WO2023051229A1 - Method and apparatus for identifying device, and electronic device and medium - Google Patents

Abstract

Provided in the embodiments of the present application are a method and apparatus for identifying a device, and an electronic device and a medium. The method comprises: in response to receiving a broadcast message from a second device, a first device determining, on the basis of an identity key of a trusted device set of the first device and a source address of the broadcast message, that the second device is an active trusted device, and then providing information relating to the second device. In this way, when a first device has a trusted relationship with a second device, the first device can identify, by means of address information of a broadcast system of the second device, the second device, which is in an active state. Therefore, the second device can be identified without it being necessary for same to broadcast the identification information thereof, thereby reducing the risk of the second device being monitored and tracked.

Description

Method, device, electronic device and medium for marking a device technical field

Embodiments of the present disclosure mainly relate to the technical field of communication. More specifically, the embodiments of the present disclosure relate to a method for identifying a device, an apparatus, an electronic device, a computer-readable storage medium, and a computer program product.

Background technique

With the advent of the Internet of Things era, more and more electronic devices appear in the lives of users. A user has a high probability of owning many electronic devices at the same time. Different electronic devices have different advantages in hardware capabilities, and the functions they provide are also different. Not all are the same, and users often perform different tasks such as entertainment, communication, and work on multiple electronic devices.

In order to access these electronic devices conveniently or obtain useful information from them, the electronic devices will send broadcast messages. However, broadcasting messages may cause users to leak identity credentials, leading to the risk of users being monitored. This risk exists on devices with various operating systems. In view of this, there is a need for a secure method of identifying devices to reduce the risk of users being identified and tracked.

Contents of the invention

Embodiments of the present application provide a solution for identifying devices.

According to a first aspect of the present application, there is provided a method for identifying a device, comprising: in response to receiving a broadcast message from a second device, a first device based on an identity key of a set of trusted devices of the first device a key and a source address of the broadcast message to determine that the second device is an active trusted device; and the first device provides information about the second device.

In this application, the first device and the second device are devices capable of broadcasting communication (sending broadcasts and receiving broadcasts), and when they are trusted with each other, a connection between them can be further established for service transmission. In this application, trusted devices refer to devices that trust each other and can send personal data, for example, devices with the same user account or devices that have been authenticated by other means.

The first device has the identity keys of one or more other devices with which it has a trusted relationship, and can use these identity keys to check whether a particular device is its trusted device. According to the embodiment of the application, a device sends a broadcast message (for example, a heartbeat message) when it is active. The broadcast message does not carry a device identifier, and its address is generated via the device's identity key, and is variable to ensure that the device does not will be monitored and tracked. According to an embodiment of the present application, when receiving a broadcast message from another device, the first device may use the identity key of a trusted device in its trusted device set to verify the address of the broadcast message, Active trusted devices are thus discovered.

In this way, when the first device and the second device have a trusted relationship, the first device can identify the second device in an active state through the address information of the broadcast system of the second device. Therefore, the second device can be identified without broadcasting its identification information, which reduces the risk of the second device being monitored and tracked.

In some embodiments, determining that the second device is an active trusted device may include: authenticating the broadcast message using a first identity key of the identity keys of the set of trusted devices and the source address ; and if the broadcast message is verified, the first device determines the second device as an active trusted device. In this manner, the first device can verify whether the source of the broadcast message is a trusted device according to the pre-stored identity key of the trusted device.

In some embodiments, verifying the broadcast message may include: generating a hash value based on the first identity key and the first part of the source address; combining the hash value with the second part of the source address Parts are compared; if the hash value matches the second part, it is determined that the broadcast message passes the verification. In this way, a way to reliably authenticate broadcast messages with identity keys is provided.

In some embodiments, providing the information of the second device may include: in response to receiving a search request about a trusted device from the user, the first device providing the information of the second device to the user. In this manner, a user may operate a first device, request to discover active trusted devices related to the first device, and information about the second device (such as graphical elements displayed on a user interface) is provided to the user for the user's convenience. Trusted devices for further manipulation of discovered activity.

In some embodiments, the method according to the first aspect of the present application may further include: in response to receiving the user's operation on the information of the second device, establishing the connection between the first device and the second device Device connection. In this way, the first device can be connected to the found active trusted device according to user operations to meet specific business needs without going through authentication, pairing, etc., thereby speeding up the connection speed and having a good user experience.

In some embodiments, the identity key of the set of trusted devices is stored at the first device, and wherein the method may further comprise: in response to determining a target trusted device in the set of trusted devices exiting the trusted relationship with the first device, the first device deleting the identity key of the target trusted device from the stored identity keys of the set of trusted devices. In this way, the trusted relationship between the first device and other devices can be persisted and updated dynamically, so that an active trusted device can be quickly detected.

In some embodiments, the identity key may be an identity resolution key. In some embodiments, the broadcast message may be a Bluetooth broadcast message. In this way, the identity key can be adapted to a randomized broadcast address conforming to the Bluetooth communication protocol.

According to the second aspect of the present application, there is provided a communication method, including: a first device determines that the second device is a trusted device of the first device based on the information used for authentication received from the second device ; the first device sends the identity key of the first device to the second device; the first device receives the identity key of the second device from the second device, wherein the second the identity key of the device is used to generate a source address of the broadcast message of the second device; and the first device adds the identity key of the second device to the set of trusted devices of the first device in the identity key.

In this way, the first device can exchange their identity keys with other devices certified as trusted devices to form a trusted device network. In the trusted device network, devices will be able to pass the address of the broadcast message Information is used for device identification, instead of carrying identification information in broadcast messages, which prevents devices from being monitored and tracked.

In some embodiments, determining that the second device is a trusted device of the first device may include: sending the account information of the first device to the second device; receiving the account information of the first device from the second device; information for authentication of the account information of the first device; and if the information for authentication indicates that the first device and the electronic device have the same or an associated account, determining that the second The second device is a trusted device. In this way, when multiple devices have the same or associated account information, these devices are considered to be trusted to each other, thereby providing a convenient and fast networking method of trusted device networks.

In some embodiments, determining that the second device is a trusted device of the first device may include: obtaining binding information from the information used for authentication; determining the second device based on the binding information Whether a device and the second device have been bound; and if it is determined that the first device and the second device have been bound, determining that the second device is a trusted device of the first device. In some embodiments, the binding information indicates that the two devices are bound through at least one of two-dimensional code, PIN code and physical contact. In this manner, when multiple devices are bound, these devices are considered to be trusted to each other, thereby providing a flexible and widely applicable trusted device network networking method.

In some embodiments, the method according to the second aspect of the present application may further include: the first device sending the identity key of the second device to a trusted device in the set of trusted devices; and the The first device sends the identity key of the one trusted device in the trusted device set to the second device. In this way, the identity keys of multiple mutually trusted devices can be quickly disseminated and shared, thereby providing a convenient and fast networking method for trusted device networks.

In some embodiments, the method according to the second aspect of the present application may further include: if the second device is determined to be a trusted device of the first device, establishing the first device and the second device the connection between. In this way, the first device and the second device authenticated as trusted devices can be facilitated to exchange each other's identity keys.

In some embodiments, the method according to the second aspect of the present disclosure may further include: in response to determining that the second device has exited the trusted relationship with the first device, the first device from the first device Delete the identity key of the second device from the identity keys of the trusted device set. In this way, the first device can manage and dynamically maintain its own set of trusted devices.

In some embodiments, the method according to the second aspect of the present application may further include: updating the identity key of the first device if it is determined that the first device exits the trusted relationship with the set of trusted devices. In this way, the first device can conveniently release the trusted relationship with other devices.

In some embodiments, the identity key may be an identity resolution key. In some embodiments, the broadcast message may be a Bluetooth broadcast message. In this way, the identity key can be adapted to a randomized broadcast address conforming to the Bluetooth communication protocol.

According to a third aspect of the present application, there is provided a communication apparatus, including: an active trusted device determining unit configured to, in response to receiving a broadcast message from a second device, based on the identity of the trusted device set of the first device The key and the source address of the broadcast message determine that the second device is an active trusted device; and an information providing unit is configured to provide information of the second device.

In some embodiments, the active trusted device determination unit may be further configured to: use the first identity key in the identity keys of the set of trusted devices and the source address to verify the broadcast message ; and if the broadcast message passes verification, determining the second device as an active trusted device.

In some embodiments, the active trusted device determination unit may be further configured to: generate a hash value based on the first identity key and the first part of the source address; combine the hash value and the comparing the second part of the source address; if the hash value matches the second part, it is determined that the broadcast message passes the verification.

In some embodiments, the information providing unit may be further configured to: provide the user with the information of the second device in response to receiving a search request about the trusted device from the user.

In some embodiments, the apparatus according to the third aspect of the present application may further include: a connection establishment unit configured to, in response to receiving the user's operation on the information of the second device, establish a connection with the Connection of a second device.

In some embodiments, the apparatus according to the third aspect of the present application may further include an identity key storage unit configured to: store the identity key of the set of trusted devices; and respond to determining that the trusted device The target trusted device in the set quits the trusted relationship with the first device, and the identity key of the target trusted device is deleted from the identity keys of the set of trusted devices.

In some embodiments, the identity key may be an identity resolution key. In some embodiments, the broadcast message may be a Bluetooth broadcast message.

According to the fourth aspect of the present application, there is also provided a communication device, including: an authentication unit configured to determine that the second device is a possible authentication of the first device based on the information for authentication received from the second device. an identity key exchange unit, configured to send the identity key of the first device to the second device, and receive the identity key of the second device from the second device, wherein the The identity key of the second device is used to generate the source address of the broadcast message of the second device, and an identity key adding unit is configured to add the identity key of the second device to the first In the identity key of the trusted device set of the device.

In some embodiments, the authentication unit may be further configured to: send the account information of the first device to the second device; receive the account information for the first device from the second device information for authentication of account information; and if the information for authentication indicates that the first device and the second device have the same or associated accounts, determining that the second device is the first device trusted devices.

In some embodiments, the authentication unit may be further configured to obtain binding information from the information used for authentication; based on the binding information, determine whether the first device and the second device have bound; and if it is determined that the first device and the second device have been bound, determining that the second device is a trusted device of the first device.

In some embodiments, the binding information indicates that the two devices are bound through at least one of two-dimensional code, PIN code and physical contact.

In some embodiments, the identity key exchange unit may also be configured to: send the identity key of the second device to a trusted device in the set of trusted devices; and send the identity key of the second device to the second device Sending the identity key of the one trusted device in the set of trusted devices.

In some embodiments, the apparatus according to the fourth aspect of the present application may further include: a connection establishment unit configured to establish a connection between the first device and the second device.

In some embodiments, the apparatus according to the fourth aspect of the present application, wherein the identity key storage unit is further configured to, in response to determining that the second device exits the trusted relationship with the first device, from the deleting the identity key of the second device from the identity keys of the trusted device set of the first device.

In some embodiments, the apparatus according to the fourth aspect of the present application may further include: an identity key update unit configured to update the The identity key of the first device.

In some embodiments, the identity key may be an identity resolution key. In some embodiments, the broadcast message may be a Bluetooth broadcast message.

According to the fifth aspect of the present application, there is also provided an electronic device, including: a processing unit and a memory; the processing unit executes instructions in the memory, so that the electronic device executes the electronic device according to the first aspect or the first aspect of the present application. The method described in the two aspects.

According to a sixth aspect of the present application, there is also provided a computer-readable storage medium, on which one or more computer instructions are stored, wherein one or more computer instructions are executed by a processor to cause the processor to perform the The method described in the first aspect or the second aspect.

According to a sixth aspect of the present application, there is also provided a computer program product comprising machine-executable instructions which, when executed by a device, cause the device to perform the first or second aspect of the present application. the method described.

Description of drawings

The above and other features, advantages and aspects of the various embodiments of the present disclosure will become more apparent with reference to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, the same or similar reference numerals indicate the same or similar elements, wherein:

Fig. 1 schematically shows a system diagram provided by the present application;

2a to 2b are schematic diagrams showing a set of application interfaces provided by the embodiments of the present application;

FIG. 3a shows a schematic diagram of a hardware structure of an electronic device provided by an embodiment of the present application;

FIG. 3b is a schematic diagram of a software structure of an electronic device provided in an embodiment of the present application;

4a to 4c are schematic diagrams of a set of application interfaces provided by the embodiments of the present application;

Fig. 5 shows a schematic diagram of interaction between devices according to some embodiments of the present application;

6a to 6d are schematic diagrams of another set of application interfaces provided by the embodiments of the present application;

Fig. 7 shows a schematic diagram of interaction between devices according to some embodiments of the present application;

Fig. 8 shows a schematic flowchart of a communication method according to some embodiments of the present application;

Fig. 9 shows a schematic flowchart of a communication method according to some embodiments of the present application;

Fig. 10 shows a schematic block diagram of a communication device according to some embodiments of the present application;

Fig. 11 shows a schematic block diagram of a communication device according to some embodiments of the present application.

Detailed ways

Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although certain embodiments of the present disclosure are shown in the drawings, it should be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein; A more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are for exemplary purposes only, and are not intended to limit the protection scope of the present disclosure.

In the description of the embodiments of the present disclosure, the term "comprising" and its similar expressions should be interpreted as an open inclusion, that is, "including but not limited to". The term "based on" should be understood as "based at least in part on". The term "one embodiment" or "the embodiment" should be read as "at least one embodiment". The terms "first", "second", etc. may refer to different or the same object. Other definitions, both express and implied, may also be included below.

Electronic devices in the Internet of Things often notify surrounding devices of their existence through broadcast messages (for example, Bluetooth broadcasts for heartbeat), and may also carry service data in these broadcast messages. In order to identify itself, electronic devices often carry identification information in broadcast messages, making them easy to be identified and tracked. Some users with ulterior motives may monitor users through broadcast messages of the device. This risk in Windows

It exists in devices with other operating systems. For example, for Apple devices, the payload (AdvData field) of the Bluetooth broadcast message includes the company identifier (for example, 0x004c), the nearby field and the handoff field of the device as device identification information;

For devices, the payload of the broadcast message includes the company identifier (0x0006) and a 27-byte character string used as identification information. Although these devices employ randomized MAC addresses (ie, source addresses), since broadcast messages are generally unencrypted and cannot be used for authentication. Therefore, it is easy for an attacker to obtain these characteristic information through monitoring for a period of time to track the device.

Although it is possible to receive heartbeat messages or transmit business data through a secure connection (for example, pairing) between devices. However, the number of connections that can be maintained by each device is limited (for example, generally a maximum of 7 devices can be connected at the same time), and there may be more devices that can be discovered around, and it is impossible to maintain an active connection with all devices. Moreover, some lightweight devices (for example, smart water cups, smart toothbrushes, etc.) may not necessarily be paired and may not be kept connected for a long time due to power considerations. In addition, even after pairing, it is still hoped that these lightweight devices can still be used when replacing rich devices such as mobile phones and tablet computers, or that other trusted devices with the same account or different accounts can also use them. That is to say, when the device sends a broadcast message, the trusted device can identify the device. In addition, since the broadcast message of the electronic device may be randomized using its own identity key, only the device with the identity key can identify the source of the broadcast message. However, traditionally, the identity keys of devices can only be exchanged through pairing, which also brings inconvenience to the reception of broadcast messages and device identification.

Therefore, there is a need for a method that can securely identify devices to reduce the risk of device surveillance and tracking. The present application provides a solution for identifying a device by using a broadcast message for an application scenario of the Internet of Things. In this scheme, trusted relationships are established between devices and mutual identity keys are exchanged, and then identity keys can be used to generate addresses for broadcast messages, so that devices can be identified by other devices without carrying identification information in their broadcast messages. recognized by trusted devices. According to an embodiment of the present disclosure, when a first device (for example, a mobile phone, a tablet, etc.) receives a broadcast message from a second device (for example, a lightweight device), it can use its known identity key of a trusted device to verify The address of the broadcast message. If the verification is passed, it indicates that the second device is its trusted device, and the corresponding identity key used also implies or corresponds to the identification information of the device, thereby realizing the security identification of the second device, and the second device The second device does not need to carry identification information that may bring a risk of being tracked in its broadcast message.

The following first introduces the system architecture involved in the embodiment of the present application.

Fig. 1 schematically shows a system diagram provided in this application. As shown in FIG. 1 , the system includes a plurality of electronic devices, such as electronic device 200 , electronic device 201 , electronic device 202 , electronic device 203 , and electronic device 204 , which are exemplarily shown. Each electronic device in the system can form a network (that is, a network) according to a certain communication protocol and networking strategy, so that each electronic device in the system can communicate with each other. For example, various electronic devices in the system may be connected through wireless communication. For example, at least one of the following wireless connection methods can be used to establish a connection: Bluetooth (blue tooth, BT) or low power Bluetooth (blue tooth low energy, BLE), near field communication (near field communication, NFC), wireless fidelity (wireless fidelity, Wi-Fi), or Wi-Fi Direct. in,

The embodiment of the present application does not specifically limit the type of electronic device (such as electronic device 200, electronic device 201, electronic device 202, electronic device 203, or electronic device 204). In some embodiments, the electronic device in the embodiment of the present application It can be a mobile phone, wearable device (such as smart bracelet, smart watch, earphone, etc.), tablet computer, laptop computer (laptop), handheld computer, notebook computer, ultra-mobile personal computer (UMPC) , cellular phone, personal digital assistant (personal digital assistant, PDA), augmented reality (Augmented reality, AR)\virtual reality (virtual reality, VR) equipment and other equipment, it can also be TV, large screen, speaker, TV, refrigerator , air conditioners, car equipment, printers, projectors and other equipment. Exemplary embodiments of electronic devices include, but are not limited to

Electronic devices with Harmony or other operating systems.

In some embodiments, the electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203 and the electronic device 204 may be connected to a local area network (local area network, LAN) through a wired or wireless fidelity connection. The electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203, and the electronic device 204 communicate with each other through a local area network. The electronic device 200 , the electronic device 201 , the electronic device 202 , the electronic device 203 and the electronic device 204 can also communicate with each other through third-party devices in the local area network, such as routers, gateways, and smart device controllers.

In some embodiments, the electronic device 200 , the electronic device 201 , the electronic device 202 , the electronic device 203 and the electronic device 204 may have a distributed operating system. With this distributed operating system, the electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203, and the electronic device 204 form trusted devices that have a trusted relationship with each other, forming a seemingly integrated system from the user's point of view. HyperTerminal. The hyper terminal function allows users to automatically connect all nearby smart devices equipped with the distributed operating system to form a collaborative work scene, for example, to identify other trusted devices that are currently active, establish connections with trusted devices and transfer data. According to the embodiment of the present application, when in the active state, the electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203, and the electronic device 204 send a broadcast message indicating a heartbeat to the surrounding environment, so that they can be covered by the HyperTerminal Other devices are recognized, and a secure connection between devices can be established according to the user's instructions.

It can be understood that the structure shown in the embodiment of the present application does not constitute a specific limitation on the system architecture. In some other embodiments of the present application, the system architecture may include more or less devices than shown.

Based on the system architecture diagram shown in FIG. 1 above, in a possible implementation, when the electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203, and the electronic device 204 perform identification or communication, between the electronic devices It is necessary to verify or establish a trusted relationship to provide support for subsequent data synchronization.

In some embodiments, the electronic device 200 can discover that one or more accounts logged in by other devices are the accounts of the electronic device 200 through the mobile network or the Internet, or that the accounts logged in by the one or more other devices are the accounts logged in by the electronic device 200 If the account is associated, the one or more other devices have a trust relationship with the electronic device 200 . The one or more other devices include the electronic device 201 , the electronic device 202 , the electronic device 203 or the electronic device 204 . Devices logged into the same account or associated accounts can obtain each other's device information and realize data communication. Wherein, the associated account may be an account authorized by the same account.

The above-mentioned account may be an account provided by the cloud server provider for the user, such as a Huawei account, or an account used to log in to an application program, such as an account of various communication software, an account of payment software, and the like.

In some embodiments, a trusted relationship can be established between electronic devices through manual addition, including, for example, touch and scan. Exemplarily, as shown in FIG. 2a, the user may enter the device management interface 310 from the setting application, and the device management interface 310 may include a list named "My Devices". Among them, "My Devices" includes the machine and speakers. The unit and the speaker can be devices with the same account (for example, sharing a Huawei account). Alternatively, the unit and the audio system can be devices with different accounts but authenticated bindings.

Optionally, the device management interface 310 may include a bind other device button 311 . In this embodiment of the application, binding refers to the establishment of a trusted relationship between two devices, so that operations such as device identification and data synchronization between devices can be performed. In response to the user's operation (for example, click operation) on the button 311 of binding other devices, the device binding interface 320 shown in Figure 2b is entered. Select the device you want to bind in the addable device list. For example, room TV 321, tablet 322, and smart watch 323 shown in FIG. Binding button 321A or the binding button 322A corresponding to the tablet 322 or the binding button 323A corresponding to the smart watch 323 realizes binding to the room TV 321 or the tablet 322 or smart watch 323 .

Optionally, the device binding interface 320 also includes a tap to add button 324 and a scan to add button 325, which can be bound to electronic devices that have not been scanned by the electronic device. Exemplarily, in response to the user's operation on the touch add button 324, the electronic device turns on NFC, touches the ontag label on other devices with the back, and can realize the binding to other devices; The user operates the button 325, and the electronic device scans the two-dimensional code of other devices, which can realize the binding to other devices.

It should be understood that the positions, names, and shapes of the elements (such as buttons, icons, text, etc.) in the UI interface corresponding to Figure 2a and Figure 2b are not fixed, and can be freely combined or designed according to requirements . For example, button 311 in FIG. 2a may be replaced with button 324 and button 325 in FIG. 2b.

It should be pointed out that the identification and mutual communication between devices to implement the solution of the embodiment of the present application can be based on the same network (such as a hyper terminal); it can also be established on the basis of a trust relationship between the devices For example, a common account, an associated account, a binding relationship, etc.; it can also be based on the same network and the establishment of a trust relationship, which is not limited in this application.

The electronic device 100 is taken as an example below to introduce the electronic devices involved in the embodiment of the present application (the electronic device 100 includes the electronic device 200, the electronic device 201, the electronic device 202, the electronic device 203, the electronic device 204, etc.).

Referring to FIG. 3a, FIG. 3a shows a schematic structural diagram of an exemplary electronic device 100 provided by an embodiment of the present application.

As shown in Figure 3a, the electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (universal serial bus, USB) interface 130, a charging management module 140, a power management module 141, and a battery 142 , antenna 1, antenna 2, mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, earphone jack 170D, sensor module 180, button 190, motor 191, indicator 192, camera 193 , a display screen 194, and a subscriber identification module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyroscope sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity light sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, bone conduction sensor 180M, etc.

It can be understood that, the structure illustrated in the embodiment of the present application does not constitute a specific limitation on the electronic device 100 . In other embodiments of the present application, the electronic device 100 may include more or fewer components than shown in the figure, or combine certain components, or separate certain components, or arrange different components. The illustrated components can be realized in hardware, software or a combination of software and hardware.

The processor 110 may include one or more processing units, for example: the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processing unit (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, memory, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural network processor (neural-network processing unit, NPU) wait. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.

Wherein, the controller may be the nerve center and command center of the electronic device 100 . The controller can generate an operation control signal according to the instruction opcode and timing signal, and complete the control of fetching and executing the instruction.

A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in processor 110 is a cache memory. The memory may hold instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to use the instruction or data again, it can be called directly from the memory. Repeated access is avoided, and the waiting time of the processor 110 is reduced, thus improving the efficiency of the system.

In some embodiments, processor 110 may include one or more interfaces. The interface may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous transmitter (universal asynchronous receiver/transmitter, UART) interface, mobile industry processor interface (mobile industry processor interface, MIPI), general-purpose input and output (general-purpose input/output, GPIO) interface, subscriber identity module (subscriber identity module, SIM) interface, and /or universal serial bus (universal serial bus, USB) interface, etc.

The I2C interface is a bidirectional synchronous serial bus, including a serial data line (serial data line, SDA) and a serial clock line (derail clock line, SCL). In some embodiments, processor 110 may include multiple sets of I2C buses. The processor 110 can be respectively coupled to the touch sensor 180K, the charger, the flashlight, the camera 193, etc. through different I2C bus interfaces. For example, the processor 110 may be coupled to the touch sensor 180K through the I2C interface, so that the processor 110 and the touch sensor 180K communicate through the I2C bus interface to realize the touch function of the electronic device 100 .

The I2S interface can be used for audio communication. In some embodiments, processor 110 may include multiple sets of I2S buses. The processor 110 may be coupled to the audio module 170 through an I2S bus to implement communication between the processor 110 and the audio module 170 . In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the I2S interface, so as to realize the function of answering calls through the Bluetooth headset.

The PCM interface can also be used for audio communication, sampling, quantizing and encoding the analog signal. In some embodiments, the audio module 170 and the wireless communication module 160 may be coupled through a PCM bus interface. In some embodiments, the audio module 170 can also transmit audio signals to the wireless communication module 160 through the PCM interface, so as to realize the function of answering calls through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.

The UART interface is a universal serial data bus used for asynchronous communication. The bus can be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is generally used to connect the processor 110 and the wireless communication module 160 . For example: the processor 110 communicates with the Bluetooth module in the wireless communication module 160 through the UART interface to realize the Bluetooth function. In some embodiments, the audio module 170 can transmit audio signals to the wireless communication module 160 through the UART interface, so as to realize the function of playing music through the Bluetooth headset.

The MIPI interface can be used to connect the processor 110 with peripheral devices such as the display screen 194 and the camera 193 . MIPI interface includes camera serial interface (camera serial interface, CSI), display serial interface (display serial interface, DSI), etc. In some embodiments, the processor 110 communicates with the camera 193 through the CSI interface to realize the shooting function of the electronic device 100 . The processor 110 communicates with the display screen 194 through the DSI interface to realize the display function of the electronic device 100 .

The GPIO interface can be configured by software. The GPIO interface can be configured as a control signal or as a data signal. In some embodiments, the GPIO interface can be used to connect the processor 110 with the camera 193 , the display screen 194 , the wireless communication module 160 , the audio module 170 , the sensor module 180 and so on. The GPIO interface can also be configured as an I2C interface, I2S interface, UART interface, MIPI interface, etc.

The USB interface 130 is an interface conforming to the USB standard specification, specifically, it can be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like. The USB interface 130 can be used to connect a charger to charge the electronic device 100 , and can also be used to transmit data between the electronic device 100 and peripheral devices. It can also be used to connect headphones and play audio through them. This interface can also be used to connect other electronic devices, such as AR devices.

It can be understood that the interface connection relationship between the modules shown in the embodiment of the present application is only a schematic illustration, and does not constitute a structural limitation of the electronic device 100 . In other embodiments of the present application, the electronic device 100 may also adopt different interface connection manners in the foregoing embodiments, or a combination of multiple interface connection manners.

The charging management module 140 is configured to receive a charging input from a charger. Wherein, the charger may be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 140 can receive charging input from the wired charger through the USB interface 130 . In some wireless charging embodiments, the charging management module 140 may receive a wireless charging input through a wireless charging coil of the electronic device 100 . While the charging management module 140 is charging the battery 142 , it can also provide power for electronic devices through the power management module 141 .

The power management module 141 is used for connecting the battery 142 , the charging management module 140 and the processor 110 . The power management module 141 receives the input from the battery 142 and/or the charging management module 140 to provide power for the processor 110 , the internal memory 121 , the external memory, the display screen 194 , the camera 193 , and the wireless communication module 160 . The power management module 141 can also be used to monitor parameters such as battery capacity, battery cycle times, battery health status (leakage, impedance). In some other embodiments, the power management module 141 may also be disposed in the processor 110 . In some other embodiments, the power management module 141 and the charging management module 140 may also be set in the same device.

The wireless communication function of the electronic device 100 can be realized by the antenna 1 , the antenna 2 , the mobile communication module 150 , the wireless communication module 160 , a modem processor, a baseband processor, and the like.

Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in electronic device 100 may be used to cover single or multiple communication frequency bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: Antenna 1 can be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 can provide wireless communication solutions including 2G/3G/4G/5G applied on the electronic device 100 . The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA) and the like. The mobile communication module 150 can receive electromagnetic waves through the antenna 1, filter and amplify the received electromagnetic waves, and send them to the modem processor for demodulation. The mobile communication module 150 can also amplify the signals modulated by the modem processor, and convert them into electromagnetic waves through the antenna 1 for radiation. In some embodiments, at least part of the functional modules of the mobile communication module 150 may be set in the processor 110 . In some embodiments, at least part of the functional modules of the mobile communication module 150 and at least part of the modules of the processor 110 may be set in the same device.

A modem processor may include a modulator and a demodulator. Wherein, the modulator is used for modulating the low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low frequency baseband signal. Then the demodulator sends the demodulated low-frequency baseband signal to the baseband processor for processing. The low-frequency baseband signal is passed to the application processor after being processed by the baseband processor. The application processor outputs sound signals through audio equipment (not limited to speaker 170A, receiver 170B, etc.), or displays images or videos through display screen 194 . In some embodiments, the modem processor may be a stand-alone device. In some other embodiments, the modem processor may be independent from the processor 110, and be set in the same device as the mobile communication module 150 or other functional modules.

The wireless communication module 160 can provide applications on the electronic device 100 including UWB, wireless local area networks (wireless local area networks, WLAN) (such as wireless fidelity (wireless fidelity, Wi-Fi) network), bluetooth (bluetooth, BT), global Wireless communication solutions such as global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared (IR). The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2 , frequency-modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 110 . The wireless communication module 160 can also receive the signal to be sent from the processor 110 , frequency-modulate it, amplify it, and convert it into electromagnetic waves through the antenna 2 for radiation.

In some embodiments, the antenna 1 of the electronic device 100 is coupled to the mobile communication module 150, and the antenna 2 is coupled to the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include global system for mobile communications (GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), broadband Code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC , FM, and/or IR techniques, etc. The GNSS may include a global positioning system (global positioning system, GPS), a global navigation satellite system (global navigation satellite system, GLONASS), a Beidou navigation satellite system (beidou navigation satellite system, BDS), a quasi-zenith satellite system (quasi -zenith satellite system (QZSS) and/or satellite based augmentation systems (SBAS).

The electronic device 100 realizes the display function through the GPU, the display screen 194 , and the application processor. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and the application processor. GPUs are used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 194 is used to display images, videos and the like. The display screen 194 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active matrix organic light emitting diode or an active matrix organic light emitting diode (active-matrix organic light emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diodes (quantum dot light emitting diodes, QLED), etc. In some embodiments, the electronic device 100 may include 1 or N display screens 194 , where N is a positive integer greater than 1.

In some embodiments of the present application, the display screen 194 displays interface content currently output by the system. For example, the interface content is an interface provided by an instant messaging application.

The electronic device 100 can realize the shooting function through the ISP, the camera 193 , the video codec, the GPU, the display screen 194 and the application processor.

The ISP is used for processing the data fed back by the camera 193 . For example, when taking a picture, open the shutter, the light is transmitted to the photosensitive element of the camera through the lens, and the light signal is converted into an electrical signal, and the photosensitive element of the camera transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise, brightness, and skin color. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be located in the camera 193 .

Camera 193 is used to capture still images or video. The object generates an optical image through the lens and projects it to the photosensitive element. The photosensitive element may be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the light signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other image signals. In some embodiments, the electronic device 100 may include 1 or N cameras 193 , where N is a positive integer greater than 1.

Digital signal processors are used to process digital signals. In addition to digital image signals, they can also process other digital signals. For example, when the electronic device 100 selects a frequency point, the digital signal processor is used to perform Fourier transform on the energy of the frequency point.

Video codecs are used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 can play or record videos in various encoding formats, for example: moving picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4 and so on.

The NPU is a neural-network (NN) computing processor. By referring to the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process input information and continuously learn by itself. Applications such as intelligent cognition of the electronic device 100 can be realized through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.

The external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, so as to expand the storage capacity of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to implement a data storage function. Such as saving music, video and other files in the external memory card.

The internal memory 121 may be used to store computer-executable program codes including instructions. The processor 110 executes various functional applications and data processing of the electronic device 100 by executing instructions stored in the internal memory 121 . The internal memory 121 may include an area for storing programs and an area for storing data. Wherein, the stored program area can store an operating system, at least one application program required by a function (such as a sound playing function, an image playing function, etc.) and the like. The storage data area can store data created during the use of the electronic device 100 (such as audio data, phonebook, etc.) and the like. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (universal flash storage, UFS) and the like.

The electronic device 100 can implement audio functions through the audio module 170 , the speaker 170A, the receiver 170B, the microphone 170C, the earphone interface 170D, and the application processor. Such as music playback, recording, etc.

The audio module 170 is used to convert digital audio information into analog audio signal output, and is also used to convert analog audio input into digital audio signal. The audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be set in the processor 110 , or some functional modules of the audio module 170 may be set in the processor 110 .

Speaker 170A, also referred to as a "horn", is used to convert audio electrical signals into sound signals. Electronic device 100 can listen to music through speaker 170A, or listen to hands-free calls.

Receiver 170B, also called "earpiece", is used to convert audio electrical signals into sound signals. When the electronic device 100 receives a call or a voice message, the receiver 170B can be placed close to the human ear to receive the voice.

The microphone 170C, also called "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a phone call or sending a voice message, the user can put his mouth close to the microphone 170C to make a sound, and input the sound signal to the microphone 170C. The electronic device 100 may be provided with at least one microphone 170C. In some other embodiments, the electronic device 100 may be provided with two microphones 170C, which may also implement a noise reduction function in addition to collecting sound signals. In some other embodiments, the electronic device 100 can also be provided with three, four or more microphones 170C to collect sound signals, reduce noise, identify sound sources, and realize directional recording functions, etc.

The earphone interface 170D is used for connecting wired earphones. The earphone interface 170D can be a USB interface 130, or a 3.5mm open mobile terminal platform (OMTP) standard interface, or a cellular telecommunications industry association of the USA (CTIA) standard interface.

The keys 190 include a power key, a volume key and the like. The key 190 may be a mechanical key. It can also be a touch button. The electronic device 100 can receive key input and generate key signal input related to user settings and function control of the electronic device 100 .

The motor 191 can generate a vibrating reminder. The motor 191 can be used for incoming call vibration prompts, and can also be used for touch vibration feedback. For example, touch operations applied to different applications (such as taking pictures, playing audio, etc.) may correspond to different vibration feedback effects. The motor 191 may also correspond to different vibration feedback effects for touch operations acting on different areas of the display screen 194 . Different application scenarios (for example: time reminder, receiving information, alarm clock, games, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.

The indicator 192 can be an indicator light, and can be used to indicate charging status, power change, and can also be used to indicate messages, missed calls, notifications, and the like.

The SIM card interface 195 is used for connecting a SIM card. The SIM card can be connected and separated from the electronic device 100 by inserting it into the SIM card interface 195 or pulling it out from the SIM card interface 195 .

Wherein, the above specific description of the hardware structure of the electronic device 100 is applicable to the description of the hardware structure of the electronic device 200 , the electronic device 201 , the electronic device 202 , the electronic device 203 , and the electronic device 204 .

Fig. 3b shows a software structural block diagram of the electronic device 100 according to the embodiment of the present application.

The layered architecture divides the software into several layers, and each layer has a clear role and division of labor. Layers communicate through software interfaces. In some embodiments, the Android system is divided into five layers, from top to bottom are application program layer, application program framework layer, Android runtime (Android runtime) and system library, hardware abstraction layer (hard abstraction layer, HAL) (not shown in Figure 3b), and the inner core layer.

The application layer can consist of a series of application packages.

As shown in Figure 3b, the application package can include camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, game, shopping, travel, instant messaging (such as short message) and other applications. In addition, the application package may also include: system applications such as a main screen (that is, a desktop), a negative screen, a control center, and a notification center. In the embodiment of the present application, the application program package may further include a hyper terminal application, and the hyper terminal application may be a system application or a third-party application. The application package may also include an application program of the task flow manager, which is used to invoke and manage the task flow manager.

The HyperTerminal application provides a service or function that can support the electronic device 100 to establish a trusted device network with other electronic devices, and can support the electronic device 100 to identify the activity of the electronic device 100 by receiving the broadcast heartbeat message of the trusted device. trusted device.

The application framework layer provides an application programming interface (application programming interface, API) and a programming framework for applications in the application layer. The application framework layer includes some predefined functions.

As shown in Figure 3b, the application framework layer can include task flow manager, database management system DBMS, local task flow database, distributed database, input manager, window manager (window manager), content provider, view system, Phone Manager, Explorer, Notification Manager, Display Manager, Activity Manager, etc.

The trusted device manager is used to manage a trusted device collection of the electronic device. The trusted device set includes the identity key, current address, state information, etc. of the trusted device. The trusted device manager adds, updates, and deletes trusted devices based on information that can authenticate the system. Trusted device management can also generate and update the identity key of the electronic device 100 itself.

Database management system (DBMS) is a kind of software for manipulating and managing databases. It is used to establish, use and maintain databases, including the interface for calling databases. DBMS conducts unified management and control on the database to ensure the security and integrity of the database.

The authentication system is used to determine whether the device is a trusted device of the electronic device 100 based on authentication information from other devices. The authentication information may be account information, binding information, and the like.

The account management system is configured to record and manage the information of the user account of the first electronic device 100 . User accounts include, for example, Huawei accounts, payment accounts, instant messaging accounts, etc., and account associations in these different systems.

In this embodiment of the present application, the super collection application of the electronic device 100 calls the client of the task flow manager (the application program of the task flow manager) to register the task monitoring service with the local task flow database. The client of the task flow manager calls the interface of the database management system DBMS, and registers the task monitoring service with the task flow manager. The task monitoring service is used to synchronize the changed task data to the super collection application when the task flow manager detects that task data in the local task flow database has changed (such as adding, deleting, changing).

The input manager is used to receive instructions or requests reported by lower layers such as the kernel layer and the hardware abstraction layer.

A window manager is used to manage window programs. The window manager can get the size of the display screen, determine whether there is a status bar, lock the screen, capture the screen, etc.

Content providers are used to store and retrieve data and make it accessible to applications. Said data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebook, etc.

The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on. The view system can be used to build applications. An application's display interface can consist of one or more views. For example, a display interface including a text message notification icon may include a view for displaying text and a view for displaying pictures. The view system can provide views of hyperterminal applications, such as an interface for building a hyperterminal, an interface for discovering active trusted devices, and the like.

The display manager is used to transfer display content to the kernel layer.

The phone manager is used to provide communication functions of the electronic device 100 . For example, the management of call status (including connected, hung up, etc.).

The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on.

The notification manager enables the application to display notification information in the status bar, which can be used to convey notification-type messages, and can automatically disappear after a short stay without user interaction. For example, the notification manager is used to notify the download completion, message reminder, etc. The notification manager can also be a notification that appears on the top status bar of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window. For example, prompting text information in the status bar, issuing a prompt sound, vibrating the electronic device, and flashing the indicator light, etc.

Android Runtime includes core library and virtual machine. The Android runtime is responsible for the scheduling and management of the Android system.

The core library consists of two parts: one part is the function function that the java language needs to call, and the other part is the core library of Android.

The application layer and the application framework layer run in virtual machines. The virtual machine executes the java files of the application program layer and the application program framework layer as binary files. The virtual machine is used to perform functions such as object life cycle management, stack management, thread management, security and exception management, and garbage collection.

A system library can include multiple function modules. For example: surface manager (surface manager), media library (media libraries), 3D graphics processing library (eg: OpenGL ES), 2D graphics engine (eg: SGL), etc.

The surface manager is used to manage the display subsystem and provides the fusion of 2D and 3D layers for multiple applications.

The media library supports playback and recording of various commonly used audio and video formats, as well as still image files, etc. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing, etc.

2D graphics engine is a drawing engine for 2D drawing.

The hardware abstraction layer HAL layer is the interface layer between operating system software and hardware components, which provides an interface for the interaction between the upper layer software and the lower layer hardware. The HAL layer abstracts the underlying hardware into software that contains the corresponding hardware interface. By accessing the HAL layer, the underlying hardware device settings can be realized, for example, related hardware components can be enabled or disabled at the HAL layer. In some embodiments, the core architecture of the HAL layer is composed of at least one of C++ or C.

The kernel layer is the layer between hardware and software. The kernel layer includes at least a display driver, a camera driver, an audio driver, a sensor driver, a touch chip driver and an input system, etc. For the convenience of description, in FIG. 3 b , the kernel layer includes an input system, a driver of a touch chip, a display driver and a storage driver as examples. Wherein, the display driver and the storage driver can be jointly arranged in the driver module.

It can be understood that the structure illustrated in this application does not constitute a specific limitation on the electronic device 100 . In other embodiments, the electronic device 100 may include more or fewer components than shown, or combine certain components, or separate certain components, or arrange different components. The illustrated components can be realized in hardware, software or a combination of software and hardware.

The implementation form of a method for identifying a device provided in this application on a display interface is introduced below in combination with application scenarios. As an example, the method for identifying a device may be implemented in, for example, a HyperTerminal application. It should be understood that the method may also be implemented in other application software of the electronic device, or in a system program of the electronic device, which is not limited in the present application.

First, taking the electronic device 100 as a smart phone as an example, an exemplary application interface displayed by the hyper terminal application on the electronic device 100 is introduced.

As shown in FIG. 4a, FIG. 4a shows an exemplary user interface 410 on the electronic device 100 for presenting a list of application programs. The user interface 410 includes a status bar 402 and a plurality of application icons 404 on the upper part of the user interface.

Status bar 402 may include: one or more signal strength indicators for mobile communication signals (also may be referred to as cellular signals), one or more signal strength indicators for wireless fidelity (Wi-Fi) signals, battery Status indicator, time indicator.

The display interface 410 displays a plurality of application icons, for example, including application icons corresponding to application programs such as cloud sharing, mailbox, gallery, and settings. Wherein, the user interface 410 also includes an area 406 for entering the control center interface of the electronic device, and the area 406 may be set at the top area of the display interface 410 . In response to the user's operation on the area, such as a sliding operation, the display interface 410 may switch to the control center interface 420, as shown in FIG. 4b. In the control center interface 420 shown in FIG. 4b, an interface of the hyperterminal application 413 is shown, whereby the hyperterminal application can be started. Optionally, the display form of the hyperterminal application 413 may be an application icon, or may be a card, a window, a floating component, and the like.

As shown in FIG. 4b, FIG. 4b exemplarily shows an application interface 420 of a hyperterminal application. The application interface 420 includes a shortcut control bar 411 , a media application 412 , and a hyper terminal application 413 . The shortcut control bar 411 includes icons for controlling common configurations of electronic devices, such as wireless local area network, bluetooth, mobile data, mute, auto-rotate, and brightness control (auto-brightness check box). Media applications 412 include, for example, video applications, music applications, etc., and associated controls.

One or more device information areas 414 are displayed in the display area of the HyperTerminal application 413 , and each device information area 414 corresponds to a trusted device of the electronic device 100 . For example, as shown in the figure, four trusted devices are listed in the hyperterminal 413, including a smart switch, a water dispenser, a smart camera, and a watch. As an example, the device information area 414 displays information such as the device name, the status of the device, the location of the device, and the control keys of the device, so that the user can easily and intuitively understand the status of the currently available device, and communicate with it through the electronic device 100. interact.

Due to the limited display area, the hyperterminal application 413 does not necessarily display all trusted devices of the electronic device 100, in this case, more devices of trusted devices can be displayed in a scrolling manner by clicking the more device control 415 operating area.

In the interface shown in FIG. 4b, the devices displayed in the hyperterminal application 413 include trusted devices that are currently active. According to the embodiment of the present application, the electronic device 100 may discover active trusted devices in response to receiving a broadcast message (for example, a heartbeat message) of the trusted device, and present the discovered active trusted devices on the control center interface 410 in the display area of the hyper terminal application 413. Alternatively, if the display area of the hyperterminal application 413 is not completely filled by active devices, the currently inactive trusted devices may also be displayed. Active trusted devices and inactive trusted devices can be represented in different displays, for example, active trusted devices can be displayed as a color map, while inactive devices can be displayed as a grayscale map.

The device information area 414 can display service data related to the device. According to an embodiment of the present disclosure, the service data is not necessarily transmitted through the connection between the electronic device 100 and the device, and is carried in a broadcast message sent by the device. For example, a smart water dispenser may include information such as the current remaining water volume and temperature of the water dispenser in the payload portion of its broadcast message (for example, heartbeat information). This information changes frequently and therefore cannot be easily tracked. In this way, the electronic device 100 can obtain business data such as the state of active trusted devices without additionally establishing a connection between devices.

In the interface shown in FIG. 4 b , the hyperterminal application 413 also includes an icon 416 for establishing a connection between the electronic device 100 and the active trusted device. In response to the user clicking the icon 416, the electronic device 100 can switch to the cooperative operation interface shown in FIGS. 6a to 6d to realize the collaboration of the hyperterminal, which will be described in detail below with reference to FIGS. 6a to 6d and FIG. 7 .

In the interface shown in FIG. 4b, the hyperterminal application 413 also includes an icon 417 for discovering trusted devices to form a hyperterminal. In response to the user clicking the icon 417, the electronic device 100 may switch to the hyperterminal networking interface 430 shown in FIG. 4c. The process of building a HyperTerminal will be described with reference to FIG. 5 . It should be noted that, as an example, a device network is formed by forming a hyper terminal. It should be understood that the HyperTerminal application is only an exemplary application for realizing the embodiment of the present application, and therefore, a device network may also be established in other application software or system software. In addition, it is described here that the user manually operates the electronic device 100 to trigger the process of forming a device network, but the electronic device 100 may also trigger the process of establishing a device network spontaneously.

Fig. 5 shows a schematic diagram of interaction between devices and between a user and a device according to some embodiments of the present application. The first electronic device 100 presents the control center interface as shown in FIG. 4 b , including a hyper terminal application 413 . The user 10 wishes to find more trusted devices, such as the second electronic device 101 , to form a hyperterminal with the first electronic device 100 . Here, the second electronic device 101 may have similar functions and structures as the first electronic device 100 as shown in FIG. 3 . Optionally, the second electronic device 101 may have fewer functions and structures than the electronic device 100 shown in FIG. Lightweight devices for computing and storage resources.

Firstly, the user 10 expects the electronic device 100 to discover the surrounding electronic devices and check the information of these electronic devices, so as to choose whether to add these electronic devices to the HyperTerminal. According to the embodiment of the present application, the user 10 can click the icon 417 to generate a networking request 502 . Optionally, the user can also issue a networking request 502 through a voice command. In response to this operation, the first electronic device 100 displays the interface 430 described in FIG. 4c. The interface 430 may include a device information area 421 similar to the device information area 414 shown in FIG. 4 b , and the device information area 421 presents information of trusted devices of the first electronic device 100 that are currently active. At the same time, the first electronic device 100 may function as a master device (eg, Bluetooth communication mode) to scan whether there is a broadcast message on a specific frequency.

In some embodiments, the user can manually adjust the second electronic device 101 to the discoverable mode. In the standby mode, the second electronic device 101 may send a broadcast message 504 on a specific frequency band, so that the second electronic device 101 can be discovered as a slave device. The address of the broadcast message may be completely randomized, and some device model information and the like may be carried in the payload part of the broadcast message. This broadcast message cannot be monitored and tracked.

Then, the first electronic device 100 may present 506 the discovered device list 422 including the second electronic device 101 on the interface 430 . It should be understood that the second electronic device 101 is only discovered by the first electronic device 100, but the first electronic device 100 does not know whether it is a trusted device, and has not established a connection with the second electronic device 101, so it cannot exchange respective identity keys. It is described here that the device is discovered by scanning and the discovered device is displayed on the application interface of the hyper terminal. It should be understood that the device can also be discovered and presented to the user in other ways, which is not limited in this application. For example, the process of scanning and discovering devices can also be enabled from a connection setting interface (eg, a Bluetooth connection setting interface) of the electronic device 100 .

Next, the user selects a device of interest (for example, the second electronic device 101) to join the HyperTerminal. According to the embodiment of the present application, it is necessary to authenticate the second electronic device 101, that is, to establish a trusted relationship between the first electronic device 100 and the second electronic device 101.

To this end, as an example, the user 10 may click on the add icon 423 corresponding to the second electronic device 101 on the interface 430 to request 508 to add the second electronic device 101 to the trusted device network of the HyperTerminal. Adding the icon 423 may trigger an authentication process for the electronic device 101 . In response thereto, the first electronic device 100 may send an authentication request 510 to the second electronic device 101 , eg, broadcast using the fully randomized address in the broadcast message 504 .

In some embodiments, the trusted relationship can be established through the device's account information. To this end, the authentication request 510 may include the account information of the first electronic device 100, and accordingly, the second electronic device 101 may send information 512 for authentication to the first electronic device according to the account information of the first electronic device 100, for example , the information indicates that the first electronic device 100 and the second electronic device 101 have the same or associated accounts. Here, the same or associated accounts may include, for example, the accounts on the first electronic device 100 and the second electronic device 102 are the same Huawei account or other service provider accounts, or the first electronic device 100 and the second electronic device The accounts on 101 are different accounts, but are associated with the same identity, for example, associated with the same mobile phone number, communication software account, payment software account, etc. In order to protect the privacy of the second electronic device 101, the second electronic device 101 does not need to transmit or broadcast its account information to the first electronic device, but the first electronic device 100 transmits the account information to the second electronic device. In this case, the second electronic device 101 only needs to verify whether the two account information are the same or related, and then transmit the verification result as authentication information 510 to the first electronic device.

Additionally or alternatively, the first electronic device 100 and the second electronic device 101 may establish a trusted relationship manually. The first electronic device 100 and the second electronic device 101 may be bound, for example, in the manner described with reference to Fig. 2a and Fig. 2b. After the user 10 operates the first electronic device 100 and the second electronic device 101 to complete operations such as PIN code input, touch, scan, etc., the second electronic device 101 can feed back the binding information to the first electronic device 100 authentication information 512. Thus, the first electronic device 100 determines whether it has been bound with the second electronic device 101, that is, the two have a trusted relationship with each other. In some embodiments, the binding information may also indicate how the first electronic device 100 and the second electronic device 101 are bound, for example, a PIN code, a two-dimensional code, physical contact, and the like.

Through the above manner, the first electronic device 100 may determine 514 that the second electronic device 101 is its trusted device. It is described here that the trusted relationship is determined through the account signal and binding information. It should be understood that other methods may also be used to determine whether the second electronic device 101 is a trusted device, which is not limited in this application.

Next, the devices included in the HyperTerminal can share their respective identity keys. According to an embodiment of the present application, the identity key of the device is used to generate the randomized address of the broadcast message. Other devices are thus able to identify the source device of the broadcast message based on the shared identity key. The identity key and its exchange process are described in more detail below.

According to the embodiment of the present application, the identity key is that the electronic device generates a password (for example, a character string of a certain length), and keeps the identity key unchanged within a period of time. The identity key of the electronic device can be shared with the trusted device of the electronic device through a secure communication connection. Compared with the fixed address, the electronic device can use the identity key to generate a variable randomized address as the source address of the broadcast message, so as to reduce the risk of information leakage.

For example, in the Bluetooth communication protocol, the address of a broadcast message consists of 6 bytes (48 bits). The electronic device can generate a randomized address by using the changed random number and its own identity key, where the identity key can be an identity resolution key conforming to the Bluetooth communication protocol. The random number may be regenerated, for example, each time the device is rebooted, or at any suitable time.

As an example, a randomized address may consist of two parts, one of which is a random number part, e.g., the upper 24 bits (most significant bit MSB), wherein the upper two bits may be in a specified format (e.g., binary "10") for Identifies the type of address. The randomized address may also include a value obtained through operation (for example, hash operation) of the random number and the identity key, such as the lower 24 bits. It should be understood that the format of the randomized address is not limited thereto,

After the peer device receiving the broadcast message scans this type of address, it can use the identity key of the trusted device set owned by the device to verify the randomized address. That is to say, the device uses the high-order random number in the randomized address and the identity key sequentially obtained from the trusted device set to perform the same hash operation, and compares the operation result with the low-order 24 bits. If the two match, the peer device can identify the source device of the broadcast message. In this way, no matter how a device changes its randomized address by changing its nonce, only the peer device holding the identity key (i.e., the peer device and the device have a trusted relationship with each other) can identify the device. If none of the identity keys in the trusted device set match the randomized address, the device cannot be identified.

An example implementation of generating a randomized address from an identity key is described above. It should be understood that the randomized address can also be generated from the identity key in other ways than this. For example, another part of the randomized address for matching can also be obtained from the random number and the identity key in other ways, not limited to hashing.

Continuing to refer to FIG. 5 , the exchange process of the identity key is described. After the trusted relationship between the first electronic device 100 and the second electronic device 101 is determined, the first electronic device 100 establishes a secure connection 516 with the second electronic device 101 . Then, the first electronic device 100 may send the identity key 517 of the first electronic device to the second electronic device 101 via the secure connection, and receive the identity key 518 of the second electronic device 101 from the second electronic device 101 .

Correspondingly, the first electronic device 100 stores 520 the received identity key of the second electronic device 101 in its trusted device set. The second electronic device 101 also stores 522 the received identity key of the first electronic device 100 in its trusted device set.

It should be noted that, in the case that the second electronic device 101 is a light-weight device and thus has only limited storage space and computing power (for example, a smart socket, a smart water dispenser, etc.), the first electronic device 100 may not send the second electronic device 101 The second electronic device 101 sends its identity key, and the second electronic device 101 does not store the identity key of the first electronic device 100 either.

Optionally, after the first electronic device 100 and the second electronic device 101 exchange each other's identity keys, the identity keys may also be forwarded and further shared in the device network of the hyperterminal.

For example, the first electronic device 100 may also spread the identity key of the second electronic device 101 newly added to the hyper terminal in the hyper terminal. In some embodiments, as mentioned above, the first electronic device 100 has a set of trusted devices, and the first electronic device 100 may send the identity key of the second electronic device 101 to a trusted device in the set of trusted devices. For example, the second electronic device 100 may send the identity key of the second electronic device 101 to a rich device with more processing capability and storage space, for example, a connected watch 424 as shown in FIG. 4c.

It should be understood that the first electronic device 100 and the watch 424 have a trusted relationship, and when the first electronic device 100 and the second electronic device 101 have been determined to have a trusted relationship, the watch 424 and the second electronic device 101 also have trusted relationship. Similarly, the first electronic device 100 may also send the identity keys of trusted devices in its trusted device set to the second electronic device 101, so that the second electronic device 101 does not need to perform additional authentication and exchange identity keys with these devices. key. Therefore, by forwarding the identity key to other hyperterminals, that is, other trusted devices in the trusted device network, it is unnecessary to establish a secure connection between the devices to exchange identity keys after pairing or verifying the trusted relationship. The operation speeds up the process of establishing a trusted device network.

Thus, the process of adding the second electronic device 101 to the HyperTerminal to form a trusted device network is completed.

According to the embodiment of the present application, the second electronic device 101 can also log out of the HyperTerminal. You can log out of the network in the following ways.

For example, in the case that the user 10 of the first electronic device 100 has administrator authority, he can operate on the electronic device 100 to operate the second electronic device 101 to exit the HyperTerminal. Alternatively, the user 10 can also operate the second electronic device 101, for example, restore the second electronic device 101 to factory settings. Restoring factory settings means that the second electronic device 101 will generate a new identity key, which needs to be re-authenticated to join the HyperTerminal. Alternatively, when the second electronic device 101 logs out of the original user account (that is, an account that is the same as or associated with the first electronic device), the second electronic device 101 can also generate a new identity key, and the new identity key It can be used to build a new HyperTerminal or re-authenticate. Alternatively, the second electronic device 101 may also be manually unbound from the trusted device.

In these cases, the second electronic device 101 may send a message to its trusted device, such as the first electronic device 100, to exit the trusted relationship. Alternatively, the second electronic device 101 may send a message of quitting the trusted relationship to a trusted module (such as an account center, an authentication center) in the hyperterminal, and then the trusted module sends the message to the device in the hyperterminal. information. The first electronic device 100 may receive a message from the trusted module indicating that the second electronic device 101 exits the HyperTerminal. Thus, the first electronic device 100 can delete the identity key of the second electronic device 101 from its set of trusted devices.

It should be noted that when the second electronic device 101 goes offline, for example, it is turned off, its identity key may not be deleted, so as to facilitate the quick re-online of the device. When the electronic device 101 is online, it can periodically send a heartbeat broadcast message, so that devices in the hyperterminal that have a trusted relationship with it (for example, hold its identity key) can identify that it is in an active state.

In this way, the first electronic device 100 can exchange their identity keys with other devices certified as trusted devices to form a trusted device network. In the trusted device network, devices will be able to broadcast messages The address information of the device is used to identify the device without carrying the identification information in the broadcast message, which prevents the device from being monitored and tracked.

The above describes the hyperterminal networking process with reference to exemplary user interfaces and interaction diagrams. It should be understood that the positions, names, and shapes of the elements (such as buttons, icons, text, etc.) in the UI interfaces corresponding to Figures 4a to 4c are not fixed, and can be freely combined or designed according to requirements . The process of hyperterminal networking can be implemented in a manner different from the interaction diagram shown in Figure 5, for example, it can include more or fewer actions, and some actions can be performed in a manner different from the order shown in Figure 5 , or may be executed in parallel to realize various functions of the HyperTerminal application as described above.

The process of identifying an active trusted device by the first electronic device 100 in the HyperTerminal is described below with reference to FIGS. 6 a to 6 d and FIG. 7 . 6a to 6d are schematic diagrams of another set of application interfaces provided by the embodiments of the present application. Fig. 7 shows a schematic diagram of interaction between devices according to some embodiments of the present application.

As mentioned above, in response to the user 10 performing a swipe operation on the upper right corner area 406 of the first electronic device 100, the first electronic device 100 displays the control center interface 420 including the HyperTerminal application 413 as shown in FIG. 6a. The hyperterminal application 413 includes a device information area 414 for one or more trusted devices.

According to an embodiment of the present application, the first electronic device 100 may provide the user 10 with information related to active trusted devices in response to the query request 702 of the user 10 . In some embodiments, in response to the user operation of switching to the control center interface 420, a query request 702 is generated, so that the first electronic device 100 can query active trusted devices, thereby presenting in the device information area 414 of the hyperterminal application 413 The current state of one or more trusted devices and their control elements.

Alternatively, when switching to the control center interface 420, the first electronic device 100 may not display the device information area 414, but list a list of trusted devices in the hyperterminal application display area, for example, only display the device name and corresponding icons to save display space; then, when the user wishes to inquire about active trusted devices, the user performs a specific operation on the first electronic device 100 to generate a query request 702, for example, by clicking the icon 416 to trigger the first electronic device 100. The device 100 queries active trusted devices. Alternatively, the first electronic device 100 may periodically query active trusted devices in the background without user interaction.

As mentioned above, a device in the Internet of Things, such as the second electronic device 101, can periodically send a heartbeat broadcast message 704 when going online. The first electronic device 100 may receive the broadcast message 704 of the second electronic device 101 based on the query request 702 or periodically through scanning.

In response to receiving the broadcast message 704 from the second electronic device 101, the first electronic device 100 determines whether the second electronic device 101 is as a trusted device.

In some embodiments, the first electronic device 100 may determine that the source address of the broadcast message 704 is the second A randomized address generated by the identity key of the electronic device 101 . Based on this, the first electronic device 100 may use the identity key of the trusted device set to verify the source address in a traversal manner. If the identity key of a certain trusted device enables the source address of the broadcast message to be verified, the first electronic device 100 may determine the second electronic device 101 as an active trusted device. In other words, the trusted device corresponding to the identity key is the second electronic device, thereby identifying the second electronic device 101 as an active trusted device.

The manner of verifying the source address of the broadcast message may correspond to the manner in which the second electronic device 101 generates the randomized source address. In some embodiments, the first electronic device 100 generates a hash value based on the first identity key from the set of trusted devices and a part of the randomized address (for example, a random number included in the upper 24 bits). Then, the first electronic device 100 compares the hash value with another part (for example, lower 24 bits) of the randomized address. If the generated hash matches another part of the randomized address, the broadcast message is verified. This indicates that the first identity key used to calculate the hash value is the identity key of the second electronic device 101 .

If the first electronic device 100 still cannot find the identity key of the second electronic device 101 after traversing all the identity keys in the trusted device set, it indicates that the second electronic device 101 is not a trusted member of the first electronic device. equipment. The first electronic device 100 may continue to scan to find the next broadcast message, and repeat the above process, so as to obtain all currently active trusted devices of the first electronic device 100 .

In response to the second electronic device 101 being determined to be a trusted device of the first electronic device 100, ie, an active trusted device, the first electronic device 100 may provide 708 information of the device. In some embodiments, device information may be provided in a list or graphical manner. Thus, the first electronic device 100 discovers and identifies other active devices in the HyperTerminal.

The specific way of providing device information may be: when the user 10 performs an operation to enter the interface 420 and the first electronic device 100 is triggered to inquire about the active trusted device, the trusted device related to the active device may be presented in the hyperterminal application 413 of the user interface 420. Information 414 of the device.

The specific way of providing device information may also be: when the first electronic device 101 enters the cooperative operation interface 440 shown in FIG. Information related to active trusted devices may be displayed in user interface 440 . The exemplary user interface 440 shown in FIG. 6 b includes an icon 442 corresponding to the first electronic device 110 at the center of the interface and at least one active trusted device icon 444 arranged around the icon 442 . In some embodiments, the information of electronic devices determined to be active trusted devices is provided in such a graphical or animated manner.

In addition, the device information may also be transmitted to other electronic devices other than the first electronic device 100, for example, a device that performs a collaborative task with the electronic device 100, for example, a smart TV.

After the second electronic device 101 is identified and displayed to the user 10 by the first electronic device, the user 10 may operate 710 the icon 444 of the second electronic device to initiate task collaboration. As shown in Figure 6c, the user 10 can select the icon 444 corresponding to the smart water dispenser, drag it to the vicinity of the icon 442 of the first electronic device 100, and establish the smart water dispenser and the first electronic device in this intuitive operation mode. Synergy between 100's of missions. For example, in response to an operation 710 of the user 10 on the interface 450 , the first electronic device 100 may establish 712 a connection with the corresponding second electronic device 101 . For example, if the second electronic device 101 is a smart water dispenser, after the connection is established, the first electronic device 100 can send control commands to the smart water dispenser via the established connection, such as shutting down, heating, etc. If the second electronic device 101 is a smart speaker, the first electronic device 100 may transmit audio data to the smart speaker through the established connection. The embodiment of the present application does not limit the type and associated service of the second electronic device.

In this way, when the first electronic device 100 and the second electronic device 101 have a trusted relationship, the first electronic device can identify the second electronic device in an active state through the address information of the broadcast system of the second device. Therefore, the second electronic device can be identified without broadcasting its identification information, which reduces the risk of the second electronic device being monitored and tracked.

According to the embodiment of the present application, the first electronic device 100 can manage the hyperterminal, for example, add and delete the identity key of the target device in the set of trusted devices. Adding an identity key in the process of building a device network has been described above with reference to 4a to 4c and FIG. 5 . When it is determined that the target electronic device in the trusted device set quits the trust relationship with the first electronic device 100, the electronic device 100 may also delete the identity key of the target electronic device from the trusted device set. The target electronic device may be the second electronic device 101 or other active trusted devices. The following describes an exemplary operation for the user 10 to delete the identity key in the hyper terminal application. It should be understood that the operation of deleting the identity key can also be implemented in other applications or system software, which is not limited in this application.

In some embodiments, the user 10 can also operate on the task collaboration interface 440 shown in FIG. 6b to release the trusted relationship of one or more active electronic devices. As shown in FIG. 6 d , the lower part of the interface 440 includes an icon 446 , and the user 10 drags the icon 448 of the target electronic device to overlap with the icon 446 to release the trusted relationship in an intuitive operation manner. Correspondingly, the first electronic device 100 deletes the identity key of the target electronic device 448 from its set of trusted devices.

In some embodiments, the first electronic device 100 may determine the target electronic device to exit the trusted relationship by receiving a message that the target electronic device exits the trusted relationship. For example, if the target electronic device is restored to factory settings, or logs out of the original user account (that is, an account that is the same as or associated with the first electronic device 100), or manually releases the binding relationship with any trusted device, the second electronic device 101 can send a message of exiting the trusted relationship to its trusted device or trusted module (such as account center, authentication center) in the hyper terminal, and generate a new identity key, which can be used to form a new identity key. of HyperTerminal. Electronic devices that have exited the hyperterminal need to be re-authenticated before they can join the trusted relationship network of the hyperterminal again. Thus, the first electronic device 100 may receive the message indicating that the target electronic device exits the HyperTerminal, and delete the identity key of the target electronic device from its trusted device set.

It should be understood that the positions, names, and shapes of the elements (such as buttons, icons, text, etc.) in the UI interfaces corresponding to FIGS. 6a to 6d are not fixed, and can be freely combined or designed according to requirements. . The user may interact with the electronic device in different ways than the interface shown in Figures 6a to 6d. The process of identifying an electronic device may be implemented in a manner different from the interaction diagram shown in FIG. 7 , for example, may include more or fewer actions, and some actions may be performed in a manner different from the order shown in FIG. 5 , Or they can be executed in parallel to realize various functions of the HyperTerminal application as described above.

Based on the above application scenarios, a schematic flowchart of a communication method 800 according to an embodiment of the present application is introduced below with reference to examples. The devices involved in the flow chart of the method 800 include a first device and a second device, and both the first device and the second device are installed with a HyperTerminal application. Referring to the description of FIGS. 4 to 7 , the first device may be the above-mentioned first electronic device 100 , and the second device may be the above-mentioned second electronic device 101 . In addition, the first device and the second device may also be any type of devices in the electronic device 200 , the electronic device 201 , the electronic device 202 , the electronic device 203 , and the electronic device 204 .

The first device may be an electronic device with bluetooth communication capability, which discovers the second device by scanning broadcast messages sent by nearby devices. The second device may also be an electronic device with bluetooth communication capability, which may be triggered to send a broadcast message, hoping to be discovered by other devices. When the first device discovers the existence of the second device, the first device may send an authentication request to the second device, so as to receive feedback authentication information from the second device and authenticate the second device.

At block 810, the first device determines that the second device is an authentic device of the first device based on the authentication information received from the second device.

In some embodiments, the authentication request sent by the first device to the second device may include the account information of the first device, and accordingly, the first device receives information for authentication of the account information of the first device from the second device . The authentication information may indicate that the first device and the second device have the same or associated accounts, and it is determined that the second device is a trusted device. That is to say, if the first device and the second device have the same or associated account information, they are mutually trustworthy, so that a network of trusted devices can be conveniently and quickly formed to form a hyperterminal.

In some embodiments, the authentication request sent by the first device to the second device is a binding request, and the binding method may be, for example, scanning a QR code, inputting a PIN code, or physical contact. Correspondingly, the authentication information fed back by the second device to the first device may include binding information. The first device may determine whether the first device and the second device have been bound based on the binding information. If it is determined that the first device and the second device have been bound, the first device may consider the second device to be a trusted device of the first device. Therefore, when devices are bound, these devices are considered to be trusted to each other, thereby providing a flexible and widely applicable trusted device network networking method.

At block 820, the first device sends the identity key of the first device to the second device, and at block 830, the first device may also receive the identity key of the second device from the second device. That is, devices that are trusted with each other exchange their identity keys. According to the embodiment of the present application, the identity key is used to generate the source address of the device's broadcast message. Additionally, in block 840, the first device also adds the identity key of the second device to the identity keys of the first device's set of trusted devices. Since the second device uses its identity key to generate the source address of its broadcast message, the first device can use the second device's identity key to verify the source address of the second device's broadcast message. Thereby, the first device can recognize the second device.

In this way, the first device can exchange their identity keys with other devices (second devices) certified as trusted devices to form a trusted device network. In the trusted device network, devices will be able to The device identification is performed through the address information of the broadcast message. The second device can be identified by the first device without carrying identification information in the broadcast message, avoiding being monitored and tracked.

In some embodiments, after receiving the identity key of the second device, the first device may also send the identity key of the second device to one or more trusted devices in its trusted device set. The first device may also send the identity keys of one or more trusted devices in the trusted device set to the second device. In this way, in the trusted device network of the HyperTerminal, the identity keys of multiple trusted devices can be quickly propagated and shared, which speeds up the networking speed and saves user operations.

In some embodiments, a connection between the first device and the second device is established for exchanging each other's identity keys.

In some embodiments, the first device and the second device may disassociate each other from a trusted relationship. When it is determined that the second device exits the trusted relationship with the first device (for example, restoring factory settings, logging out of a user account, manually unbinding, etc.), the first device deletes the second device from the identity key of the trusted device set. The identity key of the second device. If it is determined that the first device exits the trusted relationship with the set of trusted devices (for example, restore factory settings, log out of user accounts, manually unbind the relationship, etc.), update the identity key of the first device. In this manner, the first device can conveniently manage and dynamically maintain its own set of trusted devices, or release trusted relationships with other devices.

In some embodiments, the identity key may be an identity resolution key, and the broadcast message may be a Bluetooth broadcast message. In this way, the identity key can be adapted to a randomized broadcast address conforming to the Bluetooth communication protocol.

FIG. 9 shows a schematic flowchart of another communication method 900 according to an embodiment of the present application. The devices involved in the flowchart of the method 900 include a first device and a second device, and both the first device and the second device are installed with a HyperTerminal application. Referring to the description of FIGS. 4 to 7 , the first device may be the above-mentioned first electronic device 100 , and the second device may be the above-mentioned second electronic device 101 . In addition, the first device and the second device may also be any type of devices in the electronic device 200 , the electronic device 201 , the electronic device 202 , the electronic device 203 , and the electronic device 204 .

The first device queries active trusted devices in the vicinity of the first device in response to a user query request or periodically. To this end, the first device scans for nearby devices to receive broadcast messages sent by the nearby devices.

At block 910, in response to receiving the broadcast message from the second device, the first device determines that the second device is an active trusted device based on the identity key of its set of trusted devices and the source address of the broadcast message. Trusted device networking of HyperTerminal (for example, with reference to the method described in FIG. 8 ), the first device has the identity keys of one or more devices with which it has a trusted relationship, and can use these identity keys to check specific Whether the device (eg, the second device) is its trusted device.

According to the embodiment of the present application, a device (for example, a second device) sends out a broadcast message when it is active. The broadcast message does not carry a device identifier, and its address is generated via the device's identity key, and is variable to ensure that the device Will not be monitored and tracked.

According to an embodiment of the present application, when receiving a broadcast message from another device, the first device may use the identity key of a trusted device in its trusted device set to verify the address of the broadcast message, Active trusted devices are thus discovered. Specifically, the first device generates a hash value based on the first identity key and the first part of the source address, and compares the generated hash value with the second part of the source address. If the hash value matches the second part, the first device determines that the broadcast message is authenticated. The broadcast message shows through verification that the first device holds the identity key of the second device. That is to say, the second device is a trusted device of the first device, thus, the first device can determine the second device as an active trusted device. In this manner, the first device can verify whether the source of the broadcast message is a trusted device according to the pre-stored identity key of the trusted device.

At block 920, the first device provides information of the second device. In some embodiments, in response to a user's request to find an active trusted device, for example, the user operates a graphical element on the interface of the first device, the first device provides the user with information about the second device. For example, the first device may present information of the second device on the user interface, such as device status or service data, and present the information in a graphical manner.

In some embodiments, the user can further operate on the information of the second device. For example, the user desires that the first device and the second device operate in cooperation, and manipulate information (eg, graphical elements corresponding to the second device) of the second device. Thereby, the first device establishes a connection with the second device. In this way, the first device can be connected to the found active trusted device according to the user operation to meet specific business needs, thereby saving connection resources of the device and providing a good user experience.

In some embodiments, the identity keys for the set of trusted devices are stored at the first device. If it is determined that the target trusted device in the set of trusted devices exits the trusted relationship with the first device, the first device deletes the identity key of the target trusted device from the stored identity keys of the set of trusted devices. In this way, the trusted relationship between the first device and other devices can be persisted and updated dynamically, so that an active trusted device can be quickly detected.

In some embodiments, the identity key may be an identity resolution key; the broadcast message may be a Bluetooth broadcast message. In this way, the identity key can be adapted to a randomized broadcast address conforming to the Bluetooth communication protocol.

In this way, when the first device and the second device have a trusted relationship, the first device can identify the second device in an active state through the address information of the broadcast system of the second device. Therefore, the second device can be identified without broadcasting its identification information, which reduces the risk of the second device being monitored and tracked.

Fig. 10 shows a schematic block diagram of a communication device 1000 according to an embodiment of the present application. The apparatus 1000 may be implemented at the first electronic device 100, for example. The device 1000 includes an authentication unit 1010 and an identity key exchange unit 1020 .

The authentication unit 1010 is configured to determine whether the second device is an authentic device of the first device based on information for authentication received from the second device.

The identity key exchange unit 1020 is configured to send the identity key of the first device to the second device if the second device is determined to be a trusted device of the first device, and receive the identity key of the second device from the second device. key, wherein the identity key of the second device is used to generate the source address of the broadcast message of the second device.

The identity key adding unit 1030 is configured to add the identity key of the second device to the identity keys of the trusted device set of the first device.

More details about the device 1000 are similar to the method 800 described with reference to FIG. 8 , and will not be repeated here.

Fig. 11 shows a schematic block diagram of a communication device 1100 according to an embodiment of the present application. The apparatus 1100 may be implemented at the first electronic device 100, for example. The apparatus 1100 includes an active trusted device determining unit 1110 and an information providing unit 1020 .

The active trusted device determining unit 1110 is configured to determine that the second device is an active device based on the identity key of the trusted device set of the first device and the source address of the broadcast message in response to receiving the broadcast message from the second device. trusted devices.

The information providing unit 1120 is configured to provide information of the second device if the second device is determined to be an active trusted device.

More details about the device 1100 are similar to the method 900 described with reference to FIG. 9 , and will not be repeated here.

The solution of the present application may be a method, an apparatus, a system and/or a computer program product. A computer program product may include a computer-readable storage medium having computer-readable program instructions thereon for carrying out various aspects of the present disclosure.

A computer readable storage medium may be a tangible device that can retain and store instructions for use by an instruction execution device. A computer readable storage medium may be, for example, but is not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of computer-readable storage media include: portable computer diskettes, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM), or flash memory), static random access memory (SRAM), compact disc read only memory (CD-ROM), digital versatile disc (DVD), memory stick, floppy disk, mechanically encoded device, such as a printer with instructions stored thereon A hole card or a raised structure in a groove, and any suitable combination of the above. As used herein, computer-readable storage media are not to be construed as transient signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., pulses of light through fiber optic cables), or transmitted electrical signals.

Computer readable program instructions described herein may be downloaded from a computer readable storage medium to a respective computing/processing device, or downloaded to an external computer or external storage device over a network, such as the Internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or a network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in each computing/processing device .

Computer program instructions for performing the operations of the present disclosure may be assembly instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state setting data, or Source or object code written in any combination, including object-oriented programming languages—such as Smalltalk, C++, etc., and conventional procedural programming languages—such as “C” or similar programming languages. Computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer, or entirely on the remote computer or server implement. In cases involving a remote computer, the remote computer can be connected to the user computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (such as via the Internet using an Internet service provider). connect). In some embodiments, an electronic circuit, such as a programmable logic circuit, field programmable gate array (FPGA), or programmable logic array (PLA), can be customized by utilizing state information of computer-readable program instructions, which can Various aspects of the present disclosure are implemented by executing computer readable program instructions.

Aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It should be understood that each block of the flowcharts and/or block diagrams, and combinations of blocks in the flowcharts and/or block diagrams, can be implemented by computer-readable program instructions.

These computer readable program instructions may be provided to a processing unit of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine such that when executed by the processing unit of the computer or other programmable data processing apparatus , producing an apparatus for realizing the functions/actions specified in one or more blocks in the flowchart and/or block diagram. These computer-readable program instructions can also be stored in a computer-readable storage medium, and these instructions cause computers, programmable data processing devices and/or other devices to work in a specific way, so that the computer-readable medium storing instructions includes An article of manufacture comprising instructions for implementing various aspects of the functions/acts specified in one or more blocks in flowcharts and/or block diagrams.

It is also possible to load computer-readable program instructions into a computer, other programmable data processing device, or other equipment, so that a series of operational steps are performed on the computer, other programmable data processing device, or other equipment to produce a computer-implemented process , so that instructions executed on computers, other programmable data processing devices, or other devices implement the functions/actions specified in one or more blocks in the flowcharts and/or block diagrams.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in a flowchart or block diagram may represent a module, a program segment, or a portion of an instruction that contains one or more executable instruction. In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved. It should also be noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by a dedicated hardware-based system that performs the specified function or action , or may be implemented by a combination of dedicated hardware and computer instructions.

While various embodiments of the present disclosure have been described above, the foregoing description is illustrative, not exhaustive, and is not limited to the disclosed embodiments. Many modifications and alterations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The choice of terminology used herein aims to best explain the principle of each embodiment, practical application or improvement of technology in the market, or to enable other ordinary skilled in the art to understand each embodiment disclosed herein.

Claims (20)

1. A method for identifying a trusted device, comprising:

   In response to receiving the broadcast message from the second device, the first device determines that the second device is an active trusted device based on the identity key of the trusted device set of the first device and the source address of the broadcast message. equipment; and

   The first device provides information of the second device.
2. The method according to claim 1, wherein determining that the second device is an active trusted device comprises:

   authenticating the broadcast message using a first of the identity keys of the set of trusted devices and the source address; and

   If the broadcast message is verified, the first device determines the second device as an active trusted device.
3. The method according to claim 2, wherein verifying the broadcast message comprises:

   generating a hash value based on the first identity key and the first portion of the source address;

   comparing said hash value with a second portion of said source address;

   If the hash value matches the second part, it is determined that the broadcast message passes the verification.
4. The method according to any one of claims 1 to 3, wherein providing the information of the second device comprises:

   In response to receiving a lookup request from a user for a trusted device, the first device provides information of the second device to the user.
5. The method according to any one of claims 1 to 4, further comprising:

   In response to receiving the user's operation on the information of the second device, the first device establishes a connection with the second device.
6. The method according to any one of claims 1 to 5, wherein the identity key of the set of trusted devices is stored at the first device, and wherein the method further comprises:

   In response to determining that a target trusted device in the set of trusted devices exits a trusted relationship with the first device, the first device deletes the target trusted device from the stored identity key of the set of trusted devices. The identity key of the trusted device.
7. The method according to any one of claims 1 to 6, wherein the identity key is an identity resolution key.
8. The method according to any one of claims 1 to 7, wherein the broadcast message is a Bluetooth broadcast message.
9. A method for identifying a trusted device, comprising:

   determining, by the first device, that the second device is a trusted device of the first device based on information received from the second device for authentication;

   the first device sends the identity key of the first device to the second device,

   receiving, by the first device, an identity key of the second device from the second device, wherein the identity key of the second device is used to generate a source address of broadcast messages of the second device, and

   The first device adds the identity key of the second device to the identity keys of the trusted device set of the first device.
10. The method according to claim 9, wherein determining that the second device is a trusted device of the first device comprises:

    sending account information of the first device to the second device;

    receiving said information for authentication of said account information for said first device from said second device; and

    If the information for authentication indicates that the first device and the second device have the same or associated accounts, determine that the second device is an authentic device.
11. The method according to claim 9, wherein determining that the second device is a trusted device of the first device comprises:

    Obtain binding information from the information used for authentication;

    determining whether the first device and the second device have been bound based on the binding information; and

    If it is determined that the first device and the second device have been bound, determine that the second device is a trusted device of the first device.
12. The method according to any one of claims 9 to 11, wherein the binding information indicates that two devices are bound through at least one of two-dimensional code, PIN code and physical contact .
13. The method according to any one of claims 9-12, wherein the method further comprises:

    sending, by the first device, the identity key of the second device to a trusted device in the set of trusted devices; and

    The first device sends the identity key of the one trusted device in the set of trusted devices to the second device.
14. The method according to any one of claims 9 to 13, further comprising:

    A connection is established between the first device and the second device.
15. The method according to any one of claims 9 to 14, further comprising:

    In response to determining that the second device has exited the trusted relationship with the first device, the first device deletes the second device's identity key from the set of trusted devices of the first device. identity key.
16. The method according to any one of claims 9 to 15, further comprising:

    If it is determined that the first device exits the trusted relationship with the set of trusted devices, updating the identity key of the first device.
17. The method according to any one of claims 9 to 16, wherein the identity key is an identity resolution key.
18. The method according to any one of claims 9 to 17, wherein the broadcast message is a Bluetooth broadcast message.
19. An electronic device, characterized in that it comprises:

    processing unit and memory;

    The processing unit executes the instructions in the memory, so that the electronic device executes the method according to any one of claims 1-8 or the method according to any one of claims 9-18.
20. A computer-readable storage medium, characterized in that one or more computer instructions are stored thereon, wherein one or more computer instructions are executed by a processor to cause the processor to perform any one of claims 1 to 8 The method or a method according to any one of claims 9 to 18.

Images