CN117708794A - Equipment authorization method and equipment authorization device - Google Patents
Equipment authorization method and equipment authorization device Download PDFInfo
- Publication number
- CN117708794A CN117708794A CN202311794006.6A CN202311794006A CN117708794A CN 117708794 A CN117708794 A CN 117708794A CN 202311794006 A CN202311794006 A CN 202311794006A CN 117708794 A CN117708794 A CN 117708794A
- Authority
- CN
- China
- Prior art keywords
- authorization
- authorized
- equipment
- hardware information
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 438
- 238000000034 method Methods 0.000 title claims abstract description 102
- 238000012795 verification Methods 0.000 claims abstract description 54
- 238000012545 processing Methods 0.000 claims description 27
- 230000008859 change Effects 0.000 claims description 5
- 238000012797 qualification Methods 0.000 claims description 5
- 230000006855 networking Effects 0.000 abstract description 13
- 238000011161 development Methods 0.000 abstract description 10
- 238000012423 maintenance Methods 0.000 abstract description 10
- 230000008569 process Effects 0.000 description 16
- 238000004590 computer program Methods 0.000 description 10
- 230000008676 import Effects 0.000 description 8
- 238000004519 manufacturing process Methods 0.000 description 8
- 238000013478 data encryption standard Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000003190 augmentative effect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Abstract
The application discloses a device authorization method and a device authorization device, and belongs to the technical field of computers. The device authorization method comprises the following steps: acquiring local authorization hardware information corresponding to equipment to be authorized; under the condition that an authorization file is stored in the equipment to be authorized, verifying the equipment to be authorized based on the local authorization hardware information and the authorization file; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment; and under the condition that verification is passed, authorizing the equipment to be authorized. The equipment authorization method can effectively save development cost required by networking verification, the verification authorization mode is simple and convenient, subsequent maintenance cost and labor cost are low, and user experience is effectively improved.
Description
Technical Field
The application belongs to the technical field of computers, and particularly relates to a device authorization method and a device authorization device.
Background
In order to protect the software assets of a device from being applied at will to other device production ends, the related software assets are limited to be used only on hardware devices produced by the company, i.e. only authorized devices can use the related software. In the related art, authorization verification is mainly performed by means of internet server networking authorization, generating an authorization file based on a machine code and acquiring a system serial number. However, the method has the problems of high development cost, high maintenance cost and complex operation, and influences the user experience.
Disclosure of Invention
The present application aims to solve at least one of the technical problems existing in the prior art. Therefore, the device authorization method and device can effectively save development cost required by networking verification, the verification authorization mode is simple and convenient, subsequent maintenance cost and labor are low, and user experience is effectively improved.
In a first aspect, the present application provides a device authorization method, applied to a device end, where the method includes:
acquiring local authorization hardware information corresponding to equipment to be authorized;
under the condition that an authorization file is stored in the equipment to be authorized, verifying the equipment to be authorized based on the local authorization hardware information and the authorization file; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment;
and under the condition that verification is passed, authorizing the equipment to be authorized.
According to the equipment authorization method, the equipment to be authorized is verified based on the local authorization hardware information and the authorization file under the condition that the equipment to be authorized has the authorization file by acquiring the local authorization hardware information corresponding to the equipment to be authorized, the equipment to be authorized is authorized without networking through the method, development cost required by networking verification is effectively saved, the equipment to be authorized is authorized under the condition that the equipment to be authorized passes the verification, the verification and authorization mode is simple and convenient, the follow-up maintenance cost and the labor cost are low, and the user experience is improved.
According to the device authorization method of the present application, the verifying the device to be authorized based on the local authorization hardware information and the authorization file includes:
analyzing the authorization file to obtain at least one first authorization hardware information;
and verifying the device to be authorized based on the at least one first authorization hardware information and the local authorization hardware information.
According to the device authorization method of the present application, the analyzing the authorization file to obtain at least one first authorization hardware information includes:
decrypting the authorization file to obtain an encrypted sub-authorization file corresponding to each device in the at least one device;
decrypting each encrypted sub-authorization file to obtain the at least one first authorization hardware information.
According to the device authorization method of the application, the device to be authorized is authorized under the condition that verification is passed, and the method comprises the following steps:
and authorizing the equipment to be authorized under the condition that information consistent with the local authorization hardware information exists in the at least one first authorization hardware information.
A device authorization method according to the present application, the method further comprising:
and under the condition that the authorization file is not in the equipment to be authorized, the equipment to be authorized is not authorized.
In a second aspect, the present application provides a device authorization method, applied to a supply end, where the method includes:
acquiring local authorization hardware information of at least one device;
encrypting each piece of local authorization hardware information to obtain the authorization file;
and importing the authorization file into each device, wherein the authorization file is used for authorization verification of the devices.
According to the device authorization method, the local authorization hardware information of at least one device is acquired, the local authorization hardware information is stored in the authorization file in an encrypted mode, the security of authorization verification is improved, the authorization file is imported into the devices in batches, whether the devices can be authorized by using the same authorization file verification device or not is avoided, the complicated operation that different authorization files are needed to be imported into the authorization files by using the devices is avoided, labor cost is reduced, and user experience is improved.
According to the device authorization method of the present application, the encrypting each piece of local authorization hardware information to obtain the authorization file includes:
encrypting the local authorization hardware information through a target algorithm to obtain an encrypted sub-authorization file corresponding to each device;
Storing at least one encrypted sub-authorization file in a unified target authorization file;
encrypting the target authorization file to obtain the authorization file.
According to the device authorization method of the present application, the obtaining local authorization hardware information of at least one device includes:
under the condition that a target device in the at least one device has authorization qualification, acquiring information with uniqueness of the target device, wherein the information with uniqueness is information which is not correspondingly changed by power-off of firmware, restarting of a system and change of system re-brushing;
and storing the information with the uniqueness as structured data to obtain the local authorized hardware information corresponding to the target equipment.
According to the device authorization method of the application, the local authorization hardware information comprises: at least one of a chip serial number, a vendor identification code, and a product identification code of at least one device.
In a third aspect, the present application provides an apparatus authorization device, applied to an apparatus end, where the device includes:
the first processing module is used for acquiring local authorization hardware information corresponding to the equipment to be authorized;
the second processing module is used for verifying the equipment to be authorized based on the local authorization hardware information and the authorization file under the condition that the authorization file is stored in the equipment to be authorized; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment;
And the third processing module is used for authorizing the equipment to be authorized under the condition that the verification is passed.
According to the device authorizing device, the device to be authorized is authenticated based on the local authorization hardware information and the authorization file under the condition that the device to be authorized has the authorization file by acquiring the local authorization hardware information corresponding to the device to be authorized, the device to be authorized is authorized without networking through the method, development cost required by networking authentication is effectively saved, the device to be authorized is authorized under the condition that the device to be authorized passes the authentication, the mode of authentication and authorization is simple and convenient, the follow-up maintenance cost and the labor cost are low, and the user experience is improved.
In a fourth aspect, the present application provides a device authorization apparatus, for application to a supply end, the apparatus comprising:
the fourth processing module is used for acquiring the local authorized hardware information of at least one device;
the fifth processing module is used for encrypting the local authorization hardware information respectively to acquire the authorization file;
and a sixth processing module, configured to import the authorization file into each device, where the authorization file is used for authorization verification by the device.
According to the device authorization apparatus, local authorization hardware information of at least one device is obtained, and each piece of local authorization hardware information is stored in the authorization file in an encrypted manner, so that the security of authorization verification is improved, the authorization files are imported into each device in batches, whether the devices can be authorized by using the same authorization file verification device or not is avoided, the complicated operation that each device needs to import the authorization files respectively by using different authorization files is avoided, the labor cost is reduced, and the user experience is improved.
In a fifth aspect, the present application provides an electronic device, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the device authorization method according to the first aspect described above when executing the computer program.
In a sixth aspect, the present application provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a device authorization method as described in the first aspect above.
In a seventh aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements a device authorization method as described in the first aspect above.
The above technical solutions in the embodiments of the present application have at least one of the following technical effects:
the method has the advantages that the local authorization hardware information corresponding to the equipment to be authorized is obtained, under the condition that the equipment to be authorized has the authorization file, the equipment to be authorized is verified based on the local authorization hardware information and the authorization file, the network is not required to be connected through the method for authorization, the development cost required by the network verification is effectively saved, under the condition that the equipment to be authorized passes the verification, the equipment to be authorized is authorized, the verification and authorization mode is simple and convenient, the follow-up maintenance cost and the labor cost are low, and the user experience is improved.
Further, by acquiring the local authorization hardware information of at least one device and encrypting and storing each local authorization hardware information in an authorization file, the security of authorization verification is improved, the authorization files are imported into each device in batches, and each device verifies whether the device can authorize by using the same authorization file, so that the complicated operation that each device needs to import the authorization files respectively by using different authorization files is avoided, the cost is reduced, and the user experience is improved.
Furthermore, by encrypting the local authorization hardware information, the encrypted sub-authorization files corresponding to the devices can be obtained, the encrypted sub-authorization files are stored in the unified target authorization files, the target authorization files are encrypted and finally stored in a binary format, so that a user can conveniently use the authorization files, and the local authorization hardware information is encrypted twice, the authorization safety is effectively ensured, the risk of tampering of the device system is avoided, and the user experience is improved.
Additional aspects and advantages of the application will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, wherein:
fig. 1 is one of flow diagrams of a device authorization method provided in an embodiment of the present application;
FIG. 2 is a second flowchart of a device authorization method according to an embodiment of the present disclosure;
FIG. 3 is a third flow chart of a device authorization method according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an apparatus authorization device according to an embodiment of the present application;
FIG. 5 is a second schematic diagram of an apparatus authorization device according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Technical solutions in the embodiments of the present application will be clearly described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application are within the scope of the protection of the present application.
The terms first, second and the like in the description and in the claims, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged, as appropriate, such that embodiments of the present application may be implemented in sequences other than those illustrated or described herein, and that the objects identified by "first," "second," etc. are generally of a type and not limited to the number of objects, e.g., the first object may be one or more. Furthermore, in the description and claims, "and/or" means at least one of the connected objects, and the character "/", generally means that the associated object is an "or" relationship.
The device authorization method, the device authorization apparatus, the electronic device and the readable storage medium provided in the embodiments of the present application are described in detail below with reference to the accompanying drawings by means of specific embodiments and application scenarios thereof.
The device authorization method can be applied to the terminal, and can be specifically executed by hardware or software in the terminal.
The terminal includes, but is not limited to, a portable communication device such as a mobile phone or tablet computer. It should also be appreciated that in some embodiments, the terminal may not be a portable communication device, but rather a desktop computer.
In the following various embodiments, a terminal including a display and a touch sensitive surface is described. However, it should be understood that the terminal may include one or more other physical user interface devices such as a physical keyboard, mouse, and joystick.
The execution body of the device authorization method provided in the embodiment of the present application may be an electronic device or a functional module or a functional entity capable of implementing the device authorization method in the electronic device, where the electronic device in the embodiment of the present application includes, but is not limited to, a mobile phone, a tablet computer, a camera, a wearable device, and the like, and the device authorization method provided in the embodiment of the present application is described below by taking the electronic device as an execution body.
The device authorization method is applied to the technical field of computers, and in the field, when authorizing a device, the device end and the supply end are involved, wherein the device end is the device with authorization requirements, and the supply end is the end for supplying the device.
The supply end includes: a production end and an authorization end.
Wherein, the production end is one end of production equipment.
The authorization end generates one end of the authorization file.
As shown in fig. 1, the device authorization method is applied to a device end, and the method includes: step 110, step 120 and step 130.
Step 110, obtaining local authorization hardware information corresponding to equipment to be authorized;
in this step, the device to be authorized is a device having an authorization requirement.
The local authorization hardware information is hardware information related to authorization in the information of the device to be authorized.
The local authorization hardware information may be used to verify whether the device to be authorized can pass authorization verification.
The local authorization hardware information can be obtained by reading the hardware information of the equipment to be authorized, and in the actual execution process, the local authorization hardware information is obtained without networking.
The local authorization hardware information may be provided by the production end of the device.
The local authorization hardware information may be a plurality of character string data.
The local authorization hardware information is information with uniqueness.
The unique information is information which is not correspondingly changed by the power-off of the firmware, the restarting of the system and the change of the system re-brushing.
The unique information can be obtained by analyzing hardware to determine whether the hardware information has the unique information.
Step 120, under the condition that an authorization file is stored in the equipment to be authorized, verifying the equipment to be authorized based on the local authorization hardware information and the authorization file;
in this step, the authorization file is a file that is imported to the device to be authorized by the supply end before the device to be authorized leaves the factory.
The authorization file is stored under a directory of devices to be authorized, the directory being a directory defined by the authorizer.
The catalog can be determined based on actual execution conditions, and the application is not limited; for example, the directory may be an auth folder or a root directory.
The authorization file includes a sub-authorization file corresponding to at least one device.
At least one device is one or more devices that are authorized.
In the actual implementation process, the at least one device may include other devices besides the device to be authorized, may include the device to be authorized and other devices, and may include only the device to be authorized.
The authorization file may be an encrypted file.
In some embodiments, the authorization file may be encrypted by an encryption algorithm, which may be determined based on actual execution conditions, which is not limited in this application; for example, the encryption algorithm may be a national encryption algorithm, an advanced encryption standard (Advanced Encryption Standard, AES) algorithm, a data encryption standard (Data Encryption Standard, DES), a triple data encryption algorithm (triple DES,3 DES), and other various algorithms, or an encryption algorithm after the various algorithms are integrated.
The format of the authorization file is not limited in this application, and for example, the authorization file may be a binary format or other format file.
The verification result is used for judging whether the device to be authorized can be authorized.
In the actual execution process, the verification result can be that the local authorization hardware information is consistent or inconsistent with a certain sub-authorization file in the authorization file; the verification result may also be that the local authorization hardware information has a correspondence relationship or no correspondence relationship with information in a certain sub-authorization file in the authorization file.
In some embodiments, step 120 may further comprise:
analyzing the authorization file to obtain at least one first authorization hardware information;
The device to be authorized is authenticated based on the at least one first authorization hardware information and the local authorization hardware information.
In this embodiment, parsing the authorization file is to decrypt the encrypted authorization file.
The first authorization hardware information is authorization hardware information of each device with authorization qualification stored in the authorization file.
Verifying the device to be authorized may be performed by comparing the at least one first authorization hardware information with the local authorization hardware information.
According to the authorization method of the equipment, at least one piece of first authorization hardware information can be obtained through analyzing the authorization file, the equipment to be authorized is verified offline based on the obtained first authorization hardware information and the local authorization hardware information, verification efficiency is improved, networking is not needed, user experience is improved, and meanwhile safety of a verification process is improved.
In some embodiments, parsing the authorization file to obtain at least one first authorization hardware information includes:
decrypting the authorization file to obtain an encrypted sub-authorization file corresponding to each device in at least one device;
decrypting each encrypted sub-authorization file to obtain at least one first authorization hardware information.
In this embodiment, decrypting the authorization file may be implemented by a decryption algorithm corresponding to the encryption algorithm used to encrypt the authorization file.
In the actual implementation process, the decryption algorithm used for decrypting the authorization file can be determined based on the actual situation, and the application is not limited.
The encrypted sub-authorization file is first authorization hardware information of the encrypted device.
It will be appreciated that each device that has authorization corresponds to an encrypted sub-authorization file.
Decrypting each encrypted sub-license file may be accomplished by a decryption algorithm corresponding to the first license hardware information that encrypts each device.
In the actual implementation process, the decryption algorithm used for decrypting each encrypted sub-authorization file can be determined based on the actual situation, which is not limited in this application.
According to the authorization method of the equipment, under the condition that the authorization file is encrypted, the authorization file is decrypted, a plurality of encrypted sub-authorization files can be obtained, the obtained encrypted sub-authorization files are decrypted, first authorization hardware information corresponding to the plurality of equipment can be obtained, the obtained plurality of first authorization hardware information can be used for verifying the equipment to be authorized, the equipment to be authorized is verified by using offline hardware information, authorization verification cost is effectively reduced, and safety of a verification process is improved.
As shown in fig. 3, in some embodiments, the method may further comprise:
And under the condition that no authorization file exists in the equipment to be authorized, the equipment to be authorized is not authorized.
In this embodiment, the unauthorized file is that the device to be authorized does not import an authorized file before leaving the factory.
It will be appreciated that an unauthorized file may directly determine that a device to be authorized cannot be authorized.
According to the equipment authorization method provided by the embodiment of the application, the equipment to be authorized cannot be authorized by determining that the equipment to be authorized has no authorization file, the authorization judgment mode is simple and convenient, networking is not needed, and the cost is low.
And 130, authorizing the equipment to be authorized under the condition that the verification is passed.
In this step, the verification pass verifies the pass for the local authorization hardware information of the device to be authorized.
Authorization is to allow the device to be authorized to use the associated software resource.
With continued reference to fig. 3, in some embodiments, step 130 may further comprise:
and authorizing the device to be authorized under the condition that the information consistent with the local authorization hardware information exists in the at least one first authorization hardware information.
In this embodiment, the at least one first authorization hardware information is authorization hardware information corresponding to a plurality of authorized devices.
It may be understood that the at least one first authorization hardware information may include local authorization hardware information corresponding to the device to be authorized, and the at least one first authorization hardware information may not include local authorization hardware information corresponding to the device to be authorized.
And under the condition that the at least one piece of first authorization hardware information comprises local authorization hardware information corresponding to the equipment to be authorized, comparing the first authorization hardware information with the local authorization hardware information, and under the condition that the first authorization hardware information is consistent with the local authorization hardware information, verifying the equipment to be authorized.
In the case where the device to be authorized is authenticated, the device to be authorized may be authorized.
And under the condition that the at least one first authorization hardware information does not comprise the local authorization hardware information corresponding to the equipment to be authorized, the equipment to be authorized is not verified.
In the case that the device to be authorized is not verified, the right of the device to be authorized to use the software resource cannot be granted.
According to the device authorization method provided by the embodiment of the application, by determining that the authorization hardware information consistent with the local authorization hardware information exists in at least one piece of first authorization hardware information, the device to be authorized can be authorized through verification of the device to be authorized, the authorization judging mode is simple and convenient, networking is not needed, a corresponding authorization server is not needed to be developed, development cost is not needed, later maintenance cost is low, and user experience is effectively improved.
It will be appreciated that the device to be authorised cannot be authorised in the event that the verification is not passed.
The inventor finds out in the research and development process that in the related technology, authorization verification is mainly carried out in a mode of internet server networking authorization, generating an authorization file based on a machine code and acquiring a system serial number; however, the method has the problems of high development cost, high maintenance cost and complex operation, and influences the user experience.
The method and the device verify the equipment to be authorized based on the local authorization hardware information corresponding to the equipment to be authorized and the authorization file imported before the equipment to be authorized leaves the factory, and the equipment to be authorized is authorized under the condition that verification is passed.
According to the device authorization method provided by the embodiment of the application, the device to be authorized is verified based on the local authorization hardware information and the authorization file under the condition that the device to be authorized has the authorization file by acquiring the local authorization hardware information corresponding to the device to be authorized, the network is not required to be connected through the method for authorization, the development cost required by the network verification is effectively saved, the device to be authorized is authorized under the condition that the device to be authorized passes the verification, the verification and authorization mode is simple and convenient, the follow-up maintenance cost and the labor cost are low, and the user experience is improved.
According to the equipment authorization method provided by the embodiment of the application, the execution body can be an equipment authorization device. In the embodiment of the present application, an apparatus authorization device executes an apparatus authorization method as an example, and the apparatus authorization device provided in the embodiment of the present application is described.
The embodiment of the application also provides a device authorization device which is applied to the device side.
As shown in fig. 4, the apparatus authorization device includes: a first processing module 410, a second processing module 420, and a third processing module 430.
A first processing module 410, configured to obtain local authorization hardware information corresponding to a device to be authorized;
the second processing module 420 is configured to verify the device to be authorized based on the local authorization hardware information and the authorization file when the authorization file is stored in the device to be authorized; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment;
and a third processing module 430, configured to authorize the device to be authorized if the verification passes.
According to the device authorization apparatus provided by the embodiment of the application, the device to be authorized is verified based on the local authorization hardware information and the authorization file under the condition that the device to be authorized has the authorization file by acquiring the local authorization hardware information corresponding to the device to be authorized, the network is not required to be connected through the method for authorization, the development cost required by the network verification is effectively saved, the device to be authorized is authorized under the condition that the device to be authorized passes the verification, the verification and authorization mode is simple and convenient, the subsequent maintenance cost and the labor cost are low, and the user experience is improved.
In some embodiments, the second processing module 420 may also be configured to:
analyzing the authorization file to obtain at least one first authorization hardware information;
the device to be authorized is authenticated based on the at least one first authorization hardware information and the local authorization hardware information.
In some embodiments, the apparatus may further include a seventh processing module to:
decrypting the authorization file to obtain an encrypted sub-authorization file corresponding to each device in at least one device;
decrypting each encrypted sub-authorization file to obtain at least one first authorization hardware information.
In some embodiments, the third processing module 430 may also be configured to:
and authorizing the device to be authorized under the condition that the information consistent with the local authorization hardware information exists in the at least one first authorization hardware information.
In some embodiments, the apparatus may further include an eighth processing module to:
and under the condition that no authorization file exists in the equipment to be authorized, the equipment to be authorized is not authorized.
The application also provides a device authorization method applied to the supply end.
As shown in fig. 2, the device authorization method is applied to a supply end, and the method includes: step 210, step 220 and step 230.
Step 210, obtaining local authorization hardware information of at least one device;
In this step, at least one device is one or more devices that are authorized.
The device's local authorization hardware information may be used to generate an authorization file to verify whether the device can be authorized.
The local authorization hardware information for the device may be provided by the production end of the device.
The local authorization hardware information may be a plurality of character string data.
As shown in fig. 4, in some embodiments, step 210 may further include:
under the condition that the target equipment in at least one equipment is authorized, acquiring information with uniqueness of the target equipment;
and storing the information with the uniqueness as structured data to obtain the local authorization hardware information corresponding to the target equipment.
In this embodiment, the target device is an authorized device.
The unique information is information which is not correspondingly changed by the power-off of the firmware, the restarting of the system and the change of the system re-brushing.
The unique information can be obtained by analyzing hardware to determine whether the hardware information has the unique information.
The structured data is data logically expressed and realized by a two-dimensional table structure, for example, information having uniqueness is stored as an Excel file format.
According to the device authorization method provided by the embodiment of the application, the device uniqueness data with authorization qualification is obtained, the data with uniqueness is stored as the structured data, the hardware information of the device is effectively obtained, the information is used for authorization verification, networking is not needed, the cost is reduced, and the user experience is improved.
In some embodiments, the local authorization hardware information includes: at least one of a chip serial number, a vendor identification code, and a product identification code of at least one device.
In this embodiment, the chip serial number is the unique identity of the chip within the device.
The vendor identification code is a vendor identification code.
The vendor identification code may be an identification code that the vendor applies to the application forum.
The product identification code is the identification code of the device.
The product identification code may be at the discretion of the vendor.
The values of the vendor identification code and the product identification code are unique identification IDs when the device is connected to the system.
According to the device authorization method provided by the embodiment of the application, the unique local authorization hardware information can be effectively obtained by obtaining at least one of the chip serial number, the supplier identification code and the product identification code of the device.
Step 220, encrypting each piece of local authorization hardware information to obtain an authorization file;
in this step, the encryption may encrypt each local authorization hardware information by an encryption algorithm.
In the actual execution process, the encryption algorithm can be determined based on the actual situation, and the application is not limited; for example, the encryption algorithm may be an AES algorithm, a DES algorithm, a 3DES algorithm, or other algorithms, or may be an encryption algorithm after the integration of a plurality of algorithms.
In some embodiments, step 220 may further comprise:
encrypting the local authorization hardware information through a target algorithm to obtain an encrypted sub-authorization file corresponding to each device;
storing at least one encrypted sub-authorization file in a unified target authorization file;
and encrypting the target authorization file to obtain the authorization file.
In this embodiment, the target algorithm is an encryption algorithm used to encrypt each piece of local authorization hardware information.
The encryption algorithm may be determined based on actual execution conditions, which is not limited in this application.
The encrypted sub-authorization file is an obtained encrypted file after the local authorization hardware information is encrypted.
The target authorization file is a file for storing a plurality of encrypted sub-authorization files.
The plurality of encrypted sub-authorization files may be separated in the target authorization file by a special separator.
The target authorization file encryption can be encrypted by a national encryption algorithm or other encryption algorithms, and the specific choice of the encryption algorithm is not limited in the application.
The specific choice of the cryptographic algorithm may be determined based on the actual implementation, which is not limited in this application.
The authorization file may be defined as a target format.
The target format is a format for storing the authorization file, the specific selection of the target format can be determined based on the actual execution condition, and the application is not limited; for example, the target format may be a. lic format or a.txt format.
The authorization file may be stored in a binary format.
According to the device authorization method provided by the embodiment of the application, the encrypted sub-authorization files corresponding to the devices can be obtained by encrypting the local authorization hardware information, the encrypted sub-authorization files are stored in the unified target authorization files, the target authorization files are encrypted and finally stored into a binary format, so that a user can conveniently use the authorization files, and the local authorization hardware information is encrypted twice, so that the authorization safety is effectively ensured, the risk of tampering of a device system is avoided, and the user experience is improved.
Step 230, an authorization file is imported into each device, wherein the authorization file is used for authorization verification by the device.
In this step, during the actual execution, the authorized end of the supply end sends the authorization file to the production end.
The authorization side may define a directory in each device in advance, and the directory may be used to store the authorization files.
The catalog can be determined based on actual execution conditions, and the application is not limited; for example, the directory may be an auth folder or a root directory.
The production end can import the authorized files into the catalogue before the equipment leaves the factory in a batch import mode.
According to the device authorization method provided by the embodiment of the application, the local authorization hardware information of at least one device is acquired, the local authorization hardware information is encrypted and stored in the authorization file, the security of authorization verification is improved, the authorization file is imported into the devices in batches, whether the devices can be authorized by using the same authorization file verification device or not is avoided, the complicated operation that different authorization files are needed to be imported into the devices respectively is avoided, the labor cost is reduced, and the user experience is improved.
According to the equipment authorization method provided by the embodiment of the application, the execution body can be an equipment authorization device. In the embodiment of the present application, an apparatus authorization device executes an apparatus authorization method as an example, and the apparatus authorization device provided in the embodiment of the present application is described.
The embodiment of the application also provides a device authorization device which is applied to the supply end.
As shown in fig. 5, the apparatus authorization device includes: a fourth processing module 510, a fifth processing module 520, and a sixth processing module 530.
A fourth processing module 510, configured to obtain local authorization hardware information of at least one device;
the fifth processing module 520 is configured to encrypt each local authorization hardware information to obtain an authorization file;
a sixth processing module 530, configured to import an authorization file into each device, where the authorization file is used for authorization verification by the device.
According to the device authorization apparatus provided by the embodiment of the application, the local authorization hardware information of at least one device is obtained, and each local authorization hardware information is stored in the authorization file in an encrypted manner, so that the security of authorization verification is improved, the authorization files are imported into each device in batches, whether the devices can be authorized by using the same authorization file verification device or not is avoided, the complicated operation that each device needs to import the authorization files respectively by using different authorization files is avoided, the labor cost is reduced, and the user experience is improved.
In some embodiments, the fifth processing module 520 may also be configured to:
encrypting the local authorization hardware information through a target algorithm to obtain an encrypted sub-authorization file corresponding to each device;
Storing at least one encrypted sub-authorization file in a unified target authorization file;
and encrypting the target authorization file to obtain the authorization file.
In some embodiments, the fourth processing module 510 may also be configured to:
under the condition that the target equipment in at least one equipment has authorization qualification, acquiring information with uniqueness of the target equipment, wherein the information with uniqueness is information which is not correspondingly changed by the power-off of firmware, the restarting of a system and the change of system re-brushing;
and storing the information with the uniqueness as structured data to obtain the local authorization hardware information corresponding to the target equipment.
The device authorization apparatus in the embodiments of the present application may be an electronic device, or may be a component in an electronic device, for example, an integrated circuit or a chip. The electronic device may be a terminal, or may be other devices than a terminal. By way of example, the electronic device may be a mobile phone, tablet computer, notebook computer, palm computer, vehicle-mounted electronic device, mobile internet appliance (Mobile Internet Device, MID), augmented reality (augmented reality, AR)/Virtual Reality (VR) device, robot, wearable device, ultra-mobile personal computer, UMPC, netbook or personal digital assistant (personal digital assistant, PDA), etc., but may also be a server, network attached storage (Network Attached Storage, NAS), personal computer (personal computer, PC), television (TV), teller machine or self-service machine, etc., and the embodiments of the present application are not limited in particular.
The device authorization apparatus in the embodiment of the present application may be an apparatus having an operating system. The operating system may be an Android operating system, an IOS operating system, or other possible operating systems, which is not specifically limited in the embodiments of the present application.
The device authorization apparatus provided in the embodiment of the present application can implement each process implemented by the embodiments of the methods of fig. 1 to 5, and in order to avoid repetition, a description is omitted here.
In some embodiments, as shown in fig. 6, the embodiment of the present application further provides an electronic device 600, including a processor 601, a memory 602, and a computer program stored in the memory 602 and capable of running on the processor 601, where the program when executed by the processor 601 implements the respective processes of the device authorization method embodiment described above, and the same technical effects can be achieved, so that repetition is avoided, and no further description is given here.
The electronic device in the embodiment of the application includes the mobile electronic device and the non-mobile electronic device described above.
The embodiment of the present application further provides a non-transitory computer readable storage medium, on which a computer program is stored, where the computer program when executed by a processor implements each process of the above device authorization method embodiment, and the same technical effects can be achieved, so that repetition is avoided, and no further description is given here.
Wherein the processor is a processor in the electronic device described in the above embodiment. The readable storage medium includes computer readable storage medium such as computer readable memory ROM, random access memory RAM, magnetic or optical disk, etc.
Embodiments of the present application also provide a computer program product comprising a computer program which, when executed by a processor, implements the above-described device authorization method.
Wherein the processor is a processor in the electronic device described in the above embodiment. The readable storage medium includes computer readable storage medium such as computer readable memory ROM, random access memory RAM, magnetic or optical disk, etc.
The embodiment of the application further provides a chip, the chip includes a processor and a communication interface, the communication interface is coupled with the processor, the processor is used for running a program or an instruction, implementing each process of the above device authorization method embodiment, and achieving the same technical effect, so as to avoid repetition, and no redundant description is provided herein.
It should be understood that the chips referred to in the embodiments of the present application may also be referred to as system-on-chip chips, chip systems, or system-on-chip chips, etc.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. Furthermore, it should be noted that the scope of the methods and apparatus in the embodiments of the present application is not limited to performing the functions in the order shown or discussed, but may also include performing the functions in a substantially simultaneous manner or in an opposite order depending on the functions involved, e.g., the described methods may be performed in an order different from that described, and various steps may also be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solutions of the present application may be embodied essentially or in a part contributing to the prior art in the form of a computer software product stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk), comprising several instructions for causing a terminal (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the methods described in the embodiments of the present application.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those of ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are also within the protection of the present application.
In the description of the present specification, reference to the terms "one embodiment," "some embodiments," "illustrative embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the present application have been shown and described, it will be understood by those of ordinary skill in the art that: many changes, modifications, substitutions and variations may be made to the embodiments without departing from the principles and spirit of the application, the scope of which is defined by the claims and their equivalents.
Claims (10)
1. A method for authorizing a device, the method comprising:
acquiring local authorization hardware information corresponding to equipment to be authorized;
under the condition that an authorization file is stored in the equipment to be authorized, verifying the equipment to be authorized based on the local authorization hardware information and the authorization file; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment;
and under the condition that verification is passed, authorizing the equipment to be authorized.
2. The device authorization method according to claim 1, wherein verifying the device to be authorized based on the local authorization hardware information and the authorization file comprises:
analyzing the authorization file to obtain at least one first authorization hardware information;
and verifying the device to be authorized based on the at least one first authorization hardware information and the local authorization hardware information.
3. The device authorization method according to claim 2, wherein the parsing the authorization file to obtain at least one first authorization hardware information includes:
Decrypting the authorization file to obtain an encrypted sub-authorization file corresponding to each device in the at least one device;
decrypting each encrypted sub-authorization file to obtain the at least one first authorization hardware information.
4. The device authorization method according to claim 2, wherein the authorizing the device to be authorized if the verification passes includes:
and authorizing the equipment to be authorized under the condition that information consistent with the local authorization hardware information exists in the at least one first authorization hardware information.
5. The device authorization method according to any one of claims 1-4, wherein the method further comprises:
and under the condition that the authorization file is not in the equipment to be authorized, the equipment to be authorized is not authorized.
6. A method of device authorization, for use at a provisioning end, the method comprising:
acquiring local authorization hardware information of at least one device;
encrypting each piece of local authorization hardware information to obtain the authorization file;
and importing the authorization file into each device, wherein the authorization file is used for authorization verification of the devices.
7. The device authorization method according to claim 6, wherein encrypting each piece of local authorization hardware information to obtain the authorization file includes:
encrypting the local authorization hardware information through a target algorithm to obtain an encrypted sub-authorization file corresponding to each device;
storing at least one encrypted sub-authorization file in a unified target authorization file;
encrypting the target authorization file to obtain the authorization file.
8. The device authorization method according to claim 6 or 7, wherein the obtaining local authorization hardware information of at least one device comprises:
under the condition that a target device in the at least one device has authorization qualification, acquiring information with uniqueness of the target device, wherein the information with uniqueness is information which is not correspondingly changed by power-off of firmware, restarting of a system and change of system re-brushing;
and storing the information with the uniqueness as structured data to obtain the local authorized hardware information corresponding to the target equipment.
9. The device authorization method according to claim 6 or 7, wherein the local authorization hardware information includes: at least one of a chip serial number, a vendor identification code, and a product identification code of at least one device.
10. A device authorization apparatus for use at a device, the apparatus comprising:
the first processing module is used for acquiring local authorization hardware information corresponding to the equipment to be authorized;
the second processing module is used for verifying the equipment to be authorized based on the local authorization hardware information and the authorization file under the condition that the authorization file is stored in the equipment to be authorized; the authorization file is imported to the equipment to be authorized by the supply end before the equipment to be authorized leaves the factory, and comprises at least one sub-authorization file corresponding to the equipment;
and the third processing module is used for authorizing the equipment to be authorized under the condition that the verification is passed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311794006.6A CN117708794A (en) | 2023-12-22 | 2023-12-22 | Equipment authorization method and equipment authorization device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311794006.6A CN117708794A (en) | 2023-12-22 | 2023-12-22 | Equipment authorization method and equipment authorization device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117708794A true CN117708794A (en) | 2024-03-15 |
Family
ID=90156845
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311794006.6A Pending CN117708794A (en) | 2023-12-22 | 2023-12-22 | Equipment authorization method and equipment authorization device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117708794A (en) |
-
2023
- 2023-12-22 CN CN202311794006.6A patent/CN117708794A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210344669A1 (en) | Secure authorization systems and methods | |
| US9673975B1 (en) | Cryptographic key splitting for offline and online data protection | |
| JP6882254B2 (en) | Safety verification methods based on biological characteristics, client terminals, and servers | |
| US9124419B2 (en) | Method, device, and system of secure entry and handling of passwords | |
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| US10848304B2 (en) | Public-private key pair protected password manager | |
| EP2251810B1 (en) | Authentication information generation system, authentication information generation method, and authentication information generation program utilizing a client device and said method | |
| CN108768963B (en) | Communication method and system of trusted application and secure element | |
| CN101163009A (en) | System, server, terminal and tamper resistant device for authenticating a user | |
| WO2008024559A2 (en) | Method and apparatus for authenticating applications to secure services | |
| CN106936588B (en) | Hosting method, device and system of hardware control lock | |
| CN104283686A (en) | Digital right management method and system | |
| CN112800392A (en) | Authorization method and device based on soft certificate and storage medium | |
| CN103336918B (en) | Electronic hard disk system authorization method and device | |
| CN111628863B (en) | Data signature method and device, electronic equipment and storage medium | |
| CN112948771B (en) | Authority verification method and device, readable storage medium and electronic equipment | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| CN105072136A (en) | Method and system for security authentication between devices based on virtual drive | |
| CN115482132A (en) | Data processing method and device for electronic contract based on block chain and server | |
| CN110968878A (en) | Information transmission method, system, electronic device and readable medium | |
| CN112532627B (en) | Cold start recommendation method and device, computer equipment and storage medium | |
| CN117708794A (en) | Equipment authorization method and equipment authorization device | |
| CN114357384A (en) | Method for activating software based on authorization file, computing device and computer readable medium | |
| WO2018017019A1 (en) | Personal security device and method | |
| CN111079165B (en) | Data processing method, data processing device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |