CN115146305A

CN115146305A - Access control method based on access policy, related device and system

Info

Publication number: CN115146305A
Application number: CN202210212909.8A
Authority: CN
Inventors: 任兵飞; 毛哲文
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2021-03-30
Filing date: 2022-03-04
Publication date: 2022-10-04

Abstract

The application provides an access control method based on an access policy, a related device and a system. In the method, after receiving an access request for accessing a first resource sent by a host device, an object device may determine whether to allow the host device to access the first resource according to an access policy describing a resource opening rule of the object device, and if so, respond to the access request to access the first resource. According to the method, cross-device access in the distributed system is restricted through the access strategy, so that the mode that resources in the object device are exposed to the outside can be reduced, the security and privacy leakage risks caused by the difference of each device are avoided, the confidentiality and the integrity of data in the object device are ensured, and the data security is guaranteed.

Description

Access control method based on access strategy, related device and system

The present application claims priority of chinese patent application with application number 202110342632.6 and application name of "access policy based access control method, related device and system" filed in chinese patent office at 30/3/2021, the entire contents of which are incorporated herein by reference.

Technical Field

The present application relates to the field of computer and communication technologies, and in particular, to an access control method, a related device and a system based on an access policy.

Background

With the development of intelligent terminals, the types and the number of devices in the life of users are increasing, and a distributed scene in which the devices are interconnected with each other is gradually realized. In a distributed scenario, inter-calling between Applications (APPs) in respective devices, sharing resources, and the like will become a future trend.

How to enable the devices in the distributed scene to safely share resources, ensure the confidentiality and integrity of the resources in the devices, and avoid the potential security and user privacy disclosure risks, so that a safe and effective full-connection scene is provided for users, which is a new challenge.

Disclosure of Invention

The application provides an access control method based on an access policy, a related device and a system, which can ensure confidentiality and integrity of data in object equipment and ensure data security.

In a first aspect, an embodiment of the present application provides an access control method based on an access policy, where the method is applied to a communication system including a first device and a second device, and the method includes: the method comprises the steps that a first device sends an access request to a second device, wherein the access request is used for the first device to access a first resource in the second device; the second equipment determines to allow the first equipment to access the first resource according to a first access policy, wherein the first access policy describes a rule that the second equipment opens the resource; the second device accesses the first resource in response to the access request.

In the method provided by the first aspect, the first device may be referred to as a subject device, and the second device may be referred to as an object device.

By implementing the method provided by the first aspect, the object device may restrict cross-device access in the distributed system through the access policy, reduce a way of exposing resources in the object device to the outside, avoid security and privacy leakage risks caused by differences of each device in a distributed scenario, ensure confidentiality and integrity of data in the object device, and ensure data security.

With reference to the method of the first aspect, in some embodiments, before the second device accesses the first resource in response to the access request, it may be further determined to allow the first device to access a second resource in the second device according to the first access policy, where the second resource provides a basis for the second device to access the first resource.

Through the above embodiment, the resources in the object device can be classified, and the object device not only determines whether the host device is allowed to access the first resource of the object device, but also determines whether the host device is allowed to access the associated resource of the first resource in the object device, so that finer-grained access control can be performed, confidentiality and integrity of data in the object device can be further ensured, and data security is ensured.

With reference to the method of the first aspect, in some embodiments, before the first device sends the access request to the second device, the first device may determine, according to the first access policy, to allow the first device to access the first resource. Therefore, the risk caused by malicious attack on the host equipment and/or the object equipment can be avoided by a host-object double authentication mode, and the data security of the object equipment is further ensured.

In conjunction with the above embodiment, before the first device sends the access request to the second device, it may be determined to allow the first device to access the second resource in the second device according to the first access policy, where the second resource provides a basis for the second device to access the first resource. Therefore, finer-grained access control can be executed on the side of the object equipment, the confidentiality and the integrity of data in the object equipment can be further ensured, and the data security is ensured.

In conjunction with the above embodiments, before the first device sends the access request to the second device, in some embodiments, the second device may send the first access policy to the first device. This may enable the first device to perform access control in accordance with the first access policy. In other embodiments, the first device may preset the first access policy.

With reference to the method of the first aspect, in some embodiments, before the second device determines to allow the first device to access the first resource according to the first access policy, it may first determine whether to allow the first device to access the first resource according to the first access policy.

With reference to the method of the first aspect, in some embodiments, the implementation manner of the first access policy specifically includes the following:

1. the first access policy instructs the electronic device having the first device attribute to open the third resource to the electronic device having the second device attribute, and/or the electronic device having the third device attribute to deny the electronic device having the fourth device attribute to open the fourth resource to the electronic device having the fourth device attribute.

When the first access policy is implemented as the above-mentioned mode 1, the second device may determine, according to the first access policy, the device attribute of the first device, and the device attribute of the second device, that the first device is allowed to access the first resource.

2. And the first access policy instructs the second device to open the fifth resource to the electronic device with the fifth device attribute, and/or the second device refuses to open the sixth resource to the electronic device with the sixth device attribute.

When the first access policy is implemented as the above mode 2, the second device may determine, according to the first access policy and the device attribute of the first device, that the first device is allowed to access the first resource.

Wherein the device attributes include one or more of: security capabilities of the electronic device, device type, location, screen status, operating status, or login account number.

The device attributes of the first device may be sent to the second device before the first device sends the access request to the second device.

3. The first access policy instructs the second device to open the seventh resource to the first device and/or the second device denies opening the eighth resource to the first device.

When the first access policy is implemented as the above-mentioned 3 rd manner, the second device may directly determine, according to the first access policy, that the first device is allowed to access the first resource.

With reference to the method of the first aspect, in some embodiments, the first access policy may be set by the second device by default, the electronic device may preset the general access policy when leaving a factory, the electronic device may autonomously set an access policy based on its own device attribute, and the like. The first access policy may also be set by the second device according to the received user operation.

When the first access policy is set by the second device according to the received user operation, the second device may determine the first access policy by: the method comprises the steps that a first user interface is displayed on second equipment, one or more resource options are displayed on the first user interface, the one or more resource options correspond to controls respectively, and the resource options are used for indicating resources in the second equipment; the second equipment receives user operation acting on the control; the second device determines a first access policy, the first access policy comprising: and the second equipment opens the resource indicated by the resource option corresponding to the control operated by the user to the first equipment.

With reference to the method of the first aspect, in some embodiments, before the second device accesses the first resource in response to the access request, it may be determined that the first right is provided, where the first right includes a right to access the first resource. In some embodiments, the first permission specifically includes a permission for the first device to access the first resource.

In a second aspect, an embodiment of the present application provides an access control method based on an access policy, where the method is applied to an electronic device, and the method includes: the electronic equipment receives an access request sent by first equipment, wherein the access request is used for the first equipment to access a first resource in the electronic equipment; the electronic equipment determines to allow the first equipment to access the first resource according to a first access policy, wherein the first access policy describes a rule that the electronic equipment opens the resource; the electronic device accesses the first resource in response to the access request.

In the method provided by the second aspect, for each operation performed by the electronic device, reference may be made to the relevant description on the second device side in the method provided by the first aspect, and details are not repeated here.

In a third aspect, an embodiment of the present application provides an access control method based on an access policy, where the method is applied to a communication system including a first device and a second device, and the method includes: the first equipment generates an access request, and the access request is used for the first equipment to access a first resource in the second equipment; the first equipment determines to allow the first equipment to access the first resource according to a first access policy, wherein the first access policy describes a rule that the second equipment opens the resource; the first equipment sends an access request to the second equipment; the second device accesses the first resource in response to the access request.

In the method provided in the third aspect, the first device may be referred to as a subject device, and the second device may be referred to as an object device.

By implementing the method provided by the third aspect, the subject device may restrict cross-device access in the distributed system through the access policy, avoid security and privacy disclosure risks caused by differences of each device in the distributed scenario, ensure confidentiality and integrity of data in the object device, and ensure data security.

With reference to the method of the third aspect, in some embodiments, before the first device sends the access request to the second device, it may be determined to allow the first device to access a second resource in the second device according to the first access policy, where the second resource provides a basis for the second device to access the first resource.

Through the above embodiment, the resources in the object device can be classified, and the host device not only determines whether the host device is allowed to access the first resource of the object device, but also determines whether the host device is allowed to access the associated resource of the first resource in the object device, so that finer-grained access control can be performed, confidentiality and integrity of data in the object device can be further ensured, and data security is ensured.

With reference to the method of the third aspect, in some embodiments, before the second device accesses the first resource in response to the access request, it may be determined to allow the first device to access the first resource according to a first access policy. Therefore, the risk caused by malicious attack on the subject equipment and/or the object equipment can be avoided by the mode of dual authentication of the subject and the object, and the data security of the object equipment is further ensured.

In combination with the above embodiment, before the second device responds to the access request and accesses the first resource, the second device may determine, according to the first access policy, to allow the first device to access the second resource in the second device, where the second resource provides a basis for the second device to access the first resource. Therefore, finer-grained access control can be executed on the side of the main equipment, the confidentiality and integrity of data in the object equipment can be further ensured, and the data security is ensured.

With reference to the method of the third aspect, in some embodiments, the implementation manner of the first access policy specifically includes the following:

1. the first access policy instructs the electronic device having the first device attribute to open the third resource to the electronic device having the second device attribute, and/or the electronic device having the third device attribute denies opening the fourth resource to the electronic device having the fourth device attribute.

When the first access policy is implemented as the above-mentioned first manner 1, the first device may determine, according to the first access policy, the device attribute of the first device, and the device attribute of the second device, that the first device is allowed to access the first resource.

When the first access policy is implemented as the above-mentioned mode 2, the first device may determine, according to the first access policy and the device attribute of the first device, that the first device is allowed to access the first resource.

When the first access policy is implemented as the above-mentioned 3 rd manner, the first device may directly determine, according to the first access policy, that the first device is allowed to access the first resource.

The device attributes of the first device sent by the first device may be received before the first device sends the access request to the second device.

With reference to the method of the third aspect, in some embodiments, before the first device generates the access request, in some embodiments, the second device may send the first access policy to the first device. This may enable the first device to perform access control in accordance with the first access policy. In other embodiments, the first device may preset the first access policy.

With reference to the method of the third aspect, in some embodiments, the first access policy may be set by the second device by default, the electronic device may preset the general access policy when shipped from a factory, the electronic device may autonomously set an access policy based on its own device attribute, and the like. The first access policy may also be set by the second device according to the received user operation.

With reference to the method of the third aspect, in some embodiments, before the first device sends the access request to the second device, it may be determined that the first device has the first right, where the first right includes a right to access the first resource. In some embodiments, the first permission specifically includes a permission for the first device to access the first resource.

In a fourth aspect, an embodiment of the present application provides an access control method based on an access policy, where the method is applied to an electronic device, and the method includes: the electronic equipment generates an access request, wherein the access request is used for the first equipment to access the first resource in the second equipment; the first equipment determines to allow the first equipment to access the first resource according to a first access policy, wherein the first access policy describes a rule that the second equipment opens the resource; the first device sends an access request to the second device.

In the method provided by the fourth aspect, for each operation performed by the electronic device, reference may be made to the description on the first device side in the method provided by the third aspect, and details are not repeated here.

In a fifth aspect, an embodiment of the present application provides an electronic device, including: a memory, one or more processors; the memory is coupled to the one or more processors and is configured to store computer program code comprising computer instructions that are invoked by the one or more processors to cause the electronic device to perform a method as described in the second aspect or any one of the embodiments of the second aspect.

In a sixth aspect, an embodiment of the present application provides an electronic device, including: a memory, one or more processors; the memory is coupled to the one or more processors, the memory for storing computer program code, the computer program code comprising computer instructions, the one or more processors invoking the computer instructions to cause the electronic device to perform a method as in any one of the fourth aspect or the fourth aspect.

In a seventh aspect, an embodiment of the present application provides a communication system, including a first device and a second device, where the first device is configured to execute the method according to any one of the fourth aspect or the fourth aspect, or the second device is configured to execute the method according to any one of the second aspect or the second aspect.

In an eighth aspect, embodiments of the present application provide a computer-readable storage medium including instructions that, when executed on an electronic device, cause the electronic device to perform a method as described in the second aspect or any one of the embodiments of the second aspect

In a ninth aspect, the present application provides a computer program product, which when run on a computer, causes the computer to execute the method of the second aspect or any one of the embodiments of the second aspect.

In a tenth aspect, the present application provides a computer-readable storage medium, which includes instructions that, when executed on an electronic device, cause the electronic device to perform the method as described in any one of the fourth aspect and the fourth aspect

In an eleventh aspect, the present application provides a computer program product, which when run on a computer, causes the computer to execute the method of any one of the fourth aspect or the fourth aspect.

By implementing the technical scheme provided by the application, after receiving an access request for accessing the first resource, sent by the host device, the object device can judge whether the host device is allowed to access the first resource according to an access policy describing a resource opening rule of the object device, and when the judgment result is yes, respond to the access request to access the first resource. According to the scheme, cross-device access in the distributed system can be restricted through an access strategy, the mode that resources in the object device are exposed to the outside is reduced, the security and privacy leakage risks caused by differences of all devices in a distributed scene are avoided, the confidentiality and integrity of data in the object device are ensured, and the data security is guaranteed.

Drawings

Fig. 1 is a schematic structural diagram of a communication system 10 according to an embodiment of the present application;

fig. 2 is a distributed scenario provided in an embodiment of the present application;

fig. 3A is a hardware structure diagram of an electronic device according to an embodiment of the present disclosure;

fig. 3B is a software structure diagram of an electronic device according to an embodiment of the present application;

fig. 4 is a flowchart of an access control method based on an access policy according to an embodiment of the present application;

FIGS. 5A-5B are a set of user interfaces provided by embodiments of the present application;

FIG. 6 is a resource tree structure according to an embodiment of the present application;

fig. 7A is a software structure diagram of a main device according to an embodiment of the present application;

fig. 7B is a software structure diagram of an object device according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be described in detail and clearly with reference to the accompanying drawings. Wherein in the description of the embodiments of the present application, "/" indicates an inclusive meaning, for example, a/B may indicate a or B; "and/or" in the text is only an association relationship describing an associated object, and means that three relationships may exist, for example, a and/or B may mean: three cases of a alone, a and B both, and B alone exist, and in addition, "a plurality" means two or more than two in the description of the embodiments of the present application.

In the following, the terms "first", "second" are used for descriptive purposes only and are not to be construed as implying or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature, and in the description of embodiments of the application, unless stated otherwise, "plurality" means two or more.

The term "User Interface (UI)" in the following embodiments of the present application is a medium interface for performing interaction and information exchange between an application program or an operating system and a user, and implements conversion between an internal form of information and a form acceptable to the user. The user interface is source code written by java, extensible markup language (XML) and other specific computer languages, and the interface source code is analyzed and rendered on the electronic equipment and finally presented as content which can be identified by a user. A commonly used presentation form of the user interface is a Graphical User Interface (GUI), which refers to a user interface related to computer operations and displayed in a graphical manner. It may be a visual interface element such as text, an icon, a button, a menu, a tab, a text box, a dialog box, a status bar, a navigation bar, a Widget, etc. displayed in the display of the electronic device.

In a distributed scenario, one device may access various types of resources, such as software resources, hardware resources, peripherals, etc., of another device across the devices. However, due to differences of each device in a distributed scenario, for example, differences in security capabilities, differences in login accounts, and the like, resources are directly accessed between devices across devices without constraints, and potential security and privacy leakage risks exist. For example, if a device with lower security capability in the distributed system has unrestricted access to a device with higher security capability, various resources in the device with higher security capability may be transferred to the device with lower security capability, so that problems such as data leakage occur, and a risk is caused to the privacy of the user.

The following embodiments of the present application provide an access control method based on an access policy, which may be applied to a distributed system including a plurality of electronic devices. In the method, after a host device generates an access request for calling a first resource in an object device, whether to initiate the access request can be judged according to an access policy of the object device. And if the access request is determined to be initiated, the host device sends the access request to the object device. After receiving the access request, the object device may also determine whether to respond to the access request according to an access policy of the object device itself. And if the access request is determined to be responded, the object equipment accesses the first resource.

The access policy of the guest device describes rules for the guest device to open resources for use by other devices. With regard to the specific implementation of the access policy of the guest device, reference may be made to the following description of the method embodiments.

According to the access control method provided by the embodiment of the application, cross-device access in the distributed system can be restricted through the access policy, the mode that resources in the object device are exposed to the outside is reduced, the security and privacy leakage risks caused by differences of all devices in a distributed scene can be avoided, the confidentiality and integrity of data in the object device are ensured, and the data security is guaranteed. In addition, the method can avoid the risk caused by the malicious attack of the host equipment and/or the object equipment through the mode of dual authentication of the host and the object, and further guarantee the data security of the object equipment.

In the following embodiments of the present application, the resources in the electronic device may include one or more of the following: software resources of the electronic device, hardware resources, peripherals or resources of the peripherals, and the like. Wherein:

the hardware resources are related to the hardware configured in the electronic device, and may include, for example, a camera, a sensor, an audio device, a display screen, a motor, a flash, and the like provided in the electronic device.

The software resources are related to the software configured by the electronic device, and may include, for example, memory resources available to the electronic device, computing capabilities (e.g., beauty algorithm capabilities, audio/video codec capabilities), network capabilities, device connection capabilities, device discovery capabilities, data transmission capabilities, and so on. Further, the software resources may include a photographing service, a recording service, a fingerprint authentication service, an exercise health service, a playing service, a short message service, a voice recognition service, a video call service, and the like, provided by the electronic device. The software resource may include a system resource or may include a third party resource, which is not limited herein.

The peripheral device is connected with the electronic device and is used for transmitting, transferring, storing and the like data and information. The peripheral devices may include, for example, accessory devices of the electronic device, such as a mouse, an external display screen, a bluetooth headset, a keyboard, and a smart watch, a smart bracelet, and the like managed by the electronic device. The resources of the peripheral device may include hardware resources and software resources, which may be referred to in the foregoing description.

In the embodiment of the present application, the host device determines whether to initiate an access request, or the guest device determines whether to respond to the access request, and there may be two specific implementation manners:

1. the host device or the object device judges whether the host device is allowed to access the first resource in the object device according to the access policy of the object device, and if so, the host device sends an access request to the object device, or the object device responds to the access request.

2. The host device or the object device judges whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource according to the access policy of the object device, and if the judgment result is yes, the host device sends an access request to the object device, or the object device responds to the access request.

The associated resource of the first resource is a basis for the electronic device to provide the first resource. The electronic device can further provide the first resource based on the associated resource only if the associated resource is provided. For example, the associated resource of the photographing service is a camera, and the electronic device can provide the photographing service by using the camera only when the camera is configured. The number of associated resources of the first resource may comprise one or more. For the specific content of the associated resource of the first device, reference may be made to the relevant description of the subsequent method embodiment.

Through the implementation manner 2, resources in the object device can be classified and classified, finer-grained access control is executed, confidentiality and integrity of data in the object device can be further ensured, and data security is guaranteed.

In some embodiments of the present application, a single-side authentication manner may be adopted to perform the access control method based on the access policy. Specifically, if the host device executes an operation of determining whether to initiate the access request according to the access policy of the object device, the object device may directly respond to the access request without determining whether to respond to the access request sent by the host device. Or before the host device sends the access request, the guest device determines whether to respond to the access request without determining whether to initiate the access request according to the access policy of the guest device. The single-side authentication mode can reduce the operation of the main equipment/object equipment and improve the efficiency of cross-equipment resource calling in the distributed system.

The definition of the subject device and the object device can refer to the related description of the following embodiments.

Next, a communication system provided in an embodiment of the present application will be described first.

As shown in fig. 1, the present embodiment provides a communication system 10. The communication system 10 includes: a plurality of electronic devices. Communication system 10 may also be referred to as a distributed system 10.

The multiple electronic devices included in the distributed system 10 are all intelligent terminal devices, and may be of various types, and the embodiment of the present application does not limit the specific types of the multiple electronic devices. For example, the plurality of electronic devices include mobile phones, and may further include tablet computers, desktop computers, laptop computers, handheld computers, notebook computers, smart screens, wearable devices, augmented Reality (AR) devices, virtual Reality (VR) devices, artificial Intelligence (AI) devices, car machines, smart headsets, game machines, and may further include internet of things (IOT) devices or smart home devices such as smart water heaters, smart lamps, smart air conditioners, and the like. Without being limited thereto, the plurality of devices in the distributed system 10 may also include a laptop computer (laptop) with a touch-sensitive surface or touch panel, a desktop computer with a touch-sensitive surface or touch panel, or the like, a non-portable terminal device.

When the plurality of electronic devices in the distributed system 10 are all devices deployed in a home, the distributed system 10 may also be referred to as a home distributed system.

Multiple electronic devices in the distributed system 10 may connect by logging into the same account. For example, multiple electronic devices may log into the same wonder account and remotely connect and communicate through a server.

Multiple electronic devices in the distributed system 10 may also log into different accounts, but connect in a binding manner. After one electronic device logs in an account, different accounts or other electronic devices which are not logged in can be bound and logged in the device management application, and then the electronic devices can communicate through the device management application.

The electronic devices in the distributed system 10 may also establish connection by scanning a two-dimensional code, performing Near Field Communication (NFC) collision, searching for a bluetooth device, and the like, which is not limited herein.

In general, the communication connections established between the plurality of electronic devices in the distributed system 10 may include, but are not limited to: a wired connection, a wireless connection such as a Bluetooth (BT) connection, a Wireless Local Area Network (WLAN) such as a wireless fidelity point to point (Wi-Fi P2P) connection, a Near Field Communication (NFC) connection, an Infrared (IR) connection, and a remote connection (e.g., a connection established through a server), and so forth.

In addition, a plurality of electronic devices in the distributed system may also be connected and communicate in any of the above manners, which is not limited in this embodiment of the application.

Multiple electronic devices in distributed system 10 may be configured with different software Operating Systems (OSs), including but not limited to

And so on. Wherein the content of the first and second substances,

is a grand Mongolia system in Huashi.

The plurality of electronic devices may also all be configured with the same software operating system, e.g., may all be configured with

The software systems of the electronic devices are all

The distributed system 10 may be considered a super terminal.

In the embodiment of the present application, each device in the distributed system 10 may install a conventional Application (APP), such as a camera application, a gallery application, a setup application, and the like. In the following embodiments, the conventional APP may be abbreviated as APP.

In addition, the distributed system 10 provided in the embodiment of the present application may install distributed application (distributed application). The distributed application may be a system application or a third-party application, and is not limited herein. System applications refer to applications provided or developed by manufacturers of electronic devices, and third party applications refer to applications provided or developed by manufacturers of non-electronic devices. The manufacturer of the electronic device may include the manufacturer of the electronic device a vendor, provider or operator, etc. A manufacturer may refer to a manufacturer that manufactures electronic devices from parts and materials that are either self-made or purchased. The supplier may refer to a manufacturer that provides the complete machine, stock, or parts of the electronic device. The operator may refer to a vendor responsible for the distribution of the electronic device.

Unlike APPs that contain multiple capabilities, distributed applications support deployment in units of a single capability. A distributed application includes one or more functional components.

The functional component is the smallest capacity unit which can run independently in the electronic equipment, and is the concept of abstract packaging of single capacity. The APP integrates a plurality of functions, and the functional components independently exist each function as independent service basic capability. That is, a functional component is a program entity that implements a single function.

Each functional component can be downloaded, installed and run independently. The functional components that form the same distributed application may be deployed in the same electronic device in the distributed system 10, or may be deployed in different electronic devices.

The functional component is only a word used in the embodiment, and the meaning of the functional component is described in the embodiment, and the name of the functional component does not set any limit to the embodiment. In addition, in some other embodiments of the present application, a functional component may also be referred to as a system component, a system service, a business function, or other terminology. The subsequent embodiments of the present application are collectively described as "functional components".

To be provided with

For the purpose of example, it is preferred that,

the functional components in (a) may include the following two categories:

(1)feature ability，FA。

an FA is a functional component that contains one or several sets of UIs, which can provide the ability to interact with a user. For example, a navigation interface in a map application, a video call interface in an instant messaging application, etc., may be implemented as the FA.

In some embodiments, the FA separates the view UI and the service logic based on MVVM (model-view-view-model) mode development, and the service logic code and the view UI code are deployed separately. For example, one electronic device may install business logic code and other APPs integrated together, while view UI code may be installed into other electronic devices. The device where the view UI code is located can communicate with the device where the service logic code is located to acquire data required for displaying the UI.

FA's Ability to support page templates, such as Empty Abiliity, login Abiliity, setting Abiliity, and the like. FA adopts script language (JS) to provide a declarative development mode, adopts HTML-like and Cascading Style Sheet (CSS) declarative programming language as development language of page layout and page style, and supports JS language of ECMAScript specification to provide page service logic.

The FA has the capabilities of installation-free, independent operation, cross-device UI migration, cross-device binary migration and the like. The FA also has the property of multi-end deployment, distributed execution.

The FA can call AA or APP to achieve more, more complex functionality.

(2)particle ability，PA。

The PA is a functional component without a UI and can provide support for the FA, for example, the PA can provide computing capability as a background service or data access capability as a data repository. For example, the beautifying function, the positioning function, the audio/video encoding/decoding function, etc. may be packaged as PA.

The PA also has the characteristics of multi-end deployment, distributed execution and the like. The PA has a dependency only on system services, and there is no dependency between other PAs.

The PA encapsulates the realization of remote virtualization, remote calling, PA management, cross-platform compatibility, safety and the like in practice, and opens service enabling and calling of cross-equipment for developers, so that other equipment can call the computing capability of the equipment and complete computing work in cooperation with other equipment. PA supports Service accessibility, data accessibility, and the like. Service availability is used to provide the capability to run tasks in the background. Data abstraction is used to provide a uniform abstraction of Data access to the outside.

The PA may call FA or APP to implement more, more complex functionality.

It is understood that "FA" and "PA" are only words used in this embodiment, and may also be referred to as other nouns in other embodiments of the present application. For example, "PA", "FA" may also be referred to by other terms such as atomic capability (AA), atomic application, meta-capability, atomic service, property capability, and so on.

The functional components that make up a distributed application may be developed or provided by the same developer, or may be developed or provided separately by multiple developers, without limitation. Different developers jointly develop the functional components, and the development efficiency of the distributed application can be improved.

In the embodiment of the application, the functional component provides a standardized interface for external use, so as to be called. The APP can call the functional components. In some cases, functional components may also call other functional components or APPs. In addition, the called functional component may also continue to call another functional component or APP, so the manner of multi-level calling may be referred to as chained calling.

After each device in the distributed system 10 establishes a communication connection, each device synchronizes the functional component information and APP information of other devices in the distributed system. Specifically, each device may synchronize the self-installed functional component and the name of the APP to other devices, so as to subsequently call the FA, PA, and other functional components of other devices in the distributed system 10. In other embodiments, each device may also synchronize its own device identification, device type, etc. to other devices in the distributed system.

Referring to FIG. 2, FIG. 2 illustrates one possible distributed remote instructional service scenario.

As shown in fig. 2, the distributed system includes electronic devices such as a smart phone, a tablet computer, and an intelligent screen. Each device in the distributed system is connected with each other two by two. The smart phone, the tablet computer and the smart screen can be configured with different software Operating Systems (OS), for example, the smart phone and the tablet computer can be configured with

The system, the smart screen can be configured

Provided is a system.

An online classroom is installed in the smart phone. An "online classroom" is an application installed in an electronic device and providing remote lessons for teachers and students, and the name of the application is not limited in the embodiments. An "online classroom" can include several functional components: the device comprises a blackboard functional component, a whiteboard functional component, an audio and video coding and decoding functional component and a network connection functional component. The blackboard functional component and the whiteboard functional component belong to FA, and the audio and video coding and decoding functional component and the network connection functional component belong to PA. The blackboard function component provides the function of remotely explaining the course. The whiteboard functionality provides functionality for remotely answering questions. The audio and video coding and decoding function component provides the audio and video coding and decoding functions.

At the mr side, when the mr used "online classroom" on the smart mobile phone, can migrate or switch blackboard functional component to on the wisdom screen to explain the course on the wisdom screen.

On the student side, when the student uses an "online classroom" on the smartphone, the whiteboard functional component can be migrated or switched to the tablet computer, so that the question is answered on the tablet computer.

Migrating or switching functional components from one device a to another device B may include the following two: 1, UI migration. When the view UI and the service logic of the FA are separated, and the device a can run the service logic code, and trigger the device B to run the code of the view UI, the user appears as if the functional component is migrated from the device a to the device B. And 2, overall migration. The whole migration means that after the device B downloads and installs the functional component from the device a or from the network, the functional component is operated and the corresponding function is provided.

In the remote teaching business scene, an 'online classroom' is a caller, and a white board functional component in a tablet personal computer and a blackboard functional component in a smart screen are callees.

Fig. 2 also shows another possible distributed video call service scenario.

As shown in fig. 2, the smartphone may also be installed with other distributed applications, such as an instant messaging application. Instant messaging applications may provide video calls, voice calls, and other communication functions. The instant messaging application may include the following functional components: the device comprises a video call functional component, an audio and video coding and decoding functional component and a network connection functional component.

When the user uses the instant messaging application on the smart mobile phone, can move or switch the video conversation functional component of this application to on the wisdom screen to utilize the camera and the display screen of wisdom screen to carry out video conversation.

The blackboard functional component in the "online classroom" and the video call functional component in the instant messaging application can be the same functional component. That is to say, this functional component in the wisdom screen can be called by the "online classroom" and the instant messaging application of installing on the smart mobile phone respectively.

In the video call service scenario, the instant messaging application is a caller, and the video call functional component (i.e., the video call functional component) in the smart screen is the callee.

It should be noted that the service scenario shown in fig. 2 is only used to assist in describing the technical solution of the embodiment of the present application. In an actual service scenario, the distributed system shown in fig. 2 may include more terminal devices, more or less functional components may be deployed in each device, and each distributed application may include more or less functional components.

Through the distributed system 10 shown in fig. 1 and the distributed scenario shown in fig. 2, the software and hardware capabilities of different devices can be integrated, and an intelligent full-scenario experience can be realized.

In some embodiments, after each device in distributed system 10 establishes a communication connection, each device synchronizes functional component information and APP information of other devices in the distributed system. Specifically, each device may synchronize the function component installed by itself and the name of the APP to other devices, so as to subsequently call the APP, the function component, and the like of other devices in the distributed system 10.

In the subsequent embodiments of the present application: the party that initiates the call to the functional component or APP may be referred to as the caller. The caller may be APP, FA, or PA, for example. The initial initiator of the entire call chain may be referred to as the first caller. The first party may be, for example, APP or FA. For example, the call chain is: APP1 calls PA1, PA1 calls PA2, PA2 calls FA1, and APP1 is the first-key. By way of further example, the call chain is: FA1 calls PA1, PA1 calls PA2, and FA1 is the first tuner.

In the whole call chain, the party called in the middle and the party called in the end can be called as the callee. The callee can be, for example, APP, FA, or PA.

In some embodiments of the present application, the caller may also be referred to as a subject application, and the callee may also be referred to as a guest application.

In the call chain, the caller and the callee may be deployed in the same electronic device or different electronic devices.

The device where the caller is located is called a subject device, and the device where the callee is located is called a guest device.

The applications referred to in the following embodiments of the present application may include APP and also include functional components.

In the distributed system 10 provided in the embodiment of the present application:

the host device is used for generating an access request for calling a first resource in the object device and judging whether to initiate the access request according to an access strategy of the object device. And if the access request is determined to be initiated, the host device sends the access request to the object device.

And the object device is used for judging whether to respond to the access request according to the access strategy of the object device after receiving the access request sent by the host device. And if the access request is determined to be responded, the object equipment accesses the first resource.

In some embodiments of the present application, the host device or the object device may determine, according to an access policy of the object device, whether the host device is allowed to access the first resource in the object device, and if so, the host device sends an access request to the object device, or the object device responds to the access request.

In other embodiments of the present application, the host device or the object device determines, according to an access policy of the object device, whether the host device is allowed to access a first resource in the object device and a resource associated with the first resource, and if so, the host device sends an access request to the object device, or the object device responds to the access request.

For specific implementation of operations performed by each electronic device in the distributed system 10, reference may be made to the following description of the method embodiment, which is not repeated here.

Referring to fig. 3A, fig. 3A is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present disclosure. The electronic device may be any one of the electronic devices in the distributed system 10 shown in fig. 1. The electronic device may be a host device or an object device.

As shown in fig. 3A, the electronic device may include a processor 110, an external memory interface 120, an internal memory 121, a Universal Serial Bus (USB) interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, a button 190, a motor 191, an indicator 192, a camera 193, a display screen 194, a Subscriber Identification Module (SIM) card interface 195, and the like. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.

It is to be understood that the illustrated structure of the embodiments of the present application does not constitute a specific limitation to electronic devices. In other embodiments of the present application, an electronic device may include more or fewer components than shown, or some components may be combined, some components may be split, or a different arrangement of components may be used. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

Processor 110 may include one or more processing units, such as: the processor 110 may include an Application Processor (AP), a modem processor, a Graphics Processor (GPU), an Image Signal Processor (ISP), a controller, a video codec, a Digital Signal Processor (DSP), a baseband processor, and/or a neural-Network Processing Unit (NPU), among others. The different processing units may be separate devices or may be integrated into one or more processors.

The controller can generate an operation control signal according to the instruction operation code and the time sequence signal to finish the control of instruction fetching and instruction execution.

A memory may also be provided in processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that have just been used or recycled by the processor 110. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Avoiding repeated accesses reduces the latency of the processor 110, thereby increasing the efficiency of the system.

The wireless communication function of the electronic device may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modem processor, the baseband processor, and the like.

The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in an electronic device may be used to cover a single or multiple communication bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide a solution including 2G/3G/4G/5G wireless communication applied to the electronic device. The mobile communication module 150 may include at least one filter, a switch, a power amplifier, a Low Noise Amplifier (LNA), and the like. The mobile communication module 150 may receive the electromagnetic wave from the antenna 1, filter, amplify, etc. the received electromagnetic wave, and transmit the electromagnetic wave to the modem processor for demodulation. The mobile communication module 150 may also amplify the signal modulated by the modem processor, and convert the signal into electromagnetic wave through the antenna 1 to radiate the electromagnetic wave. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be provided in the same device as at least some of the modules of the processor 110.

The modem processor may include a modulator and a demodulator. The modulator is used for modulating a low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then passes the demodulated low frequency baseband signal to a baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then transferred to the application processor. The application processor outputs a sound signal through an audio device (not limited to the speaker 170A, the receiver 170B, etc.) or displays an image or video through the display screen 194. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be provided in the same device as the mobile communication module 150 or other functional modules, independent of the processor 110.

The wireless communication module 160 may provide solutions for wireless communication applied to electronic devices, including Wireless Local Area Networks (WLANs) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global Navigation Satellite Systems (GNSS), frequency Modulation (FM), near Field Communication (NFC), infrared (IR), and the like. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, demodulates and filters electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, perform frequency modulation and amplification on the signal, and convert the signal into electromagnetic waves through the antenna 2 to radiate the electromagnetic waves.

In some embodiments, antenna 1 of the electronic device is coupled to the mobile communication module 150 and antenna 2 is coupled to the wireless communication module 160 so that the electronic device can communicate with the network and other devices through wireless communication techniques. The wireless communication technology may include global system for mobile communications (GSM), general Packet Radio Service (GPRS), code division multiple access (code division multiple access, CDMA), wideband Code Division Multiple Access (WCDMA), time-division code division multiple access (time-division code division multiple access, TD-SCDMA), long Term Evolution (LTE), BT, GNSS, WLAN, NFC, FM, and/or IR technologies, etc. The GNSS may include a Global Positioning System (GPS), a global navigation satellite system (GLONASS), a beidou navigation satellite system (BDS), a quasi-zenith satellite system (QZSS), and/or a Satellite Based Augmentation System (SBAS).

The electronic device implements the display function through the GPU, the display screen 194, and the application processor, etc. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and an application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.

The display screen 194 is used to display images, video, and the like. The display screen 194 includes a display panel. The display panel may adopt a Liquid Crystal Display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (active-matrix organic light-emitting diode, AMOLED), a flexible light-emitting diode (FLED), a miniature, a Micro-oeld, a quantum dot light-emitting diode (QLED), and the like. In some embodiments, the electronic device may include 1 or N display screens 194, N being a positive integer greater than 1.

The electronic device may implement a shooting function through the ISP, the camera 193, the video codec, the GPU, the display screen 194, the application processor, and the like.

The ISP is used to process the data fed back by the camera 193. For example, when a photo is taken, the shutter is opened, light is transmitted to the camera photosensitive element through the lens, the optical signal is converted into an electrical signal, and the camera photosensitive element transmits the electrical signal to the ISP for processing and converting into an image visible to naked eyes. The ISP can also carry out algorithm optimization on noise, brightness and skin color of the image. The ISP can also optimize parameters such as exposure, color temperature and the like of a shooting scene. In some embodiments, the ISP may be provided in camera 193.

The camera 193 is used to capture still images or video. The object generates an optical image through the lens and projects the optical image to the photosensitive element. The photosensitive element may be a Charge Coupled Device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, and then transmits the electrical signal to the ISP to be converted into a digital image signal. And the ISP outputs the digital image signal to the DSP for processing. The DSP converts the digital image signal into image signal in standard RGB, YUV and other formats. In some embodiments, the electronic device may include 1 or N cameras 193, N being a positive integer greater than 1.

The digital signal processor is used for processing digital signals, and can process other digital signals besides digital image signals. For example, when the electronic device is in frequency bin selection, the digital signal processor is used for performing fourier transform and the like on the frequency bin energy.

Video codecs are used to compress or decompress digital video. The electronic device may support one or more video codecs. In this way, the electronic device can play or record video in a variety of encoding formats, such as: moving Picture Experts Group (MPEG) 1, MPEG2, MPEG3, MPEG4, and the like.

The NPU is a neural-network (NN) computing processor that processes input information quickly by using a biological neural network structure, for example, by using a transfer mode between neurons of a human brain, and can also learn by itself continuously. The NPU can realize applications such as intelligent cognition of electronic equipment, for example: image recognition, face recognition, speech recognition, text understanding, and the like.

The internal memory 121 may include one or more Random Access Memories (RAMs) and one or more non-volatile memories (NVMs).

The random access memory may include static random-access memory (SRAM), dynamic random-access memory (DRAM), synchronous dynamic random-access memory (SDRAM), double data rate synchronous dynamic random-access memory (DDR SDRAM), such as fifth generation DDR SDRAM generally referred to as DDR5 SDRAM, and the like; the nonvolatile memory may include a magnetic disk storage device, a flash memory (flash memory).

The random access memory may be read directly by the processor 110, may be used to store executable programs (e.g., machine instructions) for an operating system or other programs that are running, and may also be used to store data for user and application programs, etc.

The nonvolatile memory may also store executable programs, data of users and application programs, and the like, and may be loaded into the random access memory in advance for the processor 110 to directly read and write.

The external memory interface 120 may be used to connect an external nonvolatile memory to extend the storage capability of the electronic device. The external non-volatile memory communicates with the processor 110 through the external memory interface 120 to implement data storage functions. For example, files such as music, video, etc. are saved in an external nonvolatile memory.

The electronic device may implement audio functions via the audio module 170, the speaker 170A, the receiver 170B, the microphone 170C, the headphone interface 170D, and the application processor. Such as music playing, recording, etc.

The audio module 170 is used to convert digital audio information into an analog audio signal output and also to convert an analog audio input into a digital audio signal. The audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be disposed in the processor 110, or some functional modules of the audio module 170 may be disposed in the processor 110.

The speaker 170A, also called a "horn", is used to convert the audio electrical signal into a sound signal. The electronic device can listen to music through the speaker 170A or listen to a hands-free call.

The receiver 170B, also called "earpiece", is used to convert the electrical audio signal into an acoustic signal. When the electronic device answers a call or voice information, it can answer the voice by placing the receiver 170B close to the ear of the person.

The microphone 170C, also referred to as a "microphone," is used to convert sound signals into electrical signals. When making a call or transmitting voice information, the user can input a voice signal to the microphone 170C by speaking near the microphone 170C through the mouth. The electronic device may be provided with at least one microphone 170C. In other embodiments, the electronic device may be provided with two microphones 170C to achieve a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device may further include three, four or more microphones 170C to collect sound signals, reduce noise, identify sound sources, perform directional recording, and the like.

The fingerprint sensor 180H is used to collect a fingerprint. The electronic equipment can utilize the acquired fingerprint characteristics to realize fingerprint unlocking, access to an application lock, fingerprint photographing, fingerprint incoming call answering and the like.

The keys 190 include a power-on key, a volume key, and the like. The keys 190 may be mechanical keys. Or may be touch keys. The electronic device may receive a key input, and generate a key signal input related to user settings and function control of the electronic device.

The motor 191 may generate a vibration cue.

Indicator 192 may be an indicator light that may be used to indicate a state of charge, a change in charge, or a message, missed call, notification, etc.

The pressure sensor 180A is used for sensing a pressure signal, and can convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194.

The touch sensor 180K is also called a "touch device". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is used to detect a touch operation applied thereto or nearby. The touch sensor can communicate the detected touch operation to the application processor to determine the touch event type. Visual output associated with the touch operation may be provided through the display screen 194. In other embodiments, the touch sensor 180K may be disposed on a surface of the electronic device at a different position than the display screen 194.

When the electronic apparatus shown in fig. 3A is a main apparatus:

the mobile communication module 150 or the wireless communication module 160 may be used to establish a communication connection with other electronic devices (e.g., object devices) in the distributed system 10, and the specific manner of establishing the communication connection may be described with reference to fig. 1.

The mobile communication module 150 or the wireless communication module 160 may be further configured to receive, after establishing a communication connection with another electronic device (e.g., an object device), function component information and APP information synchronized by the other electronic device, and may also be configured to receive a device attribute and an access policy of the object device sent by the object device.

The internal memory 121 may be configured to store function component information and APP information synchronized by other electronic devices (e.g., object devices), and may also be configured to store device attributes and access policies of the object devices sent by the object devices. The specific contents of the device attributes and the access policy may refer to the relevant description of the subsequent method embodiments.

The processor 110 may be configured to determine whether to initiate an access request for invoking a first resource in the guest device according to the access policy of the guest device. In some embodiments, the processor 110 is specifically configured to determine whether to allow the host device to access the first resource in the guest device according to an access policy of the guest device. In other embodiments, the processor 110 may be specifically configured to determine, according to an access policy of the object device, whether to allow the host device to access the first resource in the object device and the resource associated with the first resource.

The mobile communication module 150 or the wireless communication module 160 may further be configured to send the access request to the object device when the processor 110 determines to initiate the access request.

The display screen 194 may also be used to display a user interface provided by the subsequent embodiments for display on the subject device.

When the electronic device shown in fig. 3A is an object device:

the mobile communication module 150 or the wireless communication module 160 may be used to establish a communication connection with other electronic devices (e.g., a main body device) in the distributed system 10, and the specific manner of establishing the communication connection may be described with reference to fig. 1.

The mobile communication module 150 or the wireless communication module 160 may also be used to establish a communication connection with other electronic devices, and synchronizing the functional component information and the APP information to other electronic equipment, and sending the equipment attribute and the access policy of the main equipment to the main equipment.

The internal memory 121 stores function component information and APP information synchronized by other electronic devices (e.g., a host device), and may also be used to store access policies, device attributes, and the like of the object device.

The mobile communication module 150 or the wireless communication module 160 may further be configured to receive an access request sent by the host device for invoking the first resource in the guest device.

The processor 110 may be configured to determine whether to respond to the access request sent by the host device according to the access policy of the guest device. In some embodiments, the processor 110 is specifically configured to determine whether to allow the host device to access the first resource in the guest device according to an access policy of the guest device. In other embodiments, the processor 110 may be specifically configured to determine whether to allow the host device to access the first resource in the guest device and the resource associated with the first resource according to the access policy of the guest device.

The processor 110 is further configured to, if the determination result is yes, schedule the relevant module, for example, call the instance of the callee, to access the first resource, so as to respond to the access request sent by the main device.

The display screen 194 may also be used to display a user interface displayed on the object device provided by the subsequent embodiments.

Referring to fig. 3B, fig. 3B is a schematic diagram of a software structure of an electronic device according to an embodiment of the present application. The electronic device may be any one of the electronic devices in the distributed system 10 shown in fig. 1. The electronic device may be a host device or an object device.

The software system of the electronic device may adopt a layered architecture, an event-driven architecture, a micro-core architecture, a micro-service architecture, a cloud architecture, or the like. Illustratively, software systems of electronic devices include, but are not limited to

Linux, or other operating systems.

The layered architecture divides the software into several layers, each layer having a clear role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, an application layer, an application framework layer, an Android runtime (Android runtime) and system library, and a kernel layer from top to bottom.

The application layer may include a series of application packages.

As shown in fig. 3B, the application package may include APPs such as camera, gallery, calendar, phone, map, navigation, WLAN, bluetooth, music, video, short message, etc. applications. The application layer may also include functional components such as FA, PA, and the like.

The application framework layer provides an Application Programming Interface (API) and a programming framework for the application program of the application layer. The application framework layer includes a number of predefined functions.

As shown in FIG. 3B, the application framework layers may include a windows manager, a content provider, a view system, a telephony manager, an explorer, a notification manager, and the like.

The window manager is used for managing window programs. The window manager can obtain the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.

Content providers are used to store and retrieve data and make it accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phone books, etc.

The view system includes visual controls such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, the display interface including the short message notification icon may include a view for displaying text and a view for displaying pictures.

The phone manager is used to provide communication functions of the electronic device. Such as management of call status (including on, off, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and the like.

The notification manager enables the application to display notification information in the status bar, can be used to convey notification-type messages, can disappear automatically after a short dwell, and does not require user interaction. Such as a notification manager used to inform download completion, message alerts, etc. The notification manager may also be a notification that appears in the form of a chart or scroll bar text at the top status bar of the system, such as a notification of a background running application, or a notification that appears on the screen in the form of a dialog window. For example, prompting text information in the status bar, sounding a prompt tone, vibrating the electronic device, flashing an indicator light, etc.

The Android Runtime comprises a core library and a virtual machine. The Android runtime is responsible for scheduling and managing an Android system.

The core library comprises two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.

The application layer and the application framework layer run in a virtual machine. And executing java files of the application program layer and the application program framework layer into a binary file by the virtual machine. The virtual machine is used for performing the functions of object life cycle management, stack management, thread management, safety and exception management, garbage collection and the like.

The system library may include a plurality of functional modules. For example: surface managers (surface managers), media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., openGL ES), 2D graphics engines (e.g., SGL), and the like.

The surface manager is used to manage the display subsystem and provide fusion of 2D and 3D layers for multiple applications.

The media library supports a variety of commonly used audio, video format playback and recording, and still image files, among others. The media library may support a variety of audio-video encoding formats, such as MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, and the like.

The three-dimensional graphic processing library is used for realizing three-dimensional graphic drawing, image rendering, synthesis, layer processing and the like.

The 2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is a layer between hardware and software. The inner core layer at least comprises a display driver, a camera driver, an audio driver and a sensor driver.

Based on the distributed system 10 shown in fig. 2, the hardware structure of the electronic device shown in fig. 3A, and the software structure of the electronic device shown in fig. 3B, the access policy-based access control method provided in the embodiment of the present application is described in detail below.

Referring to fig. 4, fig. 4 is a schematic flowchart of an access control method based on an access policy according to an embodiment of the present application. The method shown in fig. 4 is described by taking the example that the host device calls the resource in the guest device.

As shown in fig. 4, the method may include the steps of:

s101, communication connection is established between the host device and the object device.

The object device may be any one of the electronic devices in the distributed system 10. The host device may also be any electronic device in the distributed system 10.

The method for establishing communication connection between the subject device and the object device is not limited in the embodiments of the present application, and for example, communication connection may be established by logging in the same account, binding the device, scanning the two-dimensional code, and the like. The type of the communication connection established between the host device and the object device is not limited in the embodiments of the present application, and may include, for example, a wired connection, a wireless connection such as a bluetooth connection, a Wi-Fi P2P connection, an NFC connection, an IR connection, a remote connection, and the like. Reference may be made in particular to the description relating to fig. 2.

And S102, synchronizing the device attributes of the host device and the object device with each other.

In the embodiment of the present application, the device attributes of different devices may be different. The device attributes include a list of relevant information for the electronic device, which may include, but is not limited to, one or more of the following: security capabilities of the electronic device, device type, location, status of the electronic device, login account number of the electronic device, and so forth. Wherein:

the security capabilities of an electronic device are determined by the hardware and software configuration or security elements of the electronic device. The software and hardware configuration may include, for example, a Trusted Execution Environment (TEE) or the like. Security elements that affect security capabilities may include, for example, mechanisms for integrity protection of devices, encryption and data security, security isolation, access control to privileges, vulnerability exploitation prevention, and so forth. The more perfect the software and hardware configuration and the security elements are, the higher the security capability of the electronic device is. For example, device a runs a lightweight Operating System (OS) (LiteOS), configures a low-end processor, does not support complex virtual memory isolation, nor does it support hardware-based security isolation; and the equipment B runs an Android system, configures a high-end processor, and supports hardware-based security isolation, virtual memory isolation and the like. Then device B has higher security capabilities than device a. For another example, generally speaking, the security capabilities of a cell phone, a tablet, a smart watch, and a large screen may decrease in sequence. The host device or the object device may determine its own security capability according to its own software and hardware configuration or security elements.

The device types may be divided according to device modalities, and may include but are not limited to: the smart phone may include a mobile phone, a tablet computer, a desktop computer, a laptop computer, a handheld computer, a notebook computer, a smart screen, a wearable device, an Augmented Reality (AR) device, a Virtual Reality (VR) device, an Artificial Intelligence (AI) device, a car machine, a smart headset, a game machine, an internet of things (IOT) device or a smart home device such as a smart water heater, a smart lamp, a smart air conditioner, and a non-portable terminal device such as a desktop computer.

The device location refers to the actual location where the electronic device is located. The subject device or the object device can acquire the position of the subject device or the object device through global satellite navigation systems such as Beidou, GPS, GLONASS and the like.

The state of the electronic device may include a screen state, an operating state, etc. of the device.

The screen states may include: a screen locking state and an unlocking state. When the electronic equipment is in the screen locking state, the electronic equipment can be unlocked and enter the unlocking state only by inputting verification information by a user. The electronic device can provide more functions when in the unlocked state than when in the locked state.

The operating state refers to an operating condition of the electronic device, and may include, for example, a size of a free resource, a size of an occupied resource, and the like in the electronic device.

The account is used for a user to log on to the electronic device. The account number may include, for example, a cell phone number, mailbox, name, and the like. The user logs in to the main device by using the account, and the method comprises the following two conditions: 1, a user logs in a software system of the electronic equipment. For example, the user logs in to an emotional user interface (EMUI) installed in a huaji mobile phone through a huaji account. 2, the user logs into a certain application in the electronic device. For example, a user logs into a social-like application in an electronic device through a social account.

It can be seen that part of the information in the device attributes is fixed and unchangeable, such as the security capability and the device type, and part of the information may change dynamically with the user operation and the device operation, such as the location, the status, the login account number, and the like of the electronic device.

Specifically, in step S102, after the connection between the host device and the object device is established, the respective device attributes are synchronized with each other based on the connection, that is, the device attribute of the host device is sent to the opposite terminal.

In some embodiments, the host device and the object device may synchronize information of the changed device attributes with each other when part of the information of the device attributes changes.

In other embodiments, the host device and the object device may also synchronize device attributes with each other periodically, or synchronize information of changes in their device attributes periodically.

In some embodiments, after the host device and the object device establish a connection, the object device may further send, to the host device, self-installed information of functional components that can be called and APP information, such as an identifier. The functional components or APPs available for calling are declared or defined by developers in the development stage, and the available calling only means that the functional components or APPs can be called by the users, and does not mean that the functional components or APPs are opened or authorized for a certain device to be called.

Optional step S103, the host and the object devices synchronize access policies with each other.

When S101-S103 are executed, the electronic device in the distributed system cannot determine whether the electronic device is a subject device or a guest device, and after an access request is initiated by a certain electronic device, the device becomes the subject device, and an object of the access request is the guest device. Thus, electronic devices in a distributed system may synchronize access policies with each other.

In this embodiment of the application, access policies of different electronic devices may be different, and access policies of the same electronic device for different electronic devices may be different, which is not limited herein.

In the embodiment of the present application, the access policy describes a rule that various resources in the electronic device are opened to other devices for use. Rules in the access policy only state or define open resources and do not refer to the rights granted to use resources.

The access policy of the electronic device may include any one or combination of:

1. a general access policy.

The general access policy does not relate to specific device attributes of a certain electronic device, and is applicable to any electronic device in a distributed system.

The generic access policy may specify the following information: and the constraint action is used for constraining the device attribute of the subject and/or constraining the device attribute and the resource of the object. Wherein, the constraint action can include two types: access is allowed, and access is not allowed. The definition of the device attribute and the resource of the constraint subject or the constraint object can refer to the above.

That is, the generic access policy specifies: the device of which attribute opens which resources to the device of which attribute, and/or the device of which attribute refuses to open which resources to the device of which attribute.

In other words, the generic access policy instructs the electronic device with the first device attribute to open the third resource to the other electronic device with the second device attribute, and/or the electronic device with the third device attribute to deny the opening of the fourth resource to the other electronic device with the fourth device attribute. The third resource and the fourth resource are resources in the electronic device.

Illustratively, the generic access policy may include, for example: the electronic devices with large security capability gaps cannot establish connection, the device for opening administrator authority, namely, the root electronic device cannot access sensitive resources of other devices, the electronic device in the screen locking state cannot access camera resources of other electronic devices, and the like. Here, a sensitive resource may refer to a resource that may pose a greater risk to the privacy of the user after being compromised, for example, a resource with a degree of privacy above a threshold.

For example, in the above item 2 of general access policy, the device attribute, the constraint action, and the resource of the constraint body are respectively: root state, no access allowed, sensitive resources.

In the embodiment of the present application, in combination with the general access policy and the device attributes of the host device and the guest device, it can be known whether each resource in the guest device is open to the host device.

2. An access policy based on device attributes of the electronic device.

The access policy based on the device attribute of the electronic device is obtained by combining the general access policy and the device attribute of the electronic device, and is applicable to the electronic device.

The access policy based on device attributes of the electronic device may specify the following information: and the constraint action is used for constraining the device attribute and the resource of the main body.

That is, the access policy based on the device attributes of the electronic device specifies: the electronic device opens which resources to the device with which attribute, and refuses to open which resources to the device with which attribute.

In other words, the access policy based on the device attribute of the electronic device instructs the electronic device to open the fifth resource to other electronic devices having the fifth device attribute and/or the electronic device to deny opening the sixth resource to other electronic devices having the sixth device attribute. The fifth resource and the sixth resource are resources in the electronic device.

Illustratively, the access policy based on the device attributes of the electronic device may include, for example: the electronic device with the security capability lower than the first threshold is not allowed to call the device connection capability, the electronic device with the security capability higher than the second threshold is allowed to call the device connection capability, the root electronic device is not allowed to access the sensitive resource, the electronic device in the screen locking state is not allowed to access the camera resource, and the like.

For example, in the above item 1 of access policy based on device attributes of electronic devices, the device attributes, constraint actions, and resources of the constraint body are respectively: security capabilities are below a first threshold, no access allowed, device connection capabilities.

Since device attributes of an electronic device may change dynamically, access policies based on device attributes of the electronic device may also change dynamically.

In the embodiment of the present application, in combination with an access policy based on the device attribute of the object device and the device attribute of the host device, it can be known whether each resource in the object device is open to the host device.

And 3, based on the access policy of the electronic equipment.

The access policy based on device attributes of the electronic device may specify the following information: and (4) constraint action, and constraint main body and resource.

That is, the access policy based on the electronic device itself specifies: the electronic device opens which resources to which devices and denies which resources to open to which devices.

In other words, the electronic device is instructed to open the seventh resource to a certain electronic device and/or the electronic device refuses to open the eighth resource to a certain electronic device based on the access policy of the electronic device itself. The seventh resource and the eighth resource are resources in the electronic device.

In the embodiment of the present application, in combination with an access policy based on an object device and a host device, it can be known whether each resource in the object device is open to the host device.

In this embodiment of the present application, the access policy of the electronic device may have the following two setting modes:

1. the access policy of the electronic device is set by default by the electronic device.

For example, the electronic device may preset the general access policy when it leaves the factory, and the electronic device may autonomously set an access policy based on its own device attribute, and so on.

2. The access policy of the electronic device is set autonomously by the user.

Specifically, the electronic device may set its own access policy in response to the received user operation.

Referring to fig. 5A, fig. 5A illustrates one manner in which an electronic device sets an access policy based on the electronic device itself in response to a user operation.

Fig. 5A shows a user interface 51 provided by a setup application in the electronic device. The setting application is an application program installed in the electronic device and used for setting various functions in the electronic device, and the name of the application program is not limited in the embodiment of the application.

As shown in fig. 5A, the user interface 51 displays therein: a status bar 501, a return key 502, a page indicator 503, one or more device options 504, one or more resource options 505, and a control 506 for opening/stopping opening of the corresponding resource.

Wherein, the status bar 501 may include: one or more signal strength indicators for Wi-Fi signals, weather indicators, time indicators, and the like.

The return key 502 is used to return a higher-level page provided by the setting application.

The page indicator 503 is used to indicate that the current page is used to set the resources that the electronic device opens to other devices in the distributed system. The page indicator 503 may be implemented as text such as the text "open capability list", "set", but may also be implemented as an icon or in other forms.

One or more device options 504 correspond to other electronic devices in distributed system 10 to which the electronic device is connected. Device options 504 may be implemented as images, icons, text, and the like, without limitation.

The device options 504 are followed by one or more resource options 505, and controls 506 corresponding to the resource options 505.

The one or more resource options 505 may correspond to one or more resources available for invocation in the electronic device, such as a camera, a speaker, a text messaging service, a play service, device connectivity, and so forth. One resource option may correspond to one or more resources. The electronic device may detect a user operation acting on the control 506 corresponding to the resource option 505, and open the resource corresponding to the resource option 505 to the device corresponding to the device option 504 or stop opening the resource corresponding to the resource option 505 to the device corresponding to the device option 504 in response to the user operation.

As shown in fig. 5A, the electronic device opens a camera, a speaker, a playback service, device connectivity, and data transmission capabilities to device a. That is, the access policy of the electronic device set by the user includes: allowing device a to access cameras, speakers, play services, device connectivity, data transfer capabilities.

The method is not limited to the method shown in fig. 5A, and in a specific implementation, the user may also set, through another method, a resource that the electronic device opens to another device, which is not limited herein. For example, the electronic device may set one or more device options connected to the electronic device to be displayed in a provided user interface, and when a user operation is received on the device option, display an open capability list of a device corresponding to the device option, so that the user sets a resource open to other devices through the open capability list.

In addition, after receiving the access policy sent by the other device, the electronic device may also provide relevant information for the user to refer to.

Referring to fig. 5B, fig. 5B illustrates a user interface 52 provided by a setup application in the electronic device.

As shown in fig. 5B, the user interface 52 displays: a status bar, a return key 507, a page indicator 508, one or more device options 509, one or more resource options 510.

Wherein, the status bar can refer to the related description in fig. 5A.

The return key 507 is used to return a higher-level page provided by the setting application.

The page indicator 508 is used to indicate that the current page is used to show resources that other devices in the distributed system open to the electronic device. The page indicator 508 may be implemented as text such as "get capability list", "set", and may also be implemented as an icon or other form.

One or more device options 509 correspond to other electronic devices in distributed system 10 to which the electronic device is connected. Device options 509 may be implemented as images, icons, text, and the like, without limitation.

One or more resource options 510 are corresponding to the device option 509, which means that the device corresponding to the device option 509 opens the resource corresponding to the resource option 510 to the electronic device.

As shown in fig. 5B, device D opens a camera, a speaker, a sms, a play service, a device discovery capability, a device connection capability, a data transmission capability, and a location service to the electronic device where the user interface 52 is located. That is, the access policy of device D includes: the electronic device on which the user interface 52 is located is allowed access to cameras, speakers, text messaging services, play services, device discovery capabilities, device connectivity capabilities, data transmission capabilities, location services.

Fig. 5A may be a user interface provided by an object device in the embodiment of the present application, and fig. 5B may be a user interface provided by a host device in the embodiment of the present application.

Fig. 5A to 5B are merely examples, and do not limit the present application.

In the embodiment of the present application, for an electronic device that rejects an open resource, the electronic device may reject an access interface that provides the resource, so as to prohibit access by other electronic devices.

In a specific implementation, the electronic devices of the distributed system may directly synchronize access policies with each other after establishing a connection.

In some embodiments, the electronic device may synchronize the changed portion of the access policy to the main device when the access policy of the electronic device changes.

In other embodiments, the guest device may also synchronize its own policy to the host device periodically, or synchronize a part of its access policy that changes to the host device periodically.

The access policy in the electronic device may be changed due to the electronic device or a user changing a setting, or may be changed due to a device attribute of the electronic device, which may specifically refer to the foregoing related description, and is not described here again.

In some embodiments of the present application, if the same general access policy is preset in each electronic device in the distributed system, the subject device also stores the general access policy of the object device, and S103 is not required to be executed.

And S104, the main body equipment generates an access request, and the access request is used for a caller in the main body equipment to call a callee in the object equipment so as to access the first resource.

In the embodiment of the present application, a caller is installed in a host device, and a callee is installed in an object device. The caller and the callee can be both APP or functional components. The definition of APP and functional components can refer to the related description.

The access request generated by the subject device may include: an identification of the caller, an identification of the callee, and an identification of the first resource. In some embodiments, the access request may further include: the identification of the subject device, and the identification of the object device.

The identifier of the subject device or the object device may be a device type, a device model, a device name, and the like, which is not limited in this embodiment of the application. The device types may be viewed from device modalities, and may include, for example, a mobile phone, a tablet computer, a smart headset, an IOT device, a smart home device, or the like.

The caller ID and the callee ID may be application identifiers (APP IDs).

In this embodiment, the first resource may be any resource in the guest device, depending on the host device. For the classification and the details of the resources in the guest device, reference may be made to the related description above. The first resource may include one or more resources, which are not limited herein.

In some cases, the identity of the callee and the identity of the first resource may be the same. For example, when the first resource is a camera, the identifier of the callee may also be an identifier of the camera, and is used to indicate that the callee is a camera application.

In some embodiments, the principal device may generate an access request in response to a received user operation in the course of running the caller. For example, when a user uses a video call application on a host device (e.g., a mobile phone), the user operation may be input to trigger the host device to generate an access request for invoking a camera and a display screen of a guest device to perform a video call.

In other embodiments, the subject device may also autonomously generate access requests for the guest device in some cases during the course of running the caller. For example, when the take-away application is executed, the host device may autonomously generate an access request for calling a positioning function in the guest device to acquire positioning data. For example, the host device may default to generate an access request for the instant messaging application in the host device to call the video call function component and the camera resource in the object device (e.g., smart screen) each time a video call is made.

And S105, the host device judges whether to initiate the access request according to the access strategy of the object device.

In some embodiments, S105 may be directly performed after the subject device generates the access request.

In other embodiments, after the master device generates the access request, S105 may be performed on the premise that the callee and/or the first resource is determined to be a sensitive resource. Therefore, the host device can access the sensitive resources in the object device under the condition of conforming to the access policy of the object device, and the safety of user data is ensured. Sensitive resources may refer to resources that pose a greater risk to user privacy when compromised, e.g., resources with a degree of privacy above a threshold. Sensitive resources may include hardware resources, software resources, and stored data in the electronic device.

In some other embodiments of the present application, the main device may also perform S105 first and then perform S104, that is, the main device may determine whether to initiate an access request according to the access policy first, and generate the access request after determining to initiate the access request.

In some embodiments, if S103 is executed, the host device may determine whether to initiate an access request according to the access policy sent by the object device. In other embodiments, if S103 is not executed, the main device may determine whether to initiate the access request according to a pre-stored access policy of the electronic device, for example, a general access policy.

In this embodiment of the present application, the main device may determine whether to initiate an access request through the following two specific implementation manners:

1. and the host device judges whether the host device is allowed to access the first resource in the object device or not according to the access strategy of the object device, and if so, the host device determines to send the access request to the object device.

That is, if the access policy of the guest device indicates that the host device is allowed to access the first resource in the guest device, the host device determines to initiate the access request.

In the implementation manner 1, since the access policy of the object device describes a rule that various resources in the object device are opened to other devices for use, the host device may determine whether to allow the host device to access the first resource in the object device according to the access policy of the object device.

When the access policy of the object device includes a general access policy, the host device may obtain, according to the general access policy, in combination with the respective device attributes of the host device and the object device, whether the host device is allowed to access the first resource in the object device.

When the access policy of the object device includes an access policy based on the device attribute of the object device, the host device may know, according to the access policy based on the device attribute of the object device and in combination with the device attribute of the host device, whether the host device is allowed to access the first resource in the object device.

When the access policy of the object device includes an access policy based on the object device itself, the host device may obtain, according to the access policy based on the object device itself, in combination with the host device, whether the host device is allowed to access the first resource in the object device.

Through the implementation manner of the 1 st implementation manner, cross-device access in the distributed system can be restricted through an access policy, a manner that resources in the object device are exposed to the outside is reduced, security and privacy leakage risks caused by differences of all devices in a distributed scene can be avoided, confidentiality and integrity of data in the object device are ensured, and data security is guaranteed.

2. The host device judges whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource according to the access policy of the object device, and if the judgment result is yes, the host device determines to send an access request to the object device.

That is, if the access policy of the guest device indicates that the host device is allowed to access the first resource and the associated resource of the first resource in the guest device, the host device determines to initiate the access request.

In an embodiment of the present application, the associated resource of the first resource is a basis for the electronic device to provide the first resource. The electronic device can further provide the first resource based on the associated resource only if the associated resource is provided. The electronic device must simultaneously access the associated resource of the first resource to be able to access the first resource. For example, the associated resource of the photographing service is a camera, and the electronic device can provide the photographing service by using the camera only when the camera is configured. For another example, the resources associated with the playback service include device connection capability and speakers, and the electronic device can provide the playback service to other devices in the distributed system only if the electronic device has the device connection capability and the speakers. The number of associated resources of the first resource may comprise one or more.

In the embodiment of the present application, the resources in the guest device may be divided into a plurality of different levels, and the number of the levels is not limited, and for example, the number of the levels may be 3, 4, or the like. Wherein high-level resources may provide an implementation basis or support for low-level resources. The specific relationship or manner in which the resources are supported by each other depends on the specific content of the resource and the manner in which the resource is provided in the electronic device, which is not specifically limited in the embodiment of the present application.

Exemplarily, referring to fig. 6, fig. 6 shows a resource hierarchy structure diagram in an object device provided in an embodiment of the present application. The hierarchical structure of fig. 6 can be implemented as a tree-like structure, and fig. 6 can also be a resource tree.

As shown in fig. 6, the resources in the guest device can be divided into three levels, from high to low: device capabilities, hardware resources, software services. Wherein:

the device capabilities may include: device discovery capabilities, device connectivity capabilities, device transmission capabilities.

The hardware resources may include: cameras, microphones, sensors (e.g., fingerprint sensors, gyroscopes, acceleration sensors, etc.), speakers, and so forth.

The software services may include: the device list provides services, photographing services, recording services, fingerprint authentication services, exercise health services, playing services, device connection services, data transmission services, and the like.

The arrows in fig. 6 represent the supporting relationship between resources. As shown in fig. 6, the associated resources of the device list provision service include a device discovery capability, the associated resources of the photographing service include a camera and a device connection capability, the associated capabilities of the camera include a device connection capability, the associated resources of the recording service include a microphone and a device connection capability, the associated resources of the playing service include a speaker and a device connection capability, the associated resources of the speaker include a device connection capability, and so on.

That is, after the resource in the object device is represented in the form of a resource tree, the associated resource of a certain resource includes the resource of the parent node corresponding to the node of the resource, and the resource of the parent node is analogized from top to bottom in sequence until the top of the resource tree.

Fig. 6 is only an example, and in the embodiment of the present application, the resource tree in the electronic device may also be implemented in other ways, which are not limited herein.

In the implementation manner 2, since the access policy of the object device describes a rule that various resources in the object device are opened to other devices for use, the host device may determine whether to allow the host device to access the first resource in the object device and the associated resource of the first resource according to the access policy of the object device.

When the access policy of the object device includes a general access policy, the host device may obtain, according to the general access policy, in combination with the respective device attributes of the host and object devices, whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource.

When the access policy of the object device includes an access policy based on the device attribute of the object device, the host device may obtain, according to the access policy based on the device attribute of the object device and in combination with the device attribute of the host device, whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource.

When the access policy of the object device includes an access policy based on the object device itself, the host device may obtain, according to the access policy based on the object device itself, in combination with the host device, whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource.

For example, if the host device requests to access the playing service in the object device, the host device may determine layer by layer according to the resource tree shown in fig. 6. For example, the host device may first determine whether the access rule of the object device allows the host device to access the device connection capability in the object device, then determine whether the host device is allowed to access the speaker of the object device, and finally determine whether the host device is allowed to access the playing service of the object device, if the three determination results are yes, the determination result in S105 is yes, that is, the host device determines to send the access request to the object device. In other embodiments of the present application, the main device may further perform judgment layer by layer according to the hierarchical structure of the resource tree, or perform judgment in any order, which is not limited herein.

Through the implementation manner of the second implementation manner, the resources in the object device can be classified, whether the host device is allowed to access the first resource of the object device or not is judged, whether the host device is allowed to access the associated resource of the first resource in the object device or not is also judged, finer-grained access control can be performed, confidentiality and integrity of data in the object device can be further ensured on the basis of the implementation manner of the first implementation manner, and data security is guaranteed.

If the determination result in S105 is yes, the following steps are performed.

Optional step S106, the subject device determines whether or not the authority required for the access request is present.

The rights required by the access request generated by the subject device include: and calling the authority of the callee in the object equipment and/or the authority of accessing the first resource in the object equipment.

In some embodiments, the rights required by the access request specifically include: the subject device invokes the callee in the object device and/or the right to access the first resource. When the right required for the access request includes a right to call the callee, it can be regarded that the right includes a right to call the callee to perform various operations, and therefore also includes a right to access the first resource.

In some embodiments, the rights required by the access request specifically include: the caller invokes the callee in the guest device and/or the permissions to access the first resource.

In some embodiments, the rights required by the access request specifically include: the caller in the subject device invokes the callee in the object device and/or the right to access the first resource.

In some embodiments of the present application, the subject device may directly apply for the right required by the access request to the user after generating the access request. In other embodiments, after generating the access request, the subject device may apply for the permission to the user if the execution result of S106 is negative, which may reduce interaction between the subject device and the user and improve efficiency of invoking resources across devices in the distributed system. Not limited to the rights required by the subject device to obtain the access request, in other embodiments, the subject device may also receive the rights required by the access request from the object device.

In S106, the principal device may request the user to grant the authority required by the access request generated by the principal device using the authorization method supported by both the principal device and the caller during the process of running the caller. Authorization means may include, but are not limited to: the method includes, but is not limited to, pop box authorization, fingerprint authentication authorization, face authentication authorization, voice command authorization, key press authorization, and the like.

The type of authorization supported by an electronic device depends on the hardware and/or software configuration of the electronic device. For example, supporting pop-box authorization requires the electronic device to configure the display screen. Supporting fingerprint authentication authorization requires the electronic device to be equipped with a fingerprint sensor. The face authentication authorization is supported, and the electronic equipment is required to be configured with a camera and a face recognition algorithm. Supporting voice command authorization requires that the electronic device be equipped with a microphone or other sound pickup device. The key-press authorization is supported, the electronic device is required to configure the physical keys.

Whether or not the caller has the authorization condition depends on the function of the caller itself. For example, a caller may support pop box authorization when the caller is able to provide a user interface. As another example, a caller may support fingerprint authentication authorization when the caller is able to invoke a fingerprint sensor.

When the main device supports the popup box authorization, prompt information can be output on the display screen, and the prompt information is used for prompting the authorization required by the access request. Thereafter, the main device may detect a user operation acting on the display screen, and acquire the authority required by the access request in response to the user operation.

When the main body equipment supports fingerprint verification authorization, the fingerprint of the user can be collected through the fingerprint sensor, the collected fingerprint is compared with the preset fingerprint, and if the two fingerprints are consistent, the main body equipment acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of fingerprints, and acquire the rights required by the access request with different time periods when different preset fingerprints are acquired.

When the main body equipment supports face verification authorization, the face image of the user can be collected through the camera, the collected face image is compared with a preset face image, and if the collected face image is consistent with the preset face image, the main body equipment acquires the authorization required by the access request.

When the main body equipment supports the authorization of the voice instruction, the voice instruction input by the user can be collected through the microphone, the telephone receiver or other sound pickup equipment, the collected voice instruction is compared with the preset voice instruction, and if the collected voice instruction is consistent with the preset voice instruction, the main body equipment acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of voice commands, and acquire the rights required by the access request with different timeliness when acquiring different preset voice commands.

When the main device supports key authorization, the pressing operation of the user can be collected through the physical key, and if a preset pressing operation (for example, one-time pressing operation, long-time pressing operation, two continuous pressing operations, and the like) is collected on the physical key, the main device acquires the authorization required by the access request. In some embodiments, the main device may preset a plurality of pressing operations, and acquire the authority required by the access request with different timeliness when different preset pressing operations are acquired.

If the determination result in S106 is yes, the subsequent steps are executed.

S107, the subject device sends the access request to the object device.

In some embodiments, the subject device may further send, to the object device, permission information required for the access request acquired by the subject device, where the permission information indicates permission required for the access request.

And S107, after receiving the access request, the object device judges whether to respond to the access request according to the access strategy of the object device.

And S108, the object device judges whether to respond the access request according to the access strategy of the object device.

In some embodiments, after the guest device receives the access request, S108 may be directly performed.

In other embodiments, after the guest device receives the access request, S108 may be executed on the premise that the callee and/or the first resource is determined to be a sensitive resource. Therefore, the host device can access the sensitive resources in the object device under the condition of conforming to the access policy of the object device, and the safety of user data is ensured.

Similarly to the case where the host device determines whether to initiate an access request in S105, the guest device may determine whether to respond to the access request through the following two specific implementation manners:

1. and the object device judges whether the host device is allowed to access the first resource in the object device or not according to the access strategy of the object device, and if so, the object device responds to the access request.

2. And the object device judges whether the host device is allowed to access the first resource in the object device and the associated resource of the first resource according to the access strategy of the object device, and if so, the object device responds to the access request.

For both the foregoing specific implementation manners and the technical effects, reference may be made to the related description in S105, which is not repeated herein.

If the determination result of S108 is yes, the following steps are performed.

Optional step S109, the object device determines whether the rights required by the access request are provided.

In some embodiments, the guest device may request the user to grant the right required by the received access request in an authorization manner supported by both the guest device and the callee during the operation of the callee. The method for requesting the user authorization by the guest device is similar to the method for requesting the user authorization by the host device, and reference may be specifically made to the related description of S106.

In other embodiments, the object device may receive the authority information required by the access request transmitted by the host device, and acquire the authority required by the access request according to the authority information.

If the determination result in S109 is yes, the following steps are performed.

S110, the guest device responds to the access request.

Specifically, the guest device may create an instance of the callee for the caller in the host device in response to the access request sent by the host device, and run the instance to access the first resource. In some embodiments, if the instance of the callee already exists in the guest device, the guest device may directly run the instance to access the first resource without recreating the instance of the callee.

In the embodiment of the application, the instance is an APP or a functional component in a running state. An instance may refer to a process or a thread. The electronic device may allocate physical addresses in Random Access Memory (RAM) for different instances in units of processes. When the electronic equipment needs to run the instance, the space which is correspondingly allocated to the instance in the RAM is found according to the virtual address, and the instance is run in the space. Wherein the virtual address is mapped with the physical address assigned to the instance by the electronic device, and the mapping relation is stored in the controller of the electronic device. That is, the instance is implemented by a virtual address to find the actual storage location of the memory data.

In this embodiment of the application, the object device responds to the access request to access the first resource, and specifically may include one or more of the following:

the object device runs an instance of a callee created for the caller, and accesses the first resource to perform a series of operations, such as displaying a video call interface through a display screen, capturing an image through a camera, performing a calculation operation, processing the image, acquiring location information, and the like.

And 2, the object device sends an access result of accessing the first resource to the host device, for example, sends an image acquired by the camera to the host device, so that the host device sends the image to another device performing video call with the host device, and for example, sends the calculation result and the acquired position information to the host device.

And 3, the object device receives the data sent by the host device, accesses the first resource by using the data and executes a series of operations. For example, the object device may receive an image, which is sent by the host device and acquired by another device performing a video call, and display the image in a video call interface of the display screen.

Here, the operation performed by the guest device when responding to the access request to access the first resource may be determined by default by the guest device, may be determined by a user on the guest device side, and may be determined by the access request sent by the host device side, which is not limited herein.

Through the access control method based on the access policy shown in fig. 4, cross-device access in the distributed system can be restricted through the access policy, a mode that resources in the object device are exposed to the outside is reduced, security and privacy leakage risks caused by differences of each device in a distributed scene can be avoided, confidentiality and integrity of data in the object device are ensured, and data security is guaranteed. In addition, the method can avoid the risk caused by malicious attack of the host equipment or the object equipment by a host-object dual authentication mode, and further guarantee the data security of the object equipment.

In some embodiments of the present application, the access policy-based access control method shown in fig. 4 may be performed by using a single-side authentication method. Specifically, if the host device executes S105, the guest device does not need to execute S108. Alternatively, S108 may be executed by the guest device without executing S105 before the host device transmits the access request. The single-side authentication mode can reduce the operation of the host equipment/object equipment and improve the efficiency of cross-equipment resource calling in the distributed system.

In some embodiments, when the access control method based on the access policy shown in fig. 4 is executed by using a single-side authentication of the object device, if the host device rejects to receive the access policy of the object device when S102 is executed, or the host device does not execute S105, the host device may send a notification message that the host device itself rejects to receive the access policy of the object device or does not execute S105 to the object device. After the object device receives the notification message, if the access request of the host device is received, the object device can directly refuse to respond to the access request. The host device refuses to receive the access policy of the object device, or the host device does not execute S105, which may be caused by the host device being attacked maliciously, and the risk caused by the malicious attack of the host device can be avoided through the previous embodiment, so that the data security of the object device is further ensured.

In the access control method shown in fig. 4:

the host device may be referred to as a first device and the object device may be referred to as a second device.

The access policy of the guest device may be referred to as a first access policy.

The associated resource of the first resource may be referred to as a second resource.

The user interface 51 shown in fig. 5A may be referred to as a first user interface.

The right required for the access request sent by the main device may be referred to as a first right, and the specific content of the first right may refer to the related description.

Referring to fig. 7A, fig. 7A is a schematic diagram of a software structure of a main device according to an embodiment of the present application. The host device may be the host device in the embodiment of fig. 4.

As shown in fig. 7A, the main body apparatus may include several modules as follows: the device comprises a device attribute management module, an access strategy management module, a device attribute library, an access strategy library, an access control module based on an access strategy, an authority access control module and a communication module. Wherein:

and the device attribute management module is used for acquiring the device attributes of the subject device, synchronizing the device attributes of the subject device into the object device, and receiving the device attributes sent by the object device. For details of the device attributes, reference may be made to the description above relating to method embodiments.

And the device attribute library is used for storing the device attribute of the subject device and the device attribute of the object device, which are acquired by the device attribute management module.

And the access policy management module is used for receiving the access policy of the object device synchronized by the object device. In some embodiments, the access policy management module is configured to receive an access policy synchronized by the guest device and based on a device attribute of the guest device.

And the access policy library is used for storing the access policies synchronized by the object equipment. In some embodiments, the access policy repository is configured to store the access policy synchronized by the guest device based on the device attribute of the guest device.

And the access control module based on the access strategy is used for judging whether to initiate an access request to the object equipment according to the access strategy of the object equipment stored in the access strategy library.

And the authority access control module is used for inquiring whether the object equipment opens the authority required by the access request to the main equipment or not and inquiring whether a caller initiating the access request has the authority required by the access request or not. And when the query result is yes, the authority access control module confirms that the subject device can initiate the access request to the object device.

And the communication module is used for establishing connection and communication with the object equipment.

Fig. 7A is a schematic example, and the main device provided in the embodiment of the present application may further include more or fewer modules, which is not limited herein.

The modules in the main device mentioned in fig. 7A may be located in an application layer, an application framework layer, a system service layer, a kernel layer, and the like in the electronic device shown in fig. 3B, which is not limited herein.

Referring to fig. 7B, fig. 7B is a schematic diagram of a software structure of an object device according to an embodiment of the present application. The object device may be the object device in the embodiment of fig. 4.

As shown in fig. 7B, the object device may include the following modules: the device comprises a device attribute management module, an access strategy management module, a device attribute library, an access strategy library, an access control module based on an access strategy, an authority access control module and a communication module. Wherein:

and the device attribute management module is used for acquiring the device attributes of the object device, synchronizing the device attributes of the object device into the host device, and receiving the device attributes sent by the host device. For details of the device attributes, reference may be made to the description above relating to method embodiments.

And the access policy management module is used for synchronizing the access policy of the object device to the host device. In some embodiments, the access policy management module is to synchronize an access policy based on device attributes of the guest device to the subject device.

And the access policy library is used for storing the access policies synchronized by the object equipment. In some embodiments, the access policy repository is to store access policies based on device attributes of the guest device.

And the access control module based on the access strategy is used for judging whether to respond to the access request sent by the host equipment according to the access strategy of the object equipment stored in the access strategy library.

And the authority access control module is used for inquiring whether the object equipment opens the authority required by the access request to the main equipment or not and also for inquiring whether the object equipment has the authority required by the access request or not. And when the query result is yes, the authority access control module confirms that the object device can respond to the access request.

And the communication module is used for establishing connection and communication with the main body equipment.

Fig. 7B is a schematic example only, and the object device provided in the embodiment of the present application may further include more or fewer modules, which is not limited herein.

The modules in the object device mentioned in fig. 7B may be located in an application layer, an application framework layer, a system service layer, a kernel layer, and the like in the electronic device shown in fig. 3B, which is not limited herein.

The embodiments of the present application can be combined arbitrarily to achieve different technical effects.

In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the procedures or functions described in accordance with the present application are generated, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.

One of ordinary skill in the art will appreciate that all or part of the processes in the methods of the above embodiments may be implemented by hardware related to instructions of a computer program, which may be stored in a computer-readable storage medium, and when executed, may include the processes of the above method embodiments. And the aforementioned storage medium includes: various media capable of storing program codes, such as ROM or RAM, magnetic or optical disks, etc.

In short, the above description is only an example of the technical solution of the present application, and is not intended to limit the protection scope of the present application. Any modifications, equivalents, improvements and the like made in accordance with the disclosure of the present application are intended to be included within the scope of the present application.

Claims

1. An access control method based on an access policy, the method being applied to a communication system including a first device and a second device, the method comprising:

the first device sends an access request to the second device, wherein the access request is used for the first device to access a first resource in the second device;

the second device determines to allow the first device to access the first resource according to a first access policy, wherein the first access policy describes a rule that the second device opens the resource;

the second device accesses the first resource in response to the access request.

2. The method of claim 1, wherein before the second device accesses the first resource in response to the access request, the method further comprises:

and the second equipment determines to allow the first equipment to access a second resource in the second equipment according to the first access policy, wherein the second resource provides the second equipment with a basis of the first resource.

3. The method of claim 1 or 2, wherein before the first device sends the access request to the second device, the method further comprises:

and the first equipment determines to allow the first equipment to access the first resource according to the first access policy.

4. The method of claim 3, wherein prior to the first device sending an access request to the second device, the method further comprises:

and the first equipment determines to allow the first equipment to access a second resource in the second equipment according to the first access policy, wherein the second resource provides the second equipment with the basis of the first resource.

5. The method of claim 3 or 4, wherein before the first device sends the access request to the second device, the method further comprises:

the second device sends the first access policy to the first device.

6. The method according to any of claims 1-5, wherein the first access policy instructs an electronic device with a first device attribute to open a third resource to an electronic device with a second device attribute, and/or wherein an electronic device with a third device attribute denies opening a fourth resource to an electronic device with a fourth device attribute;

the determining, by the second device, to allow the first device to access the first resource according to the first access policy specifically includes:

and the second equipment determines to allow the first equipment to access the first resource according to a first access policy, the equipment attribute of the first equipment and the equipment attribute of the second equipment.

7. The method according to any of claims 1-5, wherein the first access policy instructs the second device to open a fifth resource to an electronic device with a fifth device attribute, and/or wherein the second device denies opening a sixth resource to an electronic device with a sixth device attribute;

and the second equipment determines to allow the first equipment to access the first resource according to a first access policy and the equipment attribute of the first equipment.

8. The method of claim 6 or 7, wherein the device attributes comprise one or more of: security capabilities of the electronic device, device type, location, screen status, operating status, or login account number.

9. The method of any of claims 6-8, wherein prior to the first device sending an access request to the second device, the method further comprises:

the first device sends the device attribute of the first device to the second device.

10. The method according to any of claims 1-5, wherein the first access policy instructs the second device to open a seventh resource to the first device and/or wherein the second device denies opening an eighth resource to the first device.

11. The method of any one of claims 1 to 10,

the first access policy is set by default by the second device;

alternatively, the first and second electrodes may be,

the first access policy is set by the second device according to the received user operation.

12. The method of claim 10, wherein the first access policy is set by the second device according to the received user operation, and before the second device determines to allow the first device to access the first resource according to the first access policy, the method further comprises:

the second equipment displays a first user interface, the first user interface displays one or more resource options, the one or more resource options respectively correspond to a control, and the resource options are used for indicating resources in the second equipment;

the second device receives user operation acting on the control;

the second device determines the first access policy, which includes: and the second equipment opens the resource indicated by the resource option corresponding to the control operated by the user to the first equipment.

13. The method of any of claims 1-12, wherein prior to the second device accessing the first resource in response to the access request, the method further comprises:

the second device determines that a first right is possessed, the first right including a right to access the first resource.

14. An access control method based on an access policy, wherein the method is applied to an electronic device, and the method comprises:

the electronic equipment receives an access request sent by first equipment, wherein the access request is used for the first equipment to access a first resource in the electronic equipment;

the electronic equipment determines to allow the first equipment to access the first resource according to a first access policy, wherein the first access policy describes a rule that the electronic equipment opens the resource;

the electronic device accesses the first resource in response to the access request.

15. The method of claim 14, wherein before the electronic device accesses the first resource in response to the access request, the method further comprises:

and the electronic equipment determines to allow the first equipment to access a second resource in the electronic equipment according to the first access policy, wherein the second resource provides the electronic equipment with a basis of the first resource.

16. The method of claim 14 or 15, wherein before the electronic device receives the access request sent by the first device, the method further comprises:

the electronic device sends the first access policy to the first device.

17. The method according to any of claims 14-16, wherein the first access policy instructs an electronic device with the first device attribute to open a third resource to an electronic device with the electronic device attribute, and/or wherein an electronic device with the third device attribute denies opening a fourth resource to an electronic device with the fourth device attribute;

the determining, by the electronic device, to allow the first device to access the first resource according to a first access policy specifically includes:

and the electronic equipment determines to allow the first equipment to access the first resource according to a first access policy, the equipment attribute of the first equipment and the equipment attribute of the electronic equipment.

18. The method according to any of claims 14-16, wherein the first access policy instructs the electronic device to open a fifth resource to an electronic device having a fifth device attribute, and/or wherein the electronic device denies opening a sixth resource to an electronic device having a sixth device attribute;

the determining, by the electronic device, to allow the first device to access the first resource according to the first access policy specifically includes:

and the electronic equipment determines to allow the first equipment to access the first resource according to a first access policy and the equipment attribute of the first equipment.

19. The method of claim 17 or 18, wherein the device attributes comprise one or more of: security capabilities of the electronic device, device type, location, screen status, operating status, or login account number.

20. The method of any of claims 17-19, wherein prior to the electronic device receiving the access request sent by the first device, the method further comprises:

the electronic equipment receives the equipment attribute of the first equipment sent by the first equipment.

21. The method according to any of claims 14-16, wherein the first access policy instructs the electronic device to open a seventh resource to the first device and/or wherein the electronic device denies opening an eighth resource to the first device.

22. The method of any one of claims 13-21,

the first access policy is set by the electronic device by default;

alternatively, the first and second electrodes may be,

the first access policy is set by the electronic device according to the received user operation.

23. The method of claim 22, wherein the first access policy is set by the electronic device according to the received user action, and wherein before the electronic device determines to allow the first device to access the first resource according to the first access policy, the method further comprises:

the electronic equipment displays a first user interface, the first user interface displays one or more resource options, the one or more resource options respectively correspond to a control, and the resource options are used for indicating resources in the electronic equipment;

the electronic equipment receives user operation acting on the control;

the electronic device determines the first access policy, which includes: and the electronic equipment opens and receives the resource indicated by the resource option corresponding to the control operated by the user to the first equipment.

24. The method of any of claims 14-23, wherein prior to the electronic device accessing the first resource in response to the access request, the method further comprises:

the electronic device determines that a first right is possessed, wherein the first right comprises a right for accessing the first resource.

25. An electronic device, comprising: a memory, one or more processors; the memory coupled with the one or more processors, the memory to store computer program code, the computer program code including computer instructions, the one or more processors to invoke the computer instructions to cause the electronic device to perform:

receiving an access request sent by first equipment, wherein the access request is used for the first equipment to access a first resource in the electronic equipment;

determining to allow the first device to access the first resource according to a first access policy, wherein the first access policy describes a rule that the electronic device opens the resource;

accessing the first resource in response to the access request.

26. The electronic device of claim 25, wherein the one or more processors are further configured to invoke the computer instructions to cause the electronic device to perform:

before responding to the access request to access the first resource, determining to allow the first equipment to access a second resource in the electronic equipment according to the first access policy, wherein the second resource provides the electronic equipment with a basis of the first resource.

27. The electronic device of claim 25 or 26, wherein the one or more processors are further configured to invoke the computer instructions to cause the electronic device to perform:

and sending the first access policy to the first equipment before receiving an access request sent by the first equipment.

28. The electronic device according to any of claims 25-27, wherein the first access policy instructs an electronic device with a first device attribute to open a third resource to an electronic device with an electronic device attribute, and/or wherein an electronic device with a third device attribute denies opening a fourth resource to an electronic device with a fourth device attribute;

the one or more processors are specifically configured to invoke the computer instructions to cause the electronic device to perform:

and determining to allow the first equipment to access the first resource according to a first access policy, the equipment attribute of the first equipment and the equipment attribute of the electronic equipment.

29. The electronic device according to any of claims 25-27, wherein the first access policy instructs the electronic device to open a fifth resource to an electronic device having a fifth device attribute, and/or wherein the electronic device denies opening a sixth resource to an electronic device having a sixth device attribute;

and determining to allow the first equipment to access the first resource according to the first access policy and the equipment attribute of the first equipment.

30. The electronic device of claim 28 or 29, wherein the device attributes comprise one or more of: security capabilities of the electronic device, device type, location, screen status, operating status, or login account number.

31. The electronic device of any of claims 28-30, wherein the device attributes of the first device sent by the first device are received prior to receiving the access request sent by the first device.

32. The electronic device according to any of claims 25-27, wherein the first access policy instructs the electronic device to open a seventh resource to the first device and/or wherein the electronic device denies opening an eighth resource to the first device.

33. The electronic device of any one of claims 25-32,

the first access policy is set by the electronic device by default;

alternatively, the first and second electrodes may be,

34. The electronic device of claim 33, wherein the first access policy is set by the electronic device according to a received user action, and wherein the one or more processors are further configured to invoke the computer instructions to cause the electronic device to perform:

displaying a first user interface before determining that the first device is allowed to access the first resource according to a first access policy, wherein the first user interface displays one or more resource options, the one or more resource options correspond to controls respectively, and the resource options are used for indicating resources in the electronic device;

receiving a user operation acting on the control;

determining the first access policy, the first access policy comprising: and the electronic equipment opens and receives the resource indicated by the resource option corresponding to the control operated by the user to the first equipment.

35. The electronic device of any one of claims 24-34, wherein the one or more processors are further configured to invoke the computer instructions to cause the electronic device to perform:

before responding to the access request to access the first resource, determining that a first right is provided, wherein the first right comprises a right for accessing the first resource.

36. A computer-readable storage medium comprising instructions that, when executed on an electronic device, cause the electronic device to perform the method of any of claims 14-24.

37. A computer program product, characterized in that it causes a computer to perform the method according to any one of claims 14-24 when said computer program product is run on a computer.

38. A communication system, the communication system comprising: a first device, a second device, the second device to perform the method of any of claims 14-24.