | 2022-10-21 | 2024-04-16 | 荣耀终端有限公司 | Authority management method and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022199672A1 (en) | 2022-09-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102484738B1 (en) | Method and electronic device for managing application rights | |
| US20240232428A9 (en) | Access control method, electronic device, and system | |
| KR20210042953A (en) | Security service deletion method and electronic device | |
| WO2020107463A1 (en) | Electronic device control method and electronic device | |
| WO2022247626A1 (en) | Application identity-based access control method, related apparatus, and system | |
| CN115238299A (en) | Access control method based on security level, related device and system | |
| US20240176872A1 (en) | Access Control Method, Electronic Device, and System | |
| WO2022253158A1 (en) | User privacy protection method and apparatus | |
| CN114546969A (en) | File sharing method and device and electronic equipment | |
| EP4266202A1 (en) | Data protection method and system, and medium and electronic device | |
| CN115130132A (en) | Access control method for accurately revoking authority, related device and system | |
| CN115114637A (en) | Access control method based on permission transfer, related device and system | |
| EP4177777A1 (en) | Flexibly authorized access control method, and related apparatus and system | |
| CN115203731A (en) | Access control method based on security sensitivity, related device and system | |
| CN115203716A (en) | Permission synchronization method, related device and system | |
| WO2022194156A1 (en) | Distributed access control method and related apparatus and system | |
| WO2023284555A1 (en) | Method for securely calling service, and method and apparatus for securely registering service | |
| CN115017498A (en) | Method for operating applet and electronic device | |
| CN115268710A (en) | Login method of application program, related device and system | |
| CN115146305A (en) | Access control method based on access policy, related device and system | |
| CN115426122A (en) | Access control method based on permission adaptation, related device and system | |
| CN114996667A (en) | Cross-device access control method, related device and system | |
| EP4350544A1 (en) | Access control method and related apparatus | |
| CN115114636A (en) | Access control method, related device and system | |
| CN115017536A (en) | Access control method, related device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |