WO2021147442A1 - Procédé et appareil de commande d'accès, dispositif terminal et support d'informations - Google Patents

Procédé et appareil de commande d'accès, dispositif terminal et support d'informations Download PDF

Info

Publication number
WO2021147442A1
WO2021147442A1 PCT/CN2020/125522 CN2020125522W WO2021147442A1 WO 2021147442 A1 WO2021147442 A1 WO 2021147442A1 CN 2020125522 W CN2020125522 W CN 2020125522W WO 2021147442 A1 WO2021147442 A1 WO 2021147442A1
Authority
WO
WIPO (PCT)
Prior art keywords
token
party
access
target
access control
Prior art date
Application number
PCT/CN2020/125522
Other languages
English (en)
Chinese (zh)
Inventor
周冲
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2021147442A1 publication Critical patent/WO2021147442A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • This application belongs to the field of computer technology, and in particular relates to an access control method, device, terminal device, and storage medium.
  • Android applications generally define User Identification (UID) and permission lists in the Manifest file, and grant corresponding permissions when the application is installed or when resources are used.
  • UID User Identification
  • permission lists in the Manifest file, and grant corresponding permissions when the application is installed or when resources are used.
  • an application subject When an application subject accesses an object resource, it usually finds the corresponding permission from the permission list through the UID of the application subject, so as to decide whether to allow the application subject to access the object resource to achieve access control.
  • the embodiments of the present application provide an access control method, device, terminal device, and storage medium, which can improve the security of access control.
  • an access control method including:
  • the request information for accessing the accessed party sent by the accessing party When receiving the request information for accessing the accessed party sent by the accessing party, it is determined whether the request information carries a target token, and the target token is used to determine that the accessing party has the authority to access the accessed party. At the time, search from the pre-built token resource pool and assign it to the accessing party;
  • the visiting party is allowed to access the visited party.
  • the corresponding token Before the visitor visits the visited party, the corresponding token will be assigned to the visitor according to the visitor's authority. Later, when the visitor visits the visited party, it only needs to verify the validity of the token carried by the visitor. , So as to achieve token-based access control. Through this setting, even if the application subject (visiting party) tampered with the corresponding authority information when accessing the object resource (accessed party), the application subject still needs a legal token to access the object resource, which can effectively reduce the number of applications. Illegal access to various services or resources improves the security of access control.
  • the request information may further include:
  • the target token is searched from the token resource pool, and the found target token is allocated to the access party.
  • the request information does not carry the target token, which may be because the visitor has accessed the visited party for the first time and has not applied for the target token.
  • the target token can be searched from the token resource pool, and the searched target token can be allocated to the access party.
  • the set access control authority policy if the access party has access authority, the corresponding target token can be found from the token resource pool; if the access party does not have access authority, the token resource cannot be retrieved The corresponding target token is found in the pool.
  • the legality verification of the target token may further include:
  • the target token can be generated in the following manner and added to the token resource pool:
  • the access control authority policy and the flow control policy of the accessed party are obtained.
  • the access control authority policy is used to limit the access authority of the accessed party, and the flow control The policy is used to limit the data flow when the visited party is accessed;
  • the target token is generated according to the access control authority policy and the flow control policy, wherein the type of the target token generated is determined according to the access control authority policy, and the number of target tokens generated is determined according to the access control authority policy.
  • the flow control strategy is determined.
  • the token is usually generated by the accessed party.
  • the terminal system detects that the accessed party (such as an object service resource) is started, it can obtain the access control authority policy and flow control policy of the accessed party, where the access control authority The policy is used to limit the access authority of the accessed party, and the flow control policy is used to limit the data flow when the accessed party is accessed; then, the access control authority policy and the flow control policy are used to generate the The target token.
  • the target token may further include:
  • the target token that has been generated in the token resource pool is deleted.
  • each target token that has been generated in the token resource pool can be deleted to prevent each access party from continuing to apply for tokens to the accessed party. Invalid operation caused by access.
  • the target token can be generated in the following manner and added to the token resource pool:
  • the access control authority policy and the flow control policy of the accessed party are acquired.
  • the access control authority policy is used to limit the accessing party's authority to access the accessed party.
  • the flow control strategy is used to limit the data flow when the visited party is accessed;
  • the target token is generated according to the access control authority policy and the flow control policy, wherein the type of the target token generated is determined according to the access control authority policy, and the number of target tokens generated is determined according to the access control authority policy.
  • the flow control strategy is determined.
  • the token is usually generated by the accessed party, some tokens are also restricted to the access party, and this part of the token can be generated by the access party.
  • the terminal system detects that an accessing party (such as an application) is started, it determines the accessees that it can access according to the accessing party's authority, and then can trigger each accessed party to generate corresponding tokens.
  • the target token may further include:
  • the target token that has been generated in the token resource pool is deleted.
  • the target token can be obtained from the token resource pool in the following manner:
  • Each visitor or visited party can have its own unique identification, such as ID, name, etc.
  • this part of the information can be included to establish the corresponding relationship between the token and the accessing party and the accessed party. Therefore, a token whose token information contains the unique identification of the accessing party and the unique identification of the accessed party can be searched from the token resource pool as the corresponding target token.
  • the target token can be obtained from the token resource pool in the following manner:
  • token index information records the accessing party information and the accessed party information corresponding to each token in the token resource pool;
  • a token corresponding to the accessing party information of the accessing party and the accessed party information of the accessed party is searched from the token resource pool as the target token.
  • the token itself may not contain the corresponding accessor information and the accessed party information.
  • the corresponding relationship between each token and the accessor and the accessed party can be recorded by constructing the token index information.
  • a token corresponding to the accessing party information of the accessing party and the accessed party information of the accessed party can be searched from the token resource pool as the corresponding target token.
  • a token resource library can be constructed to store the token index information, but it consumes a lot of system resources.
  • the verification of the legality of the target token may include, but is not limited to:
  • an access control device including:
  • the access request receiving module is used to determine whether the request information carries a target token when receiving the request information for accessing the visited party sent by the accessing party, and the target token is used to determine whether the accessing party has access When the authority of the accessed party is searched from a pre-built token resource pool and allocated to the access party;
  • a token verification module configured to verify the validity of the target token if the request information carries a target token
  • the access permission module is used to allow the visiting party to access the visited party after the legality verification is passed.
  • an embodiment of the present application provides a terminal device, including a memory, a processor, and a computer program stored in the memory and running on the processor.
  • the processor executes the computer program, Implement the access control method as proposed in the first aspect of the embodiments of the present application.
  • an embodiment of the present application provides a computer-readable storage medium, the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the implementation as proposed in the first aspect of the embodiments of the present application Access control method.
  • the embodiments of the present application provide a computer program product, which when the computer program product runs on a terminal device, causes the terminal device to execute the access control method described in any one of the above-mentioned first aspects.
  • the embodiments of the present application have the beneficial effects that the security of access control can be improved, and they have better practicability and ease of use.
  • FIG. 1 is a schematic diagram of the hardware structure of a mobile phone to which the access control method provided by an embodiment of the present application is applicable;
  • FIG. 2 is a flowchart of an access control method provided by an embodiment of the present application.
  • FIG. 3 is a flowchart of another access control method provided by an embodiment of the present application.
  • FIG. 4 is a flowchart of another access control method provided by an embodiment of the present application.
  • FIG. 5 is a schematic diagram of an access control method provided by an embodiment of the present application in an actual application scenario
  • FIG. 6 is a schematic diagram of a method of generating tokens in the token resource pool shown in FIG. 5;
  • FIG. 7 is a schematic diagram of verifying the legitimacy of the token in the process of the APP carrying the token to access the service/resource as shown in FIG. 5;
  • FIG. 8 is a schematic diagram of access control for the APP shown in FIG. 5 to access services/resources for the first time;
  • FIG. 9 is a schematic diagram of access control for the APP shown in FIG. 5 to access services/resources again;
  • FIG. 10 is a structural diagram of an access control device provided by an embodiment of the present application.
  • FIG. 11 is a schematic diagram of a terminal device provided by an embodiment of the present application.
  • the access control method provided by the embodiments of this application can be applied to mobile phones, tablet computers, wearable devices, vehicle-mounted devices, augmented reality (AR)/virtual reality (VR) devices, notebook computers, and super mobile personal computers
  • AR augmented reality
  • VR virtual reality
  • terminal devices or servers such as (ultra-mobile personal computer, UMPC), netbooks, and personal digital assistants (personal digital assistant, PDA)
  • PDA personal digital assistant
  • the terminal device may be a station (STAION, ST) in a WLAN, a cellular phone, a cordless phone, a Session Initiation Protocol (SIP) phone, a wireless local loop (Wireless Local Loop, WLL) station, Personal Digital Assistant (PDA) devices, handheld devices with wireless communication functions, computing devices or other processing devices connected to wireless modems, in-vehicle devices, car networking terminals, computers, laptop computers, handheld communication devices , Handheld computing equipment, satellite wireless equipment, wireless modem cards, TV set top boxes (STB), customer premise equipment (customer premise equipment, CPE), and/or other equipment used to communicate on wireless devices, and download
  • a first-generation communication device for example, a mobile terminal in a 5G network or a mobile terminal in a public land mobile network (PLMN) network that will evolve in the future.
  • PLMN public land mobile network
  • the wearable device can also be a general term for applying wearable technology to intelligently design daily wear and develop wearable devices, such as glasses, gloves, Watches, clothing and shoes, etc.
  • a wearable device is a portable device that is directly worn on the body or integrated into the user's clothes or accessories.
  • Wearable devices are not only a kind of hardware device, but also realize powerful functions through software support, data interaction, and cloud interaction.
  • wearable smart devices include full-featured, large-sized, complete or partial functions that can be implemented without relying on smart phones, such as smart watches or smart glasses, and only focus on a certain type of application function, and need to be used in conjunction with other devices such as smart phones. , Such as all kinds of smart bracelets and smart jewelry for physical sign monitoring.
  • Fig. 1 shows a block diagram of a part of the structure of a mobile phone provided in an embodiment of the present application.
  • the mobile phone includes: a radio frequency (RF) circuit 110, a memory 120, an input unit 130, a display unit 140, a sensor 150, an audio circuit 160, a wireless fidelity (WiFi) module 170, and a processor 180 , And power supply 190 and other components.
  • RF radio frequency
  • the structure of the mobile phone shown in FIG. 1 does not constitute a limitation on the mobile phone, and may include more or fewer components than those shown in the figure, or a combination of some components, or different component arrangements.
  • the RF circuit 110 can be used for receiving and sending signals during the process of sending and receiving information or talking. In particular, after receiving the downlink information of the base station, it is processed by the processor 180; in addition, the designed uplink data is sent to the base station.
  • the RF circuit includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier (LNA), a duplexer, and the like.
  • the RF circuit 110 can also communicate with the network and other devices through wireless communication.
  • the above-mentioned wireless communication can use any communication standard or protocol, including but not limited to Global System of Mobile Communication (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (Code Division) Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE)), Email, Short Messaging Service (SMS), etc.
  • GSM Global System of Mobile Communication
  • GPRS General Packet Radio Service
  • CDMA Code Division Multiple Access
  • WCDMA Wideband Code Division Multiple Access
  • LTE Long Term Evolution
  • Email Short Messaging Service
  • the memory 120 may be used to store software programs and modules.
  • the processor 180 executes various functional applications and data processing of the mobile phone by running the software programs and modules stored in the memory 120.
  • the memory 120 may mainly include a storage program area and a storage data area.
  • the storage program area may store an operating device, an application program required by at least one function (such as a sound playback function, an image playback function, etc.), etc.; Data created by the use of mobile phones (such as audio data, phone book, etc.), etc.
  • the memory 120 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.
  • the input unit 130 may be used to receive inputted numeric or character information, and generate key signal input related to user settings and function control of the mobile phone 100.
  • the input unit 130 may include a touch panel 131 and other input devices 132.
  • the touch panel 131 also known as a touch screen, can collect user touch operations on or near it (for example, the user uses any suitable objects or accessories such as fingers, stylus, etc.) on the touch panel 131 or near the touch panel 131. Operation), and drive the corresponding connection device according to the preset program.
  • the touch panel 131 may include two parts: a touch detection device and a touch controller.
  • the touch detection device detects the user's touch position, detects the signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts it into contact coordinates, and then sends it To the processor 180, and can receive and execute the commands sent by the processor 180.
  • the touch panel 131 can be implemented in multiple types such as resistive, capacitive, infrared, and surface acoustic wave.
  • the input unit 130 may also include other input devices 132.
  • the other input device 132 may include, but is not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackball, mouse, and joystick.
  • the display unit 140 may be used to display information input by the user or information provided to the user and various menus of the mobile phone.
  • the display unit 140 may include a display panel 141.
  • the display panel 141 may be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), etc.
  • the touch panel 131 can cover the display panel 141. When the touch panel 131 detects a touch operation on or near it, it transmits it to the processor 180 to determine the type of the touch event, and then the processor 180 responds to the touch event. The type provides corresponding visual output on the display panel 141.
  • the touch panel 131 and the display panel 141 are used as two independent components to implement the input and input functions of the mobile phone, but in some embodiments, the touch panel 131 and the display panel 141 can be integrated Realize the input and output functions of mobile phones.
  • the mobile phone 100 may also include at least one sensor 150, such as a light sensor, a motion sensor, and other sensors.
  • the light sensor may include an ambient light sensor and a proximity sensor.
  • the ambient light sensor can adjust the brightness of the display panel 141 according to the brightness of the ambient light.
  • the proximity sensor can close the display panel 141 and/or when the mobile phone is moved to the ear. Or backlight.
  • the accelerometer sensor can detect the magnitude of acceleration in various directions (usually three-axis), and can detect the magnitude and direction of gravity when it is stationary.
  • the audio circuit 160, the speaker 161, and the microphone 162 can provide an audio interface between the user and the mobile phone.
  • the audio circuit 160 can transmit the electrical signal converted from the received audio data to the speaker 161, which is converted into a sound signal for output by the speaker 161; on the other hand, the microphone 162 converts the collected sound signal into an electrical signal, which is then output by the audio circuit 160. After being received, it is converted into audio data, and then processed by the audio data output processor 180, and then sent to, for example, another mobile phone via the RF circuit 110, or the audio data is output to the memory 120 for further processing.
  • WiFi is a short-distance wireless transmission technology.
  • the mobile phone can help users send and receive e-mails, browse web pages, and access streaming media through the WiFi module 170. It provides users with wireless broadband Internet access.
  • FIG. 1 shows the WiFi module 170, it is understandable that it is not a necessary component of the mobile phone 100, and can be omitted as needed without changing the essence of the invention.
  • the processor 180 is the control center of the mobile phone. It uses various interfaces and lines to connect various parts of the entire mobile phone. It executes by running or executing software programs and/or modules stored in the memory 120 and calling data stored in the memory 120. Various functions and processing data of the mobile phone can be used to monitor the mobile phone as a whole.
  • the processor 180 may include one or more processing units; preferably, the processor 180 may integrate an application processor and a modem processor, where the application processor mainly processes operating devices, user interfaces, application programs, etc. , The modem processor mainly deals with wireless communication. It can be understood that the foregoing modem processor may not be integrated into the processor 180.
  • the mobile phone 100 also includes a power source 190 (such as a battery) for supplying power to various components.
  • a power source 190 such as a battery
  • the power source may be logically connected to the processor 180 through a power management device, so that functions such as charging, discharging, and power consumption management can be managed by the power management device.
  • the mobile phone 100 may also include a camera.
  • the position of the camera on the mobile phone 100 may be front-mounted or rear-mounted, which is not limited in the embodiment of the present application.
  • the mobile phone 100 may include a single camera, a dual camera, or a triple camera, etc., which is not limited in the embodiment of the present application.
  • the mobile phone 100 may include three cameras, of which one is a main camera, one is a wide-angle camera, and one is a telephoto camera.
  • the multiple cameras may be all front-mounted, or all rear-mounted, or partly front-mounted and some rear-mounted, which is not limited in the embodiment of the present application.
  • the mobile phone 100 may also include a Bluetooth module, etc., which will not be repeated here.
  • the various access control methods proposed in this application are not only suitable for terminal devices to access local resources, but also for terminal devices to access network resources.
  • the execution subject of the access control method is the terminal device; for scenarios where a terminal device accesses network resources, the execution subject of the access control method is the server or terminal device where the network resource is located.
  • the terminal device where the accessing party is located and the server (terminal device) where the accessed party is located should have the same token mechanism and authority management mechanism.
  • the various access control methods proposed in this application can also be used for access control of various systems such as centralized systems or distributed systems, networks, and WEB services.
  • FIG. 2 shows a flow chart of an access control method provided by this application, including:
  • the accessing party When receiving the request information sent by the accessing party to access the accessed party, it will detect whether the request information carries the target token.
  • the visitor here is the subject of the access operation, which can be an application, a process, or a service, etc.; the visited party is the object of the access operation, which can be a software and hardware resource, a file, or a service Wait.
  • the accessing party When the accessing party performs an access operation to the accessed party, it will first send a request message, and after obtaining the request information, the terminal system will detect whether the request message carries the target token.
  • the target token may be a token specifically applicable to the accessing party's access to the accessed party, that is, different accessing parties access the same accessed party, the same accessing party accesses different accessed parties, and different accesses When the party visits different visited parties, the tokens carried by each visitor can be different in these cases.
  • the target token is searched from a pre-built token resource pool and allocated to the accessing party when it is determined that the accessing party has the authority to access the accessed party.
  • the terminal system presets an access control authority policy, that is, limits which subjects are allowed to perform what operations on which objects. Before the accessing party accesses the accessed party, if the access control authority policy determines that the accessing party has the corresponding access authority, you can The target token is found from the token resource pool and assigned to the access party. If it is determined according to the access control authority policy that the accessor does not have the corresponding access rights, the corresponding target token will not be found from the token resource pool, that is, the accessor cannot be allocated a token at this time, and there is no token. Then the visited party cannot be accessed.
  • the token resource pool can be shared by the entire access control system, that is, different tokens used by different access parties to access different accessed parties can be generated and added to the token resource pool for preparation. Assigned to different access parties.
  • steps 202-203 are executed; if the request information does not carry the target token, then step 205 is directly executed.
  • the target token can be generated in the following manner and added to the token resource pool:
  • the access control authority policy and the flow control policy of the accessed party are obtained.
  • the access control authority policy is used to limit the access authority of the accessed party.
  • the flow control policy is used to limit the data flow when the visited party is accessed;
  • tokens must limit the object (tokens that do not limit the object are valid tokens based on the entire system and have no meaning for actual control authority), and can limit specific functional features, APIs, or specific operations.
  • the token can only limit the object, or it can limit both the subject and the object, where the subject refers to the visiting party, and the object refers to the visited party.
  • a public service provides service availability status query. All applications have this permission. In this case, there is no need to limit the subject and the number of accesses. This is a practical application scenario where the token only limits the object.
  • the token is usually generated by the accessed party.
  • the terminal system detects that the accessed party (such as an object service resource) is started, it can obtain the access control authority policy and flow control policy of the accessed party, where the access control authority The policy is used to limit the access authority of the accessed party, and the flow control policy is used to limit the data flow when the accessed party is accessed; then, according to the access control authority policy and the traffic control policy, all data flows are generated.
  • the target token wherein the type of generated target token is determined according to the access control authority policy, and the number of generated target tokens is determined according to the flow control policy. There can be many types of tokens.
  • one-time tokens with limited objects can be generated.
  • tokens such as one-time tokens of the subject, multiple tokens that limit the object and subject, and time-sensitive tokens.
  • the corresponding flow control strategy can be set according to the service capability of the accessed party and the network condition to determine the number of tokens generated. For example, if the visited party is a blockchain service, its performance is poor, and traffic can be restricted when the service is provided, such as 10 visits per second, and only 5 applications can be accessed. If 3 applications are currently running, 10 tokens for each application can be generated, a total of 30 tokens, when the application applies for tokens, only up to 10 orders per second will be issued according to the flow control policy Card.
  • the target token may further include:
  • the target token that has been generated in the token resource pool is deleted.
  • each target token that has been generated in the token resource pool can be deleted to prevent each access party from continuing to apply for tokens to the accessed party. Invalid operation caused by access.
  • the target token can be generated in the following manner and added to the token resource pool:
  • the access control authority policy and the flow control policy of the accessed party are obtained, and the access control authority policy is used to limit the accessing authority of the accessing party to the accessed party ,
  • the flow control policy is used to limit the data flow when the visited party is accessed;
  • the token is usually generated by the accessed party, some tokens are also restricted to the access party, and this part of the token can be generated by the access party.
  • the terminal system detects that an accessing party (such as an application) is started, it determines each accessed party that it can access according to the accessing party's authority, and then can trigger each accessed party to generate a corresponding token.
  • the method of generating tokens can be the same as the method of generating tokens led by the visited party as described above, that is, obtaining their respective access control authority policies and Flow control strategy, and then determine the type and quantity of generated tokens, and finally each token generated can be added to the token resource pool.
  • the target token may further include:
  • the target token that has been generated in the token resource pool is deleted.
  • each target token that has been generated in the token resource pool is deleted, so that the processing can avoid malicious access to a certain extent.
  • the above two token generation methods are to trigger the generation of tokens when the visited party is detected and when the visitor is detected. In some cases, it can also be used in advance when the visitor has not started or the visited party has not started. Generate a certain number of tokens as a performance optimization plan.
  • the visitor carries the target token, and at this time, the legality of the target token is further verified. Specifically, the integrity of the target token itself can be verified, and it can be verified whether the target token is a valid token generated and allocated to the accessed party in the token resource pool.
  • step 204 is executed, otherwise, step 205 is executed.
  • the validity verification of the target token carried by the accessing party indicates that the accessing party has the proper authority to access the accessed party. At this time, the accessing party is allowed to access the accessed party.
  • the accessing party does not carry the target token, or the validity verification of the target token carried by the accessing party fails, both of which indicate that the accessing party may be accessing illegally, so the accessing party is denied access to the accessed party access.
  • the corresponding token Before the visitor visits the visited party, the corresponding token will be assigned to the visitor according to the visitor's authority. Later, when the visitor visits the visited party, it only needs to verify the validity of the token carried by the visitor. , So as to achieve token-based access control. Through this setting, even if the application subject (visiting party) tampered with the corresponding authority information when accessing the object resource (accessed party), the application subject still needs a legal token to access the object resource, which can effectively reduce the number of applications. Illegal access to various services or resources improves the security of access control.
  • FIG. 3 shows a flow chart of another access control method provided by this application, including:
  • the target token is searched from a pre-built token resource pool and allocated to the accessing party when it is determined that the accessing party has the authority to access the accessed party; if the request information carries For the target token, perform steps 302-303; if the request information does not carry the target token, perform step 306 directly.
  • step 304 is executed, otherwise, step 305 is executed.
  • Steps 301-304 are the same as steps 201-204. For details, please refer to the relevant descriptions of steps 201-204.
  • the validity verification of the target token carried by the accessing party fails, indicating that the accessing party may be accessing illegally, so the accessing party is denied access to the accessed party.
  • the request information does not carry the target token, which may be because the visitor has accessed the visited party for the first time and has not applied for the target token.
  • the target token can be searched from the token resource pool, and the searched target token can be allocated to the access party.
  • the set access control authority policy if the access party has access authority, the corresponding target token can be found from the token resource pool; if the access party does not have access authority, the token resource cannot be retrieved The corresponding target token is found in the pool.
  • step 305 can be directly executed, that is, access is denied.
  • the target token can be obtained from the token resource pool in the following manner:
  • Each visitor or visited party can have its own unique identification, such as ID, name, etc.
  • this part of the information can be included to establish the corresponding relationship between the token and the accessing party and the accessed party. Therefore, a token whose token information contains the unique identification of the accessing party and the unique identification of the accessed party can be searched from the token resource pool as the corresponding target token.
  • the target token can be obtained from the token resource pool in the following manner:
  • the token index information the token corresponding to the accessing party information of the accessing party and the accessed party information of the accessed party is searched from the token resource pool as the target command Card.
  • the token itself may not contain the corresponding accessing party information and the accessed party information.
  • the corresponding relationship between each token and the accessing party and the accessed party can be recorded by constructing the token index information. Then, a token corresponding to the accessing party information of the accessing party and the accessed party information of the accessed party can be searched from the token resource pool as the corresponding target token.
  • a token resource library can be constructed to store the token index information, but it consumes a lot of system resources, so relatively speaking, it is better to adopt a method in which the token contains the information of the corresponding visitor and the visited party.
  • the target token will be searched from the token resource pool, and the found target token will be allocated to the accessing party, and then the target token will continue to be executed.
  • the steps of token legality verification can be applied to the scenario where the visitor visits the visited party for the first time, which further improves the practicability.
  • FIG. 4 shows a flowchart of another access control method provided by the present application, including:
  • the target token is searched from a pre-built token resource pool and allocated to the accessing party when it is determined that the accessing party has the authority to access the accessed party; if the request information carries For the target token, steps 402-403 are executed; if the request information does not carry the target token, step 407 is executed directly.
  • the request information carries a target token
  • Many tokens are time-sensitive, so before verifying the validity of the token, it is possible to check whether the target token carried by the accessing party has expired, so as to determine whether a new target token needs to be obtained. If the target token has expired, steps 403-404 are executed; if the target token has not expired, step 404 is executed directly.
  • a new target token can be found from the token resource pool to replace the invalid target token. This process usually corresponds to the visitor's access to the visited party again condition.
  • the token can contain but not limited to the following information: unique identification of the accessing party, unique identification of the accessed party (supporting extensions, such as multiple API interfaces of the object to distinguish), access actions (such as CRUD, that is, creating, Read, modify, delete, etc.), time stamp and valid window, key-based signature.
  • the verification of the validity of the target token may include, but is not limited to, the following verifications:
  • the public key is used to verify (encrypt, decrypt or sign) the integrity of the target token. If the target token is complete, this part of the verification is passed.
  • the token When the token is generated, it can include the timestamp of the generated token, and limit the validity time of the token, such as valid within 1 minute, and then verify whether the target token is currently in the validity period according to the timestamp and the validity time Within the validity period, this part of the verification is passed.
  • the unique identification of the accessing party contained in the target token is consistent with the unique identification of the accessing party, and whether the unique identification of the accessed party contained in the target token is consistent with the unique identification of the accessed party, etc., that is, Verify whether the subject and object declared by the token are consistent with the current situation. If they are consistent, it means that this part of the verification is passed.
  • step 406 is executed, otherwise, step 407 is executed.
  • Steps 405-407 are the same as steps 203-205. For details, please refer to the relevant descriptions of steps 203-205.
  • the access control method can be applied to the scenario where the visitor visits the visited party again, and the practicability is further improved.
  • the accessing party is an APP
  • the access control authority of the APP has been pre-set during the installation process
  • the accessed party is a service/resource.
  • the APP can apply for a token. If the APP has the authority to access the service/resource, the corresponding token can be found from the token resource pool and allocated to the APP. In the process that the APP carries the token to access the service/resource, the legitimacy of the token is verified. If the verification is passed, the APP is allowed to access the service/resource; otherwise, the APP is denied access to the service/resource.
  • FIG. 6 is a schematic diagram of a method of generating tokens in the token resource pool shown in FIG. 5.
  • the access control module is a functional module used to implement the access control mechanism in the terminal system.
  • the token generation process is triggered.
  • the access control module obtains a preset permission policy for the visitor to access the visited party from the permission policy library, and obtains the current flow control policy of the visited party from the flow control policy library.
  • a corresponding number and type of tokens are generated.
  • the type of token generated is mainly determined according to the acquired access control authority policy.
  • Figure 6 shows four different types of tokens (one-time tokens that only limit objects, and multiple-time tokens that only limit objects).
  • a one-time token that limits the subject and object, and a multiple-time token that limits the subject and object); the number of generated tokens is mainly determined according to the acquired flow control strategy. Obviously, you can modify the access control authority policy or modify the flow control policy to change the token generation policy.
  • the generated token may contain the unique identification of the accessing party and the unique identification of the accessed party, as well as other related information. Finally, the generated token is added to the token resource pool for the accessing party to use when accessing the accessed party.
  • the access control module can also manage the life cycle of the token. For example, when it is detected that a certain accessing party has been closed, the token resource can be found through the unique identification of the accessing party or the unique identification of the related accessed party. The corresponding token in the pool, delete this part of the generated token.
  • Fig. 7 is a schematic diagram of verifying the legitimacy of the token during the process in which the APP shown in Fig. 5 carries the token to access the service/resource.
  • the access control module is a functional module used to implement the access control mechanism in the terminal system.
  • the access control module will verify the legitimacy of the token. Specific verification methods may include: verifying the integrity of the token, verifying the valid window of the timestamp, verifying the unique identification of the object, verifying the unique identification of the subject, and verifying the access action. If the validity of the token is verified, the APP is allowed to access the service/resource; otherwise, the APP is denied access to the service/resource.
  • Fig. 8 is a schematic diagram of access control for the APP shown in Fig. 5 to access the service/resource for the first time
  • Fig. 9 is a schematic diagram of access control for the APP shown in Fig. 5 to access the service/resource again.
  • the APP is accessing the service/resource for the first time, so the APP does not carry a token. At this time, it needs to pass through the access control module, according to the unique identifier of the APP and the unique identifier of the service/resource from the token. Find the corresponding token in the resource pool. Then, the access control module allocates the found token to the APP, and the APP carries the token to access the service/resource, and then executes the token verification process shown in FIG. 7.
  • the APP is to access the service/resource again, so the APP already carries a token.
  • FIG. 10 shows a structural block diagram of an access control device provided by an embodiment of the present application. For ease of description, only the parts related to the embodiment of the present application are shown.
  • the device includes:
  • the access request receiving module 501 is configured to determine whether the request information carries a target token when receiving the request information for accessing the visited party sent by the accessing party, and the target token is used to determine whether the accessing party has When accessing the authority of the accessed party, search for and allocate to the accessing party from the pre-built token resource pool;
  • the token verification module 502 is configured to verify the validity of the target token if the request information carries a target token
  • the access permission module 503 is configured to allow the visiting party to access the visited party after the legality verification is passed.
  • the access control device may further include:
  • the token search module is configured to search for the target token from the token resource pool if the request information does not carry the target token, and allocate the found target token to the access party.
  • the access control device may further include:
  • the token validity check module is used to check whether the target token is invalid
  • the token replacement module is configured to, if the target token is invalid, search for a new target token from the token resource pool to replace the invalid target token.
  • the access control device may further include:
  • the first policy obtaining module is configured to obtain the access control authority policy and the flow control policy of the accessed party when it is detected that the accessed party is activated, and the access control authority policy is used to limit the access control authority policy of the accessed party. Access authority, the flow control policy is used to limit the data flow when the accessed party is accessed;
  • the first token generation module is configured to generate the target token according to the access control authority policy and the flow control policy, wherein the type of the target token generated is determined according to the access control authority policy, and generates The number of the target tokens is determined according to the flow control strategy.
  • the access control device may further include:
  • the second policy acquisition module is configured to acquire the access control authority policy and the flow control policy of the accessed party when the accessing party is detected to be activated, and the access control authority policy is used to restrict the accessing party's access to the The authority of the visited party, the flow control policy is used to limit the data flow when the visited party is accessed;
  • the second token generation module is configured to generate the target token according to the access control authority policy and the flow control policy, wherein the type of the generated target token is determined according to the access control authority policy, and generates The number of the target tokens is determined according to the flow control strategy.
  • the access control device may further include:
  • the token deletion module is used to delete the generated target token in the token resource pool when it is detected that the access party is closed.
  • the access control device may further include:
  • An identification acquiring module which is used to acquire the unique identification of the visiting party and the unique identification of the visited party;
  • the first token search module is configured to search for a token whose token information includes the unique identifier of the accessing party and the unique identifier of the accessed party from the token resource pool, as the target token.
  • the access control device may further include:
  • a token index obtaining module configured to obtain pre-stored token index information, where the token index information records the accessing party information and the accessed party information corresponding to each token in the token resource pool;
  • the second token search module is used to search the token resource pool corresponding to the accessor information of the accessing party and the accessed party information of the accessed party according to the token index information , As the target token.
  • the token verification module may include:
  • An integrity verification unit for verifying the integrity of the target token
  • a timestamp acquiring unit for acquiring the timestamp of the target token
  • the validity period verification unit is configured to verify whether the target token is within the validity period according to the timestamp
  • the visitor information verification unit is used to verify whether the visitor information contained in the target token is consistent with the visitor
  • the accessed party information verification unit is used to verify whether the accessed party information contained in the target token is consistent with the accessed party;
  • the action verification unit is used to verify whether the access action corresponding to the target token is consistent with the access action corresponding to the request information.
  • the embodiments of the present application also provide a computer-readable storage medium that stores a computer program that, when executed by a processor, implements the steps of each access control method as proposed in the present application.
  • the embodiments of the present application also provide a computer program product, which when the computer program product runs on a terminal device, causes the terminal device to execute the steps of each access control method proposed in this application.
  • FIG. 11 is a schematic structural diagram of a terminal device provided by an embodiment of this application.
  • the terminal device 6 of this embodiment includes: at least one processor 60 (only one is shown in FIG. 11), a processor, a memory 61, and a processor that is stored in the memory 61 and can be processed in the at least one processor.
  • a computer program 62 running on the processor 60 when the processor 60 executes the computer program 62, the steps in any of the foregoing access control method embodiments are implemented.
  • the terminal device 6 may be a computing device such as a desktop computer, a notebook, a palmtop computer, and a cloud server.
  • the terminal device may include, but is not limited to, a processor 60 and a memory 61.
  • FIG. 11 is only an example of the terminal device 6 and does not constitute a limitation on the terminal device 6. It may include more or less components than shown in the figure, or a combination of certain components, or different components. , For example, can also include input and output devices, network access devices, and so on.
  • the so-called processor 60 may be a central processing unit (Central Processing Unit, CPU), and the processor 60 may also be other general-purpose processors, digital signal processors (Digital Signal Processors, DSPs), and application specific integrated circuits (Application Specific Integrated Circuits). , ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.
  • the memory 61 may be an internal storage unit of the terminal device 6 in some embodiments, such as a hard disk or a memory of the terminal device 6. In other embodiments, the memory 61 may also be an external storage device of the terminal device 6, such as a plug-in hard disk equipped on the terminal device 6, a smart media card (SMC), a secure digital (Secure Digital, SD) card, Flash Card, etc. Further, the memory 61 may also include both an internal storage unit of the terminal device 6 and an external storage device.
  • the memory 61 is used to store an operating device, an application program, a boot loader (BootLoader), data, and other programs, such as the program code of the computer program. The memory 61 can also be used to temporarily store data that has been output or will be output.
  • the disclosed device and method may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the modules or units is only a logical function division. In actual implementation, there may be other division methods, for example, multiple units or components may be divided. It can be combined or integrated into another device, or some features can be omitted or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • the functional units in the various embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the computer program can be stored in a computer-readable storage medium.
  • the computer program can be stored in a computer-readable storage medium.
  • the steps of the foregoing method embodiments can be implemented.
  • the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file, or some intermediate forms.
  • the computer-readable medium may at least include: any entity or device capable of carrying computer program code to a terminal device, a recording medium, a computer memory, a read-only memory (ROM, Read-Only Memory), and a random access memory (RAM, Random Access Memory), electric carrier signal, telecommunications signal and software distribution medium.
  • ROM read-only memory
  • RAM random access memory
  • electric carrier signal telecommunications signal and software distribution medium.
  • U disk mobile hard disk, floppy disk or CD-ROM, etc.
  • computer-readable media cannot be electrical carrier signals and telecommunication signals.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé et un appareil de commande d'accès, un dispositif terminal et un support d'informations. Le procédé consiste à : lors de la réception d'informations de demande, envoyées par une partie d'accès, d'accès à une partie faisant l'objet d'un accès, déterminer si les informations de demande comportent un jeton cible, le jeton cible étant trouvé dans un groupe de ressources de jeton pré-construit et attribué à la partie d'accès lorsqu'il est déterminé que la partie d'accès a l'autorisation d'accéder à la partie faisant l'objet d'un accès ; si les informations de demande comportent le jeton cible, effectuer une vérification de validité sur le jeton cible ; et après réussite de la vérification de validité, permettre l'accès de la partie d'accès à la partie faisant l'objet d'un accès. Au moyen de cette configuration, même si un sujet d'application interagit avec des informations d'autorisation lors de l'accès à une ressource d'objet, le sujet d'application nécessite toujours un jeton valide pour accéder à la ressource d'objet, et par conséquent, les accès illégaux d'une application à divers services ou ressources sont efficacement réduits, et la sécurité de la commande d'accès est améliorée.
PCT/CN2020/125522 2020-01-22 2020-10-30 Procédé et appareil de commande d'accès, dispositif terminal et support d'informations WO2021147442A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010075429.2 2020-01-22
CN202010075429.2A CN113158198B (zh) 2020-01-22 2020-01-22 访问控制方法、装置、终端设备和存储介质

Publications (1)

Publication Number Publication Date
WO2021147442A1 true WO2021147442A1 (fr) 2021-07-29

Family

ID=76881818

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/125522 WO2021147442A1 (fr) 2020-01-22 2020-10-30 Procédé et appareil de commande d'accès, dispositif terminal et support d'informations

Country Status (2)

Country Link
CN (1) CN113158198B (fr)
WO (1) WO2021147442A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116015854A (zh) * 2022-12-26 2023-04-25 支付宝(杭州)信息技术有限公司 凭据泄露的应急处理方法和装置
CN116155820A (zh) * 2023-01-28 2023-05-23 北京达佳互联信息技术有限公司 数据处理方法、装置、电子设备及存储介质
CN117319096A (zh) * 2023-12-01 2023-12-29 深圳市丰润达科技有限公司 访问权限管理方法、访问权限管理设备以及可读存储介质

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113660094B (zh) * 2021-08-03 2023-02-24 珠海格力电器股份有限公司 一种设备控制方法、装置、电子设备及存储介质
CN113781255A (zh) * 2021-08-06 2021-12-10 广西电网有限责任公司 基于区块链的电力交易系统数据安全存储方法及系统
CN113779545A (zh) * 2021-08-27 2021-12-10 深圳市优必选科技股份有限公司 数据跨进程共享的方法、终端设备及计算机可读存储介质
CN114978733B (zh) * 2022-05-30 2024-05-14 阿里巴巴(中国)有限公司 基于轻应用的访问处理方法、电子设备和存储介质
CN115913676B (zh) * 2022-11-04 2023-06-02 上海申石软件有限公司 云原生应用的访问控制方法、装置、电子设备及存储介质
CN117389752A (zh) * 2023-12-07 2024-01-12 合芯科技(苏州)有限公司 加速器资源分配方法、装置、计算机设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108197480A (zh) * 2017-12-12 2018-06-22 泰康保险集团股份有限公司 访问控制方法、装置及计算机可读存储介质
US20190156008A1 (en) * 2017-11-22 2019-05-23 Canon Kabushiki Kaisha Access control system, control method of access control system, and storage medium
CN110489957A (zh) * 2019-08-05 2019-11-22 精硕科技(北京)股份有限公司 访问请求的管理方法和计算机存储介质
CN110546641A (zh) * 2019-07-11 2019-12-06 深圳市鹰硕技术有限公司 一种访问控制方法、装置、智能设备及存储介质
CN110598445A (zh) * 2019-09-12 2019-12-20 金蝶蝶金云计算有限公司 一种数据库访问控制方法、系统及相关设备

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103716326B (zh) * 2013-12-31 2017-02-01 华为技术有限公司 一种资源访问方法及用户资源网关
CN108417258A (zh) * 2017-02-10 2018-08-17 深圳市理邦精密仪器股份有限公司 权限管理方法、装置和监护仪
CN108023831B (zh) * 2017-12-04 2021-02-05 科大国创软件股份有限公司 一种基于令牌池的服务访问自动化闭环动态拥塞控制的方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190156008A1 (en) * 2017-11-22 2019-05-23 Canon Kabushiki Kaisha Access control system, control method of access control system, and storage medium
CN108197480A (zh) * 2017-12-12 2018-06-22 泰康保险集团股份有限公司 访问控制方法、装置及计算机可读存储介质
CN110546641A (zh) * 2019-07-11 2019-12-06 深圳市鹰硕技术有限公司 一种访问控制方法、装置、智能设备及存储介质
CN110489957A (zh) * 2019-08-05 2019-11-22 精硕科技(北京)股份有限公司 访问请求的管理方法和计算机存储介质
CN110598445A (zh) * 2019-09-12 2019-12-20 金蝶蝶金云计算有限公司 一种数据库访问控制方法、系统及相关设备

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116015854A (zh) * 2022-12-26 2023-04-25 支付宝(杭州)信息技术有限公司 凭据泄露的应急处理方法和装置
CN116015854B (zh) * 2022-12-26 2024-05-17 支付宝(杭州)信息技术有限公司 凭据泄露的应急处理方法和装置
CN116155820A (zh) * 2023-01-28 2023-05-23 北京达佳互联信息技术有限公司 数据处理方法、装置、电子设备及存储介质
CN117319096A (zh) * 2023-12-01 2023-12-29 深圳市丰润达科技有限公司 访问权限管理方法、访问权限管理设备以及可读存储介质
CN117319096B (zh) * 2023-12-01 2024-04-23 深圳市丰润达科技有限公司 访问权限管理方法、访问权限管理设备以及可读存储介质

Also Published As

Publication number Publication date
CN113158198B (zh) 2024-07-05
CN113158198A (zh) 2021-07-23

Similar Documents

Publication Publication Date Title
WO2021147442A1 (fr) Procédé et appareil de commande d'accès, dispositif terminal et support d'informations
CN111475841B (zh) 一种访问控制的方法、相关装置、设备、系统及存储介质
CN107395343B (zh) 证书管理方法及系统
CN110826043B (zh) 一种数字身份申请系统及方法、身份认证系统及方法
WO2019042274A1 (fr) Procédé et appareil de transfert de ressources, et support d'informations
WO2017041599A1 (fr) Procédé de traitement de service et dispositif électronique
CN109472166A (zh) 一种电子签章方法、装置、设备及介质
WO2021115113A1 (fr) Procédé et dispositif de traitement de données, et support de stockage
CN109416800B (zh) 一种移动终端的认证方法及移动终端
WO2019061362A1 (fr) Procédé et dispositif d'accès à des identifiants de dispositifs
WO2017211205A1 (fr) Procédé et dispositif de mise à jour de liste blanche
CN108881103B (zh) 一种接入网络的方法及装置
US11943256B2 (en) Link detection method and apparatus, electronic device, and storage medium
CN108475304B (zh) 一种关联应用程序和生物特征的方法、装置以及移动终端
WO2019057155A1 (fr) Procédé et dispositif de gestion dynamique de nœud de noyau
EP3817322A1 (fr) Procédé de mise à niveau d'une plage d'application de service d'une carte d'identité électronique, et dispositif de terminal
CN108874496A (zh) 应用管理方法、装置、终端、服务器及存储介质
CN107133794A (zh) Ifaa指纹支付装置、系统、方法和移动终端
WO2023151677A1 (fr) Procédé et appareil de détermination d'intégrité de fichier dans un système de fichiers, et dispositif électronique
CN112699354A (zh) 一种用户权限管理方法及终端设备
CN111193724B (zh) 鉴权方法、装置、服务器及存储介质
WO2015014173A1 (fr) Procédé, dispositif et système pour verrouiller automatiquement un service hors ligne
CN112286632B (zh) 云平台、云平台管理方法、装置、电子设备及储存介质
CN108319432A (zh) 一种应用运行方法及终端
CN111694892B (zh) 资源转移方法、装置、终端、服务器及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20915301

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20915301

Country of ref document: EP

Kind code of ref document: A1