CN115730293A - AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium - Google Patents

AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium Download PDF

Info

Publication number
CN115730293A
CN115730293A CN202211481242.8A CN202211481242A CN115730293A CN 115730293 A CN115730293 A CN 115730293A CN 202211481242 A CN202211481242 A CN 202211481242A CN 115730293 A CN115730293 A CN 115730293A
Authority
CN
China
Prior art keywords
permission
mode
authority
instruction
switching
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211481242.8A
Other languages
Chinese (zh)
Inventor
王斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Fibocom Wireless Software Inc
Original Assignee
Xian Fibocom Wireless Software Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Fibocom Wireless Software Inc filed Critical Xian Fibocom Wireless Software Inc
Priority to CN202211481242.8A priority Critical patent/CN115730293A/en
Publication of CN115730293A publication Critical patent/CN115730293A/en
Pending legal-status Critical Current

Links

Images

Abstract

The application discloses an AT instruction authority management method, an AT instruction authority management device, computer equipment and a storage medium. The AT command includes AT least two modes of authority. The AT instruction authority management method comprises the following steps executed by the second equipment: receiving an authority switching request sent by first equipment, wherein the authority switching request comprises a first target authority mode; when the authority level of the first target authority mode is higher than that of the current AT instruction authority mode, authority switching information is sent to the first equipment according to the authority switching request; and receiving permission confirmation information sent by the first equipment, and switching the AT instruction permission mode into a first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information. The AT instruction authority management method can enable the AT instruction to be correctly and safely used, and obviously reduces the condition that the AT instruction is abused.

Description

AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to an AT instruction permission management method, an AT instruction permission management apparatus, a computer device, and a storage medium.
Background
The communication module usually adopts AT (Attention) command as the control command. The upper computer is connected with the communication module through UART (Universal Asynchronous Receiver/Transmitter) or USB (Universal Serial Bus) and the like, and then can realize interaction with the communication module through the mode of receiving and transmitting AT instructions. However, AT present, an effective security monitoring means is lacked for the AT command, so that any upper computer can control the communication module without limitation after being connected to the communication module, and the AT command risks being abused.
Disclosure of Invention
In view of this, embodiments of the present application provide an AT instruction authority management method, an AT instruction authority management apparatus, a computer device, and a storage medium, so as to solve the problem that AT instructions are abused.
In a first aspect, an embodiment of the present application provides a method for managing AT command permission, where the AT command includes AT least two permission modes, and the method includes the following steps performed by a second device:
receiving a permission switching request sent by first equipment, wherein the permission switching request comprises a first target permission mode;
when the authority level of the first target authority mode is higher than that of the current AT instruction authority mode, authority switching information is sent to the first equipment according to the authority switching request;
and receiving permission confirmation information sent by the first equipment, and switching the AT instruction permission mode into the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
The foregoing aspects and any possible implementations further provide an implementation, where when the first target permission mode is higher than the permission level of the current AT instruction permission mode, sending permission switching information to the first device according to the permission switching request, including:
acquiring the current AT instruction authority mode;
comparing the permission levels of the current AT command permission mode and the first target permission mode;
if the first target permission mode is higher than the permission level of the current AT instruction permission mode, generating an authentication password acquisition request and a verification random number;
and sending the current AT instruction permission mode, the authentication password acquisition request and the verification random number to the first equipment as the permission switching information.
The above-mentioned aspects and any possible implementation manners further provide an implementation manner, where the permission confirmation information includes a second target permission mode, a device identifier of the first device, and an authentication password, and the switching the AT instruction permission mode to the first target permission mode according to the permission confirmation information includes:
decrypting the authentication password by adopting a decryption algorithm and the equipment identifier of the first equipment to obtain a check value, wherein the authentication password is generated according to the equipment identifier of the first equipment, the check random number and an encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relation with the equipment identifier of the first equipment;
and when the check value is equal to the check random number and the permission modes of the first target permission mode and the second target permission mode are the same, switching the AT instruction permission mode to the first target permission mode.
The above-mentioned aspect and any possible implementation manner further provide an implementation manner, when the first target permission mode is lower than the permission level of the current AT instruction permission mode, the method further includes: and switching the AT instruction permission mode to the first target permission mode.
The above-mentioned aspect and any possible implementation manner further provide an implementation manner, after the receiving the permission confirmation information sent by the first device, and switching the AT instruction permission mode to the first target permission mode according to the permission confirmation information, the method further includes:
generating authority change information and sending the authority change information to the first equipment;
and receiving feedback information sent by the first device, and confirming that the first device knows that the AT instruction permission mode is switched to the first target permission mode.
In a second aspect, an embodiment of the present application further provides an AT instruction authority management method, where the AT instruction includes AT least two authority modes, and the method includes the following steps performed by a first device:
acquiring an authority switching instruction input by a user;
generating an authority switching request according to the authority switching instruction, and sending the authority switching request to second equipment, wherein the authority switching request comprises a first target authority mode;
when the first target permission mode is higher than the permission level of the current AT instruction permission mode, permission switching information sent by the second equipment is received;
and sending permission confirmation information to the second equipment according to the permission switching information so as to determine the AT instruction permission mode of the second equipment according to the permission confirmation information.
In a third aspect, an embodiment of the present application provides an AT instruction authority management apparatus, including:
the first receiving module is used for receiving an authority switching request sent by first equipment by second equipment, wherein the authority switching request comprises a first target authority mode;
a first sending module, configured to, when the first target permission mode is higher than a permission level of a current AT instruction permission mode, send, by the second device, permission switching information to the first device according to the permission switching request;
and the second receiving module is used for receiving the permission confirmation information sent by the first equipment by the second equipment and switching the AT instruction permission mode into the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
Further, the first sending module is further specifically configured to:
acquiring a current AT instruction authority mode;
comparing the permission levels of the current AT command permission mode and the first target permission mode;
if the first target permission mode is higher than the permission level of the current AT instruction permission mode, generating an authentication password acquisition request and a verification random number;
and sending the current AT instruction permission mode, the authentication password acquisition request and the verification random number to the first equipment as the permission switching information.
Further, the permission confirmation information includes a second target permission mode, a device identification of the first device, and an authentication password.
Further, the second receiving module is further specifically configured to:
decrypting the authentication password by adopting a decryption algorithm and the equipment identifier of the first equipment to obtain a check value, wherein the authentication password is generated according to the equipment identifier of the first equipment, the check random number and an encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relation with the equipment identifier of the first equipment;
and when the check value is equal to the check random number and the permission modes of the first target permission mode and the second target permission mode are the same, switching the AT instruction permission mode to the first target permission mode.
Further, when the first target permission mode is lower than the permission level of the AT command permission mode AT present, the AT command permission management apparatus is further specifically configured to:
and switching the AT instruction permission mode into the first target permission mode.
Further, the AT command authority management device is further specifically configured to:
generating authority change information and sending the authority change information to the first equipment;
and receiving feedback information sent by the first device, and confirming that the first device knows that the AT instruction permission mode is switched to the first target permission mode.
In a fourth aspect, an embodiment of the present application further provides an AT instruction authority management apparatus, including:
the acquisition module is used for acquiring the authority switching instruction input by the user by the first equipment;
the second sending module is used for generating an authority switching request according to the authority switching instruction by the first equipment and sending the authority switching request to the second equipment, wherein the authority switching request comprises a first target authority mode;
a third receiving module, configured to, when the first target permission mode is higher than a permission level of a current AT instruction permission mode, receive, by the first device, permission switching information sent by the second device;
and a third sending module, configured to send, by the first device, permission confirmation information to the second device according to the permission switching information, so as to determine the AT instruction permission mode of the second device according to the permission confirmation information.
In a fifth aspect, embodiments of the present application provide a computer device, which includes a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, and the processor executes the computer readable instructions to perform the steps of the AT instruction permission management method according to the first aspect.
In a sixth aspect, embodiments of the present application provide a computer-readable storage medium, which stores computer-readable instructions, and the computer-readable instructions, when executed by a processor, implement the steps of the AT instruction permission management method according to the first aspect.
In the embodiment of the application, an authority confirmation mechanism is set for the AT instruction, and when the upper computer initiates control on the communication module through the AT instruction, the upper computer firstly needs to meet the requirement of the authority level permitted by the communication module. When the permission level permitted by the upper computer for communication is high enough, the communication module can be correspondingly controlled under the permission, and when the permission level permitted by the upper computer for communication is low, the permission level of the communication module is improved by the upper computer in a permission authentication mode, so that the permission level permitted for communication is improved, and further control over the communication module is realized. In the embodiment of the application, the AT instruction can be correctly and safely used by setting the authority level to the AT instruction, and the condition that the AT instruction is abused can be obviously reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of an AT instruction authority management method in an embodiment of the present application;
fig. 2 is a flowchart of AT command permission mode switching in the embodiment of the present application;
fig. 3 is a schematic block diagram of an apparatus corresponding to AT command authority management methods one to one in the embodiment of the present application;
FIG. 4 is a schematic block diagram of another apparatus corresponding to AT command authority management method in one-to-one embodiment of the present application;
fig. 5 is a schematic diagram of a computer device in an embodiment of the present application.
Detailed Description
For better understanding of the technical solutions of the present application, the following detailed descriptions of the embodiments of the present application are provided with reference to the accompanying drawings.
It should be understood that the embodiments described are only a few embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terminology used in the embodiments of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the examples of this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be understood that the term "and/or" as used herein is merely a field that describes the same of an associated object, meaning that three relationships may exist, e.g., A and/or B, may indicate: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
It should be understood that although the terms first, second, third, etc. may be used to describe preset ranges, etc. in the embodiments of the present application, these preset ranges should not be limited to these terms. These terms are only used to distinguish preset ranges from one another. For example, the first preset range may also be referred to as a second preset range, and similarly, the second preset range may also be referred to as the first preset range, without departing from the scope of the embodiments of the present application.
The word "if," as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection," depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.
The application provides an AT instruction authority management method. Fig. 1 is a flowchart of an AT command authority management method in an embodiment of the present application. The AT instruction authority management method can be applied to an upper computer, a communication module and related computer equipment. In this application, the host computer need just can correspond the control of authority level to the communication module under the prerequisite of authorizing the authentication through AT instruction authority, compares with the mode that the host computer that prior art exists controlled the communication module, and the condition that less AT instruction was abused can be showing to the method of this application for AT instruction can be used more correctly, safely. As shown in fig. 1, the AT command authority management method includes the following steps:
s10: the first device acquires an authority switching instruction input by a user.
The first device may specifically be an upper computer, and the upper computer may be a computer that can directly issue a control instruction, for example, the control of the connected communication module may be implemented by issuing an AT instruction.
The permission switching instruction is used for triggering the first device to send a permission switching request to the second device. The permission switching request refers to a request for switching the AT command permission mode of the second device.
In an embodiment, a user can enable the second device to switch the current AT instruction permission mode by inputting a permission switching instruction in the upper computer, so that the first device can realize control over the second device by sending the AT instruction in the switched AT instruction permission mode.
In this application, the AT command includes AT least two permission modes. In one embodiment, the AT command can be specifically set to three privilege modes, such as normal mode, engineering mode, and privileged mode. Wherein, only supporting executing the common instruction in the common mode is the default AT instruction authority mode of the communication module. The engineering mode can support the execution of engineering instructions and common instructions, and the authority level of the engineering mode is higher than that of the common mode. And the privilege mode can support the execution of a privileged instruction, an engineering instruction and a common instruction, and the authority level of the privilege mode is higher than that of the engineering mode and the common mode. Further, the general instruction may specifically include an AT instruction that is disclosed to be normally usable by the user. The engineering instruction is specifically used for production line production, internal tools such as partition backup, debugging port opening instructions, functional parameter setting and the like. The privileged instruction is used for some key information inquiry or special function starting of the communication module, special function parameter setting and the like.
In this application, the AT instruction that receives and realize function feedback with the communication module is categorised to AT instruction according to different categorised AT instruction realizes different AT instruction authority mode control, makes the user can't control the AT instruction that the communication module sent through host computer equipment AT will, has standardized the application range of AT instruction.
S20: the first device generates an authority switching request according to the authority switching instruction and sends the authority switching request to the second device, wherein the authority switching request comprises a first target authority mode.
The permission target mode refers to an AT command permission mode desired by the user. In the permission target mode, the first device can send a control instruction to the second device by sending a specific AT instruction.
In an embodiment, after receiving a permission switching instruction input by a user, a first device triggers a permission switching request and sends the permission switching request to a second device. The permission switching request comprises a first target permission mode, so that the second equipment can switch the AT instruction permission mode according to the first target permission mode, and the first equipment can send the AT instruction with the corresponding permission in the first target permission mode to realize function control on the second equipment.
S30: and the second equipment receives the permission switching request sent by the first equipment.
S40: and when the first target permission mode is higher than the permission level of the current AT instruction permission mode, the second equipment sends permission switching information to the first equipment according to the permission switching request.
And the permission switching information is used for the first equipment and the second equipment to realize the promotion authentication of the AT instruction permission mode. The authority switching information carries some information for realizing the promotion authentication of the authority mode.
In an embodiment, if the first target permission mode sent by the first device is higher than the permission level of the current AT command permission mode of the second device, the permission switching request sent by the first device is considered to be a request for level elevation of the AT command permission mode, and the next procedure is a procedure for implementing authentication for elevation of the AT command permission mode between the first device and the second device. Specifically, the second device sends the permission switching information to the first device according to the permission switching request, so as to complete the promotion authentication of the AT instruction permission mode.
S50: and the first equipment receives the permission switching information sent by the second equipment.
S60: and the first equipment sends the permission confirmation information to the second equipment according to the permission switching information.
The permission confirmation information and the permission switching information are also used for the first device and the second device to achieve the promotion authentication of the AT instruction permission mode, and the permission confirmation information is information fed back by the permission switching information received by the first device and is used for information authentication with the second device finally, so that the permission promotion authentication is completed.
In an embodiment, after receiving the permission switching information, the first device correspondingly generates permission confirmation information for permission promotion authentication and sends the permission confirmation information to the second device, so that the second device performs the permission promotion authentication according to the permission confirmation information, and the second device can switch to the AT instruction permission mode expected by the first device.
S70: and the second equipment receives the permission confirmation information sent by the first equipment, and switches the AT instruction permission mode into the first target permission mode according to the permission confirmation information.
In an embodiment, when the second device confirms that the communication between the first device and the second device conforms to the authentication of authority promotion according to the authority confirmation information, the second device switches the AT instruction authority mode to the first target authority mode, so that the first device can realize the control of the second device by inputting the AT instruction allowed to be executed under the authority in the first target authority mode.
In steps S10 to S70, an authority confirmation mechanism is set for the AT instruction, and when the upper computer initiates control on the communication module through the AT instruction, the upper computer first needs to meet the requirement of the authority level permitted by the communication module. When the permission level permitted by the upper computer for communication is high enough, the communication module can be correspondingly controlled under the permission, and when the permission level permitted by the upper computer for communication is low, the permission level of the communication module is improved by the upper computer in a permission authentication mode, so that the permission level permitted for communication is improved, and further control over the communication module is realized. In the embodiment of the application, the AT instruction can be correctly and safely used by setting the permission level to the AT instruction, and the condition that the AT instruction is abused can be obviously reduced.
Further, in step S40, that is, when the first target permission mode is higher than the permission level of the current AT instruction permission mode, the step of sending, by the second device, permission switching information to the first device according to the permission switching request specifically includes the following steps:
s41: the second device obtains the current AT command permission mode.
In an embodiment, before the AT command authority mode is not switched, the AT command of the second device is the current AT command authority mode, for example, if the communication module does not switch any AT command authority mode, the current AT command authority mode is set to be the normal mode according to default initialization.
S42: the second device compares the permission levels of the current AT command permission mode and the first target permission mode.
It can be understood that different AT command permission modes correspond to different permission levels. In an embodiment, the permission level of the first target permission mode sent by the first device is compared with the permission level of the current AT instruction permission mode of the second device, and if the first target permission mode is different from the current AT instruction permission mode of the second device, especially if the permission level of the first target permission mode is higher than the current AT instruction permission mode of the second device, the second device may be triggered to send related information for switching the current AT instruction permission mode to the first device.
S43: and if the first target permission mode is higher than the permission level of the current AT instruction permission mode, the second equipment generates an authentication password acquisition request and a verification random number.
Wherein the authentication password acquisition request is a request directed to the first device to acquire the authentication password. The verification random number is a random number used for identity verification, which refers to verification related to the identity of the first device.
In an embodiment, when the first target permission mode is higher than the permission level of the current AT command permission mode, the second device considers that the first device has a requirement for increasing the permission level, and AT this time, the second device may specifically generate an authentication password acquisition request and a check random number to complete a process of increasing the authentication of the AT command permission mode.
S44: the second device sends the current AT instruction authority mode, the authentication password acquisition request and the verification random number as authority switching information to the first device.
In an embodiment, the permission switching information may specifically include an AT command permission mode, an authentication password acquisition request, and a check random number, so that the first device can generate an authentication password according to the information, and send the authentication password to the second device to implement the advanced authentication of the AT command permission mode.
In steps S41 to S44, the second device sends the current AT instruction permission mode, the authentication password acquisition request, and the verification random number as permission switching information to the first device, so that the first device can realize the advanced authentication of the AT instruction permission mode according to the permission switching information.
Further, the permission confirmation information includes the second target permission mode, the device identification of the first device, and the authentication password.
Wherein the second target permission mode may be the same as the first target permission mode. In the embodiment of the present application, the second target permission mode is provided to verify whether the first device and the second device complete the authentication process of the AT command permission mode on the same AT communication channel. It can be understood that when the second target permission mode is the same as the first target permission mode, the first device receiving the permission switch information and the first device sending the permission switch request are considered to be the same device and complete information transmission on the same communication AT communication channel. Therefore, the switching of the AT instruction permission modes can be realized on the independent AT communication channels when the first equipment requests the second equipment to improve the AT instruction permission mode. Furthermore, a plurality of AT communication channels are supported between the second device and the first device to realize command control through AT commands, and in each AT communication channel, an independent AT command authority mode can be set for each AT communication channel through verification of the first target authority mode and the second target authority mode, so that even under the condition that only one second device and one first device are provided, multi-authority control of the AT commands can be realized by setting different AT command authority modes.
The device identifier of the first device refers to an identifier capable of uniquely identifying an identity or model of the device, and the device identifier of the first device may have multiple existence forms, which is not limited herein.
The authentication password can be obtained by encrypting the first device through an encryption algorithm according to the device identifier and the check random number of the first device, or according to the device identifier and the check random number of the first device and the current AT instruction authority mode of the second device. It should be noted that the encryption algorithm has a mapping relationship with the device identifier of the first device, that is, the encryption algorithms corresponding to the first devices of different models or machine numbers are different. Thus, different AT command authority modes may use different authorization policies for the first device, for example, the engineering mode may use a one-type one-secret policy, and the privilege mode may use a one-machine one-secret policy.
Further, in step S70, that is, in the step that the second device receives the permission confirmation information sent by the first device and switches the AT instruction permission mode into the first target permission mode according to the permission confirmation information, the method specifically includes the following steps:
s711: the second device decrypts the authentication password by adopting a decryption algorithm and the device identifier of the first device to obtain a check value, wherein the authentication password is generated according to the device identifier of the first device, the check random number and the encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relation with the device identifier of the first device.
In an embodiment, in the decryption stage, the second device decrypts the device identifier and the authentication password according to the first device (if the current AT command authority mode of the second device is encrypted in the encryption stage, the decryption needs to be performed symmetrically), and obtains the check value. And comparing the current value with a value to be checked which is calculated in advance and stored in the second equipment according to the check value, thereby confirming the switching of the AT instruction permission mode of the second equipment.
S712: and when the check value is equal to the check random number and the authority modes of the first target authority mode and the second target authority mode are the same, the second equipment switches the AT instruction authority mode into the first target authority mode.
In an embodiment, if the check value is the same as the value to be checked, the first device requests the second device to pass the request for increasing the permission level, and the second device switches to the AT instruction permission mode with a higher level. The second device authorizes the first device, and the first device can send an AT command to control the second device in an AT channel communication mode.
In steps S711-S712, the second device decrypts the authentication password to obtain a check value, and determines the switching of the AT command permission mode of the second device by using the check value, so that when the authentication password calculated by the first device is correct, the check value decrypted by the second device is also correct, and permission management of one type and one secret can be implemented. It can be understood that, in the present application, a specific first device enables a second device to perform an elevated switching of an authority mode, and when the first device is able to correctly generate the authority confirmation information according to the authority switching information sent by the second device, the second device may implement the elevated switching of the authority mode.
Further, when the first target permission mode is lower than the permission level of the current AT command permission mode, the method further includes the steps of:
and the second equipment switches the AT instruction permission mode into the first target permission mode.
In one embodiment, if the first target permission mode is lower than the permission level of the current AT command permission mode, the second device may consider this to be a request to lower the permission level. The second device may directly switch the AT command permission mode to a first target permission mode having a lower permission level than a current AT command permission mode of the second device.
Further, after step S70, that is, after the step that the second device receives the permission confirmation information sent by the first device and switches the AT instruction permission mode to the first target permission mode according to the permission confirmation information, the method further includes the following steps:
s721: the second device generates the authority change information and sends the authority change information to the first device.
The permission change information indicates that the second device AT instructs a permission mode change.
S722: and the second equipment receives the feedback information sent by the first equipment and confirms that the AT command permission mode known by the first equipment is switched into the first target permission mode.
The feedback information is information which is fed back by the first device according to the received permission change information and is used for knowing that the AT instruction permission mode is successfully switched.
In steps S721-S722, after the second device completes the switching of the AT command permission mode, the first device is notified of the successful switching message, and the first device also feeds back a message to the second device, where the successful switching of the AT command permission mode is already completed by the second device, so that it can be determined that both the first device and the second device know the current AT command permission mode, and the first device can implement the control of the second device by sending an AT command in the AT command permission mode.
Fig. 2 is a flowchart of an AT command permission mode switching in the embodiment of the present application. As shown in fig. 2, the host computer is the first device mentioned in the above embodiment, and the (communication) module is the second device mentioned in the above embodiment. Specifically, the module defaults to enter a common mode after being started, and when the upper computer needs to switch the module to an appointed authority mode, a mode switching instruction is sent to the module. Taking AT + CHMOD (function of changing the authority) as an example of the mode switching instruction, the mode switching process is shown in fig. 2:
step 1: the upper computer switches the module permission MODE through an AT + CHMOD = 'MODE' command, wherein the MODE parameter can identify a common MODE, an engineering MODE or a privileged MODE.
Step 2: if the current authority mode of the module is lower than the authority mode which needs to be set by the upper computer, if the common mode is switched to the process mode or the privilege mode, authority-raising authentication needs to be carried out, for example: the module returns r (carriage return symbol) \ n (line feed symbol) + CHMOD wherein the MODE parameter identifies the current MODE of the module, "PIN REQUERD" is the request to enter the authentication code and "RAND" is the random number to calculate the authentication code.
The upper computer calculates an authentication CODE PIN CODE according to the RAND random number and an encryption algorithm, and tries to switch the authority MODE again through AT + CHMOD = ' MODE ' and PIN CODE '; the module verifies the PIN CODE according to the RAND and the decryption algorithm, if the verification is passed, the module switches the current AT channel to an appointed authority mode and returns \ r \ nOK \ r \ n to the upper computer; if the verification fails, the module keeps the original mode and returns \ r \ nERROR \ r \ n to the upper computer.
And 3, step 3: if the current authority mode of the module is higher than the authority mode which needs to be set by the upper computer, if the authority mode is switched to the common mode, the module directly switches the current AT channel to the appointed authority mode and returns \ r \ nOK \ r \ n to the upper computer.
In the embodiment of the application, an authority confirmation mechanism is set for the AT instruction, and when the upper computer initiates control on the communication module through the AT instruction, the upper computer firstly needs to meet the requirement of the authority level permitted by the communication module. When the permission level permitted by the upper computer for communication is high enough, the communication module can be correspondingly controlled under the permission, and when the permission level permitted by the upper computer for communication is low, the permission level of the communication module is improved by the upper computer in a permission authentication mode, so that the permission level permitted for communication is improved, and further control over the communication module is realized. In the embodiment of the application, the AT instruction can be correctly and safely used by setting the authority level to the AT instruction, and the condition that the AT instruction is abused can be obviously reduced.
Further, the method and the device further send the current AT instruction permission mode, the authentication password acquisition request and the verification random number as permission switching information to the first device, so that the first device can realize the promotion authentication of the AT instruction permission mode according to the permission switching information.
Furthermore, the method and the device further decrypt the authentication password to obtain the check value, and determine the switching of the AT instruction permission mode of the second device by using the check value, so that when the authentication password obtained by the calculation of the first device is correct, the check value obtained by the decryption of the second device is also correct, and one-type one-secret and one-machine one-secret permission management can be realized.
Further, the method and the device can also directly switch the AT command permission mode into a first target permission mode with a lower permission level compared with the current AT command permission mode of the second device.
Further, after the second device completes the switching of the AT instruction permission mode, the first device is notified of the successful switching message, and the first device feeds back a message that the second device completes the successful switching of the AT instruction permission mode to the second device, so that it can be determined that both the first device and the second device know the current AT instruction permission mode, and the first device can realize the control of the second device by sending an AT instruction in the AT instruction permission mode.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Fig. 3 is a schematic block diagram of an apparatus corresponding to AT command authority management methods one to one in this embodiment of the present application. As shown in fig. 3, the AT command authority management device 1 includes a first receiving module 10, a first transmitting module 20, and a second receiving module 30.
A first receiving module 10, configured to receive, by a second device, an authority switching request sent by a first device, where the authority switching request includes a first target authority mode.
A first sending module 20, configured to, when the first target permission mode is higher than the permission level of the current AT instruction permission mode, send permission switching information to the first device by the second device according to the permission switching request.
The second receiving module 30 is configured to receive the permission confirmation information sent by the first device, and switch the AT instruction permission mode to the first target permission mode according to the permission confirmation information, where the permission confirmation information is generated according to the permission switching information.
Further, the first sending module 20 is further specifically configured to:
and acquiring the current AT instruction authority mode.
The permission levels of the current AT command permission pattern and the first target permission pattern are compared.
And if the first target authority mode is higher than the authority level of the current AT instruction authority mode, generating an authentication password acquisition request and a verification random number.
And sending the current AT instruction authority mode, the authentication password acquisition request and the verification random number as authority switching information to the first equipment.
Further, the authority confirmation information includes the second target authority mode, the device identification of the first device, and the authentication password.
Further, the second receiving module 30 is further specifically configured to:
and decrypting the authentication password by adopting a decryption algorithm and the equipment identifier of the first equipment to obtain a check value, wherein the authentication password is generated according to the equipment identifier of the first equipment, the check random number and the encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relation with the equipment identifier of the first equipment.
And when the check value is equal to the check random number and the authority modes of the first target authority mode and the second target authority mode are the same, switching the AT instruction authority mode into the first target authority mode.
Further, when the first target permission mode is lower than the permission level of the current AT command permission mode, the AT command permission management apparatus 1 is further specifically configured to:
and switching the AT instruction permission mode into a first target permission mode.
Further, the AT command authority management device 1 is further specifically configured to:
and generating authority change information and sending the authority change information to the first device.
And receiving feedback information sent by the first equipment, and confirming that the first equipment knows that the AT instruction permission mode is switched to the first target permission mode.
Fig. 4 is a schematic block diagram of another apparatus corresponding to the AT command authority management method in one-to-one embodiment of the present application. As shown in fig. 4, the AT command right management apparatus 2 includes an obtaining module 40, a second sending module 50, a third receiving module 60, and a third sending module 70.
The obtaining module 40 is configured to obtain, by the first device, an authority switching instruction input by the user.
A second sending module 50, configured to generate, by the first device, an authority switching request according to the authority switching instruction, and send the authority switching request to the second device, where the authority switching request includes a first target authority mode.
A third receiving module 60, configured to, when the first target permission mode is higher than the permission level of the current AT instruction permission mode, receive, by the first device, permission switching information sent by the second device.
A third sending module 70, configured to send, by the first device, permission confirmation information to the second device according to the permission switching information, so as to determine the AT instruction permission mode of the second device according to the permission confirmation information.
In the embodiment of the application, an authority confirmation mechanism is set for the AT instruction, and when the upper computer initiates control on the communication module through the AT instruction, the upper computer firstly needs to meet the requirement of authority level permitted by the communication module. When the permission level permitted by the upper computer for communication is high enough, the communication module can be correspondingly controlled under the permission, and when the permission level permitted by the upper computer for communication is low, the permission level of the communication module is improved by the upper computer in a permission authentication mode, so that the permission level permitted for communication is improved, and further control over the communication module is realized. In the embodiment of the application, the AT instruction can be correctly and safely used by setting the permission level to the AT instruction, and the condition that the AT instruction is abused can be obviously reduced.
Further, the method and the device further send the current AT instruction permission mode, the authentication password acquisition request and the verification random number as permission switching information to the first device, so that the first device can realize the promotion authentication of the AT instruction permission mode according to the permission switching information. The method and the device have the advantages that the verification value is obtained by decrypting the authentication password, and the switching of the AT instruction permission mode of the second device is determined by utilizing the verification value, so that when the authentication password obtained by calculation of the first device is correct, the verification value obtained by decryption of the second device is also correct, and one-type-one-secret and one-machine-one-secret permission management can be realized. The method and the device can also directly switch the AT command permission mode into a first target permission mode with lower permission level compared with the current AT command permission mode of the second device. After the second device completes the switching of the AT instruction permission mode, the method and the device also inform the first device of the successful switching message, and the first device also feeds back a message which indicates that the second device completes the switching of the AT instruction permission mode to the second device, so that the first device and the second device can be determined to know the current AT instruction permission mode, and the first device can realize the control of the second device by sending an AT instruction in the AT instruction permission mode.
The present application also provides a computer-readable storage medium storing computer-readable instructions, which when executed by a processor implement the AT instruction rights management method of the embodiment.
The application also provides a computer device. Fig. 5 is a schematic diagram of a computer device in an embodiment of the present application. As shown in fig. 5, computer device 110 includes a processor 111, a memory 112, and computer readable instructions 113 stored in memory 112 and executable on processor 111. The processor 111, when executing the computer readable instructions 113, performs the steps of the AT instruction rights management method.
Illustratively, the computer readable instructions 113 may be divided into one or more modules/units, which are stored in the memory 112 and executed by the processor 111 to complete the application. One or more modules/units may be a series of computer-readable instruction segments capable of performing certain functions, which are used to describe the execution of computer-readable instructions 113 in computer device 110.
The computing device 110 may be a desktop computer, a notebook, a palmtop, a cloud server, or other computing device. The computer device may include, but is not limited to, a processor 111, a memory 112. Those skilled in the art will appreciate that fig. 5 is merely an example of a computer device 110 and is not intended to limit computer device 110 and may include more or fewer components than those shown, or some of the components may be combined, or different components, e.g., the computer device may also include input output devices, network access devices, buses, etc.
The Processor 111 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 112 may be an internal storage unit of the computer device 110, such as a hard disk or a memory of the computer device 110. The memory 112 may also be an external storage device of the computer device 110, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the computer device 110. Further, memory 112 may also include both internal and external storage for computer device 110. The memory 112 is used to store computer readable instructions and other programs and data required by the computer device. The memory 112 may also be used to temporarily store data that has been output or is to be output.
The embodiment of the application can acquire and process related data based on an artificial intelligence technology. Among them, artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.
The artificial intelligence infrastructure generally includes technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a robot technology, a biological recognition technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and the like.
In the embodiment of the application, the server may be an independent server, or may be a cloud server that provides basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, content Delivery Network (CDN), big data, an artificial intelligence platform, and the like.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated module/unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow in the method of the embodiments described above can be realized by the present application, and can also be realized by hardware related to computer readable instructions, which can be stored in a computer readable storage medium, and when the computer readable instructions are executed by a processor, the steps of the above described method embodiments can be realized. Wherein the computer readable instructions comprise computer readable instruction code which may be in source code form, object code form, an executable file or some intermediate form, and the like. The computer-readable medium may include: any entity or device capable of carrying the computer-readable instruction code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain suitable additions or subtractions depending on the requirements of legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media may not include electrical carrier signals or telecommunication signals in accordance with legislation and patent practice.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules, so as to perform all or part of the functions described above.
The above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (10)

1. An AT command authority management method, wherein the AT command includes AT least two authority modes, the method comprising the following steps performed by a second device:
receiving a permission switching request sent by first equipment, wherein the permission switching request comprises a first target permission mode;
when the authority level of the first target authority mode is higher than that of the current AT instruction authority mode, authority switching information is sent to the first equipment according to the authority switching request;
and receiving permission confirmation information sent by the first equipment, and switching the AT instruction permission mode into the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
2. The method as claimed in claim 1, wherein the sending permission switch information to the first device according to the permission switch request when the first target permission mode is higher than the permission level of the current AT command permission mode comprises:
acquiring a current AT instruction authority mode;
comparing the permission levels of the current AT command permission mode and the first target permission mode;
if the first target permission mode is higher than the permission level of the current AT instruction permission mode, generating an authentication password acquisition request and a verification random number;
and sending the current AT instruction permission mode, the authentication password acquisition request and the check random number as the permission switching information to the first equipment.
3. The method of claim 2, wherein the permission validation information comprises a second target permission mode, a device identifier of the first device, and an authentication password, and wherein switching the AT instruction permission mode to the first target permission mode according to the permission validation information comprises:
decrypting the authentication password by adopting a decryption algorithm and the equipment identifier of the first equipment to obtain a check value, wherein the authentication password is generated according to the equipment identifier of the first equipment, the check random number and an encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relation with the equipment identifier of the first equipment;
and when the check value is equal to the check random number and the permission modes of the first target permission mode and the second target permission mode are the same, switching the AT instruction permission mode to the first target permission mode.
4. The method as claimed in claim 1, wherein when the first target permission mode is lower than the permission level of the AT command permission mode AT present, the method further comprises:
and switching the AT instruction permission mode into the first target permission mode.
5. The method as claimed in any one of claims 1-4, wherein after the receiving the permission confirmation information sent by the first device, and switching the AT instruction permission mode to the first target permission mode according to the permission confirmation information, the method further comprises:
generating authority change information and sending the authority change information to the first equipment;
and receiving feedback information sent by the first device, and confirming that the first device knows that the AT instruction permission mode is switched to the first target permission mode.
6. An AT command authority management method, wherein the AT command includes AT least two authority modes, the method comprising the following steps performed by a first device:
acquiring an authority switching instruction input by a user;
generating an authority switching request according to the authority switching instruction, and sending the authority switching request to second equipment, wherein the authority switching request comprises a first target authority mode;
when the first target permission mode is higher than the permission level of the current AT instruction permission mode, permission switching information sent by the second equipment is received;
and sending permission confirmation information to the second equipment according to the permission switching information so as to determine the AT instruction permission mode of the second equipment according to the permission confirmation information.
7. An AT instruction right management apparatus, comprising:
the first receiving module is used for receiving an authority switching request sent by first equipment by second equipment, wherein the authority switching request comprises a first target authority mode;
a first sending module, configured to, when the first target permission mode is higher than a permission level of a current AT instruction permission mode, send, by the second device, permission switching information to the first device according to the permission switching request;
and the second receiving module is used for receiving the permission confirmation information sent by the first equipment by the second equipment and switching the AT instruction permission mode into the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
8. An AT command authority management apparatus, comprising:
the acquisition module is used for acquiring a permission switching instruction input by a user by first equipment;
the second sending module is used for generating an authority switching request according to the authority switching instruction by the first equipment and sending the authority switching request to the second equipment, wherein the authority switching request comprises a first target authority mode;
a third receiving module, configured to, when the first target permission mode is higher than a permission level of a current AT instruction permission mode, receive, by the first device, permission switching information sent by the second device;
and a third sending module, configured to send, by the first device, permission confirmation information to the second device according to the permission switching information, so as to determine the AT instruction permission mode of the second device according to the permission confirmation information.
9. A computer device comprising a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, wherein the processor when executing the computer readable instructions performs the steps of the AT instruction rights management method of any of claims 1-6.
10. A computer readable storage medium storing computer readable instructions, wherein the computer readable instructions, when executed by a processor, implement the steps of the AT instruction rights management method of any of claims 1-6.
CN202211481242.8A 2022-11-24 2022-11-24 AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium Pending CN115730293A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211481242.8A CN115730293A (en) 2022-11-24 2022-11-24 AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211481242.8A CN115730293A (en) 2022-11-24 2022-11-24 AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115730293A true CN115730293A (en) 2023-03-03

Family

ID=85297949

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211481242.8A Pending CN115730293A (en) 2022-11-24 2022-11-24 AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115730293A (en)

Similar Documents

Publication Publication Date Title
RU2620998C2 (en) Method and authentication device for unlocking administrative rights
CN101258505B (en) Secure software updates
US5548721A (en) Method of conducting secure operations on an uncontrolled network
CN110138562B (en) Certificate issuing method, device and system of intelligent equipment
CN114826577A (en) Secure provisioning and management of devices
CN109981562B (en) Software development kit authorization method and device
CN109361508B (en) Data transmission method, electronic device and computer readable storage medium
CN105915338B (en) Generate the method and system of key
CN112887282B (en) Identity authentication method, device, system and electronic equipment
CN110879880B (en) Password device for user to autonomously control data security level protection
KR101809974B1 (en) A system for security certification generating authentication key combinating multi-user element and a method thereof
CN112187470B (en) Internet of things certificate distribution method, device and system, storage medium and electronic device
US20210091945A1 (en) Key Processing Method and Apparatus
CN111614548A (en) Message pushing method and device, computer equipment and storage medium
CN112632521A (en) Request response method and device, electronic equipment and storage medium
CN111901303A (en) Device authentication method and apparatus, storage medium, and electronic apparatus
CN111459869B (en) Data access method, device, equipment and storage medium
CN108471403B (en) Account migration method and device, terminal equipment and storage medium
CN111338841A (en) Data processing method, device, equipment and storage medium
CN115730293A (en) AT instruction authority management method, AT instruction authority management device, computer equipment and storage medium
CN115242480A (en) Device access method, system and non-volatile computer storage medium
CN111523128B (en) Information protection method, system, electronic equipment and medium
CN110830243A (en) Symmetric key distribution method, device, vehicle and storage medium
CN110972141B (en) Information verification method and device, electronic equipment and readable storage medium
CN110365654B (en) Data transmission control method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination