WO2023216911A1 - 设备认证的方法、电子设备和通信系统 - Google Patents

设备认证的方法、电子设备和通信系统 Download PDF

Info

Publication number
WO2023216911A1
WO2023216911A1 PCT/CN2023/091347 CN2023091347W WO2023216911A1 WO 2023216911 A1 WO2023216911 A1 WO 2023216911A1 CN 2023091347 W CN2023091347 W CN 2023091347W WO 2023216911 A1 WO2023216911 A1 WO 2023216911A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
server
application
interface
request
Prior art date
Application number
PCT/CN2023/091347
Other languages
English (en)
French (fr)
Inventor
戴兴
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023216911A1 publication Critical patent/WO2023216911A1/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • Embodiments of the present application relate to the field of communication technology, and in particular to methods of device authentication, electronic devices and communication systems.
  • a user uses a preset account to log in to an application on a mobile phone.
  • the application needs to use the information held by the user to authenticate the tablet.
  • the information held by the user may include the mobile phone number or email address reserved by the user when opening an account.
  • the existing device authentication method is usually that when a user logs in to the application using a preset account on the tablet, the server corresponding to the application sends verification information to the mobile phone number or email address.
  • the user sends verification information via text message or email for verification; or, the server corresponding to the application sends authorization information to the mobile phone, and the user can perform authorization operations on the mobile phone.
  • the tablet computer uses the default account to log in to the application. It can be seen that in order to prove that the user himself is performing the device login operation, the user needs to perform cumbersome authentication, which is cumbersome and the user experience is poor.
  • the device authentication method, electronic device, and communication system provided by the embodiments of this application can simplify authentication, simplify operations, and improve user experience.
  • embodiments of the present application provide a method for device authentication, which is applied to a communication system.
  • the communication system includes a first device and a second device, and both the first device and the second device have a first application.
  • the method includes: the first device and the second device discover each other, and the first device or the second device sends the mutual discovery result to the second server.
  • Log in to the first application of the first device through the second account on the first device, and the second account is the user account of the first application.
  • the first device sends a first message to the first server, where the first message includes first device information.
  • the second device After logging in to the first application of the first device through the second account on the first device, the second device sends a first request to the first server.
  • the first request includes the second account, and the first request is used to instruct the first server to verify the first application.
  • Second account After the first server passes the verification of the second account, the second device sends a second request to the first server.
  • the second request includes the second device information.
  • the second request is used to instruct the first server to verify whether the second device is a safe device. .
  • the second device logs in to the first application of the second device through the second account.
  • the first device and the second device both log in to the first account, and the first account is the system account.
  • the first account corresponds to the second server.
  • the first account is a Huawei account
  • the second server can be a Huawei server.
  • the mutual discovery result may include the first account, device information of the first device, and device information of the second device.
  • the second server may store the first account, the device information of the first device, and the device information of the second device.
  • Second server The association relationship between the first device and the second device may also be determined based on the first account, the device information of the first device, and the device information of the second device.
  • the association relationship can be understood as the first device and the second device communicating with each other. For example, the first device and the second device are connected to the same local area network.
  • the first server can verify whether the second device is a security device. Specifically, the first server can verify whether the second device is a security device based on the first account, the device information of the first device, and the device information of the second device. Obtain the association relationship between the first device and the second device on the second server. The first server may verify that the second device is a security device based on the association relationship between the first device and the second device.
  • the second device after the first device logs in to the second account, the second device sends a request for account verification to the first server. After the first server passes the verification of the second account, the second device sends a request for verifying the device to the first server.
  • the first server verifies the second account based on the first account, the information of the first device and the information of the second device. Query the association relationship between the first device and the second device on the server.
  • the first server verifies that the second device is a security device according to the association relationship.
  • the second device logs in to the first application through the second account. It can be seen that in the whole process, the user does not need to find friends to assist with the authentication device, which reduces the user's operations and improves the user experience.
  • the method further includes: the second device displays the first interface, and the first interface displays the first input box and the first control.
  • the first input box is used to input the user account of the first application
  • the first control is used to start verification of the user account.
  • the second device detects that the user inputs account information in the first input box, and receives the user's first operation on the first control.
  • the second device sends a first request to the first server. That is to say, the user enters the user account of the first application (ie, the second account) in the first input box of the first interface.
  • the second device receives the user's operation on the first control on the first interface.
  • the second device sends a request for verifying the user account to the first server.
  • the method further includes: the second device displays a second interface, and the second control is displayed on the second interface.
  • the second device sends a second request to the first server. That is to say, after the first server passes the verification of the second account, the second device receives the user's operation on the second control on the second interface. In response to this operation, the second device sends a request to the first server for authenticating the second device.
  • the method further includes: the second device displays a third interface, and the third interface is an application interface of the first application.
  • the method before the first device and the second device discover each other, the method further includes: logging in to a first account in the system of the first device, and the first account is a system account. Log in to the first account in the system of the second device.
  • the first account is a system account of the first device and/or the second device.
  • the first device and the second device discover each other, and the first device or the second device sends the mutual discovery result to the second server.
  • the first device obtains the third device of the second device. 2. Equipment information.
  • the second device obtains the first device information of the first device.
  • the first device and/or the second device report a second message to the second server, where the second message includes the first device information, the second device information and the first account number.
  • logging in to the first account in the system of the second device may be as follows: the second device displays a fourth interface, the fourth interface includes a second input box and a third control, and the second input box is For inputting the system account, the third control is used to initiate verification of the system account.
  • the second device detects that the user enters account information in the second input box, and The user's third operation on the third control is received.
  • the second device sends a third request to the second server, and the second server is configured to return verification information to the second device according to the third request.
  • the second device displays a fifth interface.
  • the fifth interface is an interface for successful login of the system account.
  • the method before the second device logs in to the first application of the second device through the second account, the method further includes: the second device displays a sixth interface, and the sixth interface is used to prompt that the second device is in a verification state. That is to say, before the second device logs in to the first application of the second device through the second account, an interface for prompting that the second device is in a verification state is displayed on the second device. In this way, the user can be prompted that the second device is in the verification state to appease the user to wait patiently.
  • the first request also includes the first account
  • the communication system further includes a first server; after the second device sends the second request to the first server, the first server also includes: the first server based on the first account, the first First device information and second device information, and the association relationship between the first device and the second device is obtained on the second server.
  • the first server verifies that the second device is a security device based on the association between the first device and the second device.
  • the first server obtains the association between the first device and the second device from the second server based on the first account, first device information, and second device information.
  • the first server verifies that the second device is a security device based on the association relationship. In this way, in this embodiment of the present application, the first server directly interacts with the second server to perform device verification on the second device, without requiring excessive user operations, simplifying user operations and improving user experience.
  • the second server is a server corresponding to the system account of the device.
  • the first device sends the first message to the first server, specifically: when logging in to the first application of the first device through the second account on the first device, the first device sends the first message to the first server. the first message; or, after logging into the first application of the first device through the second account on the first device, the first device sends the first message to the first server.
  • inventions of the present application provide a method for device authentication.
  • the execution subject of the method may be a second device or a component located in the device (for example, a chip, a chip system or a processor, etc.).
  • the execution subject is the second device as an example for description.
  • Both the first device and the second device have the first application.
  • the method includes: the second device and the first device discover each other, and the second device sends the mutual discovery result to the second server. After logging into the first application of the first device through the second account on the first device, the second device sends a first request to the first server of the first application.
  • the first request includes the second account, and the second account is the first application.
  • the first request is used to instruct the first server to verify the second account.
  • the second device sends a second request to the first server.
  • the second request includes the second device information.
  • the second request is used to instruct the first server to verify whether the second device is a safe device. .
  • the second device logs in to the first application of the second device through the second account.
  • the first device and the second device both log in to the first account, and the first account is the system account.
  • the first account corresponds to the second server.
  • the first account is a Huawei account
  • the second server can be a Huawei server.
  • the mutual discovery result may include the first account, device information of the first device, and device information of the second device.
  • the second server may store the first account, the device information of the first device, and the device information of the second device.
  • the second server may also determine the association between the first device and the second device based on the first account, the device information of the first device, and the device information of the second device.
  • the association relationship can be understood as the first device and the second device communicating with each other. For example, the first device and the second device are connected to the same local area network.
  • the first server can verify whether the second device is a security device. Specifically, the first server can verify whether the second device is a security device based on the first account, the device information of the first device, and the device information of the second device. Second Obtain the association relationship between the first device and the second device on the server. The first server may verify that the second device is a security device based on the association relationship between the first device and the second device.
  • the second device after the first device logs in to the second account, the second device sends a request for account verification to the first server. After the first server passes the verification of the second account, the second device sends a request for verifying the device to the first server.
  • the first server verifies the second account based on the first account, the information of the first device and the information of the second device. Query the association relationship between the first device and the second device on the server.
  • the first server verifies that the second device is a security device according to the association relationship.
  • the second device logs in to the first application through the second account. It can be seen that in the whole process, the user does not need to find friends to assist with the authentication device, which reduces the user's operations and improves the user experience.
  • the method further includes: the second device displays the first interface, and the first interface displays the first input box and the first control.
  • the first input box is used to input the user account of the first application
  • the first control is used to start verification of the user account.
  • the second device detects that the user inputs account information in the first input box, and receives the user's first operation on the first control.
  • the second device sends a first request to the first server. That is to say, the user enters the user account of the first application (ie, the second account) in the first input box of the first interface.
  • the second device receives the user's operation on the first control on the first interface.
  • the second device sends a request for verifying the user account to the first server.
  • the method further includes: the second device displays a second interface, and the second control is displayed on the second interface.
  • the second device sends a second request to the first server. That is to say, after the first server passes the verification of the second account, the second device receives the user's operation on the second control on the second interface. In response to this operation, the second device sends a request to the first server for authenticating the second device.
  • the method further includes: the second device displays a third interface, and the third interface is an application interface of the first application.
  • the method before the first device and the second device discover each other, the method further includes: logging in to a first account in the system of the first device, and the first account is a system account. Log in to the first account in the system of the second device.
  • the first account is a system account of the first device and/or the second device.
  • the first device and the second device discover each other, and the first device or the second device sends the mutual discovery result to the second server, specifically: the first device obtains the second device of the second device information.
  • the second device obtains the first device information of the first device.
  • the first device and/or the second device report a second message to the second server, where the second message includes the first device information, the second device information and the first account number.
  • logging in to the first account in the system of the second device is as follows: the second device displays a fourth interface, the fourth interface includes a second input box and a third control, and the second input box is used to Enter the system account, and the third control is used to start verification of the system account.
  • the second device detects that the user inputs account information in the second input box, and receives the user's third operation on the third control.
  • the second device sends a third request to the second server, and the second server is configured to return verification information to the second device according to the third request.
  • the second device displays a fifth interface.
  • the fifth interface is an interface for successful login of the system account.
  • the method before the second device logs in to the first application of the second device through the second account, the method further includes: the second device displays a sixth interface, and the sixth interface is used to prompt that the second device is in a verification state. That is to say, in the Before the second device logs in to the first application of the second device through the second account, an interface for prompting that the second device is in a verification state is displayed on the second device. In this way, the user can be prompted that the second device is in the verification state to appease the user to wait patiently.
  • the first request also includes a first account
  • the communication system further includes a first server.
  • the first server is configured to obtain the association relationship between the first device and the second device on the second server based on the first account, first device information, and second device information.
  • the first server is configured to verify that the second device is a security device based on the association relationship between the first device and the second device.
  • the first server obtains the association between the first device and the second device from the second server based on the first account, first device information, and second device information.
  • the first server verifies that the second device is a security device based on the association relationship.
  • the first server directly interacts with the second server to perform device verification on the second device, without requiring excessive user operations, simplifying user operations and improving user experience.
  • the second server is a server corresponding to the system account of the device.
  • inventions of the present application provide an electronic device.
  • the electronic device includes: a discovery module configured to mutually discover the first device.
  • the first sending module is used to send the mutual discovery result to the second server.
  • the second sending module is configured to send a first request to the first server of the first application after logging in to the first application of the first device through the second account on the first device.
  • the first request includes the second account number and the second account number. is the user account of the first application; the first request is used to instruct the first server to verify the second account.
  • the third sending module is used to send a second request to the first server after the first server passes the verification of the second account.
  • the second request includes the second device information, and the second request is used to instruct the first server to verify the second device. Whether it is a safety device.
  • the first login module is used to log in to the first application of the second device through the second account after the first server verifies that the second device is a security device.
  • the second device after the first device logs in to the second account, the second device sends a request for account verification to the first server. After the first server passes the verification of the second account, the second device sends a request for verifying the device to the first server.
  • the first server verifies the second account based on the first account, the information of the first device and the information of the second device. Query the association relationship between the first device and the second device on the server.
  • the first server verifies that the second device is a security device according to the association relationship.
  • the second device logs in to the first application through the second account. It can be seen that in the whole process, the user does not need to find friends to assist with the authentication device, which reduces the user's operations and improves the user experience.
  • the electronic device further includes: a first display module for displaying a first interface, a first input box and a first control displayed on the first interface, and the first input box is used to input a username of the first application.
  • Account the first control is used to initiate verification of the user account.
  • the detection module is used to detect that the user inputs account information in the first input box and receives the user's first operation on the first control.
  • the fourth sending module is configured to send the first request to the first server in response to the first operation.
  • the electronic device further includes: a second display module, configured to display a second interface, and display a second control on the second interface.
  • the fifth sending module is configured to send a second request to the first server in response to the second operation.
  • the electronic device further includes: a third display module, configured to display a third interface, where the third interface is an application interface of the first application.
  • the electronic device further includes: a second login module, used to log in to the first account.
  • the first account is a system account of the first device and/or the second device.
  • the discovery module is also used to obtain the first device information of the first device.
  • the first sending module is also configured to report a second message to the second server, where the second message includes the first device information, the second device information and the first account number.
  • the second login module is also used to: display a fourth interface, the fourth interface includes a second input box and a third control, the second input box is used to enter the system account, and the third control is used to start Verify the system account; detect that the user inputs account information in the second input box, and receives the user's third operation on the third control; in response to the third operation, sends a third request to the second server, and the second server Used to return verification information to the second device according to the third request; after the second device receives the verification information returned by the second server, display the fifth interface, and the fifth interface is the interface for successful login of the system account.
  • the electronic device further includes: a fourth display module for displaying a sixth interface, and the sixth interface is used to prompt that the second device is in the verification state. In this way, the user can be prompted that the second device is in the verification state to appease the user to wait patiently.
  • the first request also includes a first account
  • the communication system further includes a first server.
  • the first server is configured to obtain the association relationship between the first device and the second device on the second server based on the first account, first device information, and second device information.
  • the first server is configured to verify that the second device is a security device based on the association relationship between the first device and the second device.
  • the first server obtains the association between the first device and the second device from the second server based on the first account, first device information, and second device information.
  • the first server verifies that the second device is a security device based on the association relationship.
  • the first server directly interacts with the second server to perform device verification on the second device, without requiring excessive user operations, simplifying user operations and improving user experience.
  • the second server is a server corresponding to the system account of the device.
  • inventions of the present application provide an electronic device.
  • the electronic device includes: one or more processors; and a memory, where code is stored in the memory; when the code is executed by the processor, such that The electronic device performs the method described in the second aspect.
  • inventions of the present application provide a communication system.
  • the communication system includes a first device and a second device. Both the first device and the second device have a first application; the second device is used to execute: the second device and The first devices discover each other, and the second device sends the mutual discovery results to the second server; after logging in to the first application of the first device through the second account on the first device, the second device sends a request to the first server of the first application.
  • Send a first request the first request includes a second account, and the second account is the user account of the first application; the first request is used to instruct the first server to verify the second account; after the first server passes the verification of the second account,
  • the second device sends a second request to the first server.
  • the second request includes the second device information.
  • the second request is used to instruct the first server to verify whether the second device is a security device; when the first server verifies that the second device is a security device Afterwards, the second device logs in to the first application of the second device through the second account.
  • embodiments of the present application provide a computer-readable storage medium, which includes computer instructions.
  • the computer instructions When the computer instructions are run on a home device, the second device causes the second device to perform the device authentication described in the second aspect. method.
  • Figure 1A is a schematic diagram of an interface of an electronic device
  • Figure 1B is a schematic diagram of an interface of an electronic device
  • Figure 1C is a schematic diagram of an interface of an electronic device
  • Figure 1D is a schematic diagram of an interface of an electronic device
  • Figure 1E is a schematic diagram of an interface of an electronic device
  • Figure 1F is a schematic diagram of an interface of an electronic device
  • Figure 2 is a schematic diagram of another interface of an electronic device
  • Figure 3 is a schematic diagram of another interface of an electronic device
  • Figure 4A is a schematic diagram of another interface of an electronic device
  • Figure 4B is a schematic diagram of another interface of an electronic device
  • Figure 5 is a schematic diagram of another interface of an electronic device
  • Figure 6 is a schematic diagram of another interface of an electronic device
  • Figure 7 is a schematic diagram of another interface of an electronic device
  • Figure 8 is a schematic diagram of another interface of an electronic device
  • Figure 9 is a schematic structural diagram of a system provided by an embodiment of the present application.
  • Figure 10A is a schematic structural diagram of an electronic device provided by an embodiment of the present application.
  • Figure 10B is a schematic diagram of the software architecture of an electronic device provided by an embodiment of the present application.
  • Figure 10C is a schematic diagram of the software architecture of an electronic device provided by an embodiment of the present application.
  • Figure 11A is a schematic flowchart of a device authentication method provided by an embodiment of the present application.
  • FIG. 11B is a schematic flowchart of a device authentication method provided by an embodiment of the present application.
  • first and second are used for descriptive purposes only and cannot be understood as indicating or implying relative importance or implicitly indicating the quantity of indicated technical features. Therefore, features defined as “first” and “second” may explicitly or implicitly include one or more of these features. In the description of this embodiment, unless otherwise specified, “plurality” means two or more.
  • FIG. 1F is a schematic diagram of an interface of a mobile phone.
  • the mobile phone 01 receives the user's operation, and in response to the operation, the interface of the mobile phone 01 jumps from the interface 110 shown in FIG. 1F to the interface 120 shown in FIG. 2 .
  • Displayed on the interface 120 are: an input area for entering account number and password, and a control 121 for confirming login.
  • the user clicks control 121 As shown in Figure 3, after the user enters the preset account number and password in the input area, the user clicks control 121.
  • the mobile phone 01 displays the interface 130 as shown in FIG. 4A , and the control 131 for starting verification is displayed on the interface 130 .
  • a first prompt message is also displayed on the interface 130.
  • the first prompt message may be "You are logging into application A on a new device. For the security of your account, please perform security verification.”
  • mobile phone 01 displays the interface 140 shown in Figure 5.
  • the verification method is displayed on the interface 140.
  • the verification method can include "SMS verification”, “Scan QR code verification”, and "Invite friends to assist verification” wait.
  • the mobile phone The interface of 01 jumps from the interface 140 shown in Figure 5 to the interface 150 shown in Figure 6 .
  • the operation information of "Friend-assisted secure login verification" is displayed on the interface 150 .
  • the operation information may include: "1Contact two or more frequently contacted friends through phone calls/text messages or other methods; 2Ask your friends to open application A, open a chat window with you, and send 271821 to you.”
  • the user can notify friends for verification based on the operation information on the interface 150 . Friends can verify based on the user's instructions. After the verification is passed, the interface of mobile phone 01 jumps to interface 160 shown in Figure 7 . Controls 161 for completion are displayed on interface 160 .
  • a second prompt message is also displayed on the interface 160, and the second prompt message may be "The verification has been passed, and your application A account can log in normally on this device."
  • the interface of mobile phone 01 is the interface of logged-in application A, such as interface 170 shown in Figure 8 .
  • the communication system may include a first device and a second device. Both the first device and the second device have a first application.
  • An application corresponds to the first server.
  • the method includes: the first device and the second device discover each other, and the first device or the second device sends the mutual discovery result to the second server.
  • the first device sends a first message to the first server, where the first message includes first device information.
  • the second device After logging in to the first application of the first device through the second account on the first device, the second device sends a first request to the first server.
  • the first request includes the second account, and the first request is used to instruct the first server to verify the first application.
  • Second account After the first server passes the verification of the second account, the second device sends a second request to the first server.
  • the second request includes the second device information.
  • the second request is used to instruct the first server to verify whether the second device is a safe device. .
  • the second device logs in to the first application of the second device through the second account.
  • the second device needs to send a request for verifying the second account to the first server. After the second account is verified, the second device sends a request for verifying the device to the first server. After the first server verifies that the second device is a security device, the second device logs in to the second account. It can be seen that in the whole process, the user does not need to find friends to assist with the authentication device, which reduces the user's operations and improves the user experience.
  • the mobile phone 01 receives the user's operation, and in response to the operation, the interface of the mobile phone 01 jumps from the interface 110 shown in FIG. 1F to the interface 120 shown in FIG. 2 .
  • the interface of mobile phone 01 jumps to the interface of logged-in application A, as shown in interface 170 in Figure 8 . It can be seen that users can complete device authentication and device login application operations without performing authentication operations, simplifying operations and improving user experience.
  • the interface of mobile phone 01 can jump to interface 180 shown in Figure 4B.
  • a prompt message is displayed on the interface 180, such as "You are logging in to application A on a new device.
  • the server is undergoing security verification, please wait".
  • the interface of mobile phone 01 can jump to the interface of logged-in application A, such as interface 170 shown in Figure 8.
  • the system 900 may include a first device 910 , a second device 920 , a first server 930 and a second server 940 .
  • the above-mentioned electronic devices can be mobile phones, tablet computers, Laptops, notebook computers, ultra-mobile personal computers (UMPC), handheld computers, netbooks, personal digital assistants (Personal Digital Assistants, PDAs), wearable electronic devices and other devices, in the embodiment of the present application,
  • UMPC ultra-mobile personal computers
  • PDA Personal Digital Assistants
  • wearable electronic devices and other devices, in the embodiment of the present application,
  • the first device 910 may be a tablet computer
  • the second device 920 may be a mobile phone.
  • the first application is installed on both the first device 910 and the second device 920 , and the first application corresponds to the first server 930 .
  • the first server 930 may receive the request sent by the first application and respond according to the request.
  • the second server 940 may receive information reported by the first device 910 and/or the second device 920, such as account number, device identification and other information.
  • the second server 940 may be used to store the corresponding relationship between the account number and the device identification.
  • the second server 940 may be a Hongmeng Internet server.
  • the first server 930 can query information from the second server 940, and the information can be used to represent the association between devices.
  • the first device 910 and the second device 920 are connected to the same network.
  • the first server 930 is also configured to authenticate the legitimacy of the first device 910 or the second device 920 based on the queried information.
  • the implementation process may be: 1
  • the first device 910 uses account 2 to log in to the first application, and uses account 1 (such as Huawei account) to log in to the operating system (such as Hongmeng operating system).
  • the second device 920 also uses account 1 to log in to the above operating system.
  • the first device 910 and the second device 920 discover each other and report information to the second server 940.
  • the information may include account numbers, device identifiers, and associations. 3When the user wants to log in to the first application using account 2 on the second device 920, the user performs the operation on the second device 920.
  • the second device 920 receives the operation, and in response to the operation, the second device 920 sends a request to the first server 930 , where the request carries account 1 and the device identification of the second device 920 .
  • the first server 930 determines whether account 1 is consistent with the pre-stored account. 5 If the second account is consistent with the pre-stored account, the first server 930 queries the first device 910 and the first device 910 from the second server 940 based on the account 1, the device identification of the first device 910 and the device identification of the second device 920. The association between the two devices 920. 6The first server 930 authenticates the second device 920 based on the association between the first device 910 and the second device 920 . 7 After the second device 920 passes the authentication, the first server 930 authorizes the second device 920 to use account 2 to log in to the first application. 8The second device 920 logs in to the first application.
  • FIG. 10A is a structural block diagram of the above-mentioned electronic device.
  • the electronic device may include a processor 210, an external memory interface 220, an internal memory 221, a universal serial bus (USB) interface 230, a charging Management module 240, power management module 241, battery 242, antenna 1, antenna 2, mobile communication module 250, wireless communication module 260, audio module 270, speaker 270A, receiver 270B, microphone 270C, headphone interface 270D, sensor module 280, buttons 290, motor 291, indicator 292, camera 293, display screen 294, and subscriber identification module (subscriber identification module, SIM) card interface 295, etc.
  • a processor 210 such as the first device 910, the second device 920
  • an external memory interface 220 such as the first device 910, the second device 920
  • USB universal serial bus
  • the sensor module 280 may include a pressure sensor 280A, a gyro sensor 280B, an air pressure sensor 280C, a magnetic sensor 280D, an acceleration sensor 280E, a distance sensor 280F, a proximity light sensor 280G, a fingerprint sensor 280H, a temperature sensor 280J, a touch sensor 280K, and ambient light.
  • the electronic device may include more or less components than shown in the figures, or some components may be combined, some components may be separated, or some components may be arranged differently.
  • the components shown may be represented by hardware, software or software and hardware implementation.
  • the processor 210 may include one or more processing units.
  • the processor 210 may include an application processor (application processor, AP), a modem processor, a graphics processing unit (GPU), and an image signal processor. (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural network processor (neural-network processing unit, NPU), etc.
  • application processor application processor, AP
  • modem processor a graphics processing unit
  • GPU graphics processing unit
  • image signal processor image signal processor
  • ISP image signal processor
  • controller video codec
  • digital signal processor digital signal processor
  • DSP digital signal processor
  • baseband processor baseband processor
  • neural network processor neural-network processing unit
  • the controller can generate operation control signals based on the instruction operation code and timing signals to complete the control of fetching and executing instructions.
  • the processor 210 may also be provided with a memory for storing instructions and data.
  • the memory in processor 210 is cache memory. This memory may hold instructions or data that have been recently used or recycled by processor 210 . If the processor 210 needs to use the instructions or data again, it can be called directly from the memory. Repeated access is avoided and the waiting time of the processor 210 is reduced, thus improving the efficiency of the system.
  • processor 210 may include one or more interfaces. Interfaces may include integrated circuit (inter-integrated circuit, I2C) interface, integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, pulse code modulation (pulse code modulation, PCM) interface, universal asynchronous receiver and transmitter (universal asynchronous receiver/transmitter (UART) interface, mobile industry processor interface (MIPI), general-purpose input/output (GPIO) interface, subscriber identity module (SIM) interface, and /Or through USB interface, etc.
  • I2C integrated circuit
  • I2S integrated circuit built-in audio
  • PCM pulse code modulation
  • UART universal asynchronous receiver and transmitter
  • MIPI mobile industry processor interface
  • GPIO general-purpose input/output
  • SIM subscriber identity module
  • the interface connection relationships between the modules illustrated in the embodiments of the present application are only schematic illustrations and do not constitute structural limitations on the electronic equipment.
  • the electronic device may also adopt different interface connection methods in the above embodiments, or a combination of multiple interface connection methods.
  • the charge management module 240 is used to receive charging input from the charger.
  • the charger can be a wireless charger or a wired charger.
  • the charging management module 240 may receive charging input from the wired charger through the USB interface 230 .
  • the charging management module 240 may receive wireless charging input through a wireless charging coil of the electronic device. While charging the battery 242, the charging management module 240 can also provide power to the electronic device through the power management module 241.
  • the power management module 241 is used to connect the battery 242, the charging management module 240 and the processor 210.
  • the power management module 241 receives input from the battery 242 and/or the charging management module 240 and supplies power to the processor 210, the internal memory 221, the display screen 294, the camera 293, the wireless communication module 260, and the like.
  • the power management module 241 can also be used to monitor battery capacity, battery cycle times, battery health status (leakage, impedance) and other parameters.
  • the power management module 241 may also be provided in the processor 210 .
  • the power management module 241 and the charging management module 240 may also be provided in the same device.
  • the wireless communication function of the electronic device can be realized through the antenna 1, the antenna 2, the mobile communication module 250, the wireless communication module 260, the modem processor and the baseband processor.
  • Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals.
  • Each antenna in an electronic device can be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization.
  • Antenna 1 can be reused as a diversity antenna for a wireless LAN.
  • antennas may be used in conjunction with tuning switches.
  • the mobile communication module 250 can provide wireless communication solutions including 2G/3G/4G/5G applied to electronic devices.
  • the mobile communication module 250 may include at least one filter, switch, power amplifier, low noise amplifier (LNA), etc.
  • the mobile communication module 250 can receive electromagnetic waves from the antenna 1, perform filtering, amplification and other processing on the received electromagnetic waves, and transmit them to the modem processor for demodulation.
  • the mobile communication module 250 can also amplify the signal modulated by the modem processor and convert it into electromagnetic waves through the antenna 1 for radiation.
  • at least part of the functional modules of the mobile communication module 250 may be disposed in the processor 210 .
  • at least part of the functional modules of the mobile communication module 250 and at least part of the modules of the processor 210 may be provided in the same device.
  • a modem processor may include a modulator and a demodulator.
  • the modulator is used to modulate the low-frequency baseband signal to be sent into a medium-high frequency signal.
  • the demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal.
  • the demodulator then transmits the demodulated low-frequency baseband signal to the baseband processor for processing.
  • the application processor outputs sound signals through audio devices (not limited to speaker 270A, receiver 270B, etc.), or displays images or videos through display screen 294.
  • the modem processor may be a stand-alone device.
  • the modem processor may be independent of the processor 210 and may be provided in the same device as the mobile communication module 250 or other functional modules.
  • the wireless communication module 260 can provide wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) network), Bluetooth (BT), and global navigation satellite systems for use in electronic devices. (global navigation satellite system, GNSS), frequency modulation (FM), near field communication technology (near field communication, NFC), infrared technology (infrared, IR) and other wireless communication solutions.
  • WLAN wireless local area networks
  • BT Bluetooth
  • GNSS global navigation satellite system
  • FM frequency modulation
  • NFC near field communication technology
  • IR infrared technology
  • the wireless communication module 260 may be one or more devices integrating at least one communication processing module.
  • the wireless communication module 260 receives electromagnetic waves via the antenna 2 , frequency modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 210 .
  • the wireless communication module 260 can also receive the signal to be sent from the processor 210, frequency modulate it, amplify it, and convert it into electromagnetic waves through the antenna 2 for radiation. In some embodiments, the wireless communication module 260 receives the broadcast sent by the first home device and the data sent by the first home device.
  • the antenna 1 of the electronic device is coupled to the mobile communication module 250, and the antenna 2 is coupled to the wireless communication module 260, so that the electronic device can communicate with the network and other devices through wireless communication technology.
  • the wireless communication technology may include global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), broadband Code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc.
  • the GNSS may include global positioning system (GPS), global navigation satellite system (GLONASS), Beidou navigation satellite system (BDS), quasi-zenith satellite system (quasi) -zenith satellite system (QZSS) and/or satellite based augmentation systems (SBAS).
  • GPS global positioning system
  • GLONASS global navigation satellite system
  • BDS Beidou navigation satellite system
  • QZSS quasi-zenith satellite system
  • SBAS satellite based augmentation systems
  • the electronic device implements display functions through the GPU, display screen 294, and application processor.
  • the GPU is an image processing microprocessor and is connected to the display screen 294 and the application processor. GPUs are used to perform mathematical and geometric calculations for graphics rendering.
  • Processor 210 may include one or more GPUs that execute program instructions to generate or alter display information.
  • the display screen 294 is used to display images, videos, etc.
  • Display 294 includes a display panel.
  • the display panel can use a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active matrix organic light emitting diode or an active matrix organic light emitting diode (active-matrix organic light emitting diode).
  • LCD liquid crystal display
  • OLED organic light-emitting diode
  • AMOLED organic light-emitting diode
  • FLED flexible light-emitting diode
  • Miniled MicroLed, Micro-oLed, quantum dot light emitting diode (QLED), etc.
  • the electronic device may include 1 or N display screens 294, where N is a positive integer greater than 1.
  • the electronic device can realize the shooting function through ISP, camera 293, video codec, GPU, display screen 294 and application processor.
  • the ISP is used to process the data fed back by the camera 293. For example, when taking a photo, the shutter is opened, the light is transmitted to the camera sensor through the lens, the optical signal is converted into an electrical signal, and the camera sensor passes the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise and brightness. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be provided in the camera 293.
  • Camera 293 is used to capture still images or video.
  • the object passes through the lens to produce an optical image that is projected onto the photosensitive element.
  • the photosensitive element can be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor.
  • CMOS complementary metal-oxide-semiconductor
  • the photosensitive element converts the optical signal into an electrical signal, and then passes the electrical signal to the ISP to convert it into a digital image signal.
  • ISP outputs digital image signals to DSP for processing.
  • the DSP converts digital image signals into standard RGB (RGB represents the three colors of red, green, and blue), YUV ("Y” represents brightness (Luminance or Luma), that is, grayscale values, "U” and “V” It represents image signals in formats such as chrominance (Chrominance or Chroma).
  • the electronic device may include 1 or N cameras 293, where N is a positive integer greater than 1.
  • Digital signal processors are used to process digital signals. In addition to digital image signals, they can also process other digital signals. For example, when the electronic device selects a frequency point, the digital signal processor is used to perform Fourier transform on the frequency point energy.
  • Video codecs are used to compress or decompress digital video.
  • Electronic devices may support one or more video codecs. In this way, electronic devices can play or record videos in multiple encoding formats, such as: Moving Picture Experts Group (MPEG)1, MPEG2, MPEG3, MPEG4, etc.
  • MPEG Moving Picture Experts Group
  • MPEG2 MPEG2, MPEG3, MPEG4, etc.
  • NPU is a neural network (NN) computing processor.
  • NN neural network
  • Intelligent cognitive applications of electronic devices can be realized through NPU, such as image recognition, face recognition, speech recognition, text understanding, etc.
  • the external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device.
  • the external memory card communicates with the processor 210 through the external memory interface 120 to implement the data storage function. Such as saving music, videos, etc. files in external memory card.
  • Internal memory 221 may be used to store computer executable program code, which includes instructions.
  • the internal memory 221 may include a program storage area and a data storage area.
  • the stored program area can store an operating system, at least one application program required for a function (such as a sound playback function, an image playback function, etc.).
  • the storage data area can store data created during the use of electronic equipment (such as audio data, phone books, etc.).
  • the internal memory 221 may include high-speed random access memory, and may also include non-volatile memory, such as at least one disk storage device, flash memory device, universal flash storage (UFS), etc.
  • the processor 210 executes various functional applications and data processing of the electronic device by executing instructions stored in the internal memory 221 and/or instructions stored in a memory provided in the processor.
  • the internal memory 221 may store an identity of at least one BLE device. Alternatively, the internal memory 221 may store an identification of at least one BLE device and an access credential of at least one BLE device. Alternatively, the internal memory 221 may also store the identity of at least one BLE device in association with the user account. Alternatively, the internal memory 221 may also store the identification and access credentials of at least one BLE device in association with the user account.
  • the electronic device can implement audio functions through the audio module 270, the speaker 270A, the receiver 270B, the microphone 270C, the headphone interface 270D, and the application processor. Such as music playback, recording, etc.
  • the audio module 270 is used to convert digital audio information into analog audio signal output, and is also used to convert analog audio input into digital audio signals. Audio module 270 may also be used to encode and decode audio signals. In some embodiments, the audio module 270 may be provided in the processor 210 , or some functional modules of the audio module 270 may be provided in the processor 210 .
  • Speaker 270A also called “speaker” is used to convert audio electrical signals into sound signals.
  • the electronic device can listen to music through speaker 270A, or listen to hands-free calls.
  • Receiver 270B also called “earpiece” is used to convert audio electrical signals into sound signals.
  • the voice can be heard by bringing the receiver 270B close to the human ear.
  • Microphone 270C also called “microphone” or “microphone” is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can speak close to the microphone 270C with the human mouth and input the sound signal to the microphone 270C.
  • the electronic device may be provided with at least one microphone 270C. In other embodiments, the electronic device may be provided with two microphones 270C, which in addition to collecting sound signals, may also implement a noise reduction function. In other embodiments, the electronic device can also be equipped with three, four or more microphones 270C to collect sound signals, reduce noise, identify sound sources, and implement directional recording functions, etc.
  • the headphone interface 270D is used to connect wired headphones.
  • the headphone interface 270D may be a USB interface 230, or may be a 3.5mm open mobile terminal platform (OMTP) standard interface, or a Cellular Telecommunications Industry Association of the USA (CTIA) standard interface.
  • OMTP open mobile terminal platform
  • CTIA Cellular Telecommunications Industry Association of the USA
  • the pressure sensor 280A is used to sense pressure signals and can convert the pressure signals into electrical signals.
  • pressure sensor 280A may be disposed on display screen 294.
  • pressure sensors 280A such as resistive pressure sensors, inductive pressure sensors, capacitive pressure sensors, etc.
  • a capacitive pressure sensor may include at least two parallel plates of conductive material.
  • the electronic device detects the strength of the touch operation according to the pressure sensor 280A.
  • the electronic device may also calculate the touched position based on the detection signal of the pressure sensor 280A.
  • touch operations acting on the same touch location but with different touch operation intensities may correspond to different operation instructions. For example: when a touch operation with a touch operation intensity less than the first pressure threshold is applied to the short message application icon, an instruction to view the short message is executed. When a touch operation intensity greater than or equal to the first pressure threshold is applied to the short message application icon, execute Execute the command to create a new short message.
  • the gyro sensor 280B can be used to determine the motion posture of the electronic device. In some embodiments, the angular velocity of the electronic device about three axes (ie, x, y, and z axes) may be determined by gyro sensor 280B.
  • the gyro sensor 280B can be used for image stabilization. For example, when the shutter is pressed, the gyro sensor 280B detects the angle at which the electronic device shakes, and calculates the distance that the lens module needs to compensate based on the angle, so that the lens can offset the shake of the electronic device through reverse movement to achieve anti-shake.
  • the gyro sensor 280B can also be used for navigation and somatosensory gaming scenarios.
  • Air pressure sensor 280C is used to measure air pressure. In some embodiments, the electronic device calculates the altitude through the air pressure value measured by the air pressure sensor 280C to assist positioning and navigation.
  • Magnetic sensor 280D includes a Hall sensor.
  • the electronic device can use the magnetic sensor 280D to detect the opening and closing of the flip holster.
  • the electronic device may detect the opening and closing of the flip according to the magnetic sensor 280D. Then, based on the detected opening and closing status of the leather case or the opening and closing status of the flip cover, features such as automatic unlocking of the flip cover are set.
  • the acceleration sensor 280E can detect the acceleration of the electronic device in various directions (generally three axes). When the electronic device is stationary, the magnitude and direction of gravity can be detected. It can also be used to identify the posture of electronic devices and be used in horizontal and vertical screen switching, pedometer and other applications.
  • Distance sensor 280F used to measure distance.
  • Electronic devices can measure distance via infrared or laser. In some embodiments, when shooting a scene, the electronic device can utilize the distance sensor 280F to measure distance to achieve fast focusing.
  • Proximity light sensor 280G may include, for example, a light emitting diode (LED) and a light detector, such as a photodiode.
  • the light emitting diode may be an infrared light emitting diode.
  • Electronic devices emit infrared light through light-emitting diodes.
  • Electronic devices use photodiodes to detect infrared reflected light from nearby objects. When sufficient reflected light is detected, it can be determined that there is an object near the electronic device. When insufficient reflected light is detected, the electronic device can determine that there is no object near the electronic device.
  • Electronic devices can use the proximity light sensor 280G to detect when the user is holding the electronic device close to the ear to talk, so that the screen can be automatically turned off to save power.
  • the proximity light sensor 280G can also be used in holster mode, and pocket mode automatically unlocks and locks the screen.
  • the ambient light sensor 280L is used to sense ambient light brightness.
  • the electronic device can adaptively adjust the brightness of the display screen 294 based on perceived ambient light brightness.
  • the ambient light sensor 280L can also be used to automatically adjust the white balance when taking pictures.
  • the ambient light sensor 280L can also cooperate with the proximity light sensor 280G to detect whether the electronic device is in the pocket to prevent accidental touching.
  • Fingerprint sensor 280H is used to collect fingerprints. Electronic devices can use the collected fingerprint characteristics to unlock fingerprints, access application locks, take photos with fingerprints, answer incoming calls with fingerprints, etc.
  • Temperature sensor 280J is used to detect temperature.
  • the electronic device uses the temperature detected by the temperature sensor 280J to execute the temperature processing strategy. For example, when the temperature reported by the temperature sensor 280J exceeds a threshold, the electronic device reduces the performance of a processor located near the temperature sensor 280J in order to reduce power consumption and implement thermal protection. In other embodiments, when the temperature is lower than another threshold, the electronic device heats the battery 242 to prevent the low temperature from causing the electronic device to shut down abnormally. In some other embodiments, when the temperature is lower than another threshold, the electronic device performs boosting on the output voltage of the battery 242 to avoid abnormal shutdown caused by low temperature.
  • Touch sensor 280K also known as "touch device”.
  • the touch sensor 280K can be disposed on the display screen 294.
  • the touch sensor 280K and the display screen 294 form a touch screen, which is also called a "touch screen”.
  • Touch sensor 280K is used for Detects touches on or near it.
  • the touch sensor can pass the detected touch operation to the application processor to determine the touch event type.
  • Visual output related to the touch operation may be provided through display screen 294.
  • the touch sensor 280K may also be disposed on the surface of the electronic device at a different location from the display screen 294 .
  • Bone conduction sensor 280M can acquire vibration signals.
  • the bone conduction sensor 280M can acquire the vibration signal of the vibrating bone mass of the human body's vocal part.
  • the bone conduction sensor 280M can also contact the human body's pulse and receive blood pressure beating signals.
  • the bone conduction sensor 280M can also be provided in the earphone and combined into a bone conduction earphone.
  • the audio module 270 can analyze the voice signal based on the vibration signal of the vocal vibrating bone obtained by the bone conduction sensor 280M to implement the voice function.
  • the application processor can analyze the heart rate information based on the blood pressure beat signal obtained by the bone conduction sensor 280M to implement the heart rate detection function.
  • the buttons 290 include a power button, a volume button, etc.
  • Key 290 may be a mechanical key. It can also be a touch button.
  • the electronic device can receive key input and generate key signal input related to user settings and function control of the electronic device.
  • the motor 291 can generate vibration prompts.
  • the motor 291 can be used for vibration prompts for incoming calls and can also be used for touch vibration feedback.
  • touch operations for different applications can correspond to different vibration feedback effects.
  • Acting on touch operations in different areas of the display screen 294, the motor 291 can also correspond to different vibration feedback effects.
  • Different application scenarios (such as time reminders, receiving information, alarm clocks, games, etc.) can also correspond to different vibration feedback effects.
  • the touch vibration feedback effect can also be customized.
  • the indicator 292 may be an indicator light, which may be used to indicate charging status, power changes, or may be used to indicate messages, missed calls, notifications, etc.
  • the electronic device may also include other functional units, which are not limited in the embodiments of the present application.
  • Figure 10B is a software structure block diagram of an electronic device provided by an embodiment of the present application.
  • the layered architecture divides the software into several layers, and each layer has clear roles and division of labor.
  • the layers communicate through software interfaces.
  • the Android system can be divided into four layers, from top to bottom: application layer, application framework layer, Android runtime and system library, and kernel layer.
  • the application layer can include a series of application packages.
  • the application package may include Bluetooth, device management application (application with device management function), navigation, memo, WLAN, short message, gallery, calendar, call and other applications (applications, APP).
  • application A application with device management function
  • application A application with account application
  • application A is taken as an example for description.
  • the application framework layer provides application programming interfaces and programming frameworks for applications in the application layer.
  • the application framework layer includes some predefined functions.
  • the application framework layer may include a window manager, content provider, view system, phone manager, resource manager, notification manager, etc.
  • the application framework layer can also include: discovery module, Huawei Mobile Service Core (HMSCore) ecological component (which can be referred to as HMScore, or HMScore account management module).
  • HMSCore Huawei Mobile Service Core
  • a window manager is used to manage window programs.
  • the window manager can obtain the display size, determine whether there is a status bar, lock the screen, capture the screen, etc.
  • Content providers are used to store and retrieve data and make this data accessible to applications.
  • the above data can include videos, images, audio, calls made and received, browsing history and bookmarks, phone book, etc.
  • the view system includes visual controls, such as controls that display text, controls that display pictures, etc.
  • a view system can be used to build applications.
  • the display interface can be composed of one or more views.
  • a display interface including a text message notification icon may include a view for displaying text and a view for displaying pictures.
  • the phone manager is used to provide communication functions of the terminal 120. For example, call status management (including connected, hung up, etc.).
  • the resource manager provides various resources to applications, such as localized strings, icons, pictures, layout files, video files, etc.
  • the notification manager allows applications to display notification information in the status bar, which can be used to convey notification-type messages and can automatically disappear after a short stay without user interaction.
  • the notification manager is used to notify download completion, message reminders, etc.
  • the notification manager can also be notifications that appear in the status bar at the top of the system in the form of charts or scroll bar text, such as notifications from applications running in the background, or notifications that appear on the screen in the form of a conversation interface. For example, text information is prompted in the status bar, a beep sounds, the electronic device vibrates, the indicator light flashes, etc.
  • Android Runtime includes core libraries and virtual machines. Android runtime is responsible for the scheduling and management of the Android system.
  • the core library contains two parts: one is the functional functions that need to be called by the Java language, and the other is the core library of Android.
  • the application layer and application framework layer run in virtual machines.
  • the virtual machine executes the java files of the application layer and application framework layer into binary files.
  • the virtual machine is used to perform object life cycle management, stack management, thread management, security and exception management, and garbage collection and other functions.
  • System libraries can include multiple functional modules. For example: surface manager (surface manager), media libraries (Media Libraries), 3D graphics processing libraries (for example: OpenGL ES), 2D graphics engines (for example: SGL), etc.
  • the surface manager is used to manage the display subsystem and provides the fusion of 2D and 3D layers for multiple applications.
  • the media library supports playback and recording of a variety of commonly used audio and video formats, as well as static image files, etc.
  • the media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.
  • the 3D graphics processing library is used to implement 3D graphics drawing, image rendering, composition, and layer processing.
  • 2D Graphics Engine is a drawing engine for 2D drawing.
  • the kernel layer is the layer between hardware and software.
  • the kernel layer contains at least display driver, camera driver, audio driver, and sensor driver.
  • module shown in Figure 10B can be integrated in the application framework layer, or can be integrated in a specific application, such as a memo.
  • a specific application such as a memo.
  • the embodiments of this application are not specifically limited.
  • Figure 11A is a schematic flowchart of a device authentication method provided by an embodiment of the present application
  • Figure 11B is a schematic flowchart of a device authentication method provided by an embodiment of the present application
  • this method is applied to a communication system, and the communication system may include The first device, the second device, the first server and the second server, the method can be divided into the following The stages are described, specifically:
  • the first device and the second device log in to the operating system.
  • the first device uses account 1 (such as the above-mentioned first account) to log in to the first operating system
  • the second device uses account 1 to log in to the first operating system.
  • the first operating system may have the capability of mutual discovery, that is, when the first operating system of the first device is running, it can automatically discover other devices (such as the second device) with the same account.
  • the first operating system may be Hongmeng operating system.
  • Hongmeng operating system the embodiments of this application are not limited to the Hongmeng operating system, and can also be other operating systems with mutual discovery capabilities.
  • Hongmeng operating system is used as an example for explanation.
  • account 1 can be understood as the user account.
  • both the first device and the second device use Hongmeng operating system
  • account 1 is a Huawei account.
  • the user uses a Huawei account to log in to the Hongmeng operating system; on the second device, the user uses the same Huawei account to log in to the Hongmeng operating system.
  • the first device and the second device are connected to the same LAN.
  • the first device and the second device are running the above operating system, the first device can automatically discover the second device with the same Huawei account, and the second device can automatically discover the second device with the same Huawei account.
  • the first device for Huawei account is running the above operating system
  • Figure 1A is a schematic interface diagram of mobile phone 01.
  • mobile phone 01 enters interface 110 (ie, the main interface).
  • the user clicks Settings.
  • the interface of mobile phone 01 jumps from the interface 110 shown in FIG. 1A to the interface 111 shown in FIG. 1B.
  • the interface 111 displays a control 11 for logging in to a Huawei account.
  • the mobile phone 01 receives the user's operation, and in response to the operation, the interface of the mobile phone 01 jumps to the interface 112 shown in FIG. 1C.
  • the interface 112 includes an input box 12 for inputting Huawei account information and a control 13 for logging in.
  • the user enters the Huawei account and password in the input box 12.
  • the interface of mobile phone 01 jumps from the interface 112 shown in Figure 1D to the interface 113 shown in Figure 1E.
  • This interface 113 is the account center interface, which is used to indicate that the system of mobile phone 01 has logged in to a Huawei account. .
  • the Huawei account can be included on the interface 113.
  • the interface 113 may also include controls such as personal information, account security, account authentication, payment and billing, cloud space, and device search. In the same way, the process of logging in to a Huawei account on the first device can be the same as above, and will not be repeated here.
  • the first device and the second device can perform conversion processing on account 1, and the result can be presented to the outside world.
  • the identifier can be Open Huawei User ID (OpenHwUid).
  • OpenHwUid Open Huawei User ID
  • the first device can hash the account 1 to obtain the identification 1.
  • the embodiments of the present application are not limited to hash processing, and other algorithms, such as identification algorithms, can also be used.
  • identification 1 can be the hash value of account 1.
  • the second device can also hash the account 1 to obtain the identifier 2.
  • the embodiments of the present application are not limited to hash processing, and other algorithms, such as identification algorithms, can also be used.
  • identification 2 can be the hash value of account 1.
  • identifier 1 and identifier 2 can also be strings, arrays, etc. used for external presentation.
  • the first device and/or the second device reports message 1 to the second server.
  • the second server receives message 1.
  • the association relationship between the devices is pre-stored in the second server.
  • the second server preselects and stores the association relationship between the devices applying the above operating system.
  • the association relationship can be understood as a network association relationship.
  • two devices are connected to the same network, such as Bluetooth, wireless local area network (WLAN), etc.
  • the association relationship can also be understood as a communication state, for example, communication between two devices.
  • the first device can discover the second device connected to the same local area network
  • the second device can discover the first device connected to the same local area network.
  • Both the first device and the second device are equipped with components that apply to collect information, such as the core HMSCore ecological component of Huawei Mobile Services. This component can collect and report the device's account, identification, and association relationship.
  • the first device and/or the second device may report the discovered data, that is, the above information, to the second server. details as follows:
  • message 1 may include message 11 and message 12.
  • the second device reports information 11 to the second server.
  • the information 11 may include the account 1 of the second device and the first identification of the second device.
  • the first device reports information 12 to the second server.
  • the information 12 may include the account 1 of the first device and the first identification of the first device.
  • the account number 1 of the first device can be replaced by the above-mentioned identifier 1.
  • the account number 1 of the second device can be replaced with the above-mentioned identifier 2.
  • message 1 may include message 13. Specifically: S11014.
  • the first device reports information 13 to the second server.
  • the information 13 may include the account number 1 of the first device, the first identification of the first device, the account number 1 of the second device, and the first identification of the second device. .
  • message 1 may include message 14. Specifically: S11013.
  • the second device reports information 14 to the second server.
  • the information 14 may include the account number 1 of the first device, the first identification of the first device, the account number 1 of the second device, and the first identification of the second device. .
  • the above-mentioned first identifier (such as the first identifier of the first device or the first identifier of the second device) may be used to uniquely identify the device.
  • the first identifier is used by the server or other device to identify the identity of the first device.
  • the identifier can be a serial number (SN), physical address, identifier (unique device identifier, UDID), etc.
  • the identifier can also be a string, array, etc. used for external presentation.
  • the first identifier may be an Open Device ID (OpenDevId).
  • the discovery module of the first device and the discovery module of the second device discover each other.
  • the discovery module of the first device obtains the device identification (eg, OpenDevId) and user account (eg, OpenHwUid) from the HMSCore account management module.
  • the discovery module of the second device obtains the device identification and user account from the HMSCore account management module.
  • 3 The discovery module of the first device sends the user account and device identification of the first device to the connection module.
  • the discovery module of the second device sends the user account and device identification of the second device to the connection module.
  • 4The connection module of the first device reports the device identification and user account to the second server (such as Hongmeng Internet management backend).
  • the connection module of the second device reports the device identification and user account to the second server (such as Hongmeng Internet management backend).
  • the discovery module of the first device sends the user account and device identification of the first device, and the user account and device identification of the second device to the connection module.
  • the connection module of the first device reports the user account and device identification of the first device and the user account and device identification of the second device to the second server.
  • the discovery module of the second device sends the user account and device identification of the first device, and the user account and device identification of the second device to the connection module.
  • the connection module of the second device reports the user account and device identification of the first device, and the user account and device identification of the second device to the second server.
  • the first device or the second device may report message 1 to the second server in real time. or, The first device or the second device may also report message 1 to the second server at a preset time. Alternatively, the first device or the second device may report message 1 to the second server when the user triggers the second device to log in to the first application.
  • the details can be determined according to actual needs, and are not specifically limited in the embodiments of this application.
  • the second server stores the message 1.
  • the second server stores the message 1 reported by the first device and the second device. In this way, the second server stores information such as each device account, identification, association relationship, etc. in advance.
  • the second server stores the above messages (device identification (OpenDevId), user account (OpenHwUid)).
  • the first device and the second device log in to the first application.
  • the working process of the first equipment is as follows:
  • the first device uses account 2 (such as the above-mentioned second account) to log in to the first application.
  • account 2 such as the above-mentioned second account
  • it can be implemented as:
  • the first device sends request 1 to the first server, and the request 1 carries account 2.
  • This request 1 is used to request to use account 2 to log in to the first application.
  • the first server verifies account 2 according to request 1.
  • the first server compares account number 2 with the stored account number. When account 2 is consistent with the stored account, the first server can verify that account 2 is a legitimate account.
  • the first server authorizes the first device to use account 2 to log in to the first application.
  • the first server After the first server verifies that account 2 is a legitimate account, the first server authorizes the first device to use account 2 to log in to the first application. In this way, the first device can use account 2 to log in to the first application.
  • S1103-S1105 can be:
  • Application A (first application) on the first device sends a request to the connection module.
  • the connection module sends the request to the first server, and the first server verifies account 2.
  • the first server authorizes the first device to use account 2 to log in to application A.
  • the first server sends the authorization information to the connection module of the first device.
  • the connection module of the first device sends the authorization information to application A in the application layer for presentation.
  • the first device reports account 1 and device identification to the first server. Specifically, it can be implemented as:
  • the first device uses account 2 to log in to the first application
  • the first device reports account 1 and the device identification to the first server.
  • Application A sends an acquisition request to the HMScore account management module.
  • the request is used to obtain the user account (such as account 1) and device identification (such as the first identification) of the first device.
  • the HMScore account management module searches for the account 1 and first identification of the first device according to the acquisition request, and sends the account 1 and the first identification to application A.
  • application A (first application) on the first device sends a request to the connection module, and the request carries the account 1 and the first identification of the first device.
  • the first device reports the account 1 and the first identification of the first device to the first server.
  • the first server receives and stores the device identification and user account of the first device.
  • S1106 After the first device logs in to the first application using account 2, the first device reports account 1 and the first identifier of the first device (such as the above-mentioned first device information) to the first server. ).
  • the first device reports account 1 and the first identifier of the first device (such as the above-mentioned first device information) to the first server.
  • the connection module of the first device reports the account 1 and the first identification of the first device to the first server.
  • the first server receives and stores the device identification and user account of the first device.
  • the second device also wants to use account 2 to log in to the first application.
  • the specific process for the second device to log in to the first application using account 2 is as follows:
  • the second device receives the user's operation 1 (such as the above-mentioned first operation).
  • Operation 1 may be an operation of logging in to the first application using account 2.
  • This operation 1 may include key operation, voice operation, touch operation, etc.
  • the touch operation may include a click operation, a press operation, an input operation, etc.
  • the user starts the first application on the second device.
  • an interface is displayed on the second device, and an input box is displayed on the interface.
  • the user can enter account number 2 in this input box.
  • the second device is a mobile phone
  • the mobile phone 01 receives the user's click operation, and in response to the operation, the mobile phone 01 displays the interface 120 shown in FIG. 2 .
  • the user enters the account number and password on the interface 120, and clicks the control 121 for logging in.
  • Mobile phone 01 receives the user's click operation, which can be called operation 1.
  • the second device sends request 2 (such as the above-mentioned first request) to the first server.
  • the request 2 carries the account 2 of the second device.
  • the first server receives request 2.
  • This request 2 is used to request to log in to the first application using account 2.
  • the first server verifies account 2 according to request 2.
  • Application A (the first application) on the second device sends request 2 to the connection module.
  • the connection module of the second device sends request 2 to the first server, and the first server verifies account 2.
  • the first server After the first server verifies account 2, the first server sends a device verification instruction to the second device. Correspondingly, the second device receives the verification instruction.
  • the first server determines that account 2 is a legitimate account. Afterwards, the first server needs to verify the legitimacy of the second device. In this way, the first server sends the device verification indication to the second device.
  • the second device reports the account 1 of the second device and the first identification of the second device (such as the above-mentioned second device information) to the first server.
  • the second device After the second device receives the device verification instruction from the first server, the second device reports the account number 1 of the second device to the first server.
  • the user clicks the control 131 on the interface 130 of the mobile phone 01 shown in FIG. 4A.
  • Mobile phone 01 receives the user's operation, and in response to the operation, the second device reports the second device's account 1 to the first server.
  • mobile phone 01 displays the interface 180 shown in Figure 4B, which displays "You are logging into application A on a new device. For the security of your account, the server is undergoing security verification, please wait --.
  • the second device when the second device uses account 2 to log in to the first application, the second device reports account 1 to the first server.
  • Application A sends an acquisition request to the HMScore account management module, which is used to obtain the user account of the second device (such as account 1).
  • the HMScore account management module searches for the account 1 of the second device according to the acquisition request, and sends the account 1 to application A. in one way, in , application A (first application) on the first device sends a request to the connection module, and the request carries the account 1 of the second device. In this way, during the login process of the second device, the second device reports the account number 1 of the second device to the first server.
  • Application A (first application) on the first device sends the account number 1 of the second device to the connection module of the first device.
  • the connection module of the first device communicates to the A server reports the account number 1 of the second device.
  • the second device reports the account number 1 of the second device to the first server.
  • the first server determines that account 1 is consistent with the pre-stored account.
  • the pre-stored account can be understood as the account used to log in to the operating system. That is to say, the pre-stored account includes the user account used to log in to the operating system, for example, the account 1 used to log in to the operating system on the first device.
  • the first application such as application A
  • the second device collects the device identification (OpenDevId) and user account (OpenHwUid) on HMSCore.
  • Application A reports the device identification (OpenDevId) and user account (OpenHwUid) to the first server (such as the business application backend). In this way, the device identification and user account of the first device will be stored in the first server in advance.
  • the authorization login rules of the first server may include the following: Rule 1, if two electronic devices have logged in to account 1, and one of the two devices successfully logs in to the first server using account 2, then when the other When the device wants to use account 2 to log in to the first application, the first server authorizes the device to use account 2 to log in to the first application.
  • Rule 2 if two devices have logged in to account 1, and one of the two devices successfully logs in to the first server using account 2, and the two devices are in an associated relationship (for example, the two devices are connected to the same network, such as a LAN), Then when another device wants to use account 2 to log in to the first application, the first server authorizes the device to use account 2 to log in to the first application.
  • Rule 1 if two electronic devices have logged in to account 1, and one of the two devices successfully logs in to the first server using account 2, then when the other When the device wants to use account 2 to log in to the first application, the first server authorizes the device to use account 2 to log in to the first application.
  • the first server needs to compare the device's account with the stored account.
  • the first server may compare the account number of the second device with the pre-selected and stored accounts, and determine that the account number 1 of the second device is consistent with the account number 1 of the first device among the pre-selected and stored accounts.
  • Scenario 1 Two devices logged in to the same user account are located in different regions.
  • the first device is located at the user's home and the second device is located at the user's company. Both the first device and the second device are logged in with account 1. After the first device uses account 2 to log in to the first application, the second device also needs to use account 2 to log in to the first application. Specifically, the second device executes S1107 and S1108. Afterwards, the first server determines that the account 1 of the second device is consistent with the account 1 of the first device among the preselected stored accounts, and the first server determines that the first device successfully uses account 2 to log in to the first application. Then, the first server authenticates the second device as a legitimate device, that is, the same user uses account 2 to log in to the first application on the second device and the first device.
  • Scenario 2 Two devices logged in with the same user account are in the same area.
  • the first device and the second device are both located at the user's home, and the first device and the second device are connected to the same local area network. Both the first device and the second device are logged in with account 1. After the first device uses account 2 to log in to the first application, the second device also needs to use account 2 to log in to the first application. Specifically, the second device executes S1107 and S1108. Afterwards, the first server determines that the account 1 of the second device is consistent with the account 1 of the first device among the preselected stored accounts, and the first server determines that the first device successfully uses account 2 to log in to the first application. In addition, the first server also needs to determine the association between the first device and the second device. Specifically, the first server executes S1113-S1114. Specifically:
  • the first server queries the second server for message 2 based on account 1, the first identifier of the second device, and the first identifier of the first device.
  • the message 2 is used to represent the association between the first device and the second device. .
  • This step can be implemented specifically as follows:
  • the first server sends request 3 (such as the above third request) to the second server.
  • This request 3 carries the first device.
  • the second server receives request 3.
  • This request 3 is used to request to query the association relationship between the first device and the second device.
  • the business application backend (first server) sends a request to the Hongmeng Internet management backend (second server).
  • the request carries the account number 1 of the first device, the account number 1 of the second device, the device identification of the first device and the second device device identification.
  • the second server determines the association between the first device and the second device based on account 1, the first identifier of the first device, and the first identifier of the second device.
  • the second device may determine the association between the first device and the second device based on the first identification of the first device and the first identification of the second device.
  • the association relationship may include connection or non-connection. Association relationships can also include connecting to the same network or connecting to different networks. Associations may also include communication or non-communication.
  • the second server can determine that the first device and the second device are connected to the same network. Alternatively, the second server determines that the first device and the second device are connected to different networks. The second server may also determine that the first device communicates with the second device. Alternatively, the second server determines that the first device does not communicate with the second device.
  • the second server feeds back the association between the first device and the second device to the first server.
  • the first server receives the association between the first device and the second device.
  • the Hongmeng Internet management backend returns query results to the business application backend, that is, the relationship between the first device and the second device.
  • the first server authenticates the second device based on the association between the first device and the second device.
  • the first server can determine that the second device and the first device are located in the same area, that is, next to the user.
  • the first server may determine that the second device is a security device, and the first device has successfully logged in to the first application using account 2. Therefore, the user's use of account 2 to log in to the first application on the second device is the user's own operation.
  • the first server determines that the second device has passed the authentication.
  • S1114 can be implemented as follows: In a specific implementation manner, when the first device and the second device are connected to the same network, the first server can determine that the second device has passed the authentication; otherwise, the first server can determine that the second device has passed the authentication. Fail. In another specific implementation manner, when the first device communicates with the second device, the first server may determine that the second device has passed the authentication; otherwise, the first server has determined that the second device has not passed the authentication.
  • the first server authorizes the second device to use account 2 to log in to the first application. At this time, the second device uses account 2 to log in to the first application.
  • the second device can use account 2 to log in to the first application.
  • the first server sends authorization information to the connection module of the second device.
  • the second device receives the authorization information sent by the first server.
  • the connection module of the second device feeds back the authorization information to application A at the application layer, so that application A can log in to account 2.
  • the user After the user enters the account number and password on the interface 120 shown in Figure 3, he clicks the control 121.
  • the mobile phone 01 receives the above operation of the user, and in response to the operation, the interface of the mobile phone 01 jumps from the interface 120 shown in FIG. 3 to the interface 170 shown in FIG. 8 .
  • the user does not need to perform cumbersome operations for the authentication of the second device throughout the entire process, which simplifies the operation.
  • the authentication of the second device can be achieved without the user being aware of it, thus improving the user experience.
  • Embodiments of the present application also provide a computer-readable storage medium, which includes instructions that, when run on a computer, cause the computer to perform any of the above methods.
  • Embodiments of the present application also provide a computer program product containing instructions, which when run on a computer, causes the computer to perform any of the above methods.
  • the embodiment of the present application also provides a chip.
  • the chip includes a processor and an interface circuit.
  • the interface circuit is coupled to the processor.
  • the processor is used to run computer programs or instructions to implement the above method.
  • the interface circuit is used to communicate with the processor. communicate with other modules outside the chip.
  • the disclosed devices and methods can be implemented in other ways.
  • the device embodiments described above are only illustrative.
  • the division of modules or units is only a logical function division.
  • there may be other division methods for example, multiple units or components may be The combination can either be integrated into another device, or some features can be omitted, or not implemented.
  • the coupling or direct coupling or communication connection between each other shown or discussed may be through some interfaces, and the indirect coupling or communication connection of the devices or units may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated.
  • the components shown as units may be one physical unit or multiple physical units, that is, they may be located in one place, or they may be distributed to multiple different places. . Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present application can be integrated into one processing unit, each unit can exist physically alone, or two or more units can be integrated into one unit.
  • the above integrated units can be implemented in the form of hardware or software functional units.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a readable storage medium.
  • the software product is stored in a storage medium and includes a number of instructions to cause a device (which can be a microcontroller, a chip, etc.) or a processor to execute all or part of the steps of the methods described in various embodiments of this application.
  • the aforementioned storage media include: U disk, mobile hard disk, read only memory (ROM), random access memory (RAM), magnetic disk or optical disk and other media that can store program codes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)

Abstract

本申请公开了一种设备认证的方法、电子设备和通信系统。该方法包括:第一设备和第二设备登录第一账号且相互发现。在第一设备上通过第二账号登录第一应用。在第一设备登录第二账号之后,第二设备向第一服务器发送用于验证账号的请求。在第一服务器对第二账号验证通过之后,第二设备向第一服务器发送用于验证设备的请求,第一服务器根据第一账号、第一设备的信息和第二设备的信息,在第二服务器上查询第一设备和第二设备的关联关系。第一服务器根据关联关系验证第二设备为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第一应用。可见,在整个过程中,无需用户找好友辅助认证设备,减少了用户的操作,提高用户体验。

Description

设备认证的方法、电子设备和通信系统
本申请要求于2022年05月12日提交国家知识产权局、申请号为202210519227.1、申请名称为“设备认证的方法、电子设备和通信系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请实施例涉及通信技术领域,尤其涉及设备认证的方法、电子设备和通信系统。
背景技术
随着电子设备的迅速发展,电子设备的类型越来越多。为了满足各种需求,用户会配置各种类型的电子设备,例如,手机、平板电脑、笔记本电脑、台式机、阅读器,等等。假设,用户采用预设账号在手机上登录某个应用,当用户想在平板电脑上采用该预设账号登录该应用时,该应用需要利用用户持有信息对平板电脑进行身份认证。该用户持有信息可以包括用户开户时预留的手机号或邮箱。
现有的设备认证的方法通常是当用户在平板电脑上采用预设账号登录该应用时,该应用对应的服务器向手机号或邮箱发送验证信息。用户通过短信或邮件的方式发送验证信息来进行验证;或者,该应用对应的服务器向手机发送授权信息,用户可以在手机上进行授权操作,之后,平板电脑采用预设账号登录该应用。可见,为了证明是用户本人在进行设备登录操作,需要用户进行繁琐的认证,操作繁琐,用户体验较差。
发明内容
本申请实施例提供的设备认证的方法、电子设备和通信系统,可以简化认证,简化操作,提高用户体验。
为达到上述目的,本申请实施例采用如下技术方案。
第一方面,本申请实施例提供一种设备认证的方法,应用于通信系统,通信系统包括第一设备、第二设备,第一设备和第二设备均有第一应用。方法包括:第一设备和第二设备相互发现,且第一设备或第二设备将相互发现结果发送至第二服务器。在第一设备上通过第二账号登录第一设备的第一应用,第二账号为第一应用的用户账号。第一设备向第一服务器发送第一消息,第一消息包括第一设备信息。在第一设备上通过第二账号登录第一设备的第一应用之后,第二设备向第一服务器发送第一请求,第一请求包括第二账号,第一请求用于指示第一服务器验证第二账号。当第一服务器对第二账号验证通过之后,第二设备向第一服务器发送第二请求,第二请求包括第二设备信息,第二请求用于指示第一服务器验证第二设备是否为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第二设备的第一应用。
其中,第一设备与第二设备均登录第一账号,第一账号为系统账号。第一账号对应第二服务器。例如,第一账号为华为账号,第二服务器可以为华为的服务器。
其中,相互发现结果可以包括第一账号、第一设备的设备信息、第二设备的设备信息。第二服务器可以存储第一账号、第一设备的设备信息和第二设备的设备信息。第二服务器 还可以根据第一账号、第一设备的设备信息和第二设备的设备信息,确定第一设备与第二设备的关联关系。其中,关联关系可以理解为第一设备与第二设备相互通信,例如,第一设备与第二设备连接同一局域网。
在一种具体可实现方式中,第一服务器可以验证第二设备是否为安全设备,具体可以为:第一服务器可以根据第一账号、第一设备的设备信息和第二设备的设备信息,从第二服务器上获取第一设备和第二设备的关联关系。第一服务器可以根据第一设备和第二设备的关联关系,验证第二设备为安全设备。
在本申请实施例中,在第一设备登录第二账号之后,第二设备向第一服务器发送用于验证账号的请求。在第一服务器对第二账号验证通过之后,第二设备向第一服务器发送用于验证设备的请求,第一服务器根据第一账号、第一设备的信息和第二设备的信息,在第二服务器上查询第一设备和第二设备的关联关系。第一服务器根据关联关系验证第二设备为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第一应用。可见,在整个过程中,无需用户找好友辅助认证设备,减少了用户的操作,提高用户体验。
在一些可实现方式中,在第一设备上通过第二账号登录第一设备的第一应用之后,还包括:第二设备显示第一界面,第一界面上显示第一输入框和第一控件,第一输入框用于输入第一应用的用户账号,第一控件用于启动对用户账号进行验证。第二设备检测用户在第一输入框中输入账号信息,且接收到用户对第一控件的第一操作。响应于第一操作,第二设备向第一服务器发送第一请求。也就是说,用户在第一界面的第一输入框中输入第一应用的用户账号(即第二账号)。在第二设备检测用户在第一输入框中输入账号信息之后,第二设备接收用户对第一界面上的第一控件的操作。响应于该操作,第二设备向第一服务器发送用于对用户账号进行验证的请求。
在一些可实现方式中,当第一服务器对第二账号验证通过之后,还包括:第二设备显示第二界面,第二界面上显示第二控件。响应于第二操作,第二设备向第一服务器发送第二请求。也就是说,当第一服务器对第二账号验证通过之后,第二设备接收用户对第二界面上的第二控件的操作。响应于该操作,第二设备向第一服务器发送用于对第二设备进行验证的请求。
在一些可实现方式中,在第二设备通过第二账号登录第二设备的第一应用之后,还包括:第二设备显示第三界面,第三界面为第一应用的应用界面。
在一些可实现方式中,在第一设备和第二设备相互发现之前,还包括:在第一设备的系统中登录第一账号,第一账号为系统账号。在第二设备的系统中登录第一账号。
在一种可实现方式中,第一账号为第一设备和/或第二设备的系统账号。
在一种具体可实现方式中,第一设备和第二设备相互发现,且第一设备或第二设备将相互发现结果发送至第二服务器,具体可以为:第一设备获取第二设备的第二设备信息。第二设备获取第一设备的第一设备信息。第一设备和/或第二设备向第二服务器上报第二消息,第二消息包括第一设备信息、第二设备信息和第一账号。
在一种可实现方式中,在第二设备的系统中登录第一账号,具体可以为:第二设备显示第四界面,第四界面包括第二输入框和第三控件,第二输入框用于输入系统账号,第三控件用于启动对系统账号进行验证。第二设备检测用户在第二输入框中输入账号信息,且 接收到用户对第三控件的第三操作。响应于第三操作,第二设备向第二服务器发送第三请求,第二服务器用于根据第三请求,向第二设备返回验证信息。在第二设备接收到第二服务器返回的验证信息之后,第二设备显示第五界面,第五界面为系统账号登录成功的界面。
在一些可实现方式中,在第二设备通过第二账号登录第二设备的第一应用之前,还包括:第二设备显示第六界面,第六界面用于提示第二设备处于验证状态。也就是说,在第二设备通过第二账号登录第二设备的第一应用之前,第二设备上显示用于提示第二设备处于验证状态的界面。这样,可以提示用户第二设备正处于验证状态,以安抚用户耐心等待。
在一些可实现方式中,第一请求还包括第一账号,通信系统还包括第一服务器;在第二设备向第一服务器发送第二请求之后,还包括:第一服务器根据第一账号、第一设备信息和第二设备信息,在第二服务器上获取第一设备和第二设备的关联关系。第一服务器根据第一设备和第二设备的关联关系,验证第二设备为安全设备。本申请实施例中,第一服务器根据第一账号、第一设备信息和第二设备信息,从第二服务器上获取第一设备和第二设备的关联关系。第一服务器根据关联关系,验证第二设备为安全设备。这样,本申请实施例是由第一服务器与第二服务器直接交互,来对第二设备进行设备验证,无需用户过多操作,简化用户操作,提高用户体验。
在一种可实现方式中,第二服务器为设备的系统账号对应的服务器。
在一种可实现方式中,第一设备向第一服务器发送第一消息,具体为:在第一设备上通过第二账号登录第一设备的第一应用时,第一设备向第一服务器发送第一消息;或者,在第一设备上通过第二账号登录第一设备的第一应用之后,第一设备向第一服务器发送第一消息。
第二方面,本申请实施例提供一种设备认证的方法,该方法的执行主体可以是第二设备,也可以是位于设备中的部件(例如,芯片,芯片系统或处理器等),下面以执行主体是第二设备为例进行描述。第一设备和第二设备均有第一应用。方法包括:第二设备与第一设备相互发现,且第二设备将相互发现结果发送至第二服务器。在第一设备上通过第二账号登录第一设备的第一应用之后,第二设备向第一应用的第一服务器发送第一请求,第一请求包括第二账号,第二账号为第一应用的用户账号;第一请求用于指示第一服务器验证第二账号。当第一服务器对第二账号验证通过之后,第二设备向第一服务器发送第二请求,第二请求包括第二设备信息,第二请求用于指示第一服务器验证第二设备是否为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第二设备的第一应用。
其中,第一设备与第二设备均登录第一账号,第一账号为系统账号。第一账号对应第二服务器。例如,第一账号为华为账号,第二服务器可以为华为的服务器。
其中,相互发现结果可以包括第一账号、第一设备的设备信息、第二设备的设备信息。第二服务器可以存储第一账号、第一设备的设备信息和第二设备的设备信息。第二服务器还可以根据第一账号、第一设备的设备信息和第二设备的设备信息,确定第一设备与第二设备的关联关系。其中,关联关系可以理解为第一设备与第二设备相互通信,例如,第一设备与第二设备连接同一局域网。
在一种具体可实现方式中,第一服务器可以验证第二设备是否为安全设备,具体可以为:第一服务器可以根据第一账号、第一设备的设备信息和第二设备的设备信息,从第二 服务器上获取第一设备和第二设备的关联关系。第一服务器可以根据第一设备和第二设备的关联关系,验证第二设备为安全设备。
在本申请实施例中,在第一设备登录第二账号之后,第二设备向第一服务器发送用于验证账号的请求。在第一服务器对第二账号验证通过之后,第二设备向第一服务器发送用于验证设备的请求,第一服务器根据第一账号、第一设备的信息和第二设备的信息,在第二服务器上查询第一设备和第二设备的关联关系。第一服务器根据关联关系验证第二设备为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第一应用。可见,在整个过程中,无需用户找好友辅助认证设备,减少了用户的操作,提高用户体验。
在一些可实现方式中,在第一设备上通过第二账号登录第一设备的第一应用之后,还包括:第二设备显示第一界面,第一界面上显示第一输入框和第一控件,第一输入框用于输入第一应用的用户账号,第一控件用于启动对用户账号进行验证。第二设备检测用户在第一输入框中输入账号信息,且接收到用户对第一控件的第一操作。响应于第一操作,第二设备向第一服务器发送第一请求。也就是说,用户在第一界面的第一输入框中输入第一应用的用户账号(即第二账号)。在第二设备检测用户在第一输入框中输入账号信息之后,第二设备接收用户对第一界面上的第一控件的操作。响应于该操作,第二设备向第一服务器发送用于对用户账号进行验证的请求。
在一些可实现方式中,当第一服务器对第二账号验证通过之后,还包括:第二设备显示第二界面,第二界面上显示第二控件。响应于第二操作,第二设备向第一服务器发送第二请求。也就是说,当第一服务器对第二账号验证通过之后,第二设备接收用户对第二界面上的第二控件的操作。响应于该操作,第二设备向第一服务器发送用于对第二设备进行验证的请求。
在一些可实现方式中,在第二设备通过第二账号登录第二设备的第一应用之后,还包括:第二设备显示第三界面,第三界面为第一应用的应用界面。
在一些可实现方式中,在第一设备和第二设备相互发现之前,还包括:在第一设备的系统中登录第一账号,第一账号为系统账号。在第二设备的系统中登录第一账号。
在一种可实现方式中,第一账号为第一设备和/或第二设备的系统账号。
在一种可实现方式中,第一设备和第二设备相互发现,且第一设备或第二设备将相互发现结果发送至第二服务器,具体为:第一设备获取第二设备的第二设备信息。第二设备获取第一设备的第一设备信息。第一设备和/或第二设备向第二服务器上报第二消息,第二消息包括第一设备信息、第二设备信息和第一账号。
在一种可实现方式中,在第二设备的系统中登录第一账号,具体为:第二设备显示第四界面,第四界面包括第二输入框和第三控件,第二输入框用于输入系统账号,第三控件用于启动对系统账号进行验证。第二设备检测用户在第二输入框中输入账号信息,且接收到用户对第三控件的第三操作。响应于第三操作,第二设备向第二服务器发送第三请求,第二服务器用于根据第三请求,向第二设备返回验证信息。在第二设备接收到第二服务器返回的验证信息之后,第二设备显示第五界面,第五界面为系统账号登录成功的界面。
在一些可实现方式中,在第二设备通过第二账号登录第二设备的第一应用之前,还包括:第二设备显示第六界面,第六界面用于提示第二设备处于验证状态。也就是说,在第 二设备通过第二账号登录第二设备的第一应用之前,第二设备上显示用于提示第二设备处于验证状态的界面。这样,可以提示用户第二设备正处于验证状态,以安抚用户耐心等待。
在一些可实现方式中,第一请求还包括第一账号,通信系统还包括第一服务器。
第一服务器用于根据第一账号、第一设备信息和第二设备信息,在第二服务器上获取第一设备和第二设备的关联关系。第一服务器用于根据第一设备和第二设备的关联关系,验证第二设备为安全设备。本申请实施例中,第一服务器根据第一账号、第一设备信息和第二设备信息,从第二服务器上获取第一设备和第二设备的关联关系。第一服务器根据关联关系,验证第二设备为安全设备。这样,本申请实施例是由第一服务器与第二服务器直接交互,来对第二设备进行设备验证,无需用户过多操作,简化用户操作,提高用户体验。
在一种可实现方式中,第二服务器为设备的系统账号对应的服务器。
第三方面,本申请实施例提供一种电子设备,该电子设备包括:发现模块,用于与第一设备相互发现。第一发送模块,用于将相互发现结果发送至第二服务器。第二发送模块,用于在第一设备上通过第二账号登录第一设备的第一应用之后,向第一应用的第一服务器发送第一请求,第一请求包括第二账号,第二账号为第一应用的用户账号;第一请求用于指示第一服务器验证第二账号。第三发送模块,用于当第一服务器对第二账号验证通过之后,向第一服务器发送第二请求,第二请求包括第二设备信息,第二请求用于指示第一服务器验证第二设备是否为安全设备。第一登录模块,用于当第一服务器验证第二设备为安全设备之后,通过第二账号登录第二设备的第一应用。
在本申请实施例中,在第一设备登录第二账号之后,第二设备向第一服务器发送用于验证账号的请求。在第一服务器对第二账号验证通过之后,第二设备向第一服务器发送用于验证设备的请求,第一服务器根据第一账号、第一设备的信息和第二设备的信息,在第二服务器上查询第一设备和第二设备的关联关系。第一服务器根据关联关系验证第二设备为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第一应用。可见,在整个过程中,无需用户找好友辅助认证设备,减少了用户的操作,提高用户体验。
在一些可实现方式中,电子设备还包括:第一显示模块,用于显示第一界面,第一界面上显示第一输入框和第一控件,第一输入框用于输入第一应用的用户账号,第一控件用于启动对用户账号进行验证。检测模块,用于检测用户在第一输入框中输入账号信息,且接收到用户对第一控件的第一操作。第四发送模块,用于响应于第一操作,向第一服务器发送第一请求。
在一些可实现方式中,电子设备还包括:第二显示模块,用于显示第二界面,第二界面上显示第二控件。第五发送模块,用于响应于第二操作,向第一服务器发送第二请求。
在一些可实现方式中,电子设备还包括:第三显示模块,用于显示第三界面,第三界面为第一应用的应用界面。
在一些可实现方式中,电子设备还包括:第二登录模块,用于登录第一账号。
在一种可实现方式中,第一账号为第一设备和/或第二设备的系统账号。
在一种可实现方式中,发现模块还用于获取第一设备的第一设备信息。第一发送模块还用于向第二服务器上报第二消息,第二消息包括第一设备信息、第二设备信息和第一账号。
在一种可实现方式中,第二登录模块还用于:显示第四界面,第四界面包括第二输入框和第三控件,第二输入框用于输入系统账号,第三控件用于启动对系统账号进行验证;第检测用户在第二输入框中输入账号信息,且接收到用户对第三控件的第三操作;响应于第三操作,向第二服务器发送第三请求,第二服务器用于根据第三请求,向第二设备返回验证信息;在第二设备接收到第二服务器返回的验证信息之后,显示第五界面,第五界面为系统账号登录成功的界面。
在一些可实现方式中,电子设备还包括:第四显示模块,用于显示第六界面,第六界面用于提示第二设备处于验证状态。这样,可以提示用户第二设备正处于验证状态,以安抚用户耐心等待。
在一种可实现方式中,第一请求还包括第一账号,通信系统还包括第一服务器。第一服务器用于根据第一账号、第一设备信息和第二设备信息,在第二服务器上获取第一设备和第二设备的关联关系。第一服务器用于根据第一设备和第二设备的关联关系,验证第二设备为安全设备。本申请实施例中,第一服务器根据第一账号、第一设备信息和第二设备信息,从第二服务器上获取第一设备和第二设备的关联关系。第一服务器根据关联关系,验证第二设备为安全设备。这样,本申请实施例是由第一服务器与第二服务器直接交互,来对第二设备进行设备验证,无需用户过多操作,简化用户操作,提高用户体验。
在一种可实现方式中,第二服务器为设备的系统账号对应的服务器。
第四方面,本申请实施例提供一种电子设备,该电子设备包括:一个或多个处理器;以及存储器,所述存储器中存储有代码;当所述代码被所述处理器执行时,使得所述电子设备执行第二方面所述的方法。
第五方面,本申请实施例提供一种通信系统,该通信系统包括第一设备和第二设备,第一设备和第二设备均有第一应用;第二设备用于执行:第二设备与第一设备相互发现,且第二设备将相互发现结果发送至第二服务器;在第一设备上通过第二账号登录第一设备的第一应用之后,第二设备向第一应用的第一服务器发送第一请求,第一请求包括第二账号,第二账号为第一应用的用户账号;第一请求用于指示第一服务器验证第二账号;当第一服务器对第二账号验证通过之后,第二设备向第一服务器发送第二请求,第二请求包括第二设备信息,第二请求用于指示第一服务器验证第二设备是否为安全设备;当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第二设备的第一应用。
第六方面,本申请实施例提供一种计算机可读存储介质,其包括计算机指令,当所述计算机指令在家居设备上运行时,使得所述第二设备执行第二方面所述的设备认证的方法。
其中,上述第二方面至第六方面中各个实施例的具体实施方式及对应的技术效果可以参见上述第一方面的具体实施方式及技术效果。
附图说明
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。
图1A为一种电子设备的一种界面的示意图;
图1B为一种电子设备的一种界面的示意图;
图1C为一种电子设备的一种界面的示意图;
图1D为一种电子设备的一种界面的示意图;
图1E为一种电子设备的一种界面的示意图;
图1F为一种电子设备的一种界面的示意图;
图2为一种电子设备的又一种界面的示意图;
图3为一种电子设备的又一种界面的示意图;
图4A为一种电子设备的又一种界面的示意图;
图4B为一种电子设备的又一种界面的示意图;
图5为一种电子设备的又一种界面的示意图;
图6为一种电子设备的又一种界面的示意图;
图7为一种电子设备的又一种界面的示意图;
图8为一种电子设备的又一种界面的示意图;
图9为本申请实施例提供的一种系统的结构示意图;
图10A为本申请实施例提供的一种电子设备的结构示意图;
图10B为本申请实施例提供的一种电子设备的软件架构示意图;
图10C为本申请实施例提供的一种电子设备的软件架构示意图;
图11A为本申请实施例提供的一种设备认证的方法的流程示意图;
图11B为本申请实施例提供的一种设备认证的方法的流程示意图。
具体实施方式
以下,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括一个或者更多个该特征。在本实施例的描述中,除非另有说明,“多个”的含义是两个或两个以上。
为了满足各种需求,用户会配置各种类型的电子设备,例如,手机、平板电脑、笔记本电脑、台式机、阅读器,等等。假设,用户采用预设账号在平板电脑上登录应用A(如智慧生活),当用户想在手机上采用该预设账号登录该应用A时,该应用A需要对手机进行身份认证。具体认证方式如下:
图1F为手机的一种界面示意图。如图1F所示,用户点击手机01的界面110上的应用A。手机01接收到用户的操作,并响应于该操作,手机01的界面由图1F所示的界面110跳转至图2所示的界面120。该界面120上显示有:用于输入账号和密码的输入区,及用于确定登录的控件121。如图3所示,当用户在输入区输入预设账号和密码之后,用户点击控件121。此时,手机01显示如图4A所示的界面130,在界面130上显示用于启动验证的控件131。在界面130上还显示有第一提示信息,例如,第一提示信息可以为“你在一台新设备登录应用A,为了你的账号安全,请进行安全验证”。用户点击控件131。手机01接收到用户操作之后,显示图5所示的界面140,在界面140上显示有验证方式,该验证方式可以包括“短信验证”、“扫二维码验证”、“邀请好友辅助验证”等。当用户选择“邀请好友辅助验证”之后,响应于用户的选择操作,手机 01的界面由图5所示的界面140跳转至图6所示的界面150。在界面150上显示“好友辅助安全登录验证”的操作信息。该操作信息可以包括:“①通过电话/短信或者其他方式,联系2位以上常联系的好友;②让好友打开应用A,打开与你的聊天窗口,发送271821给你”。用户可以根据界面150上的操作信息,通知好友进行验证。好友可以根据用户的指示进行验证。在验证通过之后,手机01的界面跳转至图7所示的界面160。在界面160上显示用于完成的控件161。另外,界面160上还显示有第二提示信息,该第二提示信息可以为“已经通过验证,你的应用A账号可以在本设备正常登录”。在用户点击控件161之后,手机01被验证为合法设备,可以采用预设账号登录该应用A。此时,手机01的界面为已登录应用A的界面,如图8所示的界面170。
综上,为了证明是用户本人在进行设备登录操作,需要用户进行频繁操作界面(如图4A和图5所示),还需要用户联系好友进行辅助验证,操作繁琐,用户体验较差。
为了解决上述问题,本申请实施例提供了一种设备认证的方法,应用于通信系统,该通信系统可以包括第一设备和第二设备,第一设备和第二设备均有第一应用,第一应用对应于第一服务器。该方法包括:第一设备和第二设备相互发现,且第一设备或第二设备将相互发现结果发送至第二服务器。在第一设备上通过第二账号登录第一设备的第一应用,第二账号为第一应用的用户账号。第一设备向第一服务器发送第一消息,第一消息包括第一设备信息。在第一设备上通过第二账号登录第一设备的第一应用之后,第二设备向第一服务器发送第一请求,第一请求包括第二账号,第一请求用于指示第一服务器验证第二账号。当第一服务器对第二账号验证通过之后,第二设备向第一服务器发送第二请求,第二请求包括第二设备信息,第二请求用于指示第一服务器验证第二设备是否为安全设备。当第一服务器验证第二设备为安全设备之后,第二设备通过第二账号登录第二设备的第一应用。可见,在第一设备登录第二账号之后,第二设备需要向第一服务器发送用于验证第二账号的请求。在第二账号验证通过之后,第二设备向第一服务器发送用于验证设备的请求。当第一服务器验证第二设备为安全设备之后,第二设备才登录第二账号。可见,在整个过程中,无需用户找好友辅助认证设备,减少了用户的操作,提高用户体验。
沿用上述示例,假设第一设备为上述平板电脑,第二设备为上述手机01。如图1F所示,用户点击手机01的界面110上的应用A。手机01接收到用户的操作,并响应于该操作,手机01的界面由图1F所示的界面110跳转至图2所示的界面120。如图3所示,当用户在界面120上的输入区输入预设账号和密码之后,用户点击控件121。此时,手机01的界面跳转至已登录应用A的界面,如图8所示的界面170。可见,用户无需进行认证操作,即可完成设备认证,及设备登录应用的操作,简化操作,提高用户体验。
当然,示例性的,如图3所示,当用户在界面120上的输入区输入预设账号和密码之后,用户点击控件121。此时,手机01的界面可以跳转至图4B所示的界面180。在该界面180上显示提示信息,如“你正在一台新设备登录应用A,为了你的账号安全,服务器正在安全验证,请稍等……”。在服务器验证通过之后,手机01的界面可以跳转至已登录应用A的界面,如图8所示的界面170。
本申请实施例提供的设备认证的方法可以应用于图9所示的系统。如图9所示,该系统900可以包括第一设备910、第二设备920、第一服务器930和第二服务器940。
其中,上述电子设备(如第一设备910、第二设备920)可以为手机、平板电脑、 膝上型、笔记本电脑、超级移动个人计算机(Ultra-mobile Personal Computer,UMPC)、手持计算机、上网本、个人数字助理(Personal Digital Assistant,PDA)、可穿戴电子设备等设备,本申请实施例中对电子设备的具体形式不做特殊限制。示例性的,如图9所示,第一设备910可以为平板电脑,第二设备920可以为手机。
第一设备910和第二设备920上均设有第一应用,该第一应用对应于第一服务器930。第一服务器930可以接收第一应用发送的请求,并根据该请求做出响应。第二服务器940可以接收第一设备910和/或第二设备920上报的信息,如账号、设备标识等信息。第二服务器940可以用于存储账号与设备标识的对应关系。例如,第二服务器940可以为鸿蒙互联服务器。第一服务器930可以从第二服务器940上查询信息,该信息可以用于表征各设备之间的关联关系。例如,第一设备910和第二设备920连接于同一网络。第一服务器930还用于根据查询到的信息,认证第一设备910或第二设备920的合法性。
具体的,在一种可实现方式中,实现流程可以为:①第一设备910采用账号2登录第一应用,采用账号1(如华为账号)登录操作系统(如鸿蒙操作系统)。第二设备920也采用账号1登录上述操作系统。②第一设备910和第二设备920相互发现,并向第二服务器940上报信息,该信息可以包括账号、设备标识和关联关系。③当用户想在第二设备920上采用账号2登录第一应用时,用户在第二设备920上进行操作。第二设备920接收该操作,并响应于该操作,第二设备920向第一服务器930发送请求,该请求中携带账号1和第二设备920的设备标识。④第一服务器930确定账号1与预先存储的账号是否一致。⑤若第二账号与预先存储的账号一致,则第一服务器930根据账号1、第一设备910的设备标识和第二设备920的设备标识,从第二服务器940上查询第一设备910与第二设备920的关联关系。⑥第一服务器930根据第一设备910与第二设备920的关联关系,认证第二设备920。⑦在第二设备920认证通过之后,第一服务器930授权第二设备920采用账号2登录第一应用。⑧第二设备920登录第一应用。
图10A是上述电子设备的结构框图。
如图10A所示,电子设备(如第一设备910、第二设备920)可以包括处理器210,外部存储器接口220,内部存储器221,通用串行总线(universal serial bus,USB)接口230,充电管理模块240,电源管理模块241,电池242,天线1,天线2,移动通信模块250,无线通信模块260,音频模块270,扬声器270A,受话器270B,麦克风270C,耳机接口270D,传感器模块280,按键290,马达291,指示器292,摄像头293,显示屏294,以及用户标识模块(subscriber identification module,SIM)卡接口295等。其中传感器模块280可以包括压力传感器280A,陀螺仪传感器280B,气压传感器280C,磁传感器280D,加速度传感器280E,距离传感器280F,接近光传感器280G,指纹传感器280H,温度传感器280J,触摸传感器280K,环境光传感器280L,骨传导传感器280M等。
可以理解的是,本申请实施例示意的结构并不构成对电子设备的具体限定。在本申请另一些实施例中,电子设备可以包括比图示更多或更少的部件,或者组合某些部件,或者拆分某些部件,或者不同的部件布置。图示的部件可以以硬件,软件或软件 和硬件的组合实现。
处理器210可以包括一个或多个处理单元,例如:处理器210可以包括应用处理器(application processor,AP),调制解调处理器,图形处理器(graphics processing unit,GPU),图像信号处理器(image signal processor,ISP),控制器,视频编解码器,数字信号处理器(digital signal processor,DSP),基带处理器,和/或神经网络处理器(neural-network processing unit,NPU)等。其中,不同的处理单元可以是独立的器件,也可以集成在一个或多个处理器中。
控制器可以根据指令操作码和时序信号,产生操作控制信号,完成取指令和执行指令的控制。
处理器210中还可以设置存储器,用于存储指令和数据。在一些实施例中,处理器210中的存储器为高速缓冲存储器。该存储器可以保存处理器210刚用过或循环使用的指令或数据。如果处理器210需要再次使用该指令或数据,可从所述存储器中直接调用。避免了重复存取,减少了处理器210的等待时间,因而提高了系统的效率。
在一些实施例中,处理器210可以包括一个或多个接口。接口可以包括集成电路(inter-integrated circuit,I2C)接口,集成电路内置音频(inter-integrated circuit sound,I2S)接口,脉冲编码调制(pulse code modulation,PCM)接口,通用异步收发传输器(universal asynchronous receiver/transmitter,UART)接口,移动产业处理器接口(mobile industry processor interface,MIPI),通用输入输出(general-purpose input/output,GPIO)接口,用户标识模块(subscriber identity module,SIM)接口,和/或通USB接口等。
可以理解的是,本申请实施例示意的各模块间的接口连接关系,只是示意性说明,并不构成对电子设备的结构限定。在本申请另一些实施例中,电子设备也可以采用上述实施例中不同的接口连接方式,或多种接口连接方式的组合。
充电管理模块240用于从充电器接收充电输入。其中,充电器可以是无线充电器,也可以是有线充电器。在一些有线充电的实施例中,充电管理模块240可以通过USB接口230接收有线充电器的充电输入。在一些无线充电的实施例中,充电管理模块240可以通过电子设备的无线充电线圈接收无线充电输入。充电管理模块240为电池242充电的同时,还可以通过电源管理模块241为电子设备供电。
电源管理模块241用于连接电池242,充电管理模块240与处理器210。电源管理模块241接收电池242和/或充电管理模块240的输入,为处理器210,内部存储器221,显示屏294,摄像头293,和无线通信模块260等供电。电源管理模块241还可以用于监测电池容量,电池循环次数,电池健康状态(漏电,阻抗)等参数。在其他一些实施例中,电源管理模块241也可以设置于处理器210中。在另一些实施例中,电源管理模块241和充电管理模块240也可以设置于同一个器件中。
电子设备的无线通信功能可以通过天线1,天线2,移动通信模块250,无线通信模块260,调制解调处理器以及基带处理器等实现。
天线1和天线2用于发射和接收电磁波信号。电子设备中的每个天线可用于覆盖单个或多个通信频带。不同的天线还可以复用,以提高天线的利用率。例如:可以将天线1复用为无线局域网的分集天线。在另外一些实施例中,天线可以和调谐开关结合使用。
移动通信模块250可以提供应用在电子设备上的包括2G/3G/4G/5G等无线通信的解决方案。移动通信模块250可以包括至少一个滤波器,开关,功率放大器,低噪声放大器(low noise amplifier,LNA)等。移动通信模块250可以由天线1接收电磁波,并对接收的电磁波进行滤波,放大等处理,传送至调制解调处理器进行解调。移动通信模块250还可以对经调制解调处理器调制后的信号放大,经天线1转为电磁波辐射出去。在一些实施例中,移动通信模块250的至少部分功能模块可以被设置于处理器210中。在一些实施例中,移动通信模块250的至少部分功能模块可以与处理器210的至少部分模块被设置在同一个器件中。
调制解调处理器可以包括调制器和解调器。其中,调制器用于将待发送的低频基带信号调制成中高频信号。解调器用于将接收的电磁波信号解调为低频基带信号。随后解调器将解调得到的低频基带信号传送至基带处理器处理。低频基带信号经基带处理器处理后,被传递给应用处理器。应用处理器通过音频设备(不限于扬声器270A,受话器270B等)输出声音信号,或通过显示屏294显示图像或视频。在一些实施例中,调制解调处理器可以是独立的器件。在另一些实施例中,调制解调处理器可以独立于处理器210,与移动通信模块250或其他功能模块设置在同一个器件中。
无线通信模块260可以提供应用在电子设备上的包括无线局域网(wireless local area networks,WLAN)(如无线保真(wireless fidelity,Wi-Fi)网络),蓝牙(bluetooth,BT),全球导航卫星系统(global navigation satellite system,GNSS),调频(frequency modulation,FM),近距离无线通信技术(near field communication,NFC),红外技术(infrared,IR)等无线通信的解决方案。无线通信模块260可以是集成至少一个通信处理模块的一个或多个器件。无线通信模块260经由天线2接收电磁波,将电磁波信号调频以及滤波处理,将处理后的信号发送到处理器210。无线通信模块260还可以从处理器210接收待发送的信号,对其进行调频,放大,经天线2转为电磁波辐射出去。在一些实施例中,无线通信模块260接收第一家居设备发送的广播,及第一家居设备发送的数据。
在一些实施例中,电子设备的天线1和移动通信模块250耦合,天线2和无线通信模块260耦合,使得电子设备可以通过无线通信技术与网络以及其他设备通信。所述无线通信技术可以包括全球移动通讯系统(global system for mobile communications,GSM),通用分组无线服务(general packet radio service,GPRS),码分多址接入(code division multiple access,CDMA),宽带码分多址(wideband code division multiple access,WCDMA),时分码分多址(time-division code division multiple access,TD-SCDMA),长期演进(long term evolution,LTE),BT,GNSS,WLAN,NFC,FM,和/或IR技术等。所述GNSS可以包括全球卫星定位系统(global positioning system,GPS),全球导航卫星系统(global navigation satellite system,GLONASS),北斗卫星导航系统(beidou navigation satellite system,BDS),准天顶卫星系统(quasi-zenith satellite system,QZSS)和/或星基增强系统(satellite based augmentation systems,SBAS)。
电子设备通过GPU,显示屏294,以及应用处理器等实现显示功能。GPU为图像处理的微处理器,连接显示屏294和应用处理器。GPU用于执行数学和几何计算,用于图形渲染。处理器210可包括一个或多个GPU,其执行程序指令以生成或改变显示信息。
显示屏294用于显示图像,视频等。显示屏294包括显示面板。显示面板可以采用液晶显示屏(liquid crystal display,LCD),有机发光二极管(organic light-emitting diode,OLED),有源矩阵有机发光二极体或主动矩阵有机发光二极体(active-matrix organic light emitting diode的,AMOLED),柔性发光二极管(flex light-emitting diode,FLED),Miniled,MicroLed,Micro-oLed,量子点发光二极管(quantum dot light emitting diodes,QLED)等。在一些实施例中,电子设备可以包括1个或N个显示屏294,N为大于1的正整数。
电子设备可以通过ISP,摄像头293,视频编解码器,GPU,显示屏294以及应用处理器等实现拍摄功能。
ISP用于处理摄像头293反馈的数据。例如,拍照时,打开快门,光线通过镜头被传递到摄像头感光元件上,光信号转换为电信号,摄像头感光元件将所述电信号传递给ISP处理,转化为肉眼可见的图像。ISP还可以对图像的噪点,亮度进行算法优化。ISP还可以对拍摄场景的曝光,色温等参数优化。在一些实施例中,ISP可以设置在摄像头293中。
摄像头293用于捕获静态图像或视频。物体通过镜头生成光学图像投射到感光元件。感光元件可以是电荷耦合器件(charge coupled device,CCD)或互补金属氧化物半导体(complementary metal-oxide-semiconductor,CMOS)光电晶体管。感光元件把光信号转换成电信号,之后将电信号传递给ISP转换成数字图像信号。ISP将数字图像信号输出到DSP加工处理。DSP将数字图像信号转换成标准的RGB(RGB代表红、绿、蓝三个颜色),YUV(“Y”表示明亮度(Luminance或Luma),也就是灰阶值,“U”和“V”表示的则是色度(Chrominance或Chroma))等格式的图像信号。在一些实施例中,电子设备可以包括1个或N个摄像头293,N为大于1的正整数。
数字信号处理器用于处理数字信号,除了可以处理数字图像信号,还可以处理其他数字信号。例如,当电子设备在频点选择时,数字信号处理器用于对频点能量进行傅里叶变换等。
视频编解码器用于对数字视频压缩或解压缩。电子设备可以支持一种或多种视频编解码器。这样,电子设备可以播放或录制多种编码格式的视频,例如:动态图像专家组(moving picture experts group,MPEG)1,MPEG2,MPEG3,MPEG4等。
NPU为神经网络(neural-network,NN)计算处理器,通过借鉴生物神经网络结构,例如借鉴人脑神经元之间传递模式,对输入信息快速处理,还可以不断的自学习。通过NPU可以实现电子设备的智能认知等应用,例如:图像识别,人脸识别,语音识别,文本理解等。
外部存储器接口120可以用于连接外部存储卡,例如Micro SD卡,实现扩展电子设备的存储能力。外部存储卡通过外部存储器接口120与处理器210通信,实现数据存储功能。例如将音乐,视频等文件保存在外部存储卡中。
内部存储器221可以用于存储计算机可执行程序代码,所述可执行程序代码包括指令。内部存储器221可以包括存储程序区和存储数据区。其中,存储程序区可存储操作系统,至少一个功能所需的应用程序(比如声音播放功能,图像播放功能等)等。存储数据区可存储电子设备使用过程中所创建的数据(比如音频数据,电话本等)等。 此外,内部存储器221可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件,闪存器件,通用闪存存储器(universal flash storage,UFS)等。处理器210通过运行存储在内部存储器221的指令,和/或存储在设置于处理器中的存储器的指令,执行电子设备的各种功能应用以及数据处理。
在一些实施例中,内部存储器221可以存储至少一个BLE设备的标识。或者,内部存储器221可以存储至少一个BLE设备的标识和至少一个BLE设备的访问凭证。再或者,内部存储器221也可以将至少一个BLE设备的标识与用户账号关联存储。再或者,内部存储器221也可以将至少一个BLE设备的标识、访问凭证与用户账号关联存储。
电子设备可以通过音频模块270,扬声器270A,受话器270B,麦克风270C,耳机接口270D,以及应用处理器等实现音频功能。例如音乐播放,录音等。
音频模块270用于将数字音频信息转换成模拟音频信号输出,也用于将模拟音频输入转换为数字音频信号。音频模块270还可以用于对音频信号编码和解码。在一些实施例中,音频模块270可以设置于处理器210中,或将音频模块270的部分功能模块设置于处理器210中。
扬声器270A,也称“喇叭”,用于将音频电信号转换为声音信号。电子设备可以通过扬声器270A收听音乐,或收听免提通话。
受话器270B,也称“听筒”,用于将音频电信号转换成声音信号。当电子设备接听电话或语音信息时,可以通过将受话器270B靠近人耳接听语音。
麦克风270C,也称“话筒”,“传声器”,用于将声音信号转换为电信号。当拨打电话或发送语音信息时,用户可以通过人嘴靠近麦克风270C发声,将声音信号输入到麦克风270C。电子设备可以设置至少一个麦克风270C。在另一些实施例中,电子设备可以设置两个麦克风270C,除了采集声音信号,还可以实现降噪功能。在另一些实施例中,电子设备还可以设置三个,四个或更多麦克风270C,实现采集声音信号,降噪,还可以识别声音来源,实现定向录音功能等。
耳机接口270D用于连接有线耳机。耳机接口270D可以是USB接口230,也可以是3.5mm的开放移动电子设备平台(open mobile terminal platform,OMTP)标准接口,美国蜂窝电信工业协会(cellular telecommunications industry association of the USA,CTIA)标准接口。
压力传感器280A用于感受压力信号,可以将压力信号转换成电信号。在一些实施例中,压力传感器280A可以设置于显示屏294。压力传感器280A的种类很多,如电阻式压力传感器,电感式压力传感器,电容式压力传感器等。电容式压力传感器可以是包括至少两个具有导电材料的平行板。当有力作用于压力传感器280A,电极之间的电容改变。电子设备根据电容的变化确定压力的强度。当有触摸操作作用于显示屏294,电子设备根据压力传感器280A检测所述触摸操作强度。电子设备也可以根据压力传感器280A的检测信号计算触摸的位置。在一些实施例中,作用于相同触摸位置,但不同触摸操作强度的触摸操作,可以对应不同的操作指令。例如:当有触摸操作强度小于第一压力阈值的触摸操作作用于短消息应用图标时,执行查看短消息的指令。当有触摸操作强度大于或等于第一压力阈值的触摸操作作用于短消息应用图标时,执 行新建短消息的指令。
陀螺仪传感器280B可以用于确定电子设备的运动姿态。在一些实施例中,可以通过陀螺仪传感器280B确定电子设备围绕三个轴(即,x,y和z轴)的角速度。陀螺仪传感器280B可以用于拍摄防抖。示例性的,当按下快门,陀螺仪传感器280B检测电子设备抖动的角度,根据角度计算出镜头模组需要补偿的距离,让镜头通过反向运动抵消电子设备的抖动,实现防抖。陀螺仪传感器280B还可以用于导航,体感游戏场景。
气压传感器280C用于测量气压。在一些实施例中,电子设备通过气压传感器280C测得的气压值计算海拔高度,辅助定位和导航。
磁传感器280D包括霍尔传感器。电子设备可以利用磁传感器280D检测翻盖皮套的开合。在一些实施例中,当电子设备是翻盖机时,电子设备可以根据磁传感器280D检测翻盖的开合。进而根据检测到的皮套的开合状态或翻盖的开合状态,设置翻盖自动解锁等特性。
加速度传感器280E可检测电子设备在各个方向上(一般为三轴)加速度的大小。当电子设备静止时可检测出重力的大小及方向。还可以用于识别电子设备姿态,应用于横竖屏切换,计步器等应用。
距离传感器280F,用于测量距离。电子设备可以通过红外或激光测量距离。在一些实施例中,拍摄场景,电子设备可以利用距离传感器280F测距以实现快速对焦。
接近光传感器280G可以包括例如发光二极管(LED)和光检测器,例如光电二极管。发光二极管可以是红外发光二极管。电子设备通过发光二极管向外发射红外光。电子设备使用光电二极管检测来自附近物体的红外反射光。当检测到充分的反射光时,可以确定电子设备附近有物体。当检测到不充分的反射光时,电子设备可以确定电子设备附近没有物体。电子设备可以利用接近光传感器280G检测用户手持电子设备贴近耳朵通话,以便自动熄灭屏幕达到省电的目的。接近光传感器280G也可用于皮套模式,口袋模式自动解锁与锁屏。
环境光传感器280L用于感知环境光亮度。电子设备可以根据感知的环境光亮度自适应调节显示屏294亮度。环境光传感器280L也可用于拍照时自动调节白平衡。环境光传感器280L还可以与接近光传感器280G配合,检测电子设备是否在口袋里,以防误触。
指纹传感器280H用于采集指纹。电子设备可以利用采集的指纹特性实现指纹解锁,访问应用锁,指纹拍照,指纹接听来电等。
温度传感器280J用于检测温度。在一些实施例中,电子设备利用温度传感器280J检测的温度,执行温度处理策略。例如,当温度传感器280J上报的温度超过阈值,电子设备执行降低位于温度传感器280J附近的处理器的性能,以便降低功耗实施热保护。在另一些实施例中,当温度低于另一阈值时,电子设备对电池242加热,以避免低温导致电子设备异常关机。在其他一些实施例中,当温度低于又一阈值时,电子设备对电池242的输出电压执行升压,以避免低温导致的异常关机。
触摸传感器280K,也称“触控器件”。触摸传感器280K可以设置于显示屏294,由触摸传感器280K与显示屏294组成触摸屏,也称“触控屏”。触摸传感器280K用于 检测作用于其上或附近的触摸操作。触摸传感器可以将检测到的触摸操作传递给应用处理器,以确定触摸事件类型。可以通过显示屏294提供与触摸操作相关的视觉输出。在另一些实施例中,触摸传感器280K也可以设置于电子设备的表面,与显示屏294所处的位置不同。
骨传导传感器280M可以获取振动信号。在一些实施例中,骨传导传感器280M可以获取人体声部振动骨块的振动信号。骨传导传感器280M也可以接触人体脉搏,接收血压跳动信号。在一些实施例中,骨传导传感器280M也可以设置于耳机中,结合成骨传导耳机。音频模块270可以基于所述骨传导传感器280M获取的声部振动骨块的振动信号,解析出语音信号,实现语音功能。应用处理器可以基于所述骨传导传感器280M获取的血压跳动信号解析心率信息,实现心率检测功能。
按键290包括开机键,音量键等。按键290可以是机械按键。也可以是触摸式按键。电子设备可以接收按键输入,产生与电子设备的用户设置以及功能控制有关的键信号输入。
马达291可以产生振动提示。马达291可以用于来电振动提示,也可以用于触摸振动反馈。例如,作用于不同应用(例如拍照,音频播放等)的触摸操作,可以对应不同的振动反馈效果。作用于显示屏294不同区域的触摸操作,马达291也可对应不同的振动反馈效果。不同的应用场景(例如:时间提醒,接收信息,闹钟,游戏等)也可以对应不同的振动反馈效果。触摸振动反馈效果还可以支持自定义。
指示器292可以是指示灯,可以用于指示充电状态,电量变化,也可以用于指示消息,未接来电,通知等。
当然,电子设备还可以包括其他功能单元,本申请实施例对此不进行限定。
此外,本申请的各实施例之间涉及的动作,术语等均可以相互参考,不予限制。本申请的实施例中各个设备之间交互的消息名称或消息中的参数名称等只是一个示例,具体实现中也可以采用其他的名称,不予限制。
参见图10B,图10B是本申请实施例提供的电子设备的软件结构框图。
如图10B所示,分层架构将软件分成若干个层,每一层都有清晰的角色和分工。层与层之间通过软件接口通信。在一些可行的实施方式中,可将安卓系统分为四层,从上至下分别为应用程序层,应用程序框架层,安卓运行时(Android runtime)和系统库,以及内核层。
应用程序层可以包括一系列应用程序包。
如图10B所示,应用程序包可以包括蓝牙,设备管理应用(具备设备管理功能的应用),导航,备忘录,WLAN,短消息,图库,日历,通话等应用程序(application,APP)。如,应用A和账号应用。本申请实施例中以应用A为例进行描述。
应用程序框架层为应用程序层的应用程序提供应用编程接口和编程框架。应用程序框架层包括一些预先定义的函数。
如图10B所示,应用程序框架层可以包括窗口管理器,内容提供器,视图系统,电话管理器,资源管理器,通知管理器等。应用程序框架层还可以包括:发现模块、华为移动服务核心(Huawei Mobile Service Core,HMSCore)生态组件(可简称HMScore,或HMScore账号管理模块)。
窗口管理器用于管理窗口程序。窗口管理器可以获取显示屏大小,判断是否有状态栏,锁定屏幕,截取屏幕等。
内容提供器用来存放和获取数据,并使这些数据可以被应用程序访问。上述数据可以包括视频,图像,音频,拨打和接听的电话,浏览历史和书签,电话簿等。
视图系统包括可视控件,例如显示文字的控件,显示图片的控件等。视图系统可用于构建应用程序。显示界面可以由一个或多个视图组成的。例如,包括短信通知图标的显示界面,可以包括显示文字的视图以及显示图片的视图。
电话管理器用于提供终端120的通信功能。例如通话状态的管理(包括接通,挂断等)。
资源管理器为应用程序提供各种资源,比如本地化字符串,图标,图片,布局文件,视频文件等等。
通知管理器使应用程序可以在状态栏中显示通知信息,可以用于传达告知类型的消息,可以短暂停留后自动消失,无需用户交互。比如通知管理器被用于告知下载完成,消息提醒等。通知管理器还可以是以图表或者滚动条文本形式出现在系统顶部状态栏的通知,例如后台运行的应用程序的通知,还可以是以对话界面形式出现在屏幕上的通知。例如在状态栏提示文本信息,发出提示音,电子设备振动,指示灯闪烁等。
Android Runtime包括核心库和虚拟机。Android runtime负责安卓系统的调度和管理。
核心库包含两部分:一部分是java语言需要调用的功能函数,另一部分是安卓的核心库。
应用程序层和应用程序框架层运行在虚拟机中。虚拟机将应用程序层和应用程序框架层的java文件执行为二进制文件。虚拟机用于执行对象生命周期的管理,堆栈管理,线程管理,安全和异常的管理,以及垃圾回收等功能。
系统库可以包括多个功能模块。例如:表面管理器(surface manager),媒体库(Media Libraries),三维图形处理库(例如:OpenGL ES),2D图形引擎(例如:SGL)等。
表面管理器用于对显示子系统进行管理,并且为多个应用程序提供了2D和3D图层的融合。
媒体库支持多种常用的音频,视频格式回放和录制,以及静态图像文件等。媒体库可以支持多种音视频编码格式,例如:MPEG4,H.264,MP3,AAC,AMR,JPG,PNG等。
三维图形处理库用于实现三维图形绘图,图像渲染,合成,和图层处理等。
2D图形引擎是2D绘图的绘图引擎。
内核层是硬件和软件之间的层。内核层至少包含显示驱动,摄像头驱动,音频驱动,传感器驱动。
需要说明的是,图10B中所示的模块可以集成在应用框架层中,也可以集成具体的应用程序中,如备忘录中。本申请实施例不做具体限定。
图11A为本申请实施例提供的一种设备认证的方法的流程示意图;图11B为本申请实施例提供的一种设备认证的方法的流程示意图;该方法应用于通信系统,该通信系统可以包括第一设备、第二设备、第一服务器和第二服务器,该方法可以分为以下 阶段进行描述,具体为:
第一阶段,第一设备和第二设备登录操作系统。
S1100、第一设备采用账号1(如上述第一账号)登录第一操作系统,第二设备采用账号1登录第一操作系统。该第一操作系统可以具备相互发现的能力,也就是说,在第一设备的第一操作系统运行时可以自动发现同账号的其他设备(如第二设备)。
其中,第一操作系统可以为鸿蒙操作系统。当然,本申请实施例并不局限于鸿蒙操作系统,还可以为具备相互发现能力的其他操作系统。本申请实施例中以鸿蒙操作系统为例进行说明。
其中,账号1可以理解为用户账号。
示例性的,第一设备和第二设备均采用鸿蒙操作系统,账号1为华为账号。在用户进行配置时,在第一设备上,用户采用华为账号登录鸿蒙操作系统;在第二设备上,用户采用同一华为账号登录鸿蒙操作系统。在配置完成之后,第一设备和第二设备连接同一局域网,第一设备和第二设备运行上述操作系统时,第一设备可以自动发现相同华为账号的第二设备,第二设备可以自动发现相同华为账号的第一设备。
例如,以第二设备(手机01)为例,用户并非首次在手机01上登录华为账号。具体为:图1A为手机01的一种界面示意图。如图1A所示,手机01进入界面110(即主界面)。用户点击设置。手机01的界面由图1A所示的界面110跳转至图1B所示的界面111。该界面111上显示有用于登录华为账号的控件11。用户点击控件11。此时,手机01接收到用户的操作,并响应于该操作,手机01的界面跳转至图1C所示的界面112。在界面112包括用于输入华为账号信息的输入框12和用于登录的控件13。如图1D所示用户在输入框12中输入华为账号和密码。当用户在输入框12中输入华为账号和密码之后,用户点击控件13。响应于用户操作,手机01的界面由图1D所示的界面112跳转至图1E所示的界面113,该界面113为账号中心的界面,其用于表示手机01的系统已经登录了华为账号。在界面113上可以包括华为账号。该界面113上还可以包括个人信息、账号安全、账号认证、付款与账单、云空间、查找设备等控件。同理,第一设备登录华为账号的过程可以同上所述,在此不再赘述。
在一些实施例中,为了确保账号的安全性,在第一设备和第二设备采用账号1登录第一操作系统之后,第一设备和第二设备可以对账号1进行转换处理,得到可以对外呈现的标识,即,其他设备可以识别或读取的标识。示例性的,该标识可以为开放华为账号id(Open Huawei User ID,OpenHwUid)。具体实现可以为:
在一种具体可实现方式中,第一设备可以对账号1进行哈希处理得到标识1。当然,本申请实施例中并不局限于哈希处理,还可以采用其他算法,如标识算法。本申请实施例不做具体限定。进一步地,标识1可以为账号1的哈希值。
在另一种具体可实现方式中,同上,第二设备也可以对账号1进行哈希处理得到标识2。当然,本申请实施例中并不局限于哈希处理,还可以采用其他算法,如标识算法。本申请实施例不做具体限定。进一步地,标识2可以为账号1的哈希值。
当然,上述标识1和标识2也可以是用于对外呈现的字符串、数组等。
S1101、第一设备和/或第二设备向第二服务器上报消息1。相应的,第二服务器接收该消息1。
其中,第二服务器中预先存储各设备之间的关联关系。具体的说,第二服务器中预选存储应用上述操作系统的各设备之间的关联关系。其中,关联关系可以理解为网络关联关系,例如,两个设备连接同一网络,例如,蓝牙、无线局域网(wireless local area network,WLAN)等。当然,关联关系也可以理解为通信状态,例如,两个设备之间进行通信。
示例性的,在第一设备和第二设备运行上述操作系统时,第一设备可以发现连接同一局域网的第二设备,第二设备可以发现连接同一局域网的第一设备。第一设备和第二设备上均设有应用采集信息的组件,例如,华为移动服务核心HMSCore生态组件。该组件可以采集并上报设备的账号、标识和关联关系。此时,第一设备和/或第二设备可以向第二服务器上报发现的数据,即上述信息。具体如下:
在一种具体可实现方式中,消息1可以包括消息11和消息12。具体的:S11011、第二设备向第二服务器上报信息11,该信息11可以包括第二设备的账号1和第二设备的第一标识。同时,S11012、第一设备向第二服务器上报信息12,该信息12可以包括第一设备的账号1和第一设备的第一标识。优选的,第一设备的账号1可以替换为上述标识1。第二设备的账号1可以替换为上述标识2。
在另一种具体可实现方式中,消息1可以包括消息13。具体的:S11014、第一设备向第二服务器上报信息13,该信息13可以包括第一设备的账号1、第一设备的第一标识、第二设备的账号1和第二设备的第一标识。
在又一种具体可实现方式中,消息1可以包括消息14。具体的:S11013、第二设备向第二服务器上报信息14,该信息14可以包括第一设备的账号1、第一设备的第一标识、第二设备的账号1和第二设备的第一标识。
上述第一标识(如第一设备的第一标识或第二设备的第一标识)可以用于唯一标识设备。或者说,该第一标识用于服务器或其他设备识别第一设备的身份。该标识可以是序列号(serial number,SN)、物理地址、识别符(unique device identifier,UDID)等。当然,该标识也可以是用于对外呈现的字符串、数组等。示例性的,该第一标识可以为开放设备id(Open Device ID,OpenDevId)。
示例性的,如图10B所示,①第一设备的发现模块与第二设备的发现模块相互发现。②第一设备的发现模块从HMSCore账号管理模块获取设备标识(如,OpenDevId)、用户账号(如,OpenHwUid)。同理,第二设备的发现模块从HMSCore账号管理模块获取设备标识、用户账号。③第一设备的发现模块将第一设备的用户账号和设备标识发送给连接模块。第二设备的发现模块将第二设备的用户账号和设备标识发送给连接模块。④第一设备的连接模块向第二服务器(如鸿蒙互联管理后台)上报设备标识、用户账号。第二设备的连接模块向第二服务器(如鸿蒙互联管理后台)上报设备标识、用户账号。
在一些示例中,第一设备的发现模块将第一设备的用户账号和设备标识、第二设备的用户账号和设备标识发送给连接模块。第一设备的连接模块将第一设备的用户账号和设备标识、第二设备的用户账号和设备标识上报给第二服务器。
在一些示例中,第二设备的发现模块将第一设备的用户账号和设备标识、第二设备的用户账号和设备标识发送给连接模块。第二设备的连接模块将第一设备的用户账号和设备标识、第二设备的用户账号和设备标识上报给第二服务器。
在一些实施例中,第一设备或第二设备可以实时向第二服务器上报消息1。或者, 第一设备或第二设备也可以在预设时间向第二服务器上报消息1。再或者,第一设备或第二设备还可以在用户触发第二设备登录第一应用时向第二服务器上报消息1。具体可以根据实际需求确定,本申请实施例不做具体限定。
S1102、第二服务器存储该消息1。
第二服务器将第一设备和第二设备上报的消息1进行存储,这样,第二服务器中预先存储有各设备账号、标识、关联关系等信息。
沿用上述示例,如图10B所示,第二服务器将上述消息(设备标识(OpenDevId)、用户账号(OpenHwUid))进行存储。
第二阶段,第一设备和第二设备登录第一应用。
在第一阶段的基础上,第一设备的工作过程如下:
第一,第一设备采用账号2(如上述第二账号)登录第一应用。具体可实现为:
S1103、第一设备向第一服务器发送请求1,该请求1中携带账号2。
该请求1用于请求采用账号2登录第一应用。
S1104、第一服务器根据请求1,验证账号2。
第一服务器将账号2与存储的账号进行比对。当账号2与存储的账号一致时,第一服务器可以验证账号2为合法账号。
S1105、第一服务器授权第一设备采用账号2登录第一应用。
在第一服务器验证账号2为合法账号之后,第一服务器授权第一设备采用账号2登录第一应用。这样,第一设备可以采用账号2登录第一应用。
S1103-S1105具体实现可以为:
示例性的,如图10C所示,⑤第一设备上的应用A(第一应用)向连接模块发送请求。⑥连接模块将该请求发送给第一服务器,第一服务器验证账号2。⑦在账号2验证通过之后,第一服务器授权第一设备采用账号2登录应用A。第一服务器将授权信息发送给第一设备的连接模块。⑧第一设备的连接模块将授权信息发送至应用程序层的应用A以进行呈现。
第二,第一设备向第一服务器上报账号1和设备标识。具体可实现为:
在一种具体可实现方式中,在第一设备采用账号2登录第一应用的过程中,第一设备向第一服务器上报账号1和设备标识。示例性的,如图10C所示,⑨应用A向HMScore账号管理模块发送获取请求,该请求用于获取第一设备的用户账号(如账号1)和设备标识(如第一标识)。⑩HMScore账号管理模块根据获取请求,查找第一设备的账号1和第一标识,并将账号1和第一标识发送给应用A。在⑤中,第一设备上的应用A(第一应用)向连接模块发送请求,该请求中携带第一设备的账号1和第一标识。这样,在第一设备的登录过程中,第一设备向第一服务器上报第一设备的账号1和第一标识。第一服务器接收到第一设备的设备标识和用户账号进行存储。
在另一种具体可实现方式中,S1106、在第一设备采用账号2登录第一应用之后,第一设备向第一服务器上报账号1和第一设备的第一标识(如上述第一设备信息)。示例性的,如图10C所示,⑨⑩同上,应用A向第一设备的连接模块发送第一设备的账号1和第一标识。第一设备的连接模块向第一服务器上报第一设备的账号1和第一标识。第一服务器接收到第一设备的设备标识和用户账号进行存储。
之后,第二设备也想采用账号2登录第一应用。在此情形下,第二设备采用账号2登录第一应用的具体流程如下:
S1107、第二设备接收用户的操作1(如上述第一操作)。
操作1可以为采用账号2登录第一应用的操作。该操作1可以包括按键操作、语音操作、触控操作等。其中,触控操作可以包括点击操作、按压操作、输入操作等。
示例性的,用户启动第二设备上的第一应用,此时,第二设备上展示界面,在该界面上显示输入框。用户可以在该输入框中输入账号2。例如,假设第二设备为手机,用户点击图1F所示的手机01的界面110上的应用A。手机01接收到用户点击操作,并响应于该操作,手机01显示图2所示的界面120。用户在该界面120上输入账号和密码,并点击用于登录的控件121。手机01接收用户的点击操作,该点击操作可以称为操作1。
S1108、响应于操作1,第二设备向第一服务器发送请求2(如上述第一请求),该请求2携带第二设备的账号2。相应的,第一服务器接收请求2。
该请求2用于请求采用账号2登录第一应用。
S1109、第一服务器根据请求2,验证账号2。
在一种具体可实现方式中,如图10C所示,第二设备上的应用A(第一应用)向连接模块发送请求2。第二设备的连接模块将请求2发送给第一服务器,第一服务器验证账号2。
S1110、在第一服务器验证账号2之后,第一服务器向第二设备发送设备验证指示。相应的,第二设备接收该验证指示。
也就是说,在第一服务器验证账号2之后,第一服务器确定账号2为合法账号。之后,第一服务器需要验证第二设备的合法性。这样,第一服务器向第二设备发送设备验证指示。
S1111、第二设备向第一服务器上报第二设备的账号1和第二设备的第一标识(如上述第二设备信息)。
示例性的,在第二设备接收到第一服务器的设备验证指示之后,第二设备向第一服务器上报第二设备的账号1。在一种示例中,用户点击图4A所示的手机01的界面130上的控件131。手机01接收到用户的操作,并响应于该操作,第二设备向第一服务器上报第二设备的账号1。此时,手机01显示图4B所示的界面180,在该界面180上显示“你正在一台新设备登录应用A,为了你的账号安全,服务器正在安全验证,请稍等……”。
本步骤具体描述可以如下:
在一种具体可实现方式中,在第二设备采用账号2登录第一应用的过程中,第二设备向第一服务器上报账号1。示例性的,如图10C所示,应用A向HMScore账号管理模块发送获取请求,该请求用于获取第二设备的用户账号(如账号1)。HMScore账号管理模块根据获取请求,查找第二设备的账号1,并将账号1发送给应用A。在一种方式中,在中,第一设备上的应用A(第一应用)向连接模块发送请求,该请求中携带第二设备的账号1。这样,在第二设备的登录过程中,第二设备向第一服务器上报第二设备的账号1。在另一种方式中,第一设备上的应用A(第一应用)向第一设备的连接模块发送第二设备的账号1。第一设备的连接模块向第 一服务器上报第二设备的账号1。这样,在第二设备的登录过程中,第二设备向第一服务器上报第二设备的账号1。
S1112、第一服务器确定账号1与预先存储的账号一致。
其中,预先存储的账号,可以理解为登录操作系统的账号。也就是说,预先存储的账号包括登录操作系统的用户账号,如,在第一设备上登录操作系统的账号1。示例性的,如图10B所示,第一设备或第二设备上的第一应用(如应用A)采集HMSCore上的设备标识(OpenDevId)、用户账号(OpenHwUid)。应用A向第一服务器(如业务应用后台)上报设备标识(OpenDevId)、用户账号(OpenHwUid)。这样,第一服务器中就会预先存储第一设备的设备标识和用户账号。
示例性的,第一服务器的授权登录规则可以包括如下:规则1,如果两个电子设备登录过账号1,且这两个设备中的一个设备采用账号2成功登录第一服务器,那么当另一个设备想要采用账号2登录第一应用时,第一服务器授权该设备采用账号2登录第一应用。规则2,如果两个设备登录过账号1,且这两个设备中的一个设备采用账号2成功登录第一服务器,及两个设备处于关联关系(如两个设备连接同一网络,如局域网),那么当另一个设备想要采用账号2登录第一应用时,第一服务器授权该设备采用账号2登录第一应用。当然,还可以存在其他规则,本申请实施例不再一一列举。
因此,为了确保安全性,第一服务器需要将设备的账号与存储的账号进行比对。在本步骤中,第一服务器可以将第二设备的账号与预选存储的账号进行比对,确定第二设备的账号1与预选存储的账号中第一设备的账号1一致。
在上述授权登录规则下,存在如下场景:
场景一:登录同一用户账号的两个设备位于不同区域。
假设,第一设备位于用户的家里,第二设备位于用户的公司。第一设备与第二设备均登录账号1。在第一设备采用账号2登录第一应用之后,第二设备也需要采用账号2登录第一应用。具体的,第二设备执行S1107和S1108。之后,第一服务器确定第二设备的账号1与预选存储的账号中第一设备的账号1一致,且第一服务器确定第一设备成功采用账号2登录第一应用。那么,第一服务器认证第二设备为合法设备,即同一用户在第二设备和第一设备上采用账号2登录第一应用。
场景二:登录同一用户账号的两个设备位于同一区域。
假设,第一设备和第二设备均位于用户的家里,第一设备与第二设备连接同一局域网络。第一设备与第二设备均登录账号1。在第一设备采用账号2登录第一应用之后,第二设备也需要采用账号2登录第一应用。具体的,第二设备执行S1107和S1108。之后,第一服务器确定第二设备的账号1与预选存储的账号中第一设备的账号1一致,第一服务器确定第一设备成功采用账号2登录第一应用。另外,第一服务器还需要确定第一设备与第二设备的关联关系。具体的,第一服务器执行S1113-S1114。具体为:
S1113、第一服务器根据账号1、第二设备的第一标识和第一设备的第一标识,在第二服务器上查询消息2,该消息2用于表征第一设备与第二设备的关联关系。
本步骤具体可实现为:
S1、第一服务器向第二服务器发送请求3(如上述第三请求),该请求3中携带第一设 备的账号1、第二设备的账号1、第一设备的第一标识和第二设备的第一标识。相应的,第二服务器接收请求3。
该请求3用于请求查询第一设备和第二设备的关联关系。
沿用上述示例,如图10C所示,业务应用后台(第一服务器)向鸿蒙互联管理后台(第二服务器)发送请求,该请求中携带了第一设备的账号1、第二设备的账号1、第一设备的设备标识和第二设备的设备标识。
S2、第二服务器根据账号1、第一设备的第一标识和第二设备的第一标识,确定第一设备与第二设备的关联关系。
如上述,第二服务器中存储各设备的账号、标识和关联关系。第二设备可以根据第一设备的第一标识和第二设备的第一标识,确定第一设备与第二设备的关联关系。
其中,关联关系可以包括连接或不连接。关联关系也可以包括连接同一网络或连接不同网络。关联关系还可以包括通信或不通信。
也就是说,第二服务器可以确定第一设备与第二设备连接于同一网络。或者,第二服务器确定第一设备与第二设备连接于不同网络。第二服务器也可以确定第一设备与第二设备进行通信。或者,第二服务器确定第一设备与第二设备不进行通信。
S3、第二服务器将第一设备与第二设备的关联关系反馈给第一服务器,相应的,第一服务器接收第一设备与第二设备的关联关系。
沿用上述示例,如图10C所示,鸿蒙互联管理后台向业务应用后台返回查询结果,即第一设备与第二设备的关联关系。
S1114、第一服务器根据第一设备与第二设备的关联关系,认证第二设备。
第一服务器根据第一设备与第二设备的关联关系,可以确定第二设备与第一设备位于同一区域,即用户身边。第一服务器可以确定第二设备属于安全设备,而且第一设备已经采用账号2成功登录第一应用。故,用户在第二设备上采用账号2登录第一应用属于用户本人操作。此时,第一服务器确定第二设备认证通过。
S1114具体可实现为:在一种具体可实现方式中,当第一设备与第二设备连接于同一网络时,第一服务器可以确定第二设备认证通过;否则,第一服务器确定第二设备认证不通过。在另一种具体可实现方式中,在第一设备与第二设备通信的情况下,第一服务器可以确定第二设备认证通过;否则,第一服务器确定第二设备认证不通过。
S1115、在第二设备认证通过之后,第一服务器授权第二设备采用账号2登录第一应用。此时,第二设备采用账号2登录第一应用。
在第二设备认证通过之后,第二设备可以采用账号2登录第一应用。具体的,如图10C所示,第一服务器向第二设备的连接模块发送授权信息。相应的,第二设备接收到第一服务器发送的授权信息。第二设备的连接模块将授权信息反馈给应用程序层的应用A,以便应用A登录账号2。
示例性的,用户在图3所示的界面120上输入账号和密码之后,点击控件121。手机01接收到用户的上述操作,并响应于该操作,手机01的界面由图3所示的界面120跳转至图8所示的界面170。这样,全程无需用户特意对第二设备的认证进行繁琐操作,简化了操作,在用户无感知的情况下,能够实现第二设备的认证,提升了用户体验。
本申请上述实施例中的各个方案在不矛盾的前提下,均可以进行结合。
本申请实施例还提供了一种计算机可读存储介质,包括指令,当其在计算机上运行时,使得计算机执行上述任一方法。
本申请实施例还提供了一种包含指令的计算机程序产品,当其在计算机上运行时,使得计算机执行上述任一方法。
本申请实施例还提供了一种芯片,该芯片包括处理器和接口电路,该接口电路和该处理器耦合,该处理器用于运行计算机程序或指令,以实现上述方法,该接口电路用于与该芯片之外的其它模块进行通信。
本申请各实施例的任意特征或任意步骤的全部或部分,均可以自由组合。组合后的技术方案也在本申请的范围之内。
在本申请的描述中,除非另有说明,“/”表示“或”的意思,例如,A/B可以表示A或B。本文中的“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。此外,“至少一个”是指一个或多个,“多个”是指两个或两个以上。“第一”、“第二”等字样并不对数量和执行次序进行限定,并且“第一”、“第二”等字样也并不限定一定不同。
在本申请的描述中,“示例性的”或者“例如”等词用于表示作例子、例证或说明。本申请实施例中被描述为“示例性的”或者“例如”的任何实施例或设计方案不应被解释为比其它实施例或设计方案更优选或更具优势。确切而言,使用“示例性的”或者“例如”等词旨在以具体方式呈现相关概念。
通过以上实施方式的描述,所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,仅以上述各功能模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能模块完成,即将装置的内部结构划分成不同的功能模块,以完成以上描述的全部或者部分功能。
在本申请所提供的几个实施例中,应该理解到,所揭露的装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述模块或单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个装置,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是一个物理单元或多个物理单元,即可以位于一个地方,或者也可以分布到多个不同地方。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个可读取存储介质中。基于这样的理解,本申请实施例的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的 形式体现出来,该软件产品存储在一个存储介质中,包括若干指令用以使得一个设备(可以是单片机,芯片等)或处理器(processor)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(read only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。
以上内容,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何在本申请揭露的技术范围内的变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。

Claims (25)

  1. 一种设备认证的方法,应用于通信系统,所述通信系统包括第一设备、第二设备,所述第一设备和所述第二设备均有第一应用;其特征在于,所述方法包括:
    所述第一设备和所述第二设备相互发现,且所述第一设备或所述第二设备将相互发现结果发送至第二服务器;
    在所述第一设备上通过第二账号登录所述第一设备的第一应用,所述第二账号为第一应用的用户账号;所述第一设备向所述第一服务器发送第一消息,所述第一消息包括第一设备信息;
    在所述第一设备上通过第二账号登录所述第一设备的第一应用之后,所述第二设备向所述第一服务器发送第一请求,所述第一请求包括所述第二账号,所述第一请求用于指示所述第一服务器验证所述第二账号;
    当所述第一服务器对所述第二账号验证通过之后,所述第二设备向所述第一服务器发送第二请求,所述第二请求包括所述第二设备信息,所述第二请求用于指示所述第一服务器验证所述第二设备是否为安全设备;
    当所述第一服务器验证所述第二设备为安全设备之后,所述第二设备通过所述第二账号登录所述第二设备的第一应用。
  2. 根据权利要求1所述的方法,其特征在于,在所述第一设备上通过第二账号登录所述第一设备的第一应用之后,还包括:
    所述第二设备显示第一界面,所述第一界面上显示第一输入框和第一控件,所述第一输入框用于输入所述第一应用的用户账号,所述第一控件用于启动对用户账号进行验证;
    所述第二设备检测用户在所述第一输入框中输入账号信息,且接收到用户对所述第一控件的第一操作;
    响应于所述第一操作,所述第二设备向所述第一服务器发送所述第一请求。
  3. 根据权利要求1或2所述的方法,其特征在于,当所述第一服务器对所述第二账号验证通过之后,还包括:
    所述第二设备显示第二界面,所述第二界面上显示第二控件;
    响应于所述第二操作,所述第二设备向所述第一服务器发送所述第二请求。
  4. 根据权利要求1-3中任一项所述的方法,其特征在于,在所述第二设备通过所述第二账号登录所述第二设备的第一应用之后,还包括:
    所述第二设备显示第三界面,所述第三界面为所述第一应用的应用界面。
  5. 根据权利要求1-4中任一项所述的方法,其特征在于,在所述第一设备和所述第二设备相互发现之前,还包括:
    在所述第一设备的系统中登录第一账号,所述第一账号为系统账号;
    在所述第二设备的系统中登录所述第一账号。
  6. 根据权利要求5所述的方法,其特征在于,所述第一账号为所述第一设备和/或所述第二设备的系统账号。
  7. 根据权利要求5所述的方法,其特征在于,所述第一设备和所述第二设备相互发现,且所述第一设备或所述第二设备将相互发现结果发送至第二服务器,包括:
    所述第一设备获取所述第二设备的所述第二设备信息;
    所述第二设备获取所述第一设备的所述第一设备信息;
    所述第一设备和/或所述第二设备向所述第二服务器上报第二消息,所述第二消息包括所述第一设备信息、所述第二设备信息和所述第一账号。
  8. 根据权利要求5所述的方法,其特征在于,所述在所述第二设备的系统中登录所述第一账号,包括:
    所述第二设备显示第四界面,所述第四界面包括第二输入框和第三控件,所述第二输入框用于输入系统账号,所述第三控件用于启动对系统账号进行验证;
    所述第二设备检测用户在所述第二输入框中输入账号信息,且接收到用户对所述第三控件的第三操作;
    响应于所述第三操作,所述第二设备向所述第二服务器发送第三请求,所述第二服务器用于根据所述第三请求,向所述第二设备返回验证信息;
    在所述第二设备接收到所述第二服务器返回的验证信息之后,所述第二设备显示第五界面,所述第五界面为系统账号登录成功的界面。
  9. 根据权利要求1-8中任一项所述的方法,其特征在于,在所述第二设备通过所述第二账号登录所述第二设备的第一应用之前,还包括:
    所述第二设备显示第六界面,所述第六界面用于提示所述第二设备处于验证状态。
  10. 根据权利要求1-9中任一项所述的方法,其特征在于,所述第一请求还包括所述第一账号,所述通信系统还包括所述第一服务器;在所述第二设备向所述第一服务器发送第二请求之后,还包括:
    所述第一服务器根据所述第一账号、所述第一设备信息和所述第二设备信息,在所述第二服务器上获取所述第一设备和所述第二设备的关联关系;
    所述第一服务器根据所述第一设备和所述第二设备的关联关系,验证所述第二设备为安全设备。
  11. 根据权利要求1-10中任一项所述的方法,其特征在于,所述第二服务器为设备的系统账号对应的服务器。
  12. 一种设备认证的方法,应用于第二设备,第一设备和所述第二设备均有第一应用;其特征在于,所述方法包括:
    所述第二设备与所述第一设备相互发现,且所述第二设备将相互发现结果发送至第二服务器;
    在所述第一设备上通过第二账号登录所述第一设备的第一应用之后,所述第二设备向所述第一应用的第一服务器发送第一请求,所述第一请求包括所述第二账号,所述第二账号为第一应用的用户账号;所述第一请求用于指示所述第一服务器验证所述第二账号;
    当所述第一服务器对所述第二账号验证通过之后,所述第二设备向所述第一服务器发送第二请求,所述第二请求包括所述第二设备信息,所述第二请求用于指示所述第一服务器验证所述第二设备是否为安全设备;
    当所述第一服务器验证所述第二设备为安全设备之后,所述第二设备通过所述第二账号登录所述第二设备的第一应用。
  13. 根据权利要求12所述的方法,其特征在于,在所述第一设备上通过第二账号登录所述第一设备的第一应用之后,还包括:
    所述第二设备显示第一界面,所述第一界面上显示第一输入框和第一控件,所述第一输入框用于输入所述第一应用的用户账号,所述第一控件用于启动对用户账号进行验证;
    所述第二设备检测用户在所述第一输入框中输入账号信息,且接收到用户对所述第一控件的第一操作;
    响应于所述第一操作,所述第二设备向所述第一服务器发送所述第一请求。
  14. 根据权利要求12或13所述的方法,其特征在于,当所述第一服务器对所述第二账号验证通过之后,还包括:
    所述第二设备显示第二界面,所述第二界面上显示第二控件;
    响应于所述第二操作,所述第二设备向所述第一服务器发送所述第二请求。
  15. 根据权利要求12-14中任一项所述的方法,其特征在于,在所述第二设备通过所述第二账号登录所述第二设备的第一应用之后,还包括:
    所述第二设备显示第三界面,所述第三界面为所述第一应用的应用界面。
  16. 根据权利要求12-15中任一项所述的方法,其特征在于,在所述第一设备和所述第二设备相互发现之前,还包括:
    在所述第一设备的系统中登录第一账号,所述第一账号为系统账号;
    在所述第二设备的系统中登录所述第一账号。
  17. 根据权利要求16所述的方法,其特征在于,所述第一账号为所述第一设备和/或所述第二设备的系统账号。
  18. 根据权利要求16所述的方法,其特征在于,所述第一设备和所述第二设备相互发现,且所述第一设备或所述第二设备将相互发现结果发送至第二服务器,包括:
    所述第一设备获取所述第二设备的所述第二设备信息;
    所述第二设备获取所述第一设备的所述第一设备信息;
    所述第一设备和/或所述第二设备向所述第二服务器上报第二消息,所述第二消息包括所述第一设备信息、所述第二设备信息和所述第一账号。
  19. 根据权利要求16所述的方法,其特征在于,所述在所述第二设备的系统中登录所述第一账号,包括:
    所述第二设备显示第四界面,所述第四界面包括第二输入框和第三控件,所述第二输入框用于输入系统账号,所述第三控件用于启动对系统账号进行验证;
    所述第二设备检测用户在所述第二输入框中输入账号信息,且接收到用户对所述第三控件的第三操作;
    响应于所述第三操作,所述第二设备向所述第二服务器发送第三请求,所述第二服务器用于根据所述第三请求,向所述第二设备返回验证信息;
    在所述第二设备接收到所述第二服务器返回的验证信息之后,所述第二设备显示第五界面,所述第五界面为系统账号登录成功的界面。
  20. 根据权利要求12-19中任一项所述的方法,其特征在于,在所述第二设备通过所述第二账号登录所述第二设备的第一应用之前,还包括:
    所述第二设备显示第六界面,所述第六界面用于提示所述第二设备处于验证状态。
  21. 根据权利要求12-20中任一项所述的方法,其特征在于,所述第一请求还包括所述第一账号,所述通信系统还包括所述第一服务器;
    所述第一服务器用于根据所述第一账号、所述第一设备信息和所述第二设备信息,在所述第二服务器上获取所述第一设备和所述第二设备的关联关系;
    所述第一服务器用于根据所述第一设备和所述第二设备的关联关系,验证所述第二设备为安全设备。
  22. 根据权利要求12-21中任一项所述的方法,其特征在于,所述第二服务器为设备的系统账号对应的服务器。
  23. 一种电子设备,其特征在于,所述电子设备包括:一个或多个处理器;以及存储器,所述存储器中存储有代码;当所述代码被所述处理器执行时,使得所述电子设备执行如权利要求12-22中任一项所述的方法。
  24. 一种通信系统,所述通信系统包括第一设备和第二设备,所述第一设备和所述第二设备均有第一应用;其特征在于,
    所述第二设备用于执行:
    所述第二设备与所述第一设备相互发现,且所述第二设备将相互发现结果发送至第二服务器;
    在所述第一设备上通过第二账号登录所述第一设备的第一应用之后,所述第二设备向所述第一应用的第一服务器发送第一请求,所述第一请求包括所述第二账号,所述第二账号为第一应用的用户账号;所述第一请求用于指示所述第一服务器验证所述第二账号;
    当所述第一服务器对所述第二账号验证通过之后,所述第二设备向所述第一服务器发送第二请求,所述第二请求包括所述第二设备信息,所述第二请求用于指示所述第一服务器验证所述第二设备是否为安全设备;
    当所述第一服务器验证所述第二设备为安全设备之后,所述第二设备通过所述第二账号登录所述第二设备的第一应用。
  25. 一种计算机可读存储介质,其特征在于,包括计算机指令,当所述计算机指令在第二设备上运行时,使得所述第二设备执行如权利要求12-22中任一项所述的设备认证的方法。
PCT/CN2023/091347 2022-05-12 2023-04-27 设备认证的方法、电子设备和通信系统 WO2023216911A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210519227.1A CN117093976A (zh) 2022-05-12 2022-05-12 设备认证的方法、电子设备和通信系统
CN202210519227.1 2022-05-12

Publications (1)

Publication Number Publication Date
WO2023216911A1 true WO2023216911A1 (zh) 2023-11-16

Family

ID=88729645

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/091347 WO2023216911A1 (zh) 2022-05-12 2023-04-27 设备认证的方法、电子设备和通信系统

Country Status (2)

Country Link
CN (1) CN117093976A (zh)
WO (1) WO2023216911A1 (zh)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248489A (zh) * 2013-05-17 2013-08-14 刘琦 通过智能终端实现客户端登录的方法、服务器和智能终端
CN104735657A (zh) * 2013-12-20 2015-06-24 腾讯科技(深圳)有限公司 安全终端验证方法、无线接入点绑定方法、装置及系统
CN106330844A (zh) * 2015-07-02 2017-01-11 阿里巴巴集团控股有限公司 一种跨终端的免登方法和设备
US20190228144A1 (en) * 2018-01-25 2019-07-25 Salesforce.Com, Inc. User device authentication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248489A (zh) * 2013-05-17 2013-08-14 刘琦 通过智能终端实现客户端登录的方法、服务器和智能终端
CN104735657A (zh) * 2013-12-20 2015-06-24 腾讯科技(深圳)有限公司 安全终端验证方法、无线接入点绑定方法、装置及系统
CN106330844A (zh) * 2015-07-02 2017-01-11 阿里巴巴集团控股有限公司 一种跨终端的免登方法和设备
US20190228144A1 (en) * 2018-01-25 2019-07-25 Salesforce.Com, Inc. User device authentication

Also Published As

Publication number Publication date
CN117093976A (zh) 2023-11-21

Similar Documents

Publication Publication Date Title
US20220163932A1 (en) Device control page display method, related apparatus, and system
JP7317242B2 (ja) ブルートゥース接続方法、システム、および電子デバイス
EP4113415A1 (en) Service recommending method, electronic device, and system
US11968058B2 (en) Method for adding smart home device to contacts and system
EP3961440A1 (en) Login method for intelligent terminal, and electronic device
US20230216990A1 (en) Device Interaction Method and Electronic Device
EP4224981A1 (en) Method for using cellular communication function, related apparatus, and system
US11843712B2 (en) Address book-based device discovery method, audio and video communication method, and electronic device
US20220179827A1 (en) File Sharing Method of Mobile Terminal and Device
US20230351048A1 (en) Application Permission Management Method and Apparatus, and Electronic Device
US11949805B2 (en) Call method and apparatus
EP4246347A1 (en) Method for authorizing by using another device, electronic devices and system
US20240338163A1 (en) Multi-screen unlocking method and electronic device
EP4224830A1 (en) Data sharing method, apparatus and system, and electronic device
CN111132047A (zh) 网络连接方法及装置
EP4366235A1 (en) Cross-device authentication method and apparatus
WO2023284555A1 (zh) 安全调用服务的方法、安全注册服务的方法及装置
WO2023216911A1 (zh) 设备认证的方法、电子设备和通信系统
WO2024022124A1 (zh) 应用登录方法、电子设备及系统
US20230370400A1 (en) Device Control Method, Electronic Device, and System
CN115515112A (zh) 蓝牙通信方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23802683

Country of ref document: EP

Kind code of ref document: A1