WO2022267656A1

WO2022267656A1 - Component access method and device, and computer-readable storage medium and chip

Info

Publication number: WO2022267656A1
Application number: PCT/CN2022/087938
Authority: WO
Inventors: 姚艳兵
Original assignee: 华为技术有限公司
Priority date: 2021-06-23
Filing date: 2022-04-20
Publication date: 2022-12-29
Also published as: CN115510447A

Abstract

A component access method and device, and a computer-readable storage medium and a chip. The method comprises: a first device (401) receiving an access request from a second device (402), wherein the access request indicates access to a target component in the first device (401); and the first device (401) determining a response to the access request on the basis of a security level of the second device (402) and a security requirement corresponding to the target component. In the method, by means of introducing an access control mechanism based on a security level of a device, effective security control can be performed on cross-device component access, thereby guaranteeing the security of cross-device component access.

Description

Component access method and device, computer-readable storage medium, and chip

technical field

The present disclosure relates to the field of terminal technology, and more particularly, to a component access method and device, a computer-readable storage medium, and a chip.

Background technique

With the rapid development of electronic devices and the Internet of Things (IoT), the Internet of Everything has gradually become a reality. Based on the Distributed Execution Framework (DEF), the networking of multiple electronic devices can be realized, and each electronic device can be trusted to each other, and can communicate across devices as needed.

Since different electronic devices have different hardware and software, the security of different electronic devices will also be different. For electronic devices with relatively simple hardware and software, they may be more easily broken by hackers, etc., which will lead to security risks in other electronic devices in the network.

Contents of the invention

Exemplary embodiments of the present disclosure provide a scheme for securing cross-device access.

In the first aspect, a component access method is provided. The method includes: the first device receiving an access request from the second device, the access request indicating that a target component in the first device is to be accessed; and the first device based on the security level of the second device and the security requirements corresponding to the target component, Determine the response to an access request.

In this way, in the embodiments of the present disclosure, by introducing an access control mechanism based on the security level of the device, it is possible to perform effective security control on component access across devices and ensure the security of component access across devices.

In some embodiments of the first aspect, determining the response to the access request includes: if it is determined that the security level meets the security requirements corresponding to the target component, granting the access request; or if it is determined that the security level does not meet the security requirements corresponding to the target component, denying access ask.

In this way, in the embodiments of the present disclosure, by setting a security requirement corresponding to a component, only devices meeting the security requirement can access the component, thus ensuring the security of the device where the component is located. Even if the access device is compromised due to the low version of software and hardware, there will be no security failure of the accessed device due to the interconnection between devices.

In some embodiments of the first aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the first device, or the security level of the second device is higher than or equal to The default level corresponding to the target component.

In some embodiments of the first aspect, there is a communication channel between the first device and the second device, and the method further includes: in the process of establishing the communication channel with the second device, determining the security level of the second device.

In some embodiments of the first aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.

In this way, different corresponding security requirements can be set for different components, so that richer application scenarios can be realized on the premise of ensuring security.

In some embodiments of the first aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module in the target application to which the target component belongs Security requirements are determined.

In this way, different security requirements can be set for different applications/modules, modular management of components can be realized, and data redundancy related to security requirements can be reduced.

In some embodiments of the first aspect, the access request includes: an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method call, installation-free, and an identification of at least one of the following: A device, a second device, an invoking component of the second device, a target component, or a target application to which the target component belongs.

In the second aspect, a component access method is provided. The method includes: the second device determines whether the security level of the second device meets the security requirements corresponding to the target component in the first device; and if it is determined that the security level of the second device meets the security requirements corresponding to the target component, sending An access request, where the access request indicates that a target component in the first device is to be accessed.

In some embodiments of the second aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the first device, or the security level of the second device is higher than or equal to The default level corresponding to the target component.

In some embodiments of the second aspect, there is a communication channel between the first device and the second device, and the method further includes: acquiring security requirements corresponding to the target component during the process of establishing the communication channel with the first device.

In some embodiments of the second aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components have different security requirements.

In some embodiments of the second aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module in the target application to which the target component belongs Security requirements are determined.

In some embodiments of the second aspect, the access request includes an identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.

In a third aspect, an apparatus for component access is provided. The apparatus is implemented at the first device, and includes: a receiving unit configured to receive an access request from the second device, the access request indicating that a target component in the first device is to be accessed; and a determining unit configured to, based on the second The security level of the device and the security requirements corresponding to the target component determine the response to the access request.

In some embodiments of the third aspect, the determination unit is configured to: if it is determined that the security level meets the security requirements corresponding to the target component, grant the access request; or if it is determined that the security level does not meet the security requirements corresponding to the target component, deny the access request.

In some embodiments of the third aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the first device, or the security level of the second device is higher than or equal to The default level corresponding to the target component.

In some embodiments of the third aspect, there is a communication channel between the first device and the second device, and wherein the determining unit is configured to: determine the security level of the second device during the process of establishing the communication channel with the second device .

In some embodiments of the third aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.

In some embodiments of the third aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module in the target application to which the target component belongs Security requirements are determined.

In some embodiments of the third aspect, the access request includes: an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method call, installation-free, and an identification of at least one of the following: A device, a second device, an invoking component of the second device, a target component, or a target application to which the target component belongs.

In a fourth aspect, a device for component access is provided. The apparatus is implemented at the second device, and includes: a determining unit configured to determine whether the security level of the second device satisfies the corresponding security requirements of the target component in the first device; and a sending unit configured to determine if the second The security level of the device meets the security requirements corresponding to the target component, and an access request is sent to the first device, where the access request indicates that the target component in the first device is to be accessed.

In some embodiments of the fourth aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the first device, or the security level of the second device is higher than or equal to The default level corresponding to the target component.

In some embodiments of the fourth aspect, there is a communication channel between the first device and the second device, and wherein the determining unit is configured to: acquire the security requirements corresponding to the target component during the process of establishing the communication channel with the first device .

In some embodiments of the fourth aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.

In some embodiments of the fourth aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module in the target application to which the target component belongs Security requirements are determined.

In some embodiments of the fourth aspect, the access request includes: an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method call, installation-free, and an identification of at least one of the following: A device, a second device, an invoking component of the second device, a target component, or a target application to which the target component belongs.

In a fifth aspect, an electronic device is provided, including a transceiver, a processor, and a memory, the memory stores instructions executed by the processor, and when the instructions are executed by the processor, the electronic device realizes : receiving an access request from a second device via a transceiver, the access request indicating that a target component in the electronic device is to be accessed; and determining a response to the access request based on the security level of the second device and security requirements corresponding to the target component.

In some embodiments of the fifth aspect, the processor executes the instructions, so that the electronic device implements: if it is determined that the security level meets the security requirements corresponding to the target component, grant the access request; or if it is determined that the security level does not meet the target The security requirements corresponding to the component deny the access request.

In some embodiments of the fifth aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the electronic device, or the security level of the second device is higher than or equal to the target The default class corresponding to the component.

In some embodiments of the fifth aspect, there is a communication channel between the electronic device and the second device, and wherein the processor executes the instructions, so that the electronic device realizes: in the process of establishing the communication channel with the second device, A security level of the second device is determined.

In some embodiments of the fifth aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.

In some embodiments of the fifth aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module to which the target component belongs in the target application Security requirements are determined.

In some embodiments of the fifth aspect, the access request includes: an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, installation-free, and an identification of at least one of the following: electronic The device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.

In a sixth aspect, an electronic device is provided, including a transceiver, a processor, and a memory, the memory stores instructions executed by the processor, and when the instructions are executed by the processor, the electronic device realizes : determine whether the security level of the electronic device meets the security requirements corresponding to the target components in the first device; and if it is determined that the security level of the second device meets the security requirements corresponding to the target components, send an access request to the first device via the transceiver, access The request indicates access to a target component in the first device.

In some embodiments of the sixth aspect, the security requirements corresponding to the target component include at least one of the following: the security level of the electronic device is higher than or equal to the security level of the first device, or the security level of the electronic device is higher than or equal to the target component Corresponding default level.

In some embodiments of the sixth aspect, there is a communication channel between the first device and the electronic device, and wherein the processor executes the instructions, so that the electronic device realizes: in the process of establishing the communication channel with the first device, Get the security requirements corresponding to the target component.

In some embodiments of the sixth aspect, the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components have different security requirements.

In some embodiments of the sixth aspect, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the target module in the target application to which the target component belongs Security requirements are determined.

In some embodiments of the sixth aspect, the access request includes: an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method call, installation-free, and an identification of at least one of the following: A device, an electronic device, an invoking component of the electronic device, a target component, or a target application to which the target component belongs.

In a seventh aspect, there is provided a computer-readable storage medium, on which a computer program is stored. When the computer program is executed by a processor, the above-mentioned first aspect or second aspect or any embodiment thereof is implemented. The operation of the method in .

In an eighth aspect, a chip or a chip system is provided. The chip or chip system includes a processing circuit configured to perform operations according to the method in the above first aspect or second aspect or any embodiment thereof.

In a ninth aspect, a computer program or computer program product is provided. The computer program or computer program product is tangibly stored on a computer-readable medium and includes computer-executable instructions which, when executed, cause the device to implement the above-mentioned first or second aspect or any embodiment thereof. The operation of the method in .

In a tenth aspect, a distributed system is provided. The system includes a first device and a second device, wherein the first device can realize the operation according to the method in the above first aspect or any embodiment thereof, and the second device can realize the operation according to the above second aspect or any embodiment thereof The operation of the method in .

Description of drawings

The above and other features, advantages and aspects of the various embodiments of the present disclosure will become more apparent with reference to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, the same or similar reference numerals indicate the same or similar elements, wherein:

FIG. 1 shows a schematic diagram of a system capable of realizing cross-device intercommunication;

Fig. 2 shows a schematic block diagram of an electronic device;

Fig. 3 shows the software structural block diagram of the electronic equipment of the Android system with layered architecture;

FIG. 4 shows a signaling interaction diagram of an access component process according to an embodiment of the present disclosure;

Fig. 5 shows a schematic signaling diagram of a process of a second device sending an access request according to an embodiment of the present disclosure;

Fig. 6 shows a schematic block diagram of a device including a DMS according to an embodiment of the present disclosure;

Fig. 7 shows a schematic signaling diagram of a process in which a first device determines a response to an access request according to an embodiment of the present disclosure;

Fig. 8 shows a schematic block diagram of an apparatus for component access according to an embodiment of the present disclosure;

Fig. 9 shows another schematic block diagram of an apparatus for component access according to an embodiment of the present disclosure;

Figure 10 shows a simplified block diagram of an example apparatus according to an embodiment of the disclosure.

detailed description

Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although certain embodiments of the present disclosure are shown in the drawings, it should be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein; A more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are for exemplary purposes only, and are not intended to limit the protection scope of the present disclosure.

In the description of the embodiments of the present disclosure, the term "comprising" and its similar expressions should be interpreted as an open inclusion, that is, "including but not limited to". The term "based on" should be understood as "based at least in part on". The term "one embodiment" or "the embodiment" should be read as "at least one embodiment". The terms "first", "second", etc. may refer to different or the same object. Other definitions, both express and implied, may also be included below.

With the rapid development of electronic devices and the Internet of Things (IoT), the Internet of Everything has gradually become a reality. In one scenario, based on the distributed execution framework (Distributed Execution Framework, DEF), the networking of multiple electronic devices can be realized, so that cross-device intercommunication can be realized on demand.

FIG. 1 shows a schematic diagram of a system 100 capable of inter-device intercommunication. System 100 includes a number of electronic devices. As an example, as shown in FIG. 1 , the system 100 includes a smart screen 110 , a mobile phone 120 , a speaker 130 , smart glasses 140 , earphones 150 , a wristband 160 and a laptop computer 170 .

The smart screen 110 may also be called a large screen device or simply a large screen. Cell phone 120 may also be referred to as a smart phone or a cellular phone, among others. The smart glasses 140 and the bracelet 160 belong to wearable devices.

Understandably, FIG. 1 is only a schematic illustration, and the system 100 may include more or fewer electronic devices, and the electronic device may also be a media player, an Ultra-Mobile Personal Computer (Ultra-Mobile Personal Computer, UMPC), a personal digital assistant (Personal Digital Assistant, PDA), tablet computer, desktop computer, smart watch, wireless car, augmented reality (Augmented Reality, AR) device, virtual reality (Virtual Reality, VR) device, etc.

Electronic devices can communicate with each other through wired or wireless or a combination of the two, where wireless can include but not limited to Bluetooth (Bluetooth, BT), Wireless Fidelity (Wi-Fi), Near Field Communication (Near Field Communication, NFC), FM (Frequency Modulation, FM), Zigbee (Zigbee), infrared (infrared, IR) technology, etc., where Bluetooth can be traditional Bluetooth or Bluetooth Low Energy (Bluetooth Low Energy, BLE).

In a non-limiting situation, when the system 100 is located in an environment such as a home, multiple electronic devices may be located in the same local area network. As shown in Figure 1, the system 100 can also include a router 180, which can be set as an access point (Access Point, AP), and other multiple electronic devices can be used as non-AP stations (non-AP Station ) to access the router 180. The router 180 can respectively communicate with each electronic device in a wired or wireless manner.

In another situation, various electronic devices can communicate with each other through wireless methods such as Bluetooth (BlueTooth, BT) or near field communication (Near Field Communication, NFC).

In another situation, various electronic devices may communicate with each other through a wired or wireless manner such as a mobile network or the Internet.

The electronic device included in the system 100 may be the electronic device described below in conjunction with FIG. 2 and FIG. 3 .

FIG. 2 shows a schematic block diagram of an electronic device 200 .

As shown in FIG. 2 , the electronic device 200 may include a processor 210, an external memory interface 292, an internal memory 296, a subscriber identity module (Subscriber Identification Module, SIM) card interface 294, a display screen 220, a camera 222, an indicator 224, a motor 226, button 228, universal serial bus (Universal Serial Bus, USB) interface 230, charging manager module 240, power management module 242, battery 244, mobile communication module 250, antenna 252, wireless communication module 260, antenna 262, audio Module 270, speaker 272, receiver 274, microphone 276, earphone interface 278, sensor module 280 and so on. The sensor module 280 includes a pressure sensor 2802, a gyro sensor 2804, an air pressure sensor 2806, a magnetic sensor 2808, an acceleration sensor 2810, a distance sensor 2812, a proximity light sensor 2814, a fingerprint sensor 2816, a temperature sensor 2818, a touch sensor 2820 and an ambient light sensor 2822 et al.

It can be understood that FIG. 2 is only illustrative, and the electronic device 200 may include more or fewer components, or multiple components may be combined into one component, or one component may be split into multiple components. , or a combination of the above, etc. In addition, it can be understood that the components shown in FIG. 2 can be implemented by hardware, software, or a combination of software and hardware.

The processor 210 may include one or more processing units, for example, may include a central processing unit (Central Processing Unit, CPU), an application processor (Application Processor, AP), a modem processor, a graphics processing unit (Graphics Processing Unit, GPU), image signal processor (Image Signal Processor, ISP), controller, video codec, digital signal processor (Digital Signal Processor, DSP), baseband processor, and/or neural network processor (Neural-Network Processing Unit, NPU), etc., where different processing units can be independent devices or integrated in one or more processors.

A memory may also be provided in the processor 210 for storing instructions and data. As an example, the memory in the processor 210 is a cache memory. The memory may hold instructions or data that the processor 210 has just used or recycled. If the processor 210 needs to use the instruction or data again, it can be called directly from the memory. Repeated access is avoided, and the waiting time of the processor 210 is reduced, thereby improving the efficiency of the system.

Processor 210 may include one or more interfaces. The interface can include an integrated circuit (Inter-Integrated Circuit, I2C) interface, an integrated circuit built-in audio (Inter-Integrated Circuit Sound, I2S) interface, a pulse code modulation (Pulse Code Modulation, PCM) interface, a universal asynchronous transmitter (Universal Asynchronous Receiver/Transmitter, UART) interface, mobile industry processor interface (Mobile Industry Processor Interface, MIPI), general-purpose input/output (General-Purpose Input/Output, GPIO) interface, SIM card interface 294, and/or USB interface 230, etc. .

The I2C interface is a bidirectional synchronous serial bus, including a serial data line (serial data line, SDA) and a serial clock line (derail clock line, SCL). In some scenarios, processor 210 may include multiple sets of I2C buses. The processor 210 may be respectively coupled to the touch sensor 2820, the charger, the flashlight, the camera 222, etc. through different I2C bus interfaces. For example, the processor 210 may be coupled to the touch sensor 2820 through the I2C interface, so that the processor 210 and the touch sensor 2820 communicate through the I2C bus interface to realize the touch function of the electronic device 200 .

The I2S interface can be used for audio communication. In some scenarios, processor 210 may include multiple sets of I2S buses. The processor 210 may be coupled to the audio module 270 through an I2S bus to implement communication between the processor 210 and the audio module 270 . In some scenarios, the audio module 270 can transmit audio signals to the wireless communication module 260 through the I2S interface, so as to realize the function of answering calls through Bluetooth headsets and the like.

The PCM interface can also be used for audio communication to sample, quantize and encode analog signals. In some scenarios, the audio module 270 and the wireless communication module 260 may be coupled through a PCM bus interface. In some scenarios, the audio module 270 can also transmit audio signals to the wireless communication module 260 through the PCM interface, so as to realize the function of answering calls through a Bluetooth headset or the like. It can be understood that both the I2S interface and the PCM interface can be used for audio communication.

The UART interface is a universal serial data bus used for asynchronous communication. The bus can be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some scenarios, a UART interface is generally used to connect the processor 210 and the wireless communication module 260 . For example, the processor 220 communicates with the Bluetooth module in the wireless communication module 260 through the UART interface to realize the Bluetooth function. In some scenarios, the audio module 270 can transmit audio signals to the wireless communication module 260 through the UART interface, so as to realize the function of playing music through a Bluetooth headset or the like.

The MIPI interface can be used to connect the processor 210 with peripheral devices such as the display screen 220 and the camera 222 . MIPI interface includes camera serial interface (camera serial interface, CSI), display serial interface (display serial interface, DSI), etc. In some scenarios, the processor 210 and the camera 222 communicate through the CSI interface to realize the shooting function of the electronic device 200 . The processor 220 communicates with the display screen 220 through the DSI interface to realize the display function of the electronic device 200 .

The GPIO interface can be configured by software. The GPIO interface can be configured as a control signal or as a data signal. In some scenarios, the GPIO interface can be used to connect the processor 210 with the camera 222 , the display screen 220 , the wireless communication module 260 , the audio module 270 , the sensor module 280 and so on. The GPIO interface can also be configured as an I2C interface, I2S interface, UART interface, MIPI interface, etc.

The USB interface 230 is an interface that conforms to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like. The USB interface 230 can be used to connect a charger to charge the electronic device 200, and can also be used to transmit data between the electronic device 200 and peripheral devices. It can also be used to connect headphones and play audio through them. This interface can also be used to connect other electronic devices, such as AR devices.

It can be understood that the present disclosure only schematically lists the interface connection relationship among the modules, but these illustrations should not be interpreted as limiting the structure of the electronic device 200 . The electronic device 200 may also adopt an interface connection manner different from that described above, or may adopt a combination of various interface connection manners.

The charging management module 240 is configured to receive charging input from the charger. The charger can be a wireless charger or a wired charger. In the case of wired charging, the charging management module 240 may receive a charging input from the wired charger through the USB interface 230 . In the case of wireless charging, the charging management module 240 may receive a wireless charging input through a wireless charging coil of the electronic device 200 . While the charging management module 240 is charging the battery 244 , it can also supply power to the electronic device 200 through the power management module 242 .

The power management module 242 is used for connecting the battery 244 , the charging management module 240 and the processor 210 . The power management module 242 receives the input from the battery 244 and/or the charging management module 240 to provide power for the processor 210 , internal memory 296 , display 220 , camera 222 and wireless communication module 260 . The power management module 242 can also be used to monitor parameters such as battery capacity, battery cycle times, and battery health status (such as leakage, impedance). In some cases, the power management module 242 can also be disposed in the processor 210 . In other cases, the power management module 242 and the charging management module 240 can also be set in the same device.

The wireless communication function of the electronic device 200 can be realized by the mobile communication module 250, the antenna 252, the wireless communication module 260, the antenna 262, the modem processor and the baseband processor.

The antenna 252 and the antenna 262 are used to transmit and receive electromagnetic wave signals. Each antenna in electronic device 200 may be used to cover single or multiple communication frequency bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example, antenna 252 may be multiplexed as a diversity antenna for a wireless local area network. For example, an antenna can be used in conjunction with a tuning switch.

The mobile communication module 250 can provide wireless communication solutions including 2G/3G/4G/5G applied on the electronic device 200 . The mobile communication module 250 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA) and the like. The mobile communication module 250 can receive electromagnetic waves through the antenna 1, filter and amplify the received electromagnetic waves, and send them to the modem processor for demodulation. The mobile communication module 250 can also amplify the signal modulated by the modem processor, and convert it into electromagnetic waves through the antenna 252 for radiation. In some scenarios, at least part of the functional modules of the mobile communication module 250 may be set in the processor 210 . In some scenarios, at least part of the functional modules of the mobile communication module 250 and at least part of the modules of the processor 210 may be set in the same device.

The modem processor may include a modulator and a demodulator, wherein the modulator is used to modulate the low-frequency baseband signal to be transmitted into a medium-high frequency signal, and the demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal. Then the demodulator sends the demodulated low-frequency baseband signal to the baseband processor for processing. The low-frequency baseband signal is passed to the application processor after being processed by the baseband processor. The application processor outputs sound signals through audio equipment (not limited to speaker 272 , receiver 274 , etc.), or displays images or videos through display screen 220 . In some scenarios, the modem processor may be a stand-alone device. In other scenarios, the modem processor may be independent of the processor 210, and be set in the same device as the mobile communication module 250 or other functional modules.

The wireless communication module 260 can provide wireless communication solutions including wireless local area network (Wireless Local Area Network, WLAN) applied on the electronic device 200, such as Wi-Fi network, BT, Global Navigation Satellite System (Global Navigation Satellite System, GNSS ), FM (Frequency Modulation, FM), NFC, infrared technology (infrared, IR). The wireless communication module 260 may be one or more devices integrating at least one communication processing module. The wireless communication module 260 receives electromagnetic waves via the antenna 262 , frequency-modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 210 . The wireless communication module 260 can also receive the signal to be transmitted from the processor 210 , frequency-modulate and amplify it, and convert it into electromagnetic waves through the antenna 262 for radiation.

In some scenarios, the antenna 252 of the electronic device 200 is coupled to the mobile communication module 250, and the antenna 262 is coupled to the wireless communication module 260, so that the electronic device 200 can communicate with the network and/or other devices through wireless communication technology. The wireless communication technologies here can include Global System For Mobile Communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), broadband Code Division Multiple Access (WCDMA), Time-Division Code Division Multiple Access (TD-SCDMA), Long Term Evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technologies, etc.

GNSS can include Global Positioning System (Global Positioning System, GPS), Global Navigation Satellite System (Global Navigation Satellite System, GLONASS), BeiDou Navigation Satellite System (BDS), Quasi-Zenith Satellite System (Quasi-Zenith) Satellite System, QZSS) and/or Satellite Based Augmentation Systems (SBAS).

The electronic device 200 realizes the display function through the GPU, the display screen 220 , and the application processor. The GPU is a microprocessor for image processing, and is connected to the display screen 220 and the application processor. GPUs are used to perform mathematical and geometric calculations for graphics rendering. Processor 210 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 220 is used for displaying text, images, videos and the like. The display screen 220 includes a display panel, and the display panel can be a liquid crystal display (Liquid Crystal Display, LCD), an organic light-emitting diode (Organic Light-Emitting Diode, OLED), an active matrix organic light-emitting diode or an active matrix organic light-emitting diode. Body (Active-Matrix Organic Light Emitting Diode, AMOLED), Flexible Light-Emitting Diode (Flex Light-Emitting Diode, FLED) Mini-LED, Micro-LED, Micro-OLED, Quantum Dot Light Emitting Diodes (QLED) Wait. In some scenarios, the electronic device 200 may include one or more display screens 220 .

The electronic device 200 can realize the shooting function through the ISP, the camera 222 , the video codec, the GPU, the display screen 220 , and the application processor.

The ISP is used for processing data fed back by the camera 222 . For example, when taking a picture, open the shutter, the light is transmitted to the photosensitive element of the camera through the lens, and the light signal is converted into an electrical signal, and the photosensitive element of the camera transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise, brightness, and skin color. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some scenarios, the ISP may be located in the camera 222 .

Camera 222 is used to capture still images or video. The object generates an optical image through the lens and projects it to the photosensitive element. The photosensitive element can be a charge coupled device (Charge Coupled Device, CCD) or a complementary metal oxide semiconductor (Complementary Metal-Oxide-Semiconductor, CMOS) phototransistor. The photosensitive element converts the light signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other image signals. In some scenarios, the electronic device 200 may include one or more cameras 222 .

Digital signal processors are used to process digital signals. In addition to digital image signals, they can also process other digital signals. For example, when the electronic device 200 selects a frequency point, the digital signal processor is used to perform Fourier transform on the energy of the frequency point.

Video codecs are used to compress or decompress digital video. The electronic device 200 may support one or more video codecs. In this way, the electronic device 200 can play or record videos in various encoding formats, for example, moving picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4 and so on.

NPU is a neural network (Neural-Network, NN) computing processor. By referring to the structure of biological neural networks, such as the transmission mode between neurons in the human brain, it can quickly process input information and continuously learn by itself. Applications such as intelligent cognition of the electronic device 200 can be implemented through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.

The indicator 224 can be an indicator light, and can be used to indicate charging status, power change, and can also be used to indicate messages, missed calls, notifications, and the like.

The motor 226 can generate a vibrating alert. The motor 226 can be used for incoming call vibration prompts, and can also be used for touch vibration feedback. For example, touch operations applied to different applications (such as taking pictures, playing audio, etc.) may correspond to different vibration feedback effects. The motor 226 can also correspond to different vibration feedback effects for touch operations acting on different areas of the display screen 20 . Different application scenarios (for example: time reminder, receiving information, alarm clock, games, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.

The keys 228 include a power key, a volume key and the like. The button 228 can be a mechanical button or a touch button. The electronic device 200 may receive key input and generate key signal input related to user settings and function control of the electronic device 200 .

The SIM card interface 294 is used for connecting a SIM card. The SIM card can be connected and separated from the electronic device 200 by inserting it into the SIM card interface 294 or pulling it out from the SIM card interface 294 . The electronic device 200 can support one or more SIM card interfaces 294 . SIM card interface 294 can support Nano SIM card, Micro SIM card, mini SIM card etc. Multiple cards can be inserted into the same SIM card interface 294 at the same time, and the types of multiple cards can be the same or different. The SIM card interface 294 is also compatible with different types of SIM cards. The SIM card interface 294 is also compatible with external memory cards. The electronic device 200 interacts with the network through the SIM card to implement functions such as calling and data communication. In some scenarios, the electronic device 200 uses an embedded SIM (embedded SIM, eSIM) card, and the eSIM card can be embedded in the electronic device 200 and cannot be separated from the electronic device 200.

The external memory interface 292 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 200. The external memory card communicates with the processor 210 through the external memory interface 292 to realize the data storage function. Such as saving music, video and other files in the external memory card.

Internal memory 296 may be used to store computer-executable program code, which includes instructions. The internal memory 296 may include an area for storing programs and an area for storing data. Wherein, the storage program area can store an operating system, at least one application program required by a function (such as a sound playing function, an image playing function) and the like. The storage data area can store data (such as audio data, phone book) etc. created during the use of the electronic device 200 . In addition, the internal memory 296 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (Universal Flash Storage, UFS) and the like. The processor 210 executes various functional applications and data processing of the electronic device 200 by executing instructions stored in the internal memory 296 and/or instructions stored in a memory provided in the processor.

The electronic device 200 can implement audio functions through an audio module 270 , a speaker 272 , a receiver 274 , a microphone 276 , an earphone interface 278 , and an application processor. Such as music playback, recording, etc.

The audio module 270 is used to convert digital audio signals into analog audio signals for output, and is also used for converting analog audio input into digital audio signals. The audio module 270 may also be used to encode and decode audio signals. In some scenarios, the audio module 270 may be set in the processor 210 , or some functional modules of the audio module 270 may be set in the processor 210 .

Receiver 274, also called "earpiece", is used to convert audio electrical signals into audio signals. When the electronic device 200 receives a call or a voice message, the receiver 274 can be placed close to the human ear to listen to the voice.

Microphone 276, also called "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 276 with a human mouth, and input the sound signal to the microphone 276 . The electronic device 200 may be provided with at least one microphone 276 . For example, the electronic device 200 may be provided with two microphones 276, which may also implement a noise reduction function in addition to collecting sound signals. For example, the electronic device 200 can also be provided with three, four or more microphones 276 to collect sound signals, reduce noise, identify sound sources, and realize directional recording functions, etc.

The earphone interface 278 is used for connecting wired earphones. The headphone interface 278 can be a USB interface 230, or a 3.5mm open mobile terminal platform (open mobile terminal platform, OMTP) standard interface, a cellular telecommunications industry association of the USA (CTIA) standard interface, etc. .

The pressure sensor 2802 is used to sense the pressure signal and convert the pressure signal into an electrical signal. In some scenarios, the pressure sensor 2802 may be disposed on the display screen 220 . The type of the pressure sensor 2802 may be a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, and the like. A capacitive pressure sensor may be comprised of at least two parallel plates with conductive material. When a force is applied to the pressure sensor 2802, the capacitance between the electrodes changes. The electronic device 200 determines the intensity of pressure according to the change in capacitance. When a touch operation acts on the display screen 220 , the electronic device 200 detects the intensity of the touch operation according to the pressure sensor 2802 . The electronic device 200 may also calculate the touch position according to the detection signal of the pressure sensor 2802 . In some scenarios, touch operations acting on the same touch position but with different touch operation intensities may correspond to different operation instructions. For example, when a touch operation whose intensity is less than the first pressure threshold acts on an image or file, it means that the image or file is selected, and the electronic device 200 executes an instruction that the image or file is selected. When a touch operation whose intensity is greater than or equal to the first pressure threshold acts on the application window and the touch operation moves on the display screen 220 , an instruction to drag the application window up is executed. For example, when a touch operation whose intensity is less than the first pressure threshold acts on the short message application icon, the instruction of viewing the short message is executed. When a touch operation whose intensity is greater than or equal to the first pressure threshold acts on the icon of the short message application, the instruction of creating a new short message is executed.

The gyro sensor 2804 can be used to determine the motion posture of the electronic device 200 .

Air pressure sensor 2806 may be used to measure air pressure.

The magnetic sensor 2808 includes a Hall sensor. The electronic device 200 can use the magnetic sensor 2808 to detect the opening and closing of the flip leather case.

The acceleration sensor 2810 can be used to detect the acceleration of the electronic device 200 in various directions (generally three axes).

A distance sensor 2812 may be used to measure distance. The electronic device 200 may measure the distance by infrared or laser. In a shooting scene, for example, the electronic device 200 can use the distance sensor 2812 to measure a distance to achieve fast focusing.

Proximity light sensor 2814 may include, for example, LEDs and light detectors, such as photodiodes. The light emitting diodes may be infrared light emitting diodes. The electronic device 200 emits infrared light through a light emitting diode, and uses a photodiode to detect infrared reflected light from nearby objects. When sufficient reflected light is detected, it may be determined that there is an object near the electronic device 200 . When insufficient reflected light is detected, the electronic device 200 may determine that there is no object nearby. The electronic device 200 can use the proximity light sensor 2814 to detect that the user holds the electronic device 200 close to the ear to make a call, so as to automatically turn off the display screen 220 to save power. Proximity light sensor 2814 can also be used in leather case mode, automatic unlock and lock screen in pocket mode.

Fingerprint sensor 2816 may be used to capture fingerprints. The electronic device 200 can use the collected fingerprint characteristics to implement fingerprint unlocking, access to the application lock, take pictures with the fingerprint, answer calls with the fingerprint, and the like.

A temperature sensor 2818 may be used to detect temperature.

The touch sensor 2820 is also called "touch device" or "touch panel". The touch sensor 2820 can be disposed on the display screen 220 , and the touch sensor 2820 and the display screen 220 form a touch screen. The touch sensor 2820 is used to detect a touch operation on or near it. The touch sensor 2820 can transmit the detected touch operation to the application processor to determine the type of the touch event. Visual output related to the touch operation can be provided through the display screen 220 . In other scenarios, the touch sensor 2820 may also be disposed on the surface of the electronic device 200 , which is different from the position of the display screen 220 .

The ambient light sensor 2822 is used for sensing ambient light brightness. The electronic device 200 can adaptively adjust the brightness of the display screen 220 according to the perceived ambient light brightness. The ambient light sensor 2822 can also be used to automatically adjust the white balance when taking pictures. The ambient light sensor 2822 can also cooperate with the proximity light sensor 2814 to detect whether the electronic device 200 is in the pocket, so as to prevent accidental touch.

Optionally, the sensor module 280 may further include an infrared sensor, an ultrasonic sensor, an electric field sensor, etc., for assisting the electronic device 200 in recognizing gestures in the air.

It should be understood that the electronic device 200 in FIG. 2 is only schematic, and it may include more or less components when it is implemented as a different type of device. For example, when the electronic device 200 is implemented as a desktop computer, it may not have the SIM card interface 294 . For example, when the electronic device 200 is implemented as the smart glasses 140 shown in FIG. 1 , it may not have the earphone jack 278 and/or the mobile communication module 250 .

The software system of the electronic device 200 may adopt a layered architecture, a Harmony OS architecture, an event-driven architecture, a micro-kernel architecture, a micro-service architecture, or a cloud architecture.

FIG. 3 shows a software structural block diagram of an electronic device 300 with an Android system having a layered architecture.

The layered architecture divides the software into several layers, and each layer has a clear role and division of labor. Layers communicate through software interfaces. As shown in FIG. 3 , the Android system can be divided into four layers, which are an application program layer 310 , an application program framework layer 320 , a kernel layer 330 , and a network transport layer 340 from top to bottom.

The application layer 310 may include a series of application packages, including but not limited to camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, short message and other applications (Application, APP).

The application framework layer 320 provides an application programming interface (Application Programming Interface, API) and a programming framework for the applications of the application program layer 310. The application framework layer 320 may include some predefined functions, including but not limited to window manager, content provider, view system, phone manager, resource manager, notification manager and so on.

A window manager is used to manage window programs. The window manager can obtain the size of the display screen, determine whether there is a status bar, lock the screen, capture the screen, etc.

Content providers are used to store and retrieve data and make it accessible to applications. Data can include video, images, audio, calls made and received, browsing history and bookmarks, phonebook, and more.

The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on. The view system can be used to build applications. A display interface can consist of one or more views. For example, a display interface including a text message notification icon may include a view for displaying text and a view for displaying pictures.

The phone manager is used to provide communication functions of the electronic device 300 . For example, the management of call status (including connected, hung up, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on.

The notification manager enables the application to display notification information in the status bar, which can be used to convey notification-type messages, and can automatically disappear after a short stay without user interaction. The notification manager is used to notify download completion, message reminders, etc. The notification manager can also be a notification that appears on the top status bar of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window. For example, text information is prompted in the status bar, a prompt sound is issued, the electronic device 300 vibrates, and the indicator light flashes, etc.

The kernel layer 330 includes at least a display driver, a camera driver, an audio driver, and a transmission driver. Different drivers of the kernel layer 330 are used to call hardware devices of the electronic device 300 to perform corresponding operations. For example, the display driver is used to support the interface display of the electronic device 300, etc., the audio driver is used to support the electronic device 300 to play audio, etc., and the transmission driver is used to support content sharing between the electronic device 300 and another electronic device.

The network transport layer 340 may be used for communication, data transmission, etc. between the electronic device 300 and another electronic device. It may include: a Bluetooth module, a Wi-Fi module, an NFC module, a discovery connection module, a pairing module, and a connection transmission module. The discovery connection module can be used to discover another electronic device that can establish a communication connection. The pairing module can be used to authenticate another electronic device that requests to establish a connection during the process of establishing a communication connection. The connection transmission module can be used to transmit data or messages, instructions, etc. with another electronic device that has established a connection.

It should be understood that the above-mentioned system 100, electronic device 200 and electronic device 300 are only illustrative, and should not be construed as limiting the following embodiments of the present disclosure.

Exemplarily, the system 100 composed of multiple electronic devices may also be called a "hyper terminal", which is a virtual terminal, and each electronic device in the hyper terminal is mutually trusted, and For cross-device intercommunication. For the sake of brevity, "electronic device" is also referred to as "device" hereinafter.

Since different electronic devices have different hardware and software, the security of different electronic devices will also be different. For electronic devices with relatively simple hardware and software, they may be more likely to be broken by hackers, which will lead to security risks in other electronic devices in the system 100 .

In view of this, the embodiments of the present disclosure provide a cross-device access between electronic devices based on the security level of the electronic devices, and only when the security level of the accessing device meets the level requirements, can the components in the accessed device be accessed, In this way, the security of the accessed device can be guaranteed.

FIG. 4 shows a signaling interaction diagram of an access component process 400 according to an embodiment of the present disclosure. FIG. 4 involves a first device 401 and a second device 402, where the first device 401 and the second device 402 may be any electronic device as shown in FIG. 1 . For example, assume that the first device 401 is the smart screen 110 as shown in FIG. 1 , and assume that the second device 402 is the mobile phone 120 as shown in FIG. 1 . In some implementations, the first device 401 and the second device 402 may be the same type of device or different types of devices.

The interactive signaling diagram shown in FIG. 4 is an overview, and the communication process shown therein is only exemplary and not limiting. Embodiments of the present disclosure may include interactive signaling not shown in FIG. 4 , or omit some signaling shown in FIG. 4 .

In the process 400 , the first device 401 establishes 410 a communication connection with the second device 402 .

Exemplarily, the first device 401 and the second device 402 may establish a communication channel for mutual communication by exchanging device information. It should be understood that the communication channel is a credible communication channel that has been authenticated by security verification.

In the process of establishing a communication channel, the security level of the device can be determined based on the device information, where the device information can include at least one of the following: device identification, device type, device manufacturer, device hardware version, device software version, device model, etc.

As an implementation manner, the first device 401 may determine the security level of the second device 402 based on the device information of the second device 402 . The first device 401 may also determine its own security level. Similarly, the second device 402 may determine the security level of the first device 401 based on the device information of the first device 401 . The second device 402 may also determine its own security level.

As an implementation manner, the first device 401 and the second device 402 may establish a communication channel through a system server (such as a cloud server). Optionally, the server may determine the security level of the first device 401 based on the device information of the first device 401 , and determine the security level of the second device 402 based on the device information of the second device 402 . Subsequently, the first device 401 and the second device 402 may obtain the security level of the first device 401 and the security level of the second device 402 from the server.

In the embodiments of the present disclosure, the security level of the device may be determined based on a predetermined criterion or a mapping relationship. The security level can be used to indicate the difficulty of being attacked by a device, for example, a device with a high security level is less likely to be attacked than a device with a low security level.

For example, the security levels may be divided into five levels, and 1 to 5 represent different security levels respectively. As an example, security level 5 may indicate high security, and security level 1 may indicate low security. As another example, security level 1 may indicate high security, and security level 5 may indicate low security. For another example, the security levels may be divided into ten levels, and 1 to 10 represent different security levels respectively. It can be understood that these examples are only illustrative, and do not constitute a limitation on the security levels in the embodiments of the present disclosure, and the levels can be divided in other ways according to requirements, which will not be listed in the present disclosure.

For the convenience of description below, it is assumed that security levels include SL1 to SL5, and SL5 indicates the highest security level, and SL1 indicates the lowest security level.

In some embodiments, the security level of the device can be determined based on the device information.

In one embodiment, the correspondence between device types and security levels may be preset. Correspondingly, the security level of the device can be determined based on the correspondence. Devices of the same type have the same security level. For example, the type is mobile phone, and the security level is SL5. The type is a wearable device, and the security level is SL2. The type is IoT device, and the security level is SL1.

In an embodiment, for a security level, it may be preset which device information belongs to the security level. For example, the type of a certain device is a bracelet, and its security level is SL1. For example, if the type of a certain device is a mobile phone and its manufacturer is A, its security level is SL4. For example, if the type of a certain device is a mobile phone and its manufacturer is B, its security level is SL5. For example, the software version of a certain device is V1.0, and its security level is SL1. For example, the software version of a certain device is V11.0, and its security level is SL3. It can be understood that these examples are only illustrative, and do not constitute a limitation on the manner of determining the security level in the embodiments of the present disclosure.

In addition, devices can be divided into weakly intelligent devices and strong intelligent devices based on security levels. For example, devices with security levels below a certain threshold (such as SL3) can be considered weakly intelligent devices, while A device with a threshold (such as SL3) can be considered as a strongly intelligent device.

The security level can be regarded as the attribute information of the device. Specifically, when the distributed system is constructed, the corresponding security level can be determined for the certified devices in the distributed system.

In some embodiments, the security level of the device may be stored in the server, for example, the security level of each device in the distributed system may be maintained in a device-by-device (wise-device) manner. For example, the correspondence between device identifiers and device security levels may be stored. Specifically, the security level of each device in the system can be stored in the server.

In other embodiments, the security level of the device may be stored in the device. For example, the correspondence between device identifiers and device security levels may be stored. Taking the first device 401 as an example, the first device 401 may store the security level of the first device 401 and store the security levels of other devices establishing a communication channel with the first device 401 , such as the security level of the second device 402 .

For the convenience of the following description, it can be assumed that the security level of the first device 401 (the smart screen 110 shown in FIG. 1 ) is SL2, and that the security level of the second device 402 (the mobile phone 120 shown in FIG. 1 ) is SL5.

Exemplarily, during the process of establishing a communication channel between the first device 401 and the second device 402, security requirements corresponding to components in the devices may also be shared. Exemplarily, the security requirement corresponding to the component is used to indicate the requirement on the security level of the equipment accessing the component.

As an example, "sharing" may mean that a device stores the security requirements corresponding to its components in the server of the system, so that other devices that establish a communication channel with the device can obtain the security requirements corresponding to the components in the device from the server. Optionally, the server may store security requirements corresponding to components in each device in the system.

As another example, "sharing" may mean that the device notifies (or informs) other devices connected to the communication channel of the security requirements corresponding to its components. For example, the first device 401 may notify the second device 402 of the security requirements corresponding to the components in the first device 401, and then the second device 402 may store the security requirements corresponding to the components in the first device 401 in the second device 402, for example, may be stored in a distributed database of the second device 402. For example, the second device 402 may notify the first device 401 of the security requirements corresponding to the components in the second device 402, and then the first device 401 may store the security requirements corresponding to the components in the second device 402 in the first device 401, for example, may be stored in the distributed database of the first device 401.

In the embodiments of the present disclosure, a "component" may be called a feature capability (Feature Ability, FA) or simply an ability (Ability) in some scenarios. It can be understood that components may also have other names, which are not limited in the present disclosure.

In the embodiments of the present disclosure, a "component" belongs to an application (APP). That is to say, a device includes an application, an application includes a component, and the component can be considered in the application and has a smaller granularity than the application. Optionally, in another situation, an intermediate granularity: module (module) may also be included. That is to say, an application includes a module, a module includes a component, and a module can be regarded as being in an application, having a smaller granularity than an application and a larger granularity than a component. It can be understood that the number of modules included in different applications may be the same or different, and the number of components included in different modules may be the same or different.

As an example, assume that application A1 includes modules A11, A12, and A13, while module A11 includes components C11, C12, and C13, module A12 includes components C21 and C22, and module A13 includes components C31, C32, C33, and C34, as shown in Table 1 below .

Table 1

In the embodiment of the present disclosure, the security requirement corresponding to the component may include that the security level of the access device is higher than or equal to the security level of the device where the component is located, or that the security level of the access device is higher than or equal to the preset level corresponding to the component.

In some embodiments of the present disclosure, the security requirements may be at the component level, that is, different security requirements may be set (or configured) for different components. Specifically, the application may include multiple components, and at least two of the multiple components have different security requirements.

As an example, assume that the component-level security requirement setting is implemented through the following configuration, where one {} can represent the configuration of the security requirement corresponding to a component.

As mentioned above, "abilities" indicates the configuration at the component level, "name" indicates the name of the component, and "availableDeviceSecurityLevel" indicates the security requirements corresponding to the component. Regarding security requirements, "graterThanMe" indicates that the security level of the accessing device is higher than that of the device where the component resides, "graterOrEqualMe" indicates that the security level of the accessing device is higher than or equal to the security level of the device where the component is located, or, "graterOrEqual SL[ 1-5]" indicates that the security level of the access device is higher than or equal to the preset level corresponding to the component, and the preset level can be any one of SL1 to SL5.

It should be understood that security requirements corresponding to different components in the device may be the same or different. For example, among the security requirements corresponding to component C11, the preset level corresponding to component C11 is SL3. For example, among the security requirements corresponding to component C12, the preset level corresponding to component C12 is SL5. For example, among the security requirements corresponding to component C13, the preset level corresponding to component C13 is SL3.

In some embodiments of the present disclosure, the security requirements may be at the module level, that is, different security requirements may be set (or configured) for different modules. Specifically, the application may include multiple modules, and security requirements of at least two of the multiple modules are different. It can be understood that the security requirements corresponding to the components belonging to the same module are the same.

As an example, it is assumed that the setting of security requirements at the module level is realized by the following configuration.

As mentioned above, "module" indicates the configuration at the module level, and "availableDeviceSecurityLevel" indicates the security requirements corresponding to the module. Regarding security requirements, "graterThanMe" indicates that the security level of the access device is higher than that of the device where the module is located, "graterOrEqualMe" indicates that the security level of the access device is higher than or equal to the security level of the device where the module is located, or, "graterOrEqual SL[ 1-5]" indicates that the security level of the access device is higher than or equal to the preset level corresponding to the module, and the preset level can be any one of SL1 to SL5.

It should be understood that the security requirements corresponding to different modules may be the same or different. For example, among the security requirements corresponding to module A11, the corresponding preset level is SL5. For example, among the security requirements corresponding to the module A12, the corresponding preset level is SL5. For example, among the security requirements corresponding to module A13, the corresponding preset level is SL4.

Further, for a component, the security requirement corresponding to the component is determined based on the security requirement of the module to which the component belongs. For example, component C11, component C12, and component C13 belong to module A11, so the security requirement of module A11 is the security requirement corresponding to component C11, component C12, and component C13.

In some embodiments of the present disclosure, the security requirements may be at the application level, that is, different security requirements may be set (or configured) for different applications. Specifically, security requirements corresponding to at least two applications in the device may be different. It can be understood that the security requirements corresponding to the components belonging to the same application may be the same.

As an example, assume that the application-level security requirement setting is implemented through the following configuration, where one {} can represent the configuration of the security requirement corresponding to a component.

As mentioned above, "app" indicates the configuration at the application level, "bundleName" indicates the package name of the application, and "availableDeviceSecurityLevel" indicates the corresponding security requirements of the application. Regarding security requirements, "graterThanMe" indicates that the security level of the accessing device is higher than that of the device on which the app resides, "graterOrEqualMe" indicates that the security level of the accessing device is greater than or equal to the security level of the device on which the app resides, or "graterOrEqual SL[ 1-5]" indicates that the security level of the access device is higher than or equal to the preset level corresponding to the application, and the preset level can be any one of SL1 to SL5.

It should be understood that security requirements corresponding to different applications may be the same or different. For example, among the security requirements corresponding to application A1, the corresponding preset level is SL4. For example, among the security requirements corresponding to application A2, the corresponding preset level is SL5. For example, among the security requirements corresponding to application A3, the corresponding preset level is SL4.

Further, for a component, the security requirement corresponding to the component is determined based on the security requirement of the application to which the component belongs. For example, components C11-C13, C21-C22, and C31-C34 belong to application A1, so the security requirements of application A1 are the corresponding security requirements of components C11-C13, C21-C22, and C31-C34.

It should be noted that the embodiment of the present disclosure does not limit the specific method of configuring the security requirements corresponding to the components. As an example, the configuration can be performed in the Manifest file of the application to which the component belongs, such as the Manifest configuration file config.json of the application of the Hongmeng system. , can also be configured in other files, and so on.

In addition, the embodiments of the present disclosure do not limit the criteria on which the configuration security requirements are based. For example, for applications or components involving information such as user privacy, their security requirements may be configured higher. For example, chat applications commonly used by users, banking applications involving capital transactions, payment applications involving financial payments, etc. For example, for applications or components that do not involve information such as user privacy, their security requirements can be configured lower. For example, calendar applications, browser applications, etc.

In some embodiments of the present disclosure, the security requirement corresponding to a component may be a security level requirement for all access devices that need to access the component, where all access devices include the device where the component is located (referred to as this device), also including other equipment. In this way, if the security level of the device where the component is located does not meet the corresponding security requirements of the component, the device cannot access the component.

In some embodiments of the present disclosure, the security requirements corresponding to a component may be the security level requirements for other access devices that want to access the component, where other access devices refer to devices other than the device where the component is located (called this device) device of. In this way, this device can access the components included in this device without satisfying the security level of the components. In other words, this device can directly access components in this device. However, for other devices other than this device, it is necessary to determine whether the security level of the access device meets the corresponding security requirements of the component. For the convenience of explanation, cross-device access is used as an example for description below.

In this way, the first device 401 and the second device 402 can establish a communication channel by exchanging device information, where the exchange can be performed directly or through a third party (such as a server). Further, after the communication channel is established, the first device 401 and the second device 402 may perform cross-device interaction via the communication channel through distributed scheduling.

As an example, assuming that the second device 402 is the accessing device and the first device 401 is the accessed device, the component access process between the first device 401 and the second device 402 is further described.

In process 400, the second device 402 determines 420 a target component to access.

Optionally, what is being accessed can be a component. Specifically, the second device 402 may determine which component of which application on the first device 401 is to be accessed, and the like.

Optionally, what is being accessed can be a class of components. Specifically, the second device 402 may determine which type of component on the first device 401 is to be accessed. It can be understood that a class of components may include multiple components, and multiple components may belong to different applications.

In process 400 , the second device 402 sends 430 an access request to the first device 401 .

Exemplarily, the second device 402 may send the access request to the first device 401 via an established trusted communication channel that has passed security verification authentication.

In the embodiment of the present disclosure, the access request may be a cross-device inter-component access request between the second device 402 and the first device 401, specifically, it may explicitly or implicitly indicate that the calling component in the second device 402 wants to access a target component in the first device 401 .

In the embodiments of the present disclosure, the access request may include indication information about the access purpose. In some embodiments, the access request includes an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, installation-free, and the like.

The purpose of visit may correspond to different scenarios, and in some cases, the purpose of visit may be equal to the scene of visit. Exemplarily, data migration may refer to migrating data in the calling component to the target component. Exemplarily, the remote control may mean that the calling component controls the target component, for example, controlling the hardware capabilities of the first device, such as a camera and a microphone. Exemplarily, task scheduling may indicate that the invoking component requires the target component to perform a specific task, such as drawing a picture. Exemplarily, relaying may indicate that the calling component requires the target component to relay the operation being performed by the calling component, such as writing an email, drawing a picture, and so on. Exemplarily, the remote method invocation may mean that the invoking component requests the remote access handle provided by the target component, and then the invoking component can use the remote access handle to access the method provided by the first device. Exemplarily, installation-free may mean that the invoking component requests the first device to install the target component.

For the convenience of the following description, it is assumed that a single target component is to be accessed, and a more detailed explanation will be given through the following embodiments. It should be understood that for the scenario where multiple target components are to be accessed or a type of target component including multiple components is to be accessed, the implementation is similar and will not be repeated here.

In an implementation manner of the present disclosure, the second device 402 may determine a target component based on actual requirements, and send an access request to the first device 401 .

Exemplarily, in the scenario of an installation-free application, if the second device 402 wants the first device 401 to install a target component of an application, it may send an access request to the first device 401 to request the first device 401 to install it.

In an implementation manner of the present disclosure, the second device 402 may determine whether the security level of the second device 402 meets the security requirement corresponding to the target component in the first device 401 to be accessed. If the second device 402 determines that the security level of the second device 402 meets the security requirement corresponding to the target component in the first device 401 to be accessed, the second device 402 sends an access request to the first device 401 . Exemplarily, the process of sending the access request by the second device 402 may be as shown in FIG. 5 .

Fig. 5 shows a schematic signaling diagram of a process 500 for a second device to send an access request according to an embodiment of the present disclosure. The process 500 can be executed by the second device 402 , and the process 500 involves the calling component 501 in the second device 402 , the distributed scheduling module 502 in the second device 402 and the application package management module 503 in the second device 402 .

Exemplarily, the distributed scheduling module 502 may be a management module for implementing cross-device component access. The distributed scheduling module 502 may be called a distributed task scheduling platform or a distributed management system (Distributed Management System, DMS).

For ease of understanding, an example of a device 600 including a DMS is first introduced with reference to FIG. 6 . The device 600 shown in FIG. 6 may be implemented as the aforementioned first device 401 or second device 402 . As shown in FIG. 6 , device 600 includes DMS 610 and distributed data management 620.

DMS 610 can also be called a distributed task scheduling platform. The distributed task scheduling platform realizes the startup/shutdown, connection/disconnection, and migration capabilities of cross-device components at the bottom layer, and realizes cross-device component management. Exemplarily, enabling/closing may be: providing developers with the ability to manage remote components, that is, supporting enabling feature capabilities (Feature Ability, FA), and enabling/closing particle capabilities (Particle Ability, PA) and data acquisition capabilities (Data Ability, DA). Exemplarily, connection/disconnection can be: providing developers with the ability to control services across devices (PA and DA), and developers can obtain or logout the objects of cross-device management services by connecting and disconnecting from remote services , to achieve service scheduling consistent with the local. Exemplarily, the migration capability may be: provide the developer with the migration capability of cross-device FA, and the developer can migrate the local service to the designated device by calling the migration interface of the FA.

As shown in FIG. 6 , DMS 610 may include distributed scheduling decisions 612 and distributed framework 614. Distributed scheduling decision 612 can be used to find the best equipment and meta-capabilities to perform tasks based on user intentions, combined with equipment capabilities, equipment business and resource status, and multi-dimensional features of user portraits. Distributed scheduling decision 612 may include device scheduling, meta-capability scheduling, scheduling policy optimization, scheduling policy management, and the like. The distributed framework 614 can be used to build distributed basic capabilities, realize cross-device startup and binding meta-capabilities, automatically identify migratable scenarios, manage the migration process, and collaborate to complete business data synchronization. The distributed framework 614 may include migration scenario identification, meta-capability migration management, distributed data synchronization, meta-capability startup binding management, and the like.

As shown in FIG. 6 , distributed data management 620 may include scheduling feature 622 and system service list 624 . The scheduling feature 622 may include user status, user profile feature, device service status, device profile, and the like. The system service list 624 is used to realize system service synchronization when the system service is called in a distributed manner.

It can be understood that the distributed scheduling decision 612 can query and obtain information such as device profiles from the distributed data management 620 .

It should be noted that FIG. 6 is only illustrative, and the device 600 may include more or less components or modules, and FIG. 6 should not be used as a limitation on the device.

In the process 500 in which the second device 402 sends an access request shown in FIG. 5 , the invoking component 501 in the second device 402 determines 510 that a cross-device component access is to be initiated.

Exemplarily, the invoking component 501 in the second device 402 may determine to initiate an access to the first device 401 and determine a target component to be accessed.

It may be determined based on the user's operation on the second device 402 that the calling component 501 initiates the cross-device access. As an example, assume that the second device 402 is the mobile phone 120 , and assume that the calling component 501 is the camera component of the camera APP in the mobile phone 120 . The user may click on a specific location (for example, remote photography, etc.) in the photographing component of the camera APP on the second device 402, thereby triggering the photographing component to initiate cross-device component access.

For example, assume that the calling component 501 in the second device 402 wants to access the target component in the first device 401 . Taking the first device 401 as the smart screen 110 shown in FIG. 1 as an example, it is assumed that the target component in the first device 401 is the camera component in the smart screen 110 .

In the process 500 , the calling component 501 in the second device 402 sends 520 an initiation request to the distributed scheduling module 502 in the second device 402 .

As an example, the initiation request may include the identifier of the first device 401 and the identifier of the target component. Optionally, the identification of the target application to which the target component belongs may also be included. The identifier of the first device 401 may be a name of the first device 401, an identifier (ID) of the first device 401, and the like. The identifier of the target component may be a component name of the target component, a component ID of the target component, and the like. The identifier of the target application may be a package name of the target application, an ID of the target application, and the like.

In the process 500 , the distributed scheduling module 502 in the second device 402 sends 530 a query request to the application package management module 503 in the second device 402 .

That is to say, the distributed scheduling module 502 in the second device 402 can initiate a query to the interface of the application package management module 503 in the second device 402 .

The query request may be used to query whether information about the corresponding target component exists in the application package management module 503 of the second device 402 .

As an example, the query request may include the identifier of the first device 401 and the identifier of the target component. Optionally, the identification of the target application to which the target component belongs may also be included.

In the process 500, the application package management module 503 in the second device 402 performs a query 540 based on the query request.

As an example, the application package management module 503 in the second device 402 may query from the local distributed database of the second device 402 . As another example, the application package management module 503 in the second device 402 may query from a third-party device, for example, perform a query from a remote device through a remote call, for example, the third-party device or the remote device may be a server or the like.

Exemplarily, the application package management module 503 in the second device 402 may determine whether there is component information about the target component of the first device 401 by querying.

The component information of the target component of the first device 401 may include security requirements corresponding to the target component, and the like.

In some embodiments, if it is determined that there is no component information about the target component of the first device 401, a query response may be generated in response to the absence.

In some embodiments, if it is determined that there is component information about the target component of the first device 401, then the security level corresponding to the target component of the first device 401 may be obtained, and it is determined whether the security level of the second device 402 satisfies the first A security level corresponding to a target component of a device 401 . Further, a query response can be generated in response to the determination.

For example, assume that the first device 401 is the smart screen 110 shown in FIG. 1 , and the second device 402 is the mobile phone 120 shown in FIG. 1 . Assume that the security level of the second device 402 is SL5, and the target component in the first device 401 that the calling component 501 in the second device 402 wants to access is the camera component in the smart screen 110 . Assume that the security level corresponding to the camera component in the smart screen 110 is: the security level of the access device is higher than or equal to SL3. Since SL5 is higher than SL3, it can be determined that the security level of the second device 402 meets the security level corresponding to the target component of the first device 401 .

In the process 500 , the application package management module 503 in the second device 402 returns 550 a query response to the distributed scheduling module 502 in the second device 402 .

Optionally, in some examples, the application package management module 503 in the second device 402 may also send the component information of the target component of the first device 401 to the distributed scheduling module 502 in the second device 402, wherein the first The component information of the target component of the device 401 may include security requirements corresponding to the target component, and the like.

In some embodiments, if it is determined at 540 that there is no component information about the target component of the first device 401, the query response may indicate that there is no component information for the target component to be accessed. Optionally, after this, the second device 402 may initiate a connection request to the first device 401 to re-establish the communication channel between the first device 401 and the second device 402, as described above in conjunction with 410 in FIG. 4 .

In some embodiments, if it is determined at 540 that there is component information about the target component of the first device 401, and it is determined that the security level of the second device 402 does not meet the corresponding security level of the target component of the first device 401, then the query response may It is indicated that the security level of the second device 402 does not meet the security level corresponding to the target component of the first device 401 .

In some embodiments, if it is determined at 540 that there is component information about the target component of the first device 401, and it is determined that the security level of the second device 402 meets the corresponding security level of the target component of the first device 401, the query response may indicate The security level of the second device 402 meets the security level corresponding to the target component of the first device 401 .

In the process 500, if the query response indicates that the security level of the second device 402 meets the security level corresponding to the target component of the first device 401, then the distributed scheduling module 502 in the second device 402 sends 560 access to the first device 401 ask.

Specifically, the distributed scheduling module 502 in the second device 402 may send the access request to the distributed scheduling module in the first device 401 .

It can be seen from the description of the process 500 in FIG. 5 that the access request is based on the invocation request from the invocation component 501 of the invocation application of the second device 402 .

In the embodiments of the present disclosure, the access request may explicitly or implicitly indicate that the calling component 501 in the second device 402 wants to access the target component in the first device 401 .

Optionally, the access request may include an access parameter, which may indicate explicitly or implicitly the location information of the target component.

For example, the access parameter includes an identifier of the target component (such as a component name) and an identifier of a target application to which the target component belongs (such as a package name), so that the target application and the target component can be explicitly indicated.

Or for example, access parameters may include an implicit intent to perform an action, which can implicitly indicate the target application and target component. As an example, the implicit intent is an implicit intent that requires the access to have an action of "make a phone call". In this example, the first device 401 that receives the access request can match at least one target application and at least one target component that meet the conditions based on the implicit intent, for example, when the number of target applications that meet the conditions is multiple Under , you can find a list of all target apps that matched.

In one example, the access request may be carried in an access request message, and the access request message includes an identification of at least one of the following: the first device 401, the second device 402, the calling component 501, the target component, or the The target application, wherein the identifier of the calling component 501 may be a component name of the calling component, a component ID of the calling component, and the like.

In another example, the context of the access request may implicitly indicate that the calling component 501 in the second device 402 wants to access the target component in the first device 401 . For example, other messages can be transmitted before the access request message, and the calling component 501 in the second device 402 is explicitly indicated by the other message to want to access the target component in the first device 401, then the access request message after the other message can be No relevant identification is carried to implicitly indicate that the invoking component 501 in the second device 402 intends to access the target component in the first device 401 .

In another example, the access request may be carried in multiple messages, such as consecutive multiple messages. Optionally, multiple messages may jointly indicate that the calling component 501 in the second device 402 intends to access the target component in the first device 401 .

It should be understood that, in the embodiments of the present disclosure, the access request may also indicate that the calling component 501 in the second device 402 wants to access the target in the first device 401 through other methods (such as a default method or a default method, etc.) Components are not listed here one by one.

Returning now to FIG. 4, in process 400, after receiving the access request from the second device 402, the first device 401 determines 440 based on the security level of the second device 402 and the security requirements corresponding to the target components in the first device 401 Responses to access requests.

In some embodiments, the process of determining the response to the access request with respect to the first device 401 may be as shown in FIG. 7 .

Fig. 7 shows a schematic signaling diagram of a process 700 for a first device to determine a response to an access request according to an embodiment of the present disclosure. The process 700 may be executed by the first device 401 , and the process 700 involves the target component 701 in the first device 401 , the distributed scheduling module 702 in the first device 401 , and the application package management module 703 in the first device 401 .

In process 700 , the distributed scheduling module 702 in the first device 401 receives 710 an access request from the second device 402 . The access request may indicate that the second device 402 wants to access the target component in the first device 401 . It can be understood that the indication may be indicated explicitly or implicitly, as described above with respect to connection 560 in FIG. 5 .

Specifically, the distributed scheduling module 702 in the first device 401 may receive an access request from the distributed scheduling module 502 in the second device 402 . As an example, the access request may include the identifier of the first device, the identifier of the second device, and the identifier of the target component, and optionally may also include the identifier of the target application to which the target component belongs.

In the process 700 , the distributed scheduling module 702 in the first device 401 sends 720 a query request to the application package management module 703 in the first device 401 .

That is to say, the distributed scheduling module 702 in the first device 401 may initiate a query to the interface of the application package management module 703 in the first device 401 .

As an example, the query request may include the identifier of the second device 402 and the identifier of the target component. Optionally, the identification of the target application to which the target component belongs may also be included.

In the process 700, the application package management module 703 in the first device 401 performs a query 730 based on the query request.

The application package management module 703 in the first device 401 may query the local package management database of the first device 401 to obtain component information of the target component of the first device 401 . The component information of the target component of the first device 401 may include security requirements corresponding to the target component, and the like.

In some embodiments, it may be determined whether the security level of the second device 402 meets the security level corresponding to the target component of the first device 401 . Further, a query response can be generated in response to the determination.

For example, assume that the first device 401 is the smart screen 110 as shown in FIG. 1 , and assume that the second device 402 is the bracelet 160 as shown in FIG. 1 . Assume that the security level of the second device 402 is SL1. Assume that the target component in the first device 401 that the calling component 501 in the second device 402 wants to access is the camera component in the smart screen 110 . Assume that the security level corresponding to the camera component in the smart screen 110 is: the security level of the access device is higher than or equal to SL3. Since SL1 is lower than SL3, it can be determined that the security level of the second device 402 does not meet the security level corresponding to the target component of the first device 401 .

In the process 700 , the application package management module 703 in the first device 401 returns 740 a query response to the distributed scheduling module 702 in the first device 401 .

Optionally, in some examples, the application package management module 703 in the first device 401 may also send the component information of the target component of the first device 401 to the distributed scheduling module 702 in the first device 401, wherein the first The component information of the target component of the device 401 may include security requirements corresponding to the target component, and the like.

In some embodiments, if it is determined at 730 that the security level of the second device 402 does not meet the security level corresponding to the target component of the first device 401, the query response may indicate that the security level of the second device 402 does not meet the security level of the first device 401. The security level corresponding to the target component.

In some embodiments, if it is determined at 730 that the security level of the second device 402 satisfies the corresponding security level of the target component of the first device 401, the query response may indicate that the security level of the second device 402 satisfies the target component of the first device 401 corresponding security level.

In the process 700, if the query response indicates that the security level of the second device 402 meets the security level corresponding to the target component of the first device 401, then the distributed scheduling module 702 in the first device 401 starts 750 the Target component 701. In this way, through the process 700 shown in FIG. 7 , the cross-device FA launch of the target component 701 on the first device 401 can be realized.

It can be understood that if the query response indicates that the security level of the second device 402 does not meet the security level corresponding to the target component of the first device 401, then the distributed scheduling module 702 in the first device 401 will not start the Target component 701.

It should be noted that, in the embodiment of the present disclosure, the process of performing 730 by the first device 401 and the process of performing 540 by the second device 402 are independent of each other. That is to say, no matter whether the second device 402 (the access device) executes 540, the first device 401 (the accessed device) needs to execute 730, which can ensure the security of the access and prevent the second device 402 from being compromised. An access request sent indiscriminately under certain circumstances responds incorrectly.

Returning to FIG. 4, in the process 400, if the first device 401 determines that the security level of the second device 402 meets the security level corresponding to the target component in the first device 401, then the first device 401 may agree to the access request of the second device 402 . Thus, the first device 401 and the second device 402 implement cross-device interaction 450 . Specifically, the calling component 501 in the second device 402 can access the target component 701 in the first device 401 .

In this way, in the embodiments of the present disclosure, by setting a security requirement corresponding to a component, only devices meeting the security requirement can access the component, thus ensuring the security of the device where the component is located. Even if the access device is compromised due to the low version of software and hardware, there will be no security failure of the accessed device due to the interconnection between devices. That is to say, the embodiments of the present disclosure introduce an access control mechanism based on the security level of the device, which can effectively control the component access across devices and ensure the security of the cross-device access.

It should be understood that in the embodiments of the present disclosure, "first", "second", "third" and so on are only used to indicate that multiple objects may be different, but it does not exclude that two objects are the same. "First", "second", "third" and so on should not be construed as any limitations on the embodiments of the present disclosure.

It should also be understood that the divisions of methods, situations, categories and embodiments in the embodiments of the present disclosure are only for the convenience of description, and should not constitute special limitations. Logical cases can be combined with each other.

It should also be understood that the above content is only to help those skilled in the art better understand the embodiments of the present disclosure, rather than limiting the scope of the embodiments of the present disclosure. Those skilled in the art may make various modifications or changes or combinations based on the above contents. Such modifications, changes or combined solutions are also within the scope of the embodiments of the present disclosure.

It should also be understood that the above description focuses on the differences between the various embodiments, and the same or similar points may refer to or learn from each other, and for the sake of brevity, details are not repeated here.

Fig. 8 shows a schematic block diagram of an apparatus 800 for component access according to an embodiment of the present disclosure.

As shown in FIG. 8 , an apparatus 800 may include a receiving unit 810 and a determining unit 820 . The receiving unit 810 is configured to receive an access request from the second device, where the access request indicates that a target component in the first device is to be accessed. The determining unit 820 is configured to determine a response to the access request based on the security level of the second device and the security requirements corresponding to the target component.

In some embodiments, the determining unit 820 may be configured to grant the access request if it is determined that the security level satisfies the corresponding security requirements of the target component. Or if it is determined that the security level does not meet the security requirements corresponding to the target component, deny the access request.

In some embodiments, the security requirements corresponding to the target component include at least one of the following: the security level of the second device is higher than or equal to the security level of the first device, or the security level of the second device is higher than or equal to that of the target component default level.

In some embodiments, there is a communication channel between the first device and the second device, and the determining unit 820 may be configured to: determine the security level of the second device during the process of establishing the communication channel with the second device.

In some embodiments, wherein the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components have different security requirements.

In some embodiments, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs. Alternatively, the security requirements corresponding to the target component are determined based on the security requirements of the target module to which the target component belongs in the target application.

In some embodiments, the access request includes an indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, and installation-free. The access request may also include an identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.

Exemplarily, the apparatus 800 in FIG. 8 may be implemented as the first device 401, or may be implemented as a chip or a chip system in the first device 401, which is not limited by the embodiments of the present disclosure. Optionally, the apparatus 800 may be implemented as any electronic device in a distributed system, and when used as an accessed device, it can be used to implement the various For the sake of brevity, the process will not be repeated here.

Fig. 9 shows another schematic block diagram of an apparatus 900 for component access according to an embodiment of the present disclosure.

As shown in FIG. 9 , an apparatus 900 may include a determining unit 910 and a sending unit 920 . The determining unit 910 is configured to determine whether the security level of the second device meets the security requirement corresponding to the target component in the first device. The sending unit 920 is configured to send an access request to the first device if it is determined that the security level of the second device meets the corresponding security requirements of the target component, where the access request indicates that the target component in the first device is to be accessed.

In some embodiments, there is a communication channel between the first device and the second device, and the determining unit 910 may be configured to obtain security requirements corresponding to the target component during the process of establishing the communication channel with the first device.

In some embodiments, the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or the security requirements corresponding to the target component are determined based on the security requirements of the target module in the target application to which the target component belongs of.

Exemplarily, the apparatus 900 in FIG. 9 may be implemented as the second device 402, or may be implemented as a chip or a chip system in the second device 402, which is not limited by the embodiments of the present disclosure. Optionally, the apparatus 900 may be implemented as any electronic device in a distributed system, and when used as an access device, it can be used to implement the various processes described above in conjunction with the second device 402 in the embodiments of FIG. 4 to FIG. 7 , for the sake of brevity, will not be repeated here.

FIG. 10 shows a simplified block diagram of an example apparatus 1000 according to an embodiment of the disclosure. The apparatus 1000 may be used to implement the first device 401 and the second device 402 shown in the foregoing embodiments. As shown in FIG. 10 , the apparatus 1000 includes one or more processors 1010 , one or more memories 1020 coupled to the processors 1010 , and a communication module 1040 coupled to the processors 1010 .

The communication module 1040 can be used for two-way communication. The communication module 1040 may have at least one communication interface for communication. Communication interfaces may include any interface necessary to communicate with other devices.

The processor 1010 can be any type suitable for the local technical network, and can include but not limited to at least one of the following: a general purpose computer, a special purpose computer, a microcontroller, a digital signal processor (Digital Signal Processor, DSP), or a control based One or more of the multi-core controller architectures of the processor. Apparatus 1000 may have multiple processors, such as application specific integrated circuit chips, that are time slaved to a clock that is synchronized to a main processor.

Memory 1020 may include one or more non-volatile memories and one or more volatile memories. Examples of non-volatile memory include but are not limited to at least one of the following: read-only memory (Read-Only Memory, ROM) 1024, erasable programmable read-only memory (Erasable Programmable Read Only Memory, EPROM), flash memory, hard disk , Compact Disc (CD), Digital Video Disk (Digital Versatile Disc, DVD) or other magnetic and/or optical storage. Examples of volatile memory include, but are not limited to, at least one of: Random Access Memory (RAM) 1022, or other volatile memory that does not persist for the duration of a power outage.

The computer program 1030 comprises computer-executable instructions executed by the associated processor 1010 . Program 1030 may be stored in ROM 1024. Processor 1010 may perform any suitable actions and processes by loading program 1030 into RAM 1022.

Embodiments of the present disclosure may be implemented by means of the program 1030 such that the apparatus 1000 may perform any of the processes as discussed with reference to FIGS. 4 to 7 . Embodiments of the present disclosure can also be realized by hardware or by a combination of software and hardware.

In some embodiments, program 1030 may be tangibly embodied on a computer readable medium, which may be included in apparatus 1000 (such as in memory 1020 ) or other storage device accessible by apparatus 1000 . Program 1030 may be loaded from a computer readable medium into RAM 1022 for execution. The computer readable medium may include any type of tangible nonvolatile memory such as ROM, EPROM, flash memory, hard disk, CD, DVD, and the like.

In some embodiments, the communication module 1040 in the device 1000 can be implemented as a transmitter and receiver (or transceiver), which can be configured to send/receive messages, data, signaling, etc., such as access requests, etc. In addition, the apparatus 1000 may further include one or more of a scheduler, a controller, and a radio frequency/antenna, which will not be described in detail in this disclosure.

Exemplarily, the apparatus 1000 in FIG. 10 may be implemented as an electronic device in a distributed system, or may be implemented as a chip or a chip system in an electronic device, which is not limited by the embodiments of the present disclosure.

Embodiments of the present disclosure also provide a chip, which may include an input interface, an output interface, and a processing circuit. In the embodiments of the present disclosure, the above signaling or data interaction may be completed by the input interface and the output interface, and the generation and processing of the signaling or data information may be completed by the processing circuit.

Embodiments of the present disclosure also provide a chip system, including a processor, configured to support the first device 401 or the second device 402 to implement the functions involved in any of the foregoing embodiments. In a possible design, the system-on-a-chip may further include a memory for storing necessary program instructions and data, and when the processor runs the program instructions, the device installed with the system-on-a-chip can implement the program described in any of the above-mentioned embodiments. Methods. The system-on-a-chip may consist of chips, or may include chips and other discrete devices.

Embodiments of the present disclosure further provide a processor, configured to be coupled with a memory, and the memory stores instructions. When the processor executes the instructions, the processor executes the first device 401 or the first device 401 or the first device 401 in any of the above embodiments. The methods and functions of the second device 402.

Embodiments of the present disclosure also provide a computer program product containing instructions, which, when run on a computer, cause the computer to execute the methods and methods related to the first device 401 or the second device 402 in any of the above embodiments. Function.

Embodiments of the present disclosure also provide a computer-readable storage medium, on which computer instructions are stored. When the processor executes the instructions, the processor executes any of the above-mentioned embodiments involving the first device 401 or the second device 401. Methods and functions of device 402 .

An embodiment of the present disclosure also provides a distributed system, where the system includes a first device 401 or a second device 402 .

In general, the various embodiments of the present disclosure may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. Some aspects may be implemented in hardware, while other aspects may be implemented in firmware or software, which may be executed by a controller, microprocessor or other computing device. While various aspects of the embodiments of the present disclosure are shown and described as block diagrams, flowcharts, or using some other pictorial representation, it should be understood that the blocks, devices, systems, techniques or methods described herein can be implemented as, without limitation, Exemplary, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controllers or other computing devices, or some combination thereof.

The present disclosure also provides at least one computer program product tangibly stored on a non-transitory computer-readable storage medium. The computer program product comprises computer-executable instructions, eg included in program modules, which are executed in a device on a real or virtual processor of a target to perform the process/method as above with reference to FIGS. 3-7 . Generally, program modules include routines, programs, libraries, objects, classes, components, data structures, etc. that perform particular tasks or implement particular abstract data types. In various embodiments, the functionality of the program modules may be combined or divided as desired among the program modules. Machine-executable instructions for program modules may be executed within local or distributed devices. In a distributed device, program modules may be located in both local and remote storage media.

Computer program codes for implementing the methods of the present disclosure may be written in one or more programming languages. These computer program codes can be provided to processors of general-purpose computers, special-purpose computers, or other programmable data processing devices, so that when the program codes are executed by the computer or other programmable data processing devices, The functions/operations specified in are implemented. The program code may execute entirely on the computer, partly on the computer, as a stand-alone software package, partly on the computer and partly on a remote computer or entirely on the remote computer or server.

In the context of the present disclosure, computer program code or related data may be carried by any suitable carrier to enable a device, apparatus or processor to perform the various processes and operations described above. Examples of carriers include signals, computer readable media, and the like. Examples of signals may include electrical, optical, radio, sound, or other forms of propagated signals, such as carrier waves, infrared signals, and the like.

A computer readable medium can be any tangible medium that contains or stores a program for or related to an instruction execution system, apparatus, or device. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination thereof. More detailed examples of computer-readable storage media include electrical connections with one or more wires, portable computer diskettes, hard disks, random storage access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash), optical storage, magnetic storage, or any suitable combination thereof.

In addition, while operations of methods of the present disclosure are depicted in a particular order in the figures, this does not require or imply that operations must be performed in that particular order, or that all illustrated operations must be performed, to achieve desirable results. Conversely, the steps depicted in the flowcharts may be performed in an altered order. Additionally or alternatively, certain steps may be omitted, multiple steps may be combined into one step for execution, and/or one step may be decomposed into multiple steps for execution. It should also be noted that the features and functions of two or more devices according to the present disclosure may be embodied in one device. Conversely, the features and functions of one device described above may be further divided to be embodied by a plurality of devices.

Having described various implementations of the present disclosure, the foregoing description is exemplary, not exhaustive, and is not limited to the disclosed implementations. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described implementations. The choice of terminology used herein aims to well explain the principle of each implementation, practical application or improvement to the technology in the market, or to enable other ordinary skilled persons in the technical field to understand the various implementations disclosed herein.

Claims

A component access method comprising:

a first device receives an access request from a second device, the access request indicating access to a target component in the first device; and

The first device determines a response to the access request based on the security level of the second device and the security requirements corresponding to the target component.
The method of claim 1, wherein determining a response to the access request comprises:

If it is determined that the security level satisfies the security requirement corresponding to the target component, granting the access request; or

If it is determined that the security level does not meet the security requirement corresponding to the target component, rejecting the access request.
The method according to claim 1 or 2, wherein the security requirements corresponding to the target component include at least one of the following:

the security level of the second device is higher than or equal to the security level of the first device, or

The security level of the second device is higher than or equal to the preset level corresponding to the target component.
The method according to any one of claims 1 to 3, wherein there is a communication channel between the first device and the second device, the method further comprising:

During the process of establishing the communication channel with the second device, the security level of the second device is determined.
The method according to any one of claims 1 to 4, wherein the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.
The method according to any one of claims 1 to 4, wherein the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or, the security requirements corresponding to the target component is determined based on the security requirements of the target module to which the target component belongs in the target application.
A method according to any one of claims 1 to 6, wherein said access request comprises:

An indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, instant installation, and

An identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.
A component access method comprising:

The second device determines whether the security level of the second device meets the security requirements corresponding to the target components in the first device; and

If it is determined that the security level of the second device satisfies the security requirement corresponding to the target component, sending an access request to the first device, where the access request indicates that the target component in the first device is to be accessed .
The method according to claim 8, wherein the security requirements corresponding to the target component include at least one of the following:

the security level of the second device is higher than or equal to the security level of the first device, or

The security level of the second device is higher than or equal to the preset level corresponding to the target component.
The method according to claim 8 or 9, wherein there is a communication channel between the first device and the second device, the method further comprising:

During the process of establishing the communication channel with the first device, the security requirement corresponding to the target component is acquired.
The method according to any one of claims 8 to 10, wherein the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components have different security requirements.
The method according to any one of claims 8 to 10, wherein the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or, the security requirements corresponding to the target component is determined based on the security requirements of the target module to which the target component belongs in the target application.
A method according to any one of claims 8 to 12, wherein said access request comprises:

An indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, instant installation, and

An identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.
An apparatus for component access, implemented at a first device, comprising:

a receiving unit configured to receive an access request from a second device, the access request indicating that a target component in the first device is to be accessed; and

A determining unit configured to determine a response to the access request based on the security level of the second device and the security requirements corresponding to the target component.
The device according to claim 14, wherein the determining unit is configured to:

If it is determined that the security level satisfies the security requirement corresponding to the target component, granting the access request; or

If it is determined that the security level does not meet the security requirement corresponding to the target component, rejecting the access request.
The device according to claim 14 or 15, wherein the security requirements corresponding to the target component include at least one of the following:

the security level of the second device is higher than or equal to the security level of the first device, or

The security level of the second device is higher than or equal to the preset level corresponding to the target component.
The apparatus according to any one of claims 14 to 16, wherein there is a communication channel between the first device and the second device, and wherein the determining unit is configured to:

During the process of establishing the communication channel with the second device, the security level of the second device is determined.
The apparatus according to any one of claims 14 to 17, wherein the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components correspond to different security requirements.
The device according to any one of claims 14 to 17, wherein the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or, the security requirements corresponding to the target component is determined based on the security requirements of the target module to which the target component belongs in the target application.
An apparatus according to any one of claims 14 to 19, wherein said access request comprises:

An indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, instant installation, and

An identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.
An apparatus for component access, implemented at a second device, comprising:

a determining unit configured to determine whether the security level of the second device meets the security requirements corresponding to the target components in the first device; and

A sending unit configured to send an access request to the first device if it is determined that the security level of the second device satisfies the security requirement corresponding to the target component, and the access request indicates that the first device is to be accessed The target component in .
The device according to claim 21, wherein the security requirements corresponding to the target component include at least one of the following:

the security level of the second device is higher than or equal to the security level of the first device, or

The security level of the second device is higher than or equal to the preset level corresponding to the target component.
The apparatus according to claim 21 or 22, wherein there is a communication channel between the first device and the second device, and wherein the determining unit is configured to:

During the process of establishing the communication channel with the first device, the security requirement corresponding to the target component is acquired.
The apparatus according to any one of claims 21 to 23, wherein the target component belongs to a target application, the target application includes multiple components, and at least two of the multiple components have different security requirements.
The device according to any one of claims 21 to 23, wherein the security requirements corresponding to the target component are determined based on the security requirements of the target application to which the target component belongs, or, the security requirements corresponding to the target component is determined based on the security requirements of the target module to which the target component belongs in the target application.
An apparatus according to any one of claims 21 to 25, wherein said access request comprises:

An indication of at least one of the following scenarios: data migration, remote control, task scheduling, relay, remote method invocation, instant installation, and

An identification of at least one of the following: the first device, the second device, the calling component of the second device, the target component, or the target application to which the target component belongs.
A computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the method according to any one of claims 1 to 13 is realized.
A chip comprising processing circuitry configured to perform the method according to any one of claims 1 to 13.