WO2023284555A1 - Method for securely calling service, and method and apparatus for securely registering service - Google Patents

Method for securely calling service, and method and apparatus for securely registering service Download PDF

Info

Publication number
WO2023284555A1
WO2023284555A1 PCT/CN2022/102477 CN2022102477W WO2023284555A1 WO 2023284555 A1 WO2023284555 A1 WO 2023284555A1 CN 2022102477 W CN2022102477 W CN 2022102477W WO 2023284555 A1 WO2023284555 A1 WO 2023284555A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
security level
terminal device
level
security
Prior art date
Application number
PCT/CN2022/102477
Other languages
French (fr)
Chinese (zh)
Inventor
张阿东
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023284555A1 publication Critical patent/WO2023284555A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present application relates to terminal operating system technology, and in particular to a method for securely invoking a service, and a method and device for securely registering a service.
  • the present application provides a method for securely invoking a service, a method and device for securely registering a service, so as to ensure the security of the service.
  • the present application provides a method for safely invoking a service, including: obtaining the first security level of the service requested by the terminal device; obtaining the second security level of the terminal device; according to the first security level and the The second security level determines whether the terminal device has the right to call the service; when the terminal device has the right to call the service, the terminal device is allowed to call the service.
  • the method before the acquiring the first security level of the service requested to be invoked by the terminal device, the method further includes: receiving a service invocation request sent by the terminal device.
  • the configuration file includes the field Securelevel: SL1.
  • Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
  • the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
  • the security configuration page can be displayed to the user, and the user can write or select the security level of the service.
  • the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
  • the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
  • the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program.
  • the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
  • the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
  • the obtaining the second security level of the terminal device includes: when the service invocation request includes the identifier of the terminal device, obtaining the second security level according to the identifier of the terminal device Two security levels; or, when the service invocation request includes a security level identifier of the terminal device, acquiring the second security level according to the security level identifier of the terminal device.
  • the security level of the terminal device and the security level of the service may use the same judgment standard.
  • the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
  • the service providing device may determine the highest service level corresponding to the second security level, and determine whether the first security level is smaller than the highest service level. When the first security level is less than the highest service level, it is determined that the service calling device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the service calling device does not have the right to call the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn, m ⁇ n
  • the security level of one terminal device may correspond to one or more security levels of the service.
  • the highest level of service corresponding to the second security level refers to the highest level of service that the service calling device can call. If the service is higher than the highest service level, the service calling device cannot call it.
  • the first security level is lower than the highest level of the service, which means that the security level of the service is lower than the highest level of the service that the service calling device can call, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
  • the service providing device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the service calling device has the right to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the service calling device does not have the right to call the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn
  • m is greater than n
  • one security level of the service may correspond to the security levels of one or more terminal devices.
  • the lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can call the service. If the security level of the service calling device is lower than the lowest level of the device, the service cannot be called.
  • the second security level is greater than the lowest level of the device, which means that the security level of the service calling device is greater than the lowest level of the terminal device that can call the service, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
  • the service providing device matches the security level of the service invoking device with the security level of the called service.
  • the terminal device can call a service with a low security level), and the service calling device has the authority to call the service on the service providing device, which ensures the security of the service.
  • the above-mentioned embodiment describes the process of the service calling device securely calling the service on the service providing device.
  • the service calling device is allowed to call the service and obtain the data of the service.
  • the present application provides a method for secure registration service, including: obtaining the first security level of the service for which the terminal device requests to register; obtaining the second security level of the terminal device; according to the first security level and the The second security level determines whether the terminal device has the right to register the service; when the terminal device has the right to register the service, allow the terminal device to register the service.
  • the configuration file includes the field Securelevel: SL1.
  • Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
  • the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
  • the above configuration can be implemented by the provider of the service.
  • the security configuration page can be displayed to the user, and the user can write or select the security level of the service.
  • the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
  • the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
  • the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program.
  • the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
  • the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
  • the terminal device can obtain the first security level of the service to be registered, for example, you can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read the configuration of the service
  • the field Securelevel in the item set SL1 as the first security level; or, obtain the key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the program of the service, according to the storage path Determines the second security level for the service.
  • the security level of the terminal device and the security level of the service may use the same judgment standard.
  • the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
  • the first security level is lower than the second security level, indicating that the security level of the service is lower than that of the terminal device, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device may determine the highest service level corresponding to the second security level, and determine whether the first security level is lower than the highest service level. When the first security level is less than the highest service level, it is determined that the terminal device has the authority to register for the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the authority to register for the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn, m ⁇ n
  • the security level of one terminal device may correspond to one or more security levels of the service.
  • the highest service level corresponding to the second security level refers to the highest service level that the terminal device can register with. If the service is higher than the highest service level, the terminal device cannot register.
  • the first security level is lower than the highest service level, indicating that the security level of the service is lower than the highest level of services that the terminal device can register for, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to register the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the authority to register the service.
  • the lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can register for services. If the security level of a terminal device is lower than the lowest level of equipment, it cannot register for services.
  • the second security level is greater than the lowest level of the device, which means that the security level of the terminal device is greater than the lowest level of the terminal device that can register for the service, and the terminal device can register for the service. Therefore, the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device matches the security level of the terminal device with the security level of the registered service.
  • the terminal device can register a service with a low security level), the terminal device has the authority to register the service on the operating system of the terminal device, ensuring the security of the service.
  • a terminal device with a security level can register a service with a low security level, which ensures the security of the service.
  • the above-mentioned embodiment describes the process of securely registering a local service on a terminal device.
  • the operating system of the terminal device can also refer to the above steps to implement the process of securely installing the service on the terminal device.
  • the terminal device has the authority to install the service, the terminal device is allowed to install service.
  • the method before obtaining the first security level of the service for which the terminal device requests to register, the method further includes: obtaining a service registration request.
  • the present application provides a device for safely invoking a service, including: an acquisition module and a processing module. in,
  • An acquisition module configured to acquire the first security level of the service requested by the terminal device; acquire a second security level of the terminal device; a processing module, configured to determine the required security level according to the first security level and the second security level Whether the terminal device has the right to call the service; when the terminal device has the right to call the service, allow the terminal device to call the service.
  • the processing module is specifically configured to judge whether the first security level is smaller than the second security level; when the first security level is smaller than the second security level, determine The terminal device has the right to call the service; or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the right to call the service.
  • the processing module is specifically configured to determine the highest service level corresponding to the second security level; judge whether the first security level is smaller than the highest service level; when the first security level When the security level is lower than the highest service level, it is determined that the terminal device has the authority to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to call the service. service permissions.
  • the processing module is specifically configured to determine the lowest level of equipment corresponding to the first security level; judge whether the second security level is greater than the lowest level of the equipment; when the second When the security level is greater than the minimum level of the device, it is determined that the terminal device has the authority to call the service; when the second security level is less than or equal to the minimum level of the device, it is determined that the terminal device does not have the right to call the service. service permissions.
  • the obtaining module is further configured to receive a service invocation request sent by the terminal device.
  • the service invocation request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain the the first security level; or, acquire the user configuration information of the service to acquire the first security level; or acquire the first security level according to the feature information of the service, the feature information including the service The key signature level or the storage path of the program of the service.
  • the acquiring module is specifically configured to acquire the second security level according to the identifier of the terminal device when the service call request includes the identifier of the terminal device; or, when When the service invocation request includes the security level identifier of the terminal device, the second security level is acquired according to the security level identifier of the terminal device.
  • the acquiring module is further configured to acquire the third security level of the service for which the terminal device requests to register; acquire the fourth security level of the terminal device; and the processing module is further configured to The third security level and the fourth security level determine whether the terminal device has the right to register the service; when the terminal device has the right to register the service, allow the terminal device to register the service .
  • the processing module is specifically configured to determine whether the third security level is less than the fourth security level; when the third security level is less than the fourth security level, determine The terminal device has the right to register the service; or, when the third security level is greater than or equal to the fourth security level, it is determined that the terminal device does not have the right to register the service.
  • the processing module is specifically configured to determine the highest service level corresponding to the fourth security level; determine whether the third security level is smaller than the highest service level; when the third security level When the security level is less than the highest service level, it is determined that the terminal device has the right to register the service; when the third security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to register the service. service permissions.
  • the processing module is specifically configured to determine the lowest level of equipment corresponding to the third security level; judge whether the fourth security level is greater than the lowest level of the equipment; when the fourth When the security level is greater than the minimum level of the device, it is determined that the terminal device has the right to register the service; when the fourth security level is less than or equal to the minimum level of the device, it is determined that the terminal device does not have the right to register the service. service permissions.
  • the acquiring module is further configured to acquire a service registration request.
  • the service registration request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain the the third security level; or, acquire the user configuration information of the service to acquire the third security level; or acquire the third security level according to the feature information of the service, the feature information including the service The storage path of the key signature level or the program of the service.
  • the present application provides a terminal device, including: one or more processors; a memory for storing one or more programs; when the one or more programs are executed by the one or more processors , so that the one or more processors implement the method described in any one of the first to second aspects above.
  • the present application provides a computer-readable storage medium, including a computer program.
  • the computer program When the computer program is executed on a computer, the computer executes the method described in any one of the first to second aspects above.
  • the present application also provides a computer program product, the computer program product includes computer program code, and when the computer program code is run on the computer, the computer is made to execute the terminal device in any one of the above two method embodiments. Actions and/or processing performed.
  • FIG. 2 shows a schematic structural diagram of a terminal device 200
  • FIG. 3 is a software structural block diagram of the terminal device 200 of the present application.
  • FIG. 4 is a flowchart of a process 400 of a method for securely invoking a service provided by the present application
  • FIG. 5 is a flowchart of a process 500 of the method for secure registration services provided by the present application.
  • FIG. 6 is an exemplary structural diagram of an apparatus 600 for securely invoking a service provided by the present application.
  • At least one (item) means one or more, and “multiple” means two or more.
  • “And/or” is used to describe the association relationship of associated objects, indicating that there can be three types of relationships, for example, “A and/or B” can mean: only A exists, only B exists, and A and B exist at the same time , where A and B can be singular or plural.
  • the character “/” generally indicates that the contextual objects are an “or” relationship.
  • At least one of the following” or similar expressions refer to any combination of these items, including any combination of single or plural items.
  • At least one item (piece) of a, b or c can mean: a, b, c, "a and b", “a and c", “b and c", or "a and b and c ", where a, b, c can be single or multiple.
  • wireless data transmission from machine to machine M2M
  • sensor network sensor network
  • near field communication technology near field communication, NFC
  • wireless local area network wireless local area networks, WLAN
  • wireless fidelity wireless fidelity, Wi-Fi
  • Bluetooth blue, BT
  • global navigation satellite system global navigation satellite system, GNSS
  • frequency modulation frequency modulation, FM
  • infrared infrared
  • the multi-terminal device network is formed by interconnecting multiple terminal devices distributed in different locations based on the ubiquitous network, and the multiple terminal devices can provide distributed services and/or applications. There is no central node in the multi-terminal equipment network, each node can communicate with each other, and the communication control function is distributed on each node.
  • the multi-terminal equipment network has the characteristics of high reliability and easy sharing of resources by nodes in the network, and is widely used in multimedia database management, audio and video transmission, video on demand and other fields.
  • FIG. 1 is an exemplary structural diagram of a multi-terminal device network 100 provided by the present application.
  • the multi-terminal device network 100 may include a mobile phone, a tablet computer, a wearable device, a vehicle-mounted device, an augmented reality (augmented reality, AR)/virtual reality (virtual reality, VR) device, a notebook computer, a super mobile personal computer ( Ultra-mobile personal computer, UMPC), netbook, personal digital assistant (personal digital assistant, PDA) and other terminal devices, it should be understood that this application applies to the terminal devices included in the multi-terminal device network 100 The quantity and shape are not limited.
  • each terminal device In a multi-terminal device network, because the use scenarios of each terminal device are different, the services and applications carried by each terminal device are also different. Correspondingly, the security levels of each terminal device are also different. Terminal devices with low security levels Services and/or applications containing sensitive personal data cannot be processed, and terminal devices with a low security level should not call services and/or applications containing sensitive personal data on terminal devices with a high security level. For example, users do not want devices such as tablets and home TVs to access private data contained in chat applications and work applications on mobile phones. Or, at home, users expect that home smart devices (home TV) can automatically connect and access, for example, automatically project incoming calls from mobile phones to large-screen TVs; but in shopping malls, users do not expect other terminal devices to automatically access mobile phones data behavior.
  • home smart devices home TV
  • the current linux-based device access control methods mainly include two mechanisms: discretionary access control (DAC) and mandatory access control (mandatory access control, MAC).
  • DAC discretionary access control
  • MAC mandatory access control
  • resource access rights are determined by attributes of an access subject (Subject, such as a process) and a resource object (Object, such as a file, prop, etc.).
  • resource owners owners or group members
  • MAC resource access rights are determined by the security context of the access subject (Subject, such as a process) and the resource object (Object, such as a file, prop, binder, etc.) defined by the security policy.
  • Object such as a file, prop, binder, etc.
  • DAC and MAC have been able to meet the requirements for single-device scheduling control, but there are still problems with cross-device scheduling control in a multi-terminal device network.
  • two terminal devices with different security levels have the same identity label (such as system), but due to the different security levels, the permissions of the two terminal devices cannot be completely the same. If only the labels are considered, there must be a low security level Situations where an end device invokes services and/or applications containing sensitive personal data on an end device with a high security level.
  • the method for safely invoking services provided by this application can be applied to terminal devices such as mobile phones, tablet computers, wearable devices, vehicle-mounted devices, notebook computers, and tablets listed above, and this application does not impose any restrictions on the specific types of terminal devices .
  • FIG. 2 shows a schematic structural diagram of a terminal device 200 .
  • the terminal device 200 shown in FIG. 2 is only an example of a terminal device, and the terminal device 200 may have more or fewer components than those shown in the figure, and two or more components may be combined , or can have different component configurations.
  • the various components shown in Figure 2 may be implemented in hardware, software, or a combination of hardware and software including one or more signal processing and/or application specific integrated circuits.
  • the terminal device 200 may include: a processor 210, an external memory interface 220, an internal memory 121, a universal serial bus (universal serial bus, USB) interface 230, a charging management module 240, a power management module 241, a battery 242, an antenna 1, and an antenna 2.
  • Mobile communication module 250 wireless communication module 260, audio module 270, speaker 270A, receiver 270B, microphone 270C, earphone jack 270D, sensor module 280, button 290, motor 291, indicator 292, camera 293, display screen 294, And a subscriber identification module (subscriber identification module, SIM) card interface 295, etc.
  • SIM subscriber identification module
  • the sensor module 280 may include a pressure sensor 280A, a gyro sensor 280B, an air pressure sensor 280C, a magnetic sensor 280D, an acceleration sensor 280E, a distance sensor 280F, a proximity light sensor 280G, a fingerprint sensor 280H, a temperature sensor 280J, a touch sensor 280K, and an ambient light sensor.
  • the controller may be the nerve center and command center of the terminal device 200 .
  • the controller can generate operation control signals according to instruction opcodes and timing signals to complete the control of fetching and executing instructions.
  • the I2S interface can be used for audio communication.
  • processor 210 may include multiple sets of I2S buses.
  • the processor 210 may be coupled to the audio module 270 through an I2S bus to implement communication between the processor 210 and the audio module 270 .
  • the audio module 270 can transmit audio signals to the wireless communication module 260 through the I2S interface, so as to realize the function of answering calls through the Bluetooth headset.
  • the PCM interface can also be used for audio communication, sampling, quantizing and encoding the analog signal.
  • the audio module 270 and the wireless communication module 260 may be coupled through a PCM bus interface.
  • the audio module 270 can also transmit audio signals to the wireless communication module 260 through the PCM interface, so as to realize the function of answering calls through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.
  • the UART interface is a universal serial data bus used for asynchronous communication.
  • the bus can be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication.
  • a UART interface is generally used to connect the processor 210 and the wireless communication module 260 .
  • the processor 210 communicates with the Bluetooth module in the wireless communication module 260 through the UART interface to realize the Bluetooth function.
  • the audio module 270 can transmit audio signals to the wireless communication module 260 through the UART interface, so as to realize the function of playing music through the Bluetooth headset.
  • the MIPI interface can be used to connect the processor 210 with the peripheral devices such as the display screen 294 and the camera 293 .
  • MIPI interface includes camera serial interface (camera serial interface, CSI), display serial interface (display serial interface, DSI), etc.
  • the processor 210 communicates with the camera 293 through the CSI interface to realize the shooting function of the terminal device 200 .
  • the processor 210 communicates with the display screen 294 through the DSI interface to realize the display function of the terminal device 200 .
  • the GPIO interface can be configured by software.
  • the GPIO interface can be configured as a control signal or as a data signal.
  • the GPIO interface can be used to connect the processor 210 with the camera 293 , the display screen 294 , the wireless communication module 260 , the audio module 270 , the sensor module 280 and so on.
  • the GPIO interface can also be configured as an I2C interface, I2S interface, UART interface, MIPI interface, etc.
  • the USB interface 230 is an interface conforming to the USB standard specification, specifically, it may be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like.
  • the USB interface 230 can be used to connect a charger to charge the terminal device 200, and can also be used to transmit data between the terminal device 200 and peripheral devices. It can also be used to connect headphones and play audio through them. This interface can also be used to connect other terminal devices, such as AR devices.
  • the interface connection relationship between the modules shown in this application is only a schematic illustration, and does not constitute a structural limitation of the terminal device 200 .
  • the terminal device 200 may also adopt different interface connection modes in the foregoing embodiments, or a combination of multiple interface connection modes.
  • the charging management module 240 is configured to receive charging input from the charger.
  • the charger may be a wireless charger or a wired charger.
  • the charging management module 240 can receive the charging input of the wired charger through the USB interface 230 .
  • the charging management module 240 may receive wireless charging input through the wireless charging coil of the terminal device 200 . While the charging management module 240 is charging the battery 242 , it can also supply power to the terminal device through the power management module 241 .
  • the power management module 241 is used for connecting the battery 242 , the charging management module 240 and the processor 210 .
  • the power management module 241 receives the input from the battery 242 and/or the charging management module 240 to provide power for the processor 210 , the internal memory 121 , the external memory, the display screen 294 , the camera 293 , and the wireless communication module 260 .
  • the power management module 241 can also be used to monitor parameters such as battery capacity, battery cycle times, and battery health status (leakage, impedance).
  • the power management module 241 can also be set in the processor 210 .
  • the power management module 241 and the charging management module 240 may also be set in the same device.
  • the wireless communication function of the terminal device 200 may be implemented by the antenna 1, the antenna 2, the mobile communication module 250, the wireless communication module 260, a modem processor, a baseband processor, and the like.
  • Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals.
  • Each antenna in the terminal device 200 can be used to cover single or multiple communication frequency bands. Different antennas can also be multiplexed to improve the utilization of the antennas.
  • Antenna 1 can be multiplexed as a diversity antenna of a wireless local area network.
  • the antenna may be used in conjunction with a tuning switch.
  • the mobile communication module 250 can provide wireless communication solutions including 2G/3G/4G/5G applied on the terminal device 200 .
  • the mobile communication module 250 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA) and the like.
  • the mobile communication module 250 can receive electromagnetic waves through the antenna 1, filter and amplify the received electromagnetic waves, and send them to the modem processor for demodulation.
  • the mobile communication module 250 can also amplify the signal modulated by the modem processor, convert it into electromagnetic wave and radiate it through the antenna 1 .
  • at least part of the functional modules of the mobile communication module 250 may be set in the processor 210 .
  • at least part of the functional modules of the mobile communication module 250 and at least part of the modules of the processor 210 may be set in the same device.
  • a modem processor may include a modulator and a demodulator.
  • the modulator is used for modulating the low-frequency baseband signal to be transmitted into a medium-high frequency signal.
  • the demodulator is used to demodulate the received electromagnetic wave signal into a low frequency baseband signal. Then the demodulator sends the demodulated low-frequency baseband signal to the baseband processor for processing.
  • the low-frequency baseband signal is passed to the application processor after being processed by the baseband processor.
  • the application processor outputs sound signals through audio equipment (not limited to speaker 270A, receiver 270B, etc.), or displays images or videos through display screen 294 .
  • the modem processor may be a stand-alone device.
  • the modem processor may be independent of the processor 210, and be set in the same device as the mobile communication module 250 or other functional modules.
  • the wireless communication module 260 can provide wireless local area networks (wireless local area networks, WLAN) (such as wireless fidelity (Wireless fidelity, Wi-Fi) network), bluetooth (bluetooth, BT), global navigation satellite, etc. System (global navigation satellite system, GNSS), frequency modulation (frequency modulation, FM), near field communication technology (near field communication, NFC), infrared technology (infrared, IR) and other wireless communication solutions.
  • the wireless communication module 260 may be one or more devices integrating at least one communication processing module.
  • the wireless communication module 260 receives electromagnetic waves via the antenna 2 , frequency-modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 210 .
  • the wireless communication module 260 can also receive the signal to be sent from the processor 210 , frequency-modulate it, amplify it, and convert it into electromagnetic waves through the antenna 2 to radiate out.
  • the antenna 1 of the terminal device 200 is coupled to the mobile communication module 250, and the antenna 2 is coupled to the wireless communication module 260, so that the terminal device 200 can communicate with the network and other devices through wireless communication technology.
  • the wireless communication technology may include global system for mobile communications (GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), broadband Code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC , FM, and/or IR techniques, etc.
  • GSM global system for mobile communications
  • GPRS general packet radio service
  • code division multiple access code division multiple access
  • CDMA broadband Code division multiple access
  • WCDMA wideband code division multiple access
  • time division code division multiple access time-division code division multiple access
  • TD-SCDMA time-division code division multiple access
  • the GNSS may include a global positioning system (global positioning system, GPS), a global navigation satellite system (global navigation satellite system, GLONASS), a Beidou navigation satellite system (beidou navigation satellite system, BDS), a quasi-zenith satellite system (quasi -zenith satellite system (QZSS) and/or satellite based augmentation systems (SBAS).
  • GPS global positioning system
  • GLONASS global navigation satellite system
  • Beidou navigation satellite system beidou navigation satellite system
  • BDS Beidou navigation satellite system
  • QZSS quasi-zenith satellite system
  • SBAS satellite based augmentation systems
  • the terminal device 200 implements a display function through a GPU, a display screen 294, an application processor, and the like.
  • the GPU is a microprocessor for image processing, and is connected to the display screen 294 and the application processor. GPUs are used to perform mathematical and geometric calculations for graphics rendering.
  • Processor 210 may include one or more GPUs that execute program instructions to generate or change display information.
  • the display screen 294 is used to display images, videos and the like.
  • Display 294 includes a display panel.
  • the display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active matrix organic light emitting diode or an active matrix organic light emitting diode (active-matrix organic light emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diodes (quantum dot light emitting diodes, QLED), etc.
  • the terminal device 200 may include 1 or N display screens 294, where N is a positive integer greater than 1.
  • the terminal device 200 can realize the shooting function through the ISP, the camera 293, the video codec, the GPU, the display screen 294, and the application processor.
  • the ISP is used for processing the data fed back by the camera 293 .
  • the light is transmitted to the photosensitive element of the camera through the lens, and the light signal is converted into an electrical signal, and the photosensitive element of the camera transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye.
  • ISP can also perform algorithm optimization on image noise, brightness, and skin color.
  • ISP can also optimize the exposure, color temperature and other parameters of the shooting scene.
  • the ISP may be located in the camera 293 .
  • Camera 293 is used to capture still images or video.
  • the object generates an optical image through the lens and projects it to the photosensitive element.
  • the photosensitive element may be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor.
  • CMOS complementary metal-oxide-semiconductor
  • the photosensitive element converts the light signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal.
  • the ISP outputs the digital image signal to the DSP for processing.
  • DSP converts digital image signals into standard RGB, YUV and other image signals.
  • the terminal device 200 may include 1 or N cameras 293, where N is a positive integer greater than 1.
  • Digital signal processors are used to process digital signals. In addition to digital image signals, they can also process other digital signals. For example, when the terminal device 200 selects a frequency point, the digital signal processor is used to perform Fourier transform on the energy of the frequency point.
  • Video codecs are used to compress or decompress digital video.
  • the terminal device 200 may support one or more video codecs.
  • the terminal device 200 can play or record videos in various encoding formats, for example: moving picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4, etc.
  • the NPU is a neural-network (NN) computing processor.
  • NN neural-network
  • the NPU can quickly process input information and continuously learn by itself.
  • Applications such as intelligent cognition of the terminal device 200 can be implemented through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.
  • the external memory interface 220 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the terminal device 200.
  • the external memory card communicates with the processor 210 through the external memory interface 220 to implement a data storage function. Such as saving music, video and other files in the external memory card.
  • the internal memory 121 may be used to store computer-executable program codes including instructions.
  • the processor 210 executes various functional applications and data processing of the terminal device 200 by executing instructions stored in the internal memory 121 .
  • the internal memory 121 may include an area for storing programs and an area for storing data.
  • the stored program area can store an operating system, at least one application program required by a function (such as a sound playing function, an image playing function, etc.) and the like.
  • the storage data area can store data created during the use of the terminal device 200 (such as audio data, phonebook, etc.) and the like.
  • the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (universal flash storage, UFS) and the like.
  • the terminal device 200 may implement an audio function through an audio module 270, a speaker 270A, a receiver 270B, a microphone 270C, an earphone interface 270D, and an application processor. Such as music playback, recording, etc.
  • the audio module 270 is used to convert digital audio information into analog audio signal output, and is also used to convert analog audio input into digital audio signal.
  • the audio module 270 may also be used to encode and decode audio signals.
  • the audio module 270 can be set in the processor 210 , or some functional modules of the audio module 270 can be set in the processor 210 .
  • Speaker 270A also referred to as a "horn" is used to convert audio electrical signals into sound signals.
  • the terminal device 200 can listen to music through the speaker 270A, or listen to hands-free calls.
  • Receiver 270B also called “earpiece” is used to convert audio electrical signals into audio signals.
  • the receiver 270B can be placed close to the human ear to receive the voice.
  • the microphone 270C also called “microphone” or “microphone” is used to convert sound signals into electrical signals.
  • the user can make a sound by approaching the microphone 270C with a human mouth, and input the sound signal into the microphone 270C.
  • the terminal device 200 may be provided with at least one microphone 270C.
  • the terminal device 200 may be provided with two microphones 270C, which may also implement a noise reduction function in addition to collecting sound signals.
  • the terminal device 200 can also be provided with three, four or more microphones 270C, so as to collect sound signals, reduce noise, identify sound sources, and realize directional recording functions, etc.
  • the earphone interface 270D is used for connecting wired earphones.
  • the earphone interface 270D may be a USB interface 230, or a 3.5mm open mobile terminal platform (open mobile terminal platform, OMTP) standard interface, or a cellular telecommunications industry association of the USA (CTIA) standard interface.
  • OMTP open mobile terminal platform
  • CTIA cellular telecommunications industry association of the USA
  • the pressure sensor 280A is used to sense the pressure signal and convert the pressure signal into an electrical signal.
  • pressure sensor 280A may be located on display screen 294 .
  • pressure sensors 280A such as resistive pressure sensors, inductive pressure sensors, and capacitive pressure sensors.
  • a capacitive pressure sensor may be comprised of at least two parallel plates with conductive material.
  • the terminal device 200 may also calculate the touched position according to the detection signal of the pressure sensor 280A.
  • touch operations acting on the same touch position but with different touch operation intensities may correspond to different operation instructions. For example: when a touch operation with a touch operation intensity less than the first pressure threshold acts on the short message application icon, an instruction to view short messages is executed. When a touch operation whose intensity is greater than or equal to the first pressure threshold acts on the icon of the short message application, the instruction of creating a new short message is executed.
  • the gyroscope sensor 280B can be used to determine the motion posture of the terminal device 200 .
  • the angular velocity of the terminal device 200 around three axes ie, x, y and z axes
  • the gyro sensor 280B can be used for image stabilization.
  • the gyro sensor 280B detects the shaking angle of the terminal device 200, calculates the distance that the lens module needs to compensate according to the angle, and allows the lens to counteract the shaking of the terminal device 200 through reverse movement to achieve anti-shake.
  • the gyro sensor 280B can also be used for navigation and somatosensory game scenes.
  • the air pressure sensor 280C is used to measure air pressure. In some embodiments, the terminal device 200 calculates the altitude based on the air pressure value measured by the air pressure sensor 280C to assist in positioning and navigation.
  • the magnetic sensor 280D includes a Hall sensor.
  • the terminal device 200 may use the magnetic sensor 280D to detect the opening and closing of the flip holster.
  • the terminal device 200 may detect opening and closing of the clamshell according to the magnetic sensor 280D.
  • features such as automatic unlocking of the flip cover are set.
  • the acceleration sensor 280E can detect the acceleration of the terminal device 200 in various directions (generally three axes). When the terminal device 200 is stationary, the magnitude and direction of gravity can be detected. It can also be used to recognize the posture of terminal equipment, and can be used in applications such as horizontal and vertical screen switching, pedometers, etc.
  • the terminal device 200 can use the proximity light sensor 280G to detect that the user holds the terminal device 200 close to the ear to make a call, so as to automatically turn off the screen to save power.
  • Proximity light sensor 280G can also be used in leather case mode, automatic unlock and lock screen in pocket mode.
  • Touch sensor 280K also known as "touch panel”.
  • the touch sensor 280K can be arranged on the display screen 294, and the touch sensor 280K and the display screen 294 form a touch screen, also called “touch screen”.
  • the touch sensor 280K is used to detect a touch operation on or near it.
  • the touch sensor can pass the detected touch operation to the application processor to determine the type of touch event.
  • Visual output related to touch operations can be provided through the display screen 294 .
  • the touch sensor 280K may also be disposed on the surface of the terminal device 200 , which is different from the position of the display screen 294 .
  • FIG. 3 is a block diagram of the software structure of the terminal device 200 of the present application.
  • the application framework layer provides an application programming interface (application programming interface, API) and a programming framework for applications in the application layer.
  • the application framework layer includes some predefined functions.
  • the application framework layer can include window manager, content provider, view system, phone manager, resource manager, notification manager, security management module, etc.
  • Content providers are used to store and retrieve data and make it accessible to applications.
  • Said data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebook, etc.
  • the view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on.
  • the view system can be used to build applications.
  • a display interface can consist of one or more views.
  • a display interface including a text message notification icon may include a view for displaying text and a view for displaying pictures.
  • the resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on.
  • the notification manager enables the application to display notification information in the status bar, which can be used to convey notification-type messages, and can automatically disappear after a short stay without user interaction.
  • the notification manager is used to notify the download completion, message reminder, etc.
  • the notification manager can also be a notification that appears on the top status bar of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window.
  • a text message is displayed in the status bar, a prompt sound is issued, the terminal device 200 vibrates, and the indicator light flashes.
  • the present application cites the case of setting the security management module at the application framework layer, and the security management module may also be set at the kernel layer, which is not limited in the present application. As long as it has the same function as the security management module provided by this application, it is within the scope of protection of this application.
  • the Android Runtime includes core library and virtual machine. The Android runtime is responsible for the scheduling and management of the Android system.
  • the core library consists of two parts: one part is the function function that the java language needs to call, and the other part is the core library of Android.
  • the application layer and the application framework layer run in virtual machines.
  • the virtual machine executes the java files of the application program layer and the application program framework layer as binary files.
  • the virtual machine is used to perform functions such as object life cycle management, stack management, thread management, security and exception management, and garbage collection.
  • the media library supports playback and recording of various commonly used audio and video formats, as well as still image files, etc.
  • the media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.
  • the 2D graphics engine is a drawing engine for 2D drawing.
  • the kernel layer is the layer between hardware and software.
  • the kernel layer includes at least a display driver, a Wi-Fi driver, a Bluetooth driver, an audio driver, and a sensor driver.
  • the kernel layer may also include a process scheduling module, a disk data module, etc., which are not limited in this application.
  • the components included in the system framework layer, system library, and runtime layer shown in FIG. 3 do not constitute a specific limitation on the terminal device 200 .
  • the terminal device 200 may include more or fewer components than shown in the figure, or combine certain components, or separate certain components, or arrange different components.
  • FIG. 2 listed above is a structural diagram of a possible terminal device
  • FIG. 3 is a software architecture diagram of a possible terminal device.
  • the following embodiments of this application will take the service call between two terminal devices (such as the first device and the second device) in the multi-terminal device network shown in Figure 1 as an example, and the terminal device may have the The structure described above, the software structure shown in Figure 3.
  • the first electronic device that applies for invoking a service is called a "service application device”
  • the second electronic device that provides a service is called a "service providing device”.
  • both the service application device and the service provision device can include the security management module of the application framework layer in Figure 3, and the same terminal device can be used as a service application device (or called a "service calling device"), or Devices are provided as a service.
  • device A in FIG. 1 may apply for invoking the service and/or application of device B, and device B may in turn apply for invoking the service and/or application of device A.
  • device A applies to call the service and/or application of device B device A applies for the device for the service, and device B provides the device for the service;
  • device B in turn applies for calling the service and/or application of device A, device B is the service Apply for equipment, and equipment A provides equipment for the service, which is not limited in this application.
  • an application is an application (application, APP) installed on a terminal device provided by a third party, for example, a video application, a map application, a chat application, etc.
  • a service is provided by an operating system of the terminal device. functions, such as taking pictures, location services, SMS, etc.
  • distributed applications and services can be implemented in a network of multiple terminal devices, so the relevant procedures below are also applicable to applications.
  • security levels are respectively set for terminal equipment and services
  • security levels for terminal equipment include L1-Lm
  • security levels for services include SL1-SLn.
  • L1-Lm security levels for terminal equipment
  • SL1-SLn security levels for services
  • the terminal device can only process services with the same or lower security level as its own, and the security level here is the same or lower.
  • Step 401 the service calling device obtains the second security level of the device.
  • the service calling device calls the service on the service providing device by sending a request.
  • the service invocation request includes the identifier of the service to be invoked, so that the service providing device can determine the service to be invoked by the service invocation device according to the service identifier, and then determine the first security level of the service.
  • the service invocation request further includes the identification of the security level of the service invoking device, so that the service providing device can determine the second security level according to the identification of the security level of the service invoking device.
  • each terminal device can be configured with a security level table, which includes multiple security levels and their corresponding identifiers, so that the service providing device can determine its security level according to the identifier of the security level of the service calling device.
  • Step 403 the service providing device acquires the first security level of the service according to the service invocation request.
  • the operating system of the terminal device provides a service security level configuration interface
  • the service security level configuration interface includes but is not limited to the following forms:
  • the configuration file includes the field Securelevel: SL1.
  • Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
  • the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
  • the above configuration can be implemented by the provider of the service.
  • the security configuration page can be displayed to the user, and the user can write or select the security level of the service.
  • the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
  • the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
  • the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program.
  • the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
  • the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
  • the service providing device can obtain the first security level of the service to be invoked by the service calling device, for example, it can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read Take the field Securelevel in the configuration item of the service, and use SL1 as the first security level; or, obtain the secret key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the service program, The second security level of the service is determined according to the storage path.
  • Step 404 the service providing device obtains the second security level of the service calling device according to the service calling request.
  • the service invocation request may include the identifier of the service invoking device, and the service providing device may look up the security level corresponding to the identifier from the security level information table, and use it as the second security level.
  • the service invocation request may include an identifier of the security level of the service invoking device, and the service providing device may search the security level table for the security level corresponding to the identifier, and use it as the second security level.
  • the service providing device may also store the correspondence between the identification of the terminal device and the security level in other ways, or the correspondence between the identification of the security level of the terminal equipment and the security level, which is not specifically limited in this application. .
  • Step 405 the service providing device determines whether the service calling device has the right to call the service according to the first security level and the second security level.
  • the service providing device may determine whether the first security level is smaller than the second security level. When the first security level is lower than the second security level, it is determined that the service calling device has the right to call the service; or, when the first security level is greater than or equal to the second security level, it is determined that the service calling device does not have the right to call the service.
  • the security level of the terminal device and the security level of the service may use the same judgment standard.
  • the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
  • the first security level is lower than the second security level, indicating that the security level of the service is lower than that of the service calling device, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
  • the service providing device may determine the highest service level corresponding to the second security level, and determine whether the first security level is smaller than the highest service level. When the first security level is less than the highest service level, it is determined that the service calling device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the service calling device does not have the right to call the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn, m ⁇ n
  • the security level of one terminal device may correspond to one or more security levels of the service.
  • the highest level of service corresponding to the second security level refers to the highest level of service that the service calling device can call. If the service is higher than the highest service level, the service calling device cannot call it.
  • the first security level is lower than the highest level of the service, which means that the security level of the service is lower than the highest level of the service that the service calling device can call, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
  • the service providing device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the service calling device has the right to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the service calling device does not have the right to call the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn
  • m is greater than n
  • one security level of the service may correspond to the security levels of one or more terminal devices.
  • the lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can call the service. If the security level of the service calling device is lower than the lowest level of the device, the service cannot be called.
  • the second security level is greater than the lowest level of the device, which means that the security level of the service calling device is greater than the lowest level of the terminal device that can call the service, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
  • the service providing device matches the security level of the service invoking device with the security level of the called service.
  • the terminal device can call a service with a low security level), and the service calling device has the authority to call the service on the service providing device, ensuring the security of the service.
  • Step 406 When the service calling device has the right to call the service, the service providing device allows the service calling device to call the service.
  • the service providing device can determine whether the service calling device has the authority to call the service. Allowing the service calling device to call the service means that the service calling device can use the service and obtain the data of the service.
  • terminal equipment with a high security level can call services with a low security level, ensuring the security of services.
  • the above-mentioned embodiment describes the process of the service calling device securely calling the service on the service providing device.
  • the service calling device is allowed to call the service and obtain the data of the service.
  • FIG. 5 is a flowchart of a process 500 of the method for secure registration service provided by the present application.
  • the process 500 can be executed by a terminal device 200, specifically, it can be executed by an operating system of the terminal device.
  • the process 500 is described as a series of steps or operations. It should be understood that the process 500 may be executed in various orders and/or concurrently, and is not limited to the execution order shown in FIG. 5 .
  • Process 500 may include:
  • Step 501 obtain a service registration request.
  • the user uses the service for the first time, in order to ensure the security of user data, the user is required to register the service, for example, enter the user name and password set by the user.
  • the operating system of the terminal device will receive an operation instruction from the touch screen, and the operation instruction includes a service registration request.
  • Step 502 acquiring the first security level of the service for which the terminal device requests to register.
  • the operating system of the terminal device provides a service security level configuration interface
  • the service security level configuration interface includes but is not limited to the following forms:
  • the configuration file includes the field Securelevel: SL1.
  • Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
  • the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
  • the above configuration can be implemented by the provider of the service.
  • the security configuration page can be displayed to the user, and the user can write or select the security level of the service.
  • the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
  • the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
  • the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program.
  • the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
  • the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
  • the terminal device can obtain the first security level of the service to be registered, for example, you can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read the configuration of the service
  • the field Securelevel in the item set SL1 as the first security level; or, obtain the key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the program of the service, according to the storage path Determines the second security level for the service.
  • Step 503 acquire the second security level of the terminal device.
  • the security level of the device itself can be written into the property file or firmware of the terminal device, so that when the terminal device registers for the service, it can first read the security level of the device from the corresponding file as the second security level.
  • Step 504 Determine whether the terminal device has the right to register the service according to the first security level and the second security level.
  • the operating system of the terminal device may determine whether the first security level is lower than the second security level. When the first security level is lower than the second security level, it is determined that the terminal device has the authority to register for the service; or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the authority to register for the service.
  • the security level of the terminal device and the security level of the service may use the same judgment standard.
  • the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
  • the first security level is lower than the second security level, indicating that the security level of the service is lower than that of the terminal device, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device may determine the highest service level corresponding to the second security level, and determine whether the first security level is lower than the highest service level. When the first security level is less than the highest service level, it is determined that the terminal device has the authority to register for the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the authority to register for the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn, m ⁇ n
  • the security level of one terminal device may correspond to one or more security levels of the service.
  • the highest service level corresponding to the second security level refers to the highest service level that the terminal device can register with. If the service is higher than the highest service level, the terminal device cannot register.
  • the first security level is lower than the highest service level, indicating that the security level of the service is lower than the highest level of services that the terminal device can register for, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to register the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the authority to register the service.
  • the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service.
  • the security level of the terminal equipment includes L1 ⁇ Lm
  • the security levels of the service include SL1 ⁇ SLn
  • m is greater than n
  • one security level of the service may correspond to the security levels of one or more terminal devices.
  • the lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can register for services. If the security level of a terminal device is lower than the lowest level of equipment, it cannot register for services.
  • the second security level is greater than the lowest level of the device, which means that the security level of the terminal device is greater than the lowest level of the terminal device that can register for the service, and the terminal device can register for the service. Therefore, the operating system of the terminal device determines that the terminal device has the authority to register for the service.
  • the operating system of the terminal device matches the security level of the terminal device with the security level of the registered service.
  • the terminal device can register a service with a low security level), the terminal device has the authority to register the service on the operating system of the terminal device, ensuring the security of the service.
  • Step 505 when the terminal device has the authority to register for the service, allow the terminal device to register for the service.
  • the operating system of the terminal device can determine whether the terminal device has the authority to register the service. Allowing a terminal device to register with a service means that the terminal device can register with the service and obtain data of the service.
  • a terminal device with a security level can register a service with a low security level, which ensures the security of the service.
  • the above-mentioned embodiment describes the process of securely registering a local service on a terminal device.
  • the operating system of the terminal device can also refer to the above steps to implement the process of securely installing the service on the terminal device.
  • the terminal device has the authority to install the service, the terminal device is allowed to install service.
  • FIG. 6 is an exemplary structural diagram of an apparatus 600 for securely invoking a service provided by the present application. As shown in FIG. 6 , the apparatus 600 may be applied to the terminal device in the foregoing embodiment.
  • the apparatus 600 in this embodiment may include: an acquiring module 601 and a processing module 602 . in,
  • the obtaining module 601 is used to obtain the first security level of the service requested by the terminal device; to obtain the second security level of the terminal device; the processing module 602 is used to obtain the first security level according to the first security level and the second security level Determine whether the terminal device has the right to call the service; when the terminal device has the right to call the service, allow the terminal device to call the service.
  • the processing module 602 is specifically configured to determine whether the first security level is lower than the second security level; when the first security level is lower than the second security level, Determining that the terminal device has the right to call the service; or, when the first security level is greater than or equal to the second security level, determining that the terminal device does not have the right to call the service.
  • the processing module 602 is specifically configured to determine the highest service level corresponding to the second security level; determine whether the first security level is less than the highest service level; When a security level is less than the highest service level, it is determined that the terminal device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to call the service. permissions for the services described above.
  • the processing module 602 is specifically configured to determine the lowest level of equipment corresponding to the first security level; determine whether the second security level is greater than the lowest level of the equipment; When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to call the service permissions for the services described above.
  • the obtaining module 601 is further configured to receive a service invocation request sent by the terminal device.
  • the service call request includes the identifier of the service; the obtaining module 601 is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain The first security level; or, acquiring the user configuration information of the service to acquire the first security level; or, acquiring the first security level according to characteristic information of the service, the characteristic information including the service The signature level of the secret key or the storage path of the program of the service.
  • the acquiring module 601 is specifically configured to acquire the second security level according to the identifier of the terminal device when the service call request includes the identifier of the terminal device; or, When the service invocation request includes the security level identifier of the terminal device, the second security level is acquired according to the security level identifier of the terminal device.
  • the acquiring module 601 is further configured to acquire the third security level of the service for which the terminal device requests registration; acquire the fourth security level of the terminal device; the processing module 602 is also configured to Determine whether the terminal device has the authority to register the service according to the third security level and the fourth security level; when the terminal device has the authority to register the service, allow the terminal device to register the service described services.
  • the processing module 602 is specifically configured to determine whether the third security level is lower than the fourth security level; when the third security level is lower than the fourth security level, Determining that the terminal device has the right to register the service; or, when the third security level is greater than or equal to the fourth security level, determining that the terminal device does not have the right to register the service.
  • the processing module 602 is specifically configured to determine the highest service level corresponding to the fourth security level; determine whether the third security level is smaller than the highest service level; When the third security level is less than the highest service level, it is determined that the terminal device has the right to register the service; when the third security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to register permissions for the services described above.
  • the processing module 602 is specifically configured to determine the lowest level of equipment corresponding to the third security level; determine whether the fourth security level is greater than the lowest level of equipment; Fourth, when the security level is greater than the lowest level of the device, it is determined that the terminal device has the right to register the service; when the fourth security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to register permissions for the services described above.
  • the acquiring module 601 is further configured to acquire a service registration request.
  • the service registration request includes the identifier of the service; the obtaining module 601 is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain The third security level; or, acquiring the third security level from user configuration information of the service; or, acquiring the third security level according to characteristic information of the service, the characteristic information including the service The signature level of the secret key or the storage path of the program of the service.
  • the device in this embodiment can be used to execute the technical solution of the method embodiment shown in FIG. 4 or FIG. 5 , and its implementation principle and technical effect are similar, and details are not repeated here.
  • each step of the above-mentioned method embodiments may be completed by an integrated logic circuit of hardware in a processor or instructions in the form of software.
  • the processor can be a general-purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA), or other possible Program logic devices, discrete gate or transistor logic devices, discrete hardware components.
  • a general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like.
  • the steps of the method disclosed in the present application can be directly implemented by a hardware coded processor, or executed by a combination of hardware and software modules in the coded processor.
  • the software module can be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, register.
  • the storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware.
  • the memories mentioned in the above embodiments may be volatile memories or nonvolatile memories, or may include both volatile and nonvolatile memories.
  • the non-volatile memory can be read-only memory (read-only memory, ROM), programmable read-only memory (programmable ROM, PROM), erasable programmable read-only memory (erasable PROM, EPROM), electrically programmable Erases programmable read-only memory (electrically EPROM, EEPROM) or flash memory.
  • Volatile memory can be random access memory (RAM), which acts as external cache memory.
  • RAM random access memory
  • SRAM static random access memory
  • DRAM dynamic random access memory
  • DRAM synchronous dynamic random access memory
  • SDRAM double data rate synchronous dynamic random access memory
  • ESDRAM enhanced synchronous dynamic random access memory
  • SLDRAM direct memory bus random access memory
  • direct rambus RAM direct rambus RAM
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.
  • the functions described above are realized in the form of software function units and sold or used as independent products, they can be stored in a computer-readable storage medium.
  • the technical solution of the present application is essentially or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (personal computer, server, or network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disc and other media that can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present application provides a method for securely calling a service, and a method and apparatus for securely registering the service. The method for securely calling the service in the present application comprises: obtaining a first security level of a service requested to be called by a terminal device; obtaining a second security level of the terminal device; determining, according to the first security level and the second security level, whether the terminal device has a permission to call the service; and when the terminal device has the permission to call the service, allowing the terminal device to call the service. The present application ensures the security of the service.

Description

安全调用服务的方法、安全注册服务的方法及装置Method for securely invoking service, method and device for securely registering service
本申请要求于2021年7月14日提交中国专利局、申请号为202110795692.3、申请名称为“安全调用服务的方法、安全注册服务的方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with the application number 202110795692.3 and the title of the application titled "Method for Safe Calling Service, Method and Device for Safe Registration Service" submitted to the China Patent Office on July 14, 2021, the entire content of which is passed References are incorporated in this application.
技术领域technical field
本申请涉及终端操作系统技术,尤其涉及一种安全调用服务的方法、安全注册服务的方法及装置。The present application relates to terminal operating system technology, and in particular to a method for securely invoking a service, and a method and device for securely registering a service.
背景技术Background technique
终端设备承载着各种各样的服务和应用,随着通信的发展和用户需求的提升,终端设备之间可以通过相互调用,实现服务和应用的配合使用,构成了可以提供分布式服务的多终端设备网络。Terminal devices carry a variety of services and applications. With the development of communication and the improvement of user needs, terminal devices can call each other to realize the cooperative use of services and applications, forming a multi-service system that can provide distributed services. end device network.
相应的,用户对终端设备的安全需求也越来越高。Correspondingly, users have higher and higher security requirements for terminal equipment.
发明内容Contents of the invention
本申请提供一种安全调用服务的方法、安全注册服务的方法及装置,以确保服务的安全性。The present application provides a method for securely invoking a service, a method and device for securely registering a service, so as to ensure the security of the service.
第一方面,本申请提供一种安全调用服务的方法,包括:获取终端设备请求调用的服务的第一安全等级;获取所述终端设备的第二安全等级;根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限;当所述终端设备具备调用所述服务的权限时,允许所述终端设备调用所述服务。In the first aspect, the present application provides a method for safely invoking a service, including: obtaining the first security level of the service requested by the terminal device; obtaining the second security level of the terminal device; according to the first security level and the The second security level determines whether the terminal device has the right to call the service; when the terminal device has the right to call the service, the terminal device is allowed to call the service.
在一种可能的实现方式中,所述获取终端设备请求调用的服务的第一安全等级之前,还包括:接收所述终端设备发送的服务调用请求。In a possible implementation manner, before the acquiring the first security level of the service requested to be invoked by the terminal device, the method further includes: receiving a service invocation request sent by the terminal device.
本申请中,终端设备的操作系统提供了服务的安全等级配置接口,该服务的安全等级配置接口包括但不限于以下几种形式:In this application, the operating system of the terminal device provides a service security level configuration interface, and the service security level configuration interface includes but is not limited to the following forms:
1、在服务的配置文件中,增加安全等级字段。1. In the service configuration file, add a security level field.
例如,配置文件(config文件)中包括字段Securelevel:SL1。Securelevel为config文件中新增的安全等级字段,SL1是预先设置的或者由服务的供应商写入。For example, the configuration file (config file) includes the field Securelevel: SL1. Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
又例如,配置文件(例如xml/config/Json文件)中包括Securelevel字段,配置格式如下:For another example, the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
{{
……...
“Securelevel”:“SL2”"Securelevel": "SL2"
……...
}}
上述配置可以由服务的供应商实施。The above configuration can be implemented by the provider of the service.
2、提供安全配置页面,由用户设置服务的安全等级2. Provide a security configuration page, and the user can set the security level of the service
用户在启动服务时,可以向用户展示安全配置页面,由用户写入或者选择该服务的安全等级。应理解,终端操作系统还可以以其它方式向用户提供设置安全等级的界面或接口,本申请对此不做具体限定。When the user starts the service, the security configuration page can be displayed to the user, and the user can write or select the security level of the service. It should be understood that the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
例如,For example,
Start service_AStart service_A
Securelevel SL3Securelevel SL3
3、根据服务的特征信息匹配其安全等级3. Match the security level according to the characteristic information of the service
例如,服务可以采用秘钥签名提供安全保证,因此可以将服务的秘钥签名等级和服务的安全等级对应起来,由服务的秘钥签名等级反映其安全等级。例如,安全等级为SL1的服务采用SL1级别的秘钥签名;安全等级为SL2的服务采用SL2级别的秘钥签名。For example, services can use key signatures to provide security guarantees. Therefore, the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
又例如,可以将服务的程序的存储路径和服务的安全等级对应起来,由服务的程序的存储路径反映其安全等级。例如,服务的程序的存储路径在system路径下,其安全等级为SL2,服务的程序的存储路径在data路径下,其安全等级为SL1。For another example, the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program. For example, the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
应理解,除了上述三种方法外,终端设备的操作系统还可以提供其他安全等级配置接口,以对服务的安全等级进行配置化,本申请并不限定配置的具体实施方式。It should be understood that, in addition to the above three methods, the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
在一种可能的实现方式中,所述获取所述终端设备的第二安全等级,包括:当所述服务调用请求包括所述终端设备的标识时,根据所述终端设备的标识获取所述第二安全等级;或者,当所述服务调用请求包括所述终端设备的安全等级标识时,根据所述终端设备的安全等级标识获取所述第二安全等级。In a possible implementation manner, the obtaining the second security level of the terminal device includes: when the service invocation request includes the identifier of the terminal device, obtaining the second security level according to the identifier of the terminal device Two security levels; or, when the service invocation request includes a security level identifier of the terminal device, acquiring the second security level according to the security level identifier of the terminal device.
在一种可能的实现方式中,服务提供设备可以判断第一安全等级是否小于第二安全等级。当第一安全等级小于第二安全等级时,确定服务调用设备具备调用服务的权限;或者,当第一安全等级大于或等于第二安全等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine whether the first security level is smaller than the second security level. When the first security level is lower than the second security level, it is determined that the service calling device has the right to call the service; or, when the first security level is greater than or equal to the second security level, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用相同的判定标准,例如,终端设备的安全等级和服务的安全等级均包括L1~Lm,这样两个安全等级就是相同的标准。In this manner, the security level of the terminal device and the security level of the service may use the same judgment standard. For example, the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
第一安全等级小于第二安全等级,表示服务的安全等级小于服务调用设备的安全等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The first security level is lower than the second security level, indicating that the security level of the service is lower than that of the service calling device, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
在一种可能的实现方式中,服务提供设备可以确定第二安全等级对应的服务最高等级,判断第一安全等级是否小于服务最高等级。当第一安全等级小于服务最高等级时,确定服务调用设备具备调用服务的权限;当第一安全等级大于或等于服务最高等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine the highest service level corresponding to the second security level, and determine whether the first security level is smaller than the highest service level. When the first security level is less than the highest service level, it is determined that the service calling device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m<n,一个终端设备的安全等级可以对应一个或多个服务的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m<n, and the security level of one terminal device may correspond to one or more security levels of the service.
第二安全等级对应的服务最高等级是指服务调用设备可以调用的服务最高等级,如果是比服务最高等级更高级的服务,服务调用设备就不能调用。第一安全等级小于服务最高等级,表示服务的安全等级小于服务调用设备可以调用的服务的最高等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The highest level of service corresponding to the second security level refers to the highest level of service that the service calling device can call. If the service is higher than the highest service level, the service calling device cannot call it. The first security level is lower than the highest level of the service, which means that the security level of the service is lower than the highest level of the service that the service calling device can call, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
在一种可能的实现方式中,服务提供设备可以确定第一安全等级对应的设备最低等级,判断第二安全等级是否大于或等于设备最低等级。当第二安全等级大于设备最低等级时,确定服务调用设备具备调用服务的权限;当第二安全等级小于或等于设备最低等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the service calling device has the right to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m大于n,一个服务的安全等级可以对应一个或多个终端设备的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m is greater than n, and one security level of the service may correspond to the security levels of one or more terminal devices.
第一安全等级对应的设备最低等级是指可以调用服务的设备最低等级,如果服务调用设备的安全等级还低于设备最低等级,就不能调用服务。第二安全等级大于设备最低等级,表示服务调用设备的安全等级大于可以调用服务的终端设备的最低等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can call the service. If the security level of the service calling device is lower than the lowest level of the device, the service cannot be called. The second security level is greater than the lowest level of the device, which means that the security level of the service calling device is greater than the lowest level of the terminal device that can call the service, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
应理解,除了上述三种判定规则外,还可以以其它规则确定服务调用设备是否具备调用服务的权限,本申请对此不做具体限定。It should be understood that, in addition to the above three determination rules, other rules may also be used to determine whether the service calling device has the right to call the service, which is not specifically limited in the present application.
由此可见,服务提供设备对服务调用设备的安全等级和被调用的服务的安全等级进行匹配,只有符合安全等级规则(即低安全等级的终端设备不能调用高安全等级的服务,高安全等级的终端设备可以调用低安全等级的服务),服务调用设备才具备调用服务提供设备上的服务的权限,确保了服务的安全性。It can be seen that the service providing device matches the security level of the service invoking device with the security level of the called service. The terminal device can call a service with a low security level), and the service calling device has the authority to call the service on the service providing device, which ensures the security of the service.
本申请,通过对终端设备和服务分别设置安全等级,并基于二者的安全等级确定终端设备是否具备调用其它终端设备上的服务的权限,使得低安全等级的终端设备不能调用高安全等级的服务,高安全等级的终端设备可以调用低安全等级的服务,确保了服务的安全性。In this application, by separately setting security levels for terminal equipment and services, and based on the security levels of the two, it is determined whether the terminal equipment has the authority to call services on other terminal equipment, so that terminal equipment with a low security level cannot call services with a high security level , terminal equipment with a high security level can call services with a low security level, ensuring the security of services.
应理解,上述实施例描述了服务调用设备安全调用服务提供设备上的服务的过程,服务提供设备还可以参照上述步骤实施服务调用设备安全调用服务提供设备上的应用的过程,当服务调用设备具备调用应用的权限时,允许服务调用设备调用该服务,获得该服务的数据。It should be understood that the above-mentioned embodiment describes the process of the service calling device securely calling the service on the service providing device. When calling the permission of the application, the service calling device is allowed to call the service and obtain the data of the service.
第二方面,本申请提供一种安全注册服务的方法,包括:获取终端设备请求注册的服务的第一安全等级;获取所述终端设备的第二安全等级;根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备注册所述服务的权限;当所述终端设备具备注册所述服务的权限时,允许所述终端设备注册所述服务。In a second aspect, the present application provides a method for secure registration service, including: obtaining the first security level of the service for which the terminal device requests to register; obtaining the second security level of the terminal device; according to the first security level and the The second security level determines whether the terminal device has the right to register the service; when the terminal device has the right to register the service, allow the terminal device to register the service.
本申请中,终端设备的操作系统提供了服务的安全等级配置接口,该服务的安全等级配置接口包括但不限于以下几种形式:In this application, the operating system of the terminal device provides a service security level configuration interface, and the service security level configuration interface includes but is not limited to the following forms:
1、在服务的配置文件中,增加安全等级字段。1. In the service configuration file, add a security level field.
例如,配置文件(config文件)中包括字段Securelevel:SL1。Securelevel为config文件中新增的安全等级字段,SL1是预先设置的或者由服务的供应商写入。For example, the configuration file (config file) includes the field Securelevel: SL1. Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
又例如,配置文件(例如xml/config/Json文件)中包括Securelevel字段,配置格式如下:For another example, the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
{{
……...
“Securelevel”:“SL2”"Securelevel": "SL2"
……...
}}
上述配置可以由服务的供应商实施。The above configuration can be implemented by the provider of the service.
2、提供安全配置页面,由用户设置服务的安全等级2. Provide a security configuration page, and the user can set the security level of the service
用户在启动服务时,可以向用户展示安全配置页面,由用户写入或者选择该服务的安全等级。应理解,终端操作系统还可以以其它方式向用户提供设置安全等级的界面或接口,本申请对此不做具体限定。When the user starts the service, the security configuration page can be displayed to the user, and the user can write or select the security level of the service. It should be understood that the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
例如,For example,
Start service_AStart service_A
Securelevel SL3Securelevel SL3
3、根据服务的特征信息匹配其安全等级3. Match the security level according to the characteristic information of the service
例如,服务可以采用秘钥签名提供安全保证,因此可以将服务的秘钥签名等级和服务的安全等级对应起来,由服务的秘钥签名等级反映其安全等级。例如,安全等级为SL1的服务采用SL1级别的秘钥签名;安全等级为SL2的服务采用SL2级别的秘钥签名。For example, services can use key signatures to provide security guarantees. Therefore, the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
又例如,可以将服务的程序的存储路径和服务的安全等级对应起来,由服务的程序的存储路径反映其安全等级。例如,服务的程序的存储路径在system路径下,其安全等级为SL2,服务的程序的存储路径在data路径下,其安全等级为SL1。For another example, the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program. For example, the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
应理解,除了上述三种方法外,终端设备的操作系统还可以提供其他安全等级配置接口,以对服务的安全等级进行配置化,本申请并不限定配置的具体实施方式。It should be understood that, in addition to the above three methods, the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
基于上述几种方式,终端设备可以获取要注册的服务的第一安全等级,例如,可以读取config文件中的字段Securelevel的取值,将SL1作为第一安全等级;或者,读取服务的配置项中的字段Securelevel,将SL1作为第一安全等级;或者,获取服务的秘钥签名等级,将其对应的安全等级作为第一安全等级;或者,获取服务的程序的存储路径,根据该存储路径确定服务的第二安全等级。Based on the above methods, the terminal device can obtain the first security level of the service to be registered, for example, you can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read the configuration of the service The field Securelevel in the item, set SL1 as the first security level; or, obtain the key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the program of the service, according to the storage path Determines the second security level for the service.
在一种可能的实现方式中,终端设备的操作系统可以判断第一安全等级是否小于第二安全等级。当第一安全等级小于第二安全等级时,确定终端设备具备注册服务的权限;或者,当第一安全等级大于或等于第二安全等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine whether the first security level is lower than the second security level. When the first security level is lower than the second security level, it is determined that the terminal device has the authority to register for the service; or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the authority to register for the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用相同的判定标准,例如,终端设备的安全等级和服务的安全等级均包括L1~Lm,这样两个安全等级就是相同的标准。In this manner, the security level of the terminal device and the security level of the service may use the same judgment standard. For example, the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
第一安全等级小于第二安全等级,表示服务的安全等级小于终端设备的安全等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The first security level is lower than the second security level, indicating that the security level of the service is lower than that of the terminal device, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
在一种可能的实现方式中,终端设备的操作系统可以确定第二安全等级对应的服务最高等级,判断第一安全等级是否小于服务最高等级。当第一安全等级小于服务最高等级时,确定终端设备具备注册服务的权限;当第一安全等级大于或等于服务最高等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine the highest service level corresponding to the second security level, and determine whether the first security level is lower than the highest service level. When the first security level is less than the highest service level, it is determined that the terminal device has the authority to register for the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the authority to register for the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括 L1~Lm,服务的安全等级包括SL1~SLn,m<n,一个终端设备的安全等级可以对应一个或多个服务的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m<n, and the security level of one terminal device may correspond to one or more security levels of the service.
第二安全等级对应的服务最高等级是指终端设备可以注册的服务最高等级,如果是比服务最高等级更高级的服务,终端设备就不能注册。第一安全等级小于服务最高等级,表示服务的安全等级小于终端设备可以注册的服务的最高等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The highest service level corresponding to the second security level refers to the highest service level that the terminal device can register with. If the service is higher than the highest service level, the terminal device cannot register. The first security level is lower than the highest service level, indicating that the security level of the service is lower than the highest level of services that the terminal device can register for, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
在一种可能的实现方式中,终端设备的操作系统可以确定第一安全等级对应的设备最低等级,判断第二安全等级是否大于或等于设备最低等级。当第二安全等级大于设备最低等级时,确定终端设备具备注册服务的权限;当第二安全等级小于或等于设备最低等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to register the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the authority to register the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m大于n,一个服务的安全等级可以对应一个或多个终端设备的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m is greater than n, and one security level of the service may correspond to the security levels of one or more terminal devices.
第一安全等级对应的设备最低等级是指可以注册服务的设备最低等级,如果终端设备的安全等级还低于设备最低等级,就不能注册服务。第二安全等级大于设备最低等级,表示终端设备的安全等级大于可以注册服务的终端设备的最低等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can register for services. If the security level of a terminal device is lower than the lowest level of equipment, it cannot register for services. The second security level is greater than the lowest level of the device, which means that the security level of the terminal device is greater than the lowest level of the terminal device that can register for the service, and the terminal device can register for the service. Therefore, the operating system of the terminal device determines that the terminal device has the authority to register for the service.
应理解,除了上述三种判定规则外,还可以以其它规则确定终端设备是否具备注册服务的权限,本申请对此不做具体限定。It should be understood that, in addition to the above three determination rules, other rules may also be used to determine whether the terminal device has the authority to register the service, which is not specifically limited in this application.
由此可见,终端设备的操作系统对终端设备的安全等级和被注册的服务的安全等级进行匹配,只有符合安全等级规则(即低安全等级的终端设备不能注册高安全等级的服务,高安全等级的终端设备可以注册低安全等级的服务),终端设备才具备注册终端设备的操作系统上的服务的权限,确保了服务的安全性。It can be seen that the operating system of the terminal device matches the security level of the terminal device with the security level of the registered service. The terminal device can register a service with a low security level), the terminal device has the authority to register the service on the operating system of the terminal device, ensuring the security of the service.
本申请,通过对终端设备和服务分别设置安全等级,并基于二者的安全等级确定终端设备是否具备注册其上的服务的权限,使得低安全等级的终端设备不能注册高安全等级的服务,高安全等级的终端设备可以注册低安全等级的服务,确保了服务的安全性。In this application, by separately setting security levels for terminal equipment and services, and based on the security levels of the two, it is determined whether the terminal equipment has the authority to register services on it, so that terminal equipment with low security levels cannot register services with high security levels. A terminal device with a security level can register a service with a low security level, which ensures the security of the service.
应理解,上述实施例描述了终端设备安全注册本地的服务的过程,终端设备的操作系统还可以参照上述步骤实施终端设备安全安装服务的过程,当终端设备具备安装服务的权限时,允许终端设备安装服务。It should be understood that the above-mentioned embodiment describes the process of securely registering a local service on a terminal device. The operating system of the terminal device can also refer to the above steps to implement the process of securely installing the service on the terminal device. When the terminal device has the authority to install the service, the terminal device is allowed to install service.
在一种可能的实现方式中,所述获取终端设备请求注册的服务的第一安全等级之前,还包括:获取服务注册请求。In a possible implementation manner, before obtaining the first security level of the service for which the terminal device requests to register, the method further includes: obtaining a service registration request.
第三方面,本申请提供一种安全调用服务的装置,包括:获取模块和处理模块。其中,In a third aspect, the present application provides a device for safely invoking a service, including: an acquisition module and a processing module. in,
获取模块,用于获取终端设备请求调用的服务的第一安全等级;获取所述终端设备的第二安全等级;处理模块,用于根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限;当所述终端设备具备调用所述服务的权限时,允许所述终端设备调用所述服务。An acquisition module, configured to acquire the first security level of the service requested by the terminal device; acquire a second security level of the terminal device; a processing module, configured to determine the required security level according to the first security level and the second security level Whether the terminal device has the right to call the service; when the terminal device has the right to call the service, allow the terminal device to call the service.
在一种可能的实现方式中,所述处理模块,具体用于判断所述第一安全等级是否小于所述第二安全等级;当所述第一安全等级小于所述第二安全等级时,确定所述终端设备具 备调用所述服务的权限;或者,当所述第一安全等级大于或等于所述第二安全等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module is specifically configured to judge whether the first security level is smaller than the second security level; when the first security level is smaller than the second security level, determine The terminal device has the right to call the service; or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the right to call the service.
在一种可能的实现方式中,所述处理模块,具体用于确定所述第二安全等级对应的服务最高等级;判断所述第一安全等级是否小于所述服务最高等级;当所述第一安全等级小于所述服务最高等级时,确定所述终端设备具备调用所述服务的权限;当所述第一安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module is specifically configured to determine the highest service level corresponding to the second security level; judge whether the first security level is smaller than the highest service level; when the first security level When the security level is lower than the highest service level, it is determined that the terminal device has the authority to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to call the service. service permissions.
在一种可能的实现方式中,所述处理模块,具体用于确定所述第一安全等级对应的设备最低等级;判断所述第二安全等级是否大于所述设备最低等级;当所述第二安全等级大于所述设备最低等级时,确定所述终端设备具备调用所述服务的权限;当所述第二安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module is specifically configured to determine the lowest level of equipment corresponding to the first security level; judge whether the second security level is greater than the lowest level of the equipment; when the second When the security level is greater than the minimum level of the device, it is determined that the terminal device has the authority to call the service; when the second security level is less than or equal to the minimum level of the device, it is determined that the terminal device does not have the right to call the service. service permissions.
在一种可能的实现方式中,所述获取模块,还用于接收所述终端设备发送的服务调用请求。In a possible implementation manner, the obtaining module is further configured to receive a service invocation request sent by the terminal device.
在一种可能的实现方式中,所述服务调用请求包括所述服务的标识;所述获取模块,具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第一安全等级;或者,获取所述服务的用户配置信息获取所述第一安全等级;或者,根据所述服务的特征信息获取所述第一安全等级,所述特征信息包括所述服务的秘钥签名级别或者所述服务的程序的存储路径。In a possible implementation manner, the service invocation request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain the the first security level; or, acquire the user configuration information of the service to acquire the first security level; or acquire the first security level according to the feature information of the service, the feature information including the service The key signature level or the storage path of the program of the service.
在一种可能的实现方式中,所述获取模块,具体用于当所述服务调用请求包括所述终端设备的标识时,根据所述终端设备的标识获取所述第二安全等级;或者,当所述服务调用请求包括所述终端设备的安全等级标识时,根据所述终端设备的安全等级标识获取所述第二安全等级。In a possible implementation manner, the acquiring module is specifically configured to acquire the second security level according to the identifier of the terminal device when the service call request includes the identifier of the terminal device; or, when When the service invocation request includes the security level identifier of the terminal device, the second security level is acquired according to the security level identifier of the terminal device.
在一种可能的实现方式中,所述获取模块,还用于获取终端设备请求注册的服务的第三安全等级;获取所述终端设备的第四安全等级;所述处理模块,还用于根据所述第三安全等级和所述第四安全等级确定所述终端设备是否具备注册所述服务的权限;当所述终端设备具备注册所述服务的权限时,允许所述终端设备注册所述服务。In a possible implementation manner, the acquiring module is further configured to acquire the third security level of the service for which the terminal device requests to register; acquire the fourth security level of the terminal device; and the processing module is further configured to The third security level and the fourth security level determine whether the terminal device has the right to register the service; when the terminal device has the right to register the service, allow the terminal device to register the service .
在一种可能的实现方式中,所述处理模块,具体用于判断所述第三安全等级是否小于所述第四安全等级;当所述第三安全等级小于所述第四安全等级时,确定所述终端设备具备注册所述服务的权限;或者,当所述第三安全等级大于或等于所述第四安全等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module is specifically configured to determine whether the third security level is less than the fourth security level; when the third security level is less than the fourth security level, determine The terminal device has the right to register the service; or, when the third security level is greater than or equal to the fourth security level, it is determined that the terminal device does not have the right to register the service.
在一种可能的实现方式中,所述处理模块,具体用于确定所述第四安全等级对应的服务最高等级;判断所述第三安全等级是否小于所述服务最高等级;当所述第三安全等级小于所述服务最高等级时,确定所述终端设备具备注册所述服务的权限;当所述第三安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module is specifically configured to determine the highest service level corresponding to the fourth security level; determine whether the third security level is smaller than the highest service level; when the third security level When the security level is less than the highest service level, it is determined that the terminal device has the right to register the service; when the third security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to register the service. service permissions.
在一种可能的实现方式中,所述处理模块,具体用于确定所述第三安全等级对应的设备最低等级;判断所述第四安全等级是否大于所述设备最低等级;当所述第四安全等级大于所述设备最低等级时,确定所述终端设备具备注册所述服务的权限;当所述第四安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module is specifically configured to determine the lowest level of equipment corresponding to the third security level; judge whether the fourth security level is greater than the lowest level of the equipment; when the fourth When the security level is greater than the minimum level of the device, it is determined that the terminal device has the right to register the service; when the fourth security level is less than or equal to the minimum level of the device, it is determined that the terminal device does not have the right to register the service. service permissions.
在一种可能的实现方式中,所述获取模块,还用于获取服务注册请求。In a possible implementation manner, the acquiring module is further configured to acquire a service registration request.
在一种可能的实现方式中,所述服务注册请求包括所述服务的标识;所述获取模块, 具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第三安全等级;或者,获取所述服务的用户配置信息获取所述第三安全等级;或者,根据所述服务的特征信息获取所述第三安全等级,所述特征信息包括所述服务的秘钥签名等级或者所述服务的程序的存储路径。In a possible implementation manner, the service registration request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain the the third security level; or, acquire the user configuration information of the service to acquire the third security level; or acquire the third security level according to the feature information of the service, the feature information including the service The storage path of the key signature level or the program of the service.
第四方面,本申请提供一种终端设备,包括:一个或多个处理器;存储器,用于存储一个或多个程序;当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如上述第一至二方面中任一项所述的方法。In a fourth aspect, the present application provides a terminal device, including: one or more processors; a memory for storing one or more programs; when the one or more programs are executed by the one or more processors , so that the one or more processors implement the method described in any one of the first to second aspects above.
第五方面,本申请提供一种计算机可读存储介质,包括计算机程序,所述计算机程序在计算机上被执行时,使得所述计算机执行上述第一至二方面中任一项所述的方法。In a fifth aspect, the present application provides a computer-readable storage medium, including a computer program. When the computer program is executed on a computer, the computer executes the method described in any one of the first to second aspects above.
第六方面,本申请还提供一种计算机程序产品,所述计算机程序产品包括计算机程序代码,当所述计算机程序代码在计算机上运行时,使得计算机执行上述任一至二方法实施例中由终端设备执行的操作和/或处理。In the sixth aspect, the present application also provides a computer program product, the computer program product includes computer program code, and when the computer program code is run on the computer, the computer is made to execute the terminal device in any one of the above two method embodiments. Actions and/or processing performed.
附图说明Description of drawings
图1是本申请提供的多终端设备网络100的一个示例性的结构图;FIG. 1 is an exemplary structural diagram of a multi-terminal device network 100 provided by the present application;
图2示出了终端设备200的结构示意图;FIG. 2 shows a schematic structural diagram of a terminal device 200;
图3是本申请的终端设备200的软件结构框图;FIG. 3 is a software structural block diagram of the terminal device 200 of the present application;
图4为本申请提供的安全调用服务的方法的过程400的流程图;FIG. 4 is a flowchart of a process 400 of a method for securely invoking a service provided by the present application;
图5为本申请提供的安全注册服务的方法的过程500的流程图;FIG. 5 is a flowchart of a process 500 of the method for secure registration services provided by the present application;
图6为本申请提供的安全调用服务的装置600的一个示例性的结构图。FIG. 6 is an exemplary structural diagram of an apparatus 600 for securely invoking a service provided by the present application.
具体实施方式detailed description
为使本申请的目的、技术方案和优点更加清楚,下面将结合本申请中的附图,对本申请中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the purpose, technical solutions and advantages of this application clearer, the technical solutions in this application will be clearly and completely described below in conjunction with the accompanying drawings in this application. Obviously, the described embodiments are part of the embodiments of this application , but not all examples. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.
本申请的说明书实施例和权利要求书及附图中的术语“第一”、“第二”等仅用于区分描述的目的,而不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元。方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first" and "second" in the description, embodiments, claims and drawings of the present application are only used for the purpose of distinguishing descriptions, and cannot be interpreted as indicating or implying relative importance, nor can they be interpreted as indicating or imply order. Furthermore, the terms "comprising" and "having", as well as any variations thereof, are intended to cover a non-exclusive inclusion, for example, of a sequence of steps or elements. A method, system, product or device is not necessarily limited to those steps or elements explicitly listed, but may include other steps or elements not explicitly listed or inherent to the process, method, product or device.
应当理解,在本申请中,“至少一个(项)”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,用于描述关联对象的关联关系,表示可以存在三种关系,例如,“A和/或B”可以表示:只存在A,只存在B以及同时存在A和B三种情况,其中A,B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。“以下至少一项(个)”或其类似表达,是指这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,a,b或c中的至少一项(个),可以表示:a,b,c,“a和b”,“a和c”,“b和c”,或“a和b和c”,其中a,b,c可以是单个,也可以是多个。It should be understood that in this application, "at least one (item)" means one or more, and "multiple" means two or more. "And/or" is used to describe the association relationship of associated objects, indicating that there can be three types of relationships, for example, "A and/or B" can mean: only A exists, only B exists, and A and B exist at the same time , where A and B can be singular or plural. The character "/" generally indicates that the contextual objects are an "or" relationship. "At least one of the following" or similar expressions refer to any combination of these items, including any combination of single or plural items. For example, at least one item (piece) of a, b or c can mean: a, b, c, "a and b", "a and c", "b and c", or "a and b and c ", where a, b, c can be single or multiple.
以下是本申请涉及到的相关概念:The following are related concepts involved in this application:
1、泛在网络1. Ubiquitous network
泛在网络从字面上可以理解为广泛存在、无所不在的网络。也就是人置身于无所不在的网络之中,实现人在任何时间、地点,使用任何网络可以与任何人与物实现信息交换。基于个人和社会的需求,利用现有网络技术和新的网络技术,为个人和社会提供泛在的、无所不含的服务和应用(application,APP)。现代互联网是一个巨大的由多种类型计算机网络互连的集合,网络的类型一直在增加,包括多种多样的无线通信技术。最终结果是联网已成为一个泛在的资源,设备可以在任何时间、任何地方被连接。The ubiquitous network can literally be understood as a widespread and ubiquitous network. That is to say, people are placed in the ubiquitous network, so that people can exchange information with any person and thing at any time and place using any network. Based on the needs of individuals and society, use existing network technology and new network technology to provide ubiquitous and all-encompassing services and applications (Application, APP) for individuals and society. The modern Internet is a huge collection of interconnected computer networks of various types, and the types of networks are increasing all the time, including a variety of wireless communication technologies. The end result is that networking has become a ubiquitous resource where devices can be connected anytime, anywhere.
应理解,机器到机器(machine to machine,M2M)的无线数据传输、传感器网络(sensor network)、近距离无线通信技术(near field communication,NFC)、无线局域网(wireless local area networks,WLAN)(例如,无线保真(wireless fidelity,Wi-Fi)网络、蓝牙(bluetooth,BT))、全球导航卫星系统(global navigation satellite system,GNSS)、调频(frequency modulation,FM)、红外技术(infrared,IR)等无线通信技术的发展促进了泛在网络的应用。It should be understood that wireless data transmission from machine to machine (M2M), sensor network (sensor network), near field communication technology (near field communication, NFC), wireless local area network (wireless local area networks, WLAN) (such as , wireless fidelity (wireless fidelity, Wi-Fi) network, Bluetooth (bluetooth, BT)), global navigation satellite system (global navigation satellite system, GNSS), frequency modulation (frequency modulation, FM), infrared technology (infrared, IR) The development of wireless communication technologies, such as , has promoted the application of ubiquitous networks.
2、多终端设备网络2. Multi-terminal equipment network
多终端设备网络由分布在不同地点的多个终端设备基于上述泛在网络互连而成,该多个终端设备可以提供分布式服务和/或应用。多终端设备网络中无中心节点,各个节点之间可以相互通信,通信控制功能分布在各个节点上。多终端设备网络具有可靠性高、网内节点共享资源容易的特点,广泛应用在多媒体数据库管理、音视频传输、视频点播等领域。The multi-terminal device network is formed by interconnecting multiple terminal devices distributed in different locations based on the ubiquitous network, and the multiple terminal devices can provide distributed services and/or applications. There is no central node in the multi-terminal equipment network, each node can communicate with each other, and the communication control function is distributed on each node. The multi-terminal equipment network has the characteristics of high reliability and easy sharing of resources by nodes in the network, and is widely used in multimedia database management, audio and video transmission, video on demand and other fields.
图1是本申请提供的多终端设备网络100的一个示例性的结构图,如图1所示,在多终端设备网络100中,可以包括多个终端设备,例如,设备A、设备B、设备C、设备D和设备E等。示例性的,多终端设备网络100可以包括手机、平板电脑、可穿戴设备、车载设备、增强现实(augmented reality,AR)/虚拟现实(virtual reality,VR)设备、笔记本电脑、超级移动个人计算机(ultra-mobile personal computer,UMPC)、上网本、个人数字助理(personal digital assistant,PDA)等终端设备中的任意一种或者多种,应理解,本申请对多终端设备网络100中包括的终端设备的数量和形态不做限定。FIG. 1 is an exemplary structural diagram of a multi-terminal device network 100 provided by the present application. As shown in FIG. C, equipment D and equipment E, etc. Exemplarily, the multi-terminal device network 100 may include a mobile phone, a tablet computer, a wearable device, a vehicle-mounted device, an augmented reality (augmented reality, AR)/virtual reality (virtual reality, VR) device, a notebook computer, a super mobile personal computer ( Ultra-mobile personal computer, UMPC), netbook, personal digital assistant (personal digital assistant, PDA) and other terminal devices, it should be understood that this application applies to the terminal devices included in the multi-terminal device network 100 The quantity and shape are not limited.
此外,多终端设备网络100的任意两个终端设备相互通信可以有多种不同的方式,例如,通过连接的方式或者借助于未来通信技术的方式进行通信以传输数据。其中,连接的方式可以包括有线连接或者无线连接等多种不同连接方式。示例性的,两个终端设备之间可以是通过USB数据线连接;两个终端设备之间的无线连接可以是通过建立Wi-Fi连接、近场通信的靠近连接、蓝牙扫码连接等。两个终端设备还可以借助于未来通信技术的方式,例如通过在手机和平板上安装不同或相同的应用,借助于5G通信网络传输数据,本申请对两个终端设备之间的连接方式或者通信方式不做限定。In addition, any two terminal devices in the multi-terminal device network 100 may communicate with each other in many different ways, for example, communicate through a connection or by means of future communication technologies to transmit data. Wherein, the connection manner may include various connection manners such as wired connection or wireless connection. Exemplarily, the two terminal devices may be connected through a USB data cable; the wireless connection between the two terminal devices may be through establishing a Wi-Fi connection, a proximity connection of near field communication, a Bluetooth code scanning connection, and the like. Two terminal devices can also use future communication technologies, for example, by installing different or the same applications on mobile phones and tablets, and transmit data with the help of 5G communication networks. The method is not limited.
在多终端设备网络中,因为各个终端设备的使用场景不同,各个终端设备所承载的服务和应用也各不相同,相应的,各个终端设备的安全等级也各不相同,低安全等级的终端设备无法处理包含敏感个人数据的服务和/或应用,低安全等级的终端设备也不应该调用高安全等级的终端设备上的包含敏感个人数据的服务和/或应用。例如,用户不希望平板、家庭电视等设备访问手机的聊天应用、工作应用等包含的私密数据。或者,在家里,用户会期待家居智能设备(家庭电视)可以自动连接访问,例如自动地将手机来电通话投射到大屏电视上;但是在商场里,用户不会期望有其他终端设备自动访问手机数据的行为。In a multi-terminal device network, because the use scenarios of each terminal device are different, the services and applications carried by each terminal device are also different. Correspondingly, the security levels of each terminal device are also different. Terminal devices with low security levels Services and/or applications containing sensitive personal data cannot be processed, and terminal devices with a low security level should not call services and/or applications containing sensitive personal data on terminal devices with a high security level. For example, users do not want devices such as tablets and home TVs to access private data contained in chat applications and work applications on mobile phones. Or, at home, users expect that home smart devices (home TV) can automatically connect and access, for example, automatically project incoming calls from mobile phones to large-screen TVs; but in shopping malls, users do not expect other terminal devices to automatically access mobile phones data behavior.
当前基于linux的设备访问控制方法主要包括自助式访问控制(discretionary access control,DAC)和强制访问控制(mandatory access control,MAC)两种机制。其中,DAC中,资源的访问权限由访问主体(Subject,例如进程)和资源客体(Object,例如文件、prop等)的属性决定。运行期,资源的所有者(属主或者属组成员)可以修改权限以被其它Subject访问。MAC中,资源的访问权限由安全策略定义的访问主体(Subject,例如进程)和资源客体(Object,例如文件、prop、binder等)的安全上下文决定。特定的Subject和Object之间有运行期间不可自主修改的访问控制关系。The current linux-based device access control methods mainly include two mechanisms: discretionary access control (DAC) and mandatory access control (mandatory access control, MAC). Wherein, in the DAC, resource access rights are determined by attributes of an access subject (Subject, such as a process) and a resource object (Object, such as a file, prop, etc.). During runtime, resource owners (owners or group members) can modify permissions to be accessed by other Subjects. In MAC, resource access rights are determined by the security context of the access subject (Subject, such as a process) and the resource object (Object, such as a file, prop, binder, etc.) defined by the security policy. There is an access control relationship between a specific Subject and Object that cannot be modified independently during runtime.
DAC和MAC对于单设备的调度管控已经能够满足需求,但是对于多终端设备网络中的跨设备调度管控还存在问题。例如,不同安全等级的两个终端设备,都是相同的身份标签(例如system),但是由于安全等级不同,两个终端设备的权限就不能完全相同,如果只考虑标签,必然出现低安全等级的终端设备调用高安全等级的终端设备上的包含敏感个人数据的服务和/或应用的情况。DAC and MAC have been able to meet the requirements for single-device scheduling control, but there are still problems with cross-device scheduling control in a multi-terminal device network. For example, two terminal devices with different security levels have the same identity label (such as system), but due to the different security levels, the permissions of the two terminal devices cannot be completely the same. If only the labels are considered, there must be a low security level Situations where an end device invokes services and/or applications containing sensitive personal data on an end device with a high security level.
本申请提供一种安全调用服务的方法,可以应用于终端设备,该方法可以是单独的服务或应用程序,该服务或应用程序可以应用在多终端设备网络中的任意的终端设备,以保证服务或应用的安全调用。This application provides a method for safely invoking a service, which can be applied to a terminal device. The method can be a separate service or application program, and the service or application program can be applied to any terminal device in a multi-terminal device network to ensure service or application security calls.
具体地,本申请提供的安全调用服务的方法可以应用于上述列举的手机、平板电脑、可穿戴设备、车载设备、笔记本电脑、平板等终端设备上,本申请对终端设备的具体类型不作任何限制。Specifically, the method for safely invoking services provided by this application can be applied to terminal devices such as mobile phones, tablet computers, wearable devices, vehicle-mounted devices, notebook computers, and tablets listed above, and this application does not impose any restrictions on the specific types of terminal devices .
图2示出了终端设备200的结构示意图。应该理解的是,图2所示终端设备200仅是终端设备的一个范例,并且终端设备200可以具有比图中所示的更多的或者更少的部件,可以组合两个或多个的部件,或者可以具有不同的部件配置。图2中所示出的各种部件可以在包括一个或多个信号处理和/或专用集成电路在内的硬件、软件、或硬件和软件的组合中实现。FIG. 2 shows a schematic structural diagram of a terminal device 200 . It should be understood that the terminal device 200 shown in FIG. 2 is only an example of a terminal device, and the terminal device 200 may have more or fewer components than those shown in the figure, and two or more components may be combined , or can have different component configurations. The various components shown in Figure 2 may be implemented in hardware, software, or a combination of hardware and software including one or more signal processing and/or application specific integrated circuits.
终端设备200可以包括:处理器210,外部存储器接口220,内部存储器121,通用串行总线(universal serial bus,USB)接口230,充电管理模块240,电源管理模块241,电池242,天线1,天线2,移动通信模块250,无线通信模块260,音频模块270,扬声器270A,受话器270B,麦克风270C,耳机接口270D,传感器模块280,按键290,马达291,指示器292,摄像头293,显示屏294,以及用户标识模块(subscriber identification module,SIM)卡接口295等。其中传感器模块280可以包括压力传感器280A,陀螺仪传感器280B,气压传感器280C,磁传感器280D,加速度传感器280E,距离传感器280F,接近光传感器280G,指纹传感器280H,温度传感器280J,触摸传感器280K,环境光传感器280L,骨传导传感器280M等。The terminal device 200 may include: a processor 210, an external memory interface 220, an internal memory 121, a universal serial bus (universal serial bus, USB) interface 230, a charging management module 240, a power management module 241, a battery 242, an antenna 1, and an antenna 2. Mobile communication module 250, wireless communication module 260, audio module 270, speaker 270A, receiver 270B, microphone 270C, earphone jack 270D, sensor module 280, button 290, motor 291, indicator 292, camera 293, display screen 294, And a subscriber identification module (subscriber identification module, SIM) card interface 295, etc. The sensor module 280 may include a pressure sensor 280A, a gyro sensor 280B, an air pressure sensor 280C, a magnetic sensor 280D, an acceleration sensor 280E, a distance sensor 280F, a proximity light sensor 280G, a fingerprint sensor 280H, a temperature sensor 280J, a touch sensor 280K, and an ambient light sensor. Sensor 280L, bone conduction sensor 280M, etc.
处理器210可以包括一个或多个处理单元,例如:处理器210可以包括应用处理器(application processor,AP),调制解调处理器,图形处理器(graphics processing unit,GPU),图像信号处理器(image signal processor,ISP),控制器,存储器,视频编解码器,数字信号处理器(digital signal processor,DSP),基带处理器,和/或神经网络处理器(neural-network processing unit,NPU)等。其中,不同的处理单元可以是独立的器件,也可以集成在一个或多个处理器中。The processor 210 may include one or more processing units, for example: the processor 210 may include an application processor (application processor, AP), a modem processor, a graphics processing unit (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, memory, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural network processor (neural-network processing unit, NPU) Wait. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.
其中,控制器可以是终端设备200的神经中枢和指挥中心。控制器可以根据指令操作 码和时序信号,产生操作控制信号,完成取指令和执行指令的控制。Wherein, the controller may be the nerve center and command center of the terminal device 200 . The controller can generate operation control signals according to instruction opcodes and timing signals to complete the control of fetching and executing instructions.
处理器210中还可以设置存储器,用于存储指令和数据。在一些实施例中,处理器210中的存储器为高速缓冲存储器。该存储器可以保存处理器210刚用过或循环使用的指令或数据。如果处理器210需要再次使用该指令或数据,可从所述存储器中直接调用。避免了重复存取,减少了处理器210的等待时间,因而提高了系统的效率。A memory may also be provided in the processor 210 for storing instructions and data. In some embodiments, the memory in processor 210 is a cache memory. The memory may hold instructions or data that the processor 210 has just used or recycled. If the processor 210 needs to use the instruction or data again, it can be called directly from the memory. Repeated access is avoided, and the waiting time of the processor 210 is reduced, thereby improving the efficiency of the system.
在一些实施例中,处理器210可以包括一个或多个接口。接口可以包括集成电路(inter-integrated circuit,I2C)接口,集成电路内置音频(inter-integrated circuit sound,I2S)接口,脉冲编码调制(pulse code modulation,PCM)接口,通用异步收发传输器(universal asynchronous receiver/transmitter,UART)接口,移动产业处理器接口(mobile industry processor interface,MIPI),通用输入输出(general-purpose input/output,GPIO)接口,用户标识模块(subscriber identity module,SIM)接口,和/或通用串行总线(universal serial bus,USB)接口等。In some embodiments, processor 210 may include one or more interfaces. The interface may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous transmitter (universal asynchronous receiver/transmitter, UART) interface, mobile industry processor interface (mobile industry processor interface, MIPI), general-purpose input and output (general-purpose input/output, GPIO) interface, subscriber identity module (subscriber identity module, SIM) interface, and /or universal serial bus (universal serial bus, USB) interface, etc.
I2C接口是一种双向同步串行总线,包括一根串行数据线(serial data line,SDA)和一根串行时钟线(derail clock line,SCL)。在一些实施例中,处理器210可以包含多组I2C总线。处理器210可以通过不同的I2C总线接口分别耦合触摸传感器280K,充电器,闪光灯,摄像头293等。例如:处理器210可以通过I2C接口耦合触摸传感器280K,使处理器210与触摸传感器280K通过I2C总线接口通信,实现终端设备200的触摸功能。The I2C interface is a bidirectional synchronous serial bus, including a serial data line (serial data line, SDA) and a serial clock line (derail clock line, SCL). In some embodiments, processor 210 may include multiple sets of I2C buses. The processor 210 can be respectively coupled to the touch sensor 280K, the charger, the flashlight, the camera 293 and so on through different I2C bus interfaces. For example, the processor 210 may be coupled to the touch sensor 280K through the I2C interface, so that the processor 210 and the touch sensor 280K communicate through the I2C bus interface to realize the touch function of the terminal device 200 .
I2S接口可以用于音频通信。在一些实施例中,处理器210可以包含多组I2S总线。处理器210可以通过I2S总线与音频模块270耦合,实现处理器210与音频模块270之间的通信。在一些实施例中,音频模块270可以通过I2S接口向无线通信模块260传递音频信号,实现通过蓝牙耳机接听电话的功能。The I2S interface can be used for audio communication. In some embodiments, processor 210 may include multiple sets of I2S buses. The processor 210 may be coupled to the audio module 270 through an I2S bus to implement communication between the processor 210 and the audio module 270 . In some embodiments, the audio module 270 can transmit audio signals to the wireless communication module 260 through the I2S interface, so as to realize the function of answering calls through the Bluetooth headset.
PCM接口也可以用于音频通信,将模拟信号抽样,量化和编码。在一些实施例中,音频模块270与无线通信模块260可以通过PCM总线接口耦合。在一些实施例中,音频模块270也可以通过PCM接口向无线通信模块260传递音频信号,实现通过蓝牙耳机接听电话的功能。所述I2S接口和所述PCM接口都可以用于音频通信。The PCM interface can also be used for audio communication, sampling, quantizing and encoding the analog signal. In some embodiments, the audio module 270 and the wireless communication module 260 may be coupled through a PCM bus interface. In some embodiments, the audio module 270 can also transmit audio signals to the wireless communication module 260 through the PCM interface, so as to realize the function of answering calls through the Bluetooth headset. Both the I2S interface and the PCM interface can be used for audio communication.
UART接口是一种通用串行数据总线,用于异步通信。该总线可以为双向通信总线。它将要传输的数据在串行通信与并行通信之间转换。在一些实施例中,UART接口通常被用于连接处理器210与无线通信模块260。例如:处理器210通过UART接口与无线通信模块260中的蓝牙模块通信,实现蓝牙功能。在一些实施例中,音频模块270可以通过UART接口向无线通信模块260传递音频信号,实现通过蓝牙耳机播放音乐的功能。The UART interface is a universal serial data bus used for asynchronous communication. The bus can be a bidirectional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is generally used to connect the processor 210 and the wireless communication module 260 . For example: the processor 210 communicates with the Bluetooth module in the wireless communication module 260 through the UART interface to realize the Bluetooth function. In some embodiments, the audio module 270 can transmit audio signals to the wireless communication module 260 through the UART interface, so as to realize the function of playing music through the Bluetooth headset.
MIPI接口可以被用于连接处理器210与显示屏294,摄像头293等外围器件。MIPI接口包括摄像头串行接口(camera serial interface,CSI),显示屏串行接口(display serial interface,DSI)等。在一些实施例中,处理器210和摄像头293通过CSI接口通信,实现终端设备200的拍摄功能。处理器210和显示屏294通过DSI接口通信,实现终端设备200的显示功能。The MIPI interface can be used to connect the processor 210 with the peripheral devices such as the display screen 294 and the camera 293 . MIPI interface includes camera serial interface (camera serial interface, CSI), display serial interface (display serial interface, DSI), etc. In some embodiments, the processor 210 communicates with the camera 293 through the CSI interface to realize the shooting function of the terminal device 200 . The processor 210 communicates with the display screen 294 through the DSI interface to realize the display function of the terminal device 200 .
GPIO接口可以通过软件配置。GPIO接口可以被配置为控制信号,也可被配置为数据信号。在一些实施例中,GPIO接口可以用于连接处理器210与摄像头293,显示屏294,无线通信模块260,音频模块270,传感器模块280等。GPIO接口还可以被配置为I2C接口,I2S接口,UART接口,MIPI接口等。The GPIO interface can be configured by software. The GPIO interface can be configured as a control signal or as a data signal. In some embodiments, the GPIO interface can be used to connect the processor 210 with the camera 293 , the display screen 294 , the wireless communication module 260 , the audio module 270 , the sensor module 280 and so on. The GPIO interface can also be configured as an I2C interface, I2S interface, UART interface, MIPI interface, etc.
USB接口230是符合USB标准规范的接口,具体可以是Mini USB接口,Micro USB接口,USB Type C接口等。USB接口230可以用于连接充电器为终端设备200充电,也可以用于终端设备200与外围设备之间传输数据。也可以用于连接耳机,通过耳机播放音频。该接口还可以用于连接其他终端设备,例如AR设备等。The USB interface 230 is an interface conforming to the USB standard specification, specifically, it may be a Mini USB interface, a Micro USB interface, a USB Type C interface, and the like. The USB interface 230 can be used to connect a charger to charge the terminal device 200, and can also be used to transmit data between the terminal device 200 and peripheral devices. It can also be used to connect headphones and play audio through them. This interface can also be used to connect other terminal devices, such as AR devices.
可以理解的是,本申请示意的各模块间的接口连接关系,只是示意性说明,并不构成对终端设备200的结构限定。在本申请另一些实施例中,终端设备200也可以采用上述实施例中不同的接口连接方式,或多种接口连接方式的组合。It can be understood that the interface connection relationship between the modules shown in this application is only a schematic illustration, and does not constitute a structural limitation of the terminal device 200 . In other embodiments of the present application, the terminal device 200 may also adopt different interface connection modes in the foregoing embodiments, or a combination of multiple interface connection modes.
充电管理模块240用于从充电器接收充电输入。其中,充电器可以是无线充电器,也可以是有线充电器。在一些有线充电的实施例中,充电管理模块240可以通过USB接口230接收有线充电器的充电输入。在一些无线充电的实施例中,充电管理模块240可以通过终端设备200的无线充电线圈接收无线充电输入。充电管理模块240为电池242充电的同时,还可以通过电源管理模块241为终端设备供电。The charging management module 240 is configured to receive charging input from the charger. Wherein, the charger may be a wireless charger or a wired charger. In some embodiments of wired charging, the charging management module 240 can receive the charging input of the wired charger through the USB interface 230 . In some wireless charging embodiments, the charging management module 240 may receive wireless charging input through the wireless charging coil of the terminal device 200 . While the charging management module 240 is charging the battery 242 , it can also supply power to the terminal device through the power management module 241 .
电源管理模块241用于连接电池242,充电管理模块240与处理器210。电源管理模块241接收电池242和/或充电管理模块240的输入,为处理器210,内部存储器121,外部存储器,显示屏294,摄像头293,和无线通信模块260等供电。电源管理模块241还可以用于监测电池容量,电池循环次数,电池健康状态(漏电,阻抗)等参数。在其他一些实施例中,电源管理模块241也可以设置于处理器210中。在另一些实施例中,电源管理模块241和充电管理模块240也可以设置于同一个器件中。The power management module 241 is used for connecting the battery 242 , the charging management module 240 and the processor 210 . The power management module 241 receives the input from the battery 242 and/or the charging management module 240 to provide power for the processor 210 , the internal memory 121 , the external memory, the display screen 294 , the camera 293 , and the wireless communication module 260 . The power management module 241 can also be used to monitor parameters such as battery capacity, battery cycle times, and battery health status (leakage, impedance). In some other embodiments, the power management module 241 can also be set in the processor 210 . In some other embodiments, the power management module 241 and the charging management module 240 may also be set in the same device.
终端设备200的无线通信功能可以通过天线1,天线2,移动通信模块250,无线通信模块260,调制解调处理器以及基带处理器等实现。The wireless communication function of the terminal device 200 may be implemented by the antenna 1, the antenna 2, the mobile communication module 250, the wireless communication module 260, a modem processor, a baseband processor, and the like.
天线1和天线2用于发射和接收电磁波信号。终端设备200中的每个天线可用于覆盖单个或多个通信频带。不同的天线还可以复用,以提高天线的利用率。例如:可以将天线1复用为无线局域网的分集天线。在另外一些实施例中,天线可以和调谐开关结合使用。Antenna 1 and Antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in the terminal device 200 can be used to cover single or multiple communication frequency bands. Different antennas can also be multiplexed to improve the utilization of the antennas. For example: Antenna 1 can be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.
移动通信模块250可以提供应用在终端设备200上的包括2G/3G/4G/5G等无线通信的解决方案。移动通信模块250可以包括至少一个滤波器,开关,功率放大器,低噪声放大器(low noise amplifier,LNA)等。移动通信模块250可以由天线1接收电磁波,并对接收的电磁波进行滤波,放大等处理,传送至调制解调处理器进行解调。移动通信模块250还可以对经调制解调处理器调制后的信号放大,经天线1转为电磁波辐射出去。在一些实施例中,移动通信模块250的至少部分功能模块可以被设置于处理器210中。在一些实施例中,移动通信模块250的至少部分功能模块可以与处理器210的至少部分模块被设置在同一个器件中。The mobile communication module 250 can provide wireless communication solutions including 2G/3G/4G/5G applied on the terminal device 200 . The mobile communication module 250 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA) and the like. The mobile communication module 250 can receive electromagnetic waves through the antenna 1, filter and amplify the received electromagnetic waves, and send them to the modem processor for demodulation. The mobile communication module 250 can also amplify the signal modulated by the modem processor, convert it into electromagnetic wave and radiate it through the antenna 1 . In some embodiments, at least part of the functional modules of the mobile communication module 250 may be set in the processor 210 . In some embodiments, at least part of the functional modules of the mobile communication module 250 and at least part of the modules of the processor 210 may be set in the same device.
调制解调处理器可以包括调制器和解调器。其中,调制器用于将待发送的低频基带信号调制成中高频信号。解调器用于将接收的电磁波信号解调为低频基带信号。随后解调器将解调得到的低频基带信号传送至基带处理器处理。低频基带信号经基带处理器处理后,被传递给应用处理器。应用处理器通过音频设备(不限于扬声器270A,受话器270B等)输出声音信号,或通过显示屏294显示图像或视频。在一些实施例中,调制解调处理器可以是独立的器件。在另一些实施例中,调制解调处理器可以独立于处理器210,与移动通信模块250或其他功能模块设置在同一个器件中。A modem processor may include a modulator and a demodulator. Wherein, the modulator is used for modulating the low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low frequency baseband signal. Then the demodulator sends the demodulated low-frequency baseband signal to the baseband processor for processing. The low-frequency baseband signal is passed to the application processor after being processed by the baseband processor. The application processor outputs sound signals through audio equipment (not limited to speaker 270A, receiver 270B, etc.), or displays images or videos through display screen 294 . In some embodiments, the modem processor may be a stand-alone device. In some other embodiments, the modem processor may be independent of the processor 210, and be set in the same device as the mobile communication module 250 or other functional modules.
无线通信模块260可以提供应用在终端设备200上的包括无线局域网(wireless local  area networks,WLAN)(如无线保真(wireless fidelity,Wi-Fi)网络),蓝牙(bluetooth,BT),全球导航卫星系统(global navigation satellite system,GNSS),调频(frequency modulation,FM),近距离无线通信技术(near field communication,NFC),红外技术(infrared,IR)等无线通信的解决方案。无线通信模块260可以是集成至少一个通信处理模块的一个或多个器件。无线通信模块260经由天线2接收电磁波,将电磁波信号调频以及滤波处理,将处理后的信号发送到处理器210。无线通信模块260还可以从处理器210接收待发送的信号,对其进行调频,放大,经天线2转为电磁波辐射出去。The wireless communication module 260 can provide wireless local area networks (wireless local area networks, WLAN) (such as wireless fidelity (Wireless fidelity, Wi-Fi) network), bluetooth (bluetooth, BT), global navigation satellite, etc. System (global navigation satellite system, GNSS), frequency modulation (frequency modulation, FM), near field communication technology (near field communication, NFC), infrared technology (infrared, IR) and other wireless communication solutions. The wireless communication module 260 may be one or more devices integrating at least one communication processing module. The wireless communication module 260 receives electromagnetic waves via the antenna 2 , frequency-modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 210 . The wireless communication module 260 can also receive the signal to be sent from the processor 210 , frequency-modulate it, amplify it, and convert it into electromagnetic waves through the antenna 2 to radiate out.
在一些实施例中,终端设备200的天线1和移动通信模块250耦合,天线2和无线通信模块260耦合,使得终端设备200可以通过无线通信技术与网络以及其他设备通信。所述无线通信技术可以包括全球移动通讯系统(global system for mobile communications,GSM),通用分组无线服务(general packet radio service,GPRS),码分多址接入(code division multiple access,CDMA),宽带码分多址(wideband code division multiple access,WCDMA),时分码分多址(time-division code division multiple access,TD-SCDMA),长期演进(long term evolution,LTE),BT,GNSS,WLAN,NFC,FM,和/或IR技术等。所述GNSS可以包括全球卫星定位系统(global positioning system,GPS),全球导航卫星系统(global navigation satellite system,GLONASS),北斗卫星导航系统(beidou navigation satellite system,BDS),准天顶卫星系统(quasi-zenith satellite system,QZSS)和/或星基增强系统(satellite based augmentation systems,SBAS)。In some embodiments, the antenna 1 of the terminal device 200 is coupled to the mobile communication module 250, and the antenna 2 is coupled to the wireless communication module 260, so that the terminal device 200 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include global system for mobile communications (GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), broadband Code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC , FM, and/or IR techniques, etc. The GNSS may include a global positioning system (global positioning system, GPS), a global navigation satellite system (global navigation satellite system, GLONASS), a Beidou navigation satellite system (beidou navigation satellite system, BDS), a quasi-zenith satellite system (quasi -zenith satellite system (QZSS) and/or satellite based augmentation systems (SBAS).
终端设备200通过GPU,显示屏294,以及应用处理器等实现显示功能。GPU为图像处理的微处理器,连接显示屏294和应用处理器。GPU用于执行数学和几何计算,用于图形渲染。处理器210可包括一个或多个GPU,其执行程序指令以生成或改变显示信息。The terminal device 200 implements a display function through a GPU, a display screen 294, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display screen 294 and the application processor. GPUs are used to perform mathematical and geometric calculations for graphics rendering. Processor 210 may include one or more GPUs that execute program instructions to generate or change display information.
显示屏294用于显示图像,视频等。显示屏294包括显示面板。显示面板可以采用液晶显示屏(liquid crystal display,LCD),有机发光二极管(organic light-emitting diode,OLED),有源矩阵有机发光二极体或主动矩阵有机发光二极体(active-matrix organic light emitting diode的,AMOLED),柔性发光二极管(flex light-emitting diode,FLED),Miniled,MicroLed,Micro-oLed,量子点发光二极管(quantum dot light emitting diodes,QLED)等。在一些实施例中,终端设备200可以包括1个或N个显示屏294,N为大于1的正整数。The display screen 294 is used to display images, videos and the like. Display 294 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active matrix organic light emitting diode or an active matrix organic light emitting diode (active-matrix organic light emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diodes (quantum dot light emitting diodes, QLED), etc. In some embodiments, the terminal device 200 may include 1 or N display screens 294, where N is a positive integer greater than 1.
终端设备200可以通过ISP,摄像头293,视频编解码器,GPU,显示屏294以及应用处理器等实现拍摄功能。The terminal device 200 can realize the shooting function through the ISP, the camera 293, the video codec, the GPU, the display screen 294, and the application processor.
ISP用于处理摄像头293反馈的数据。例如,拍照时,打开快门,光线通过镜头被传递到摄像头感光元件上,光信号转换为电信号,摄像头感光元件将所述电信号传递给ISP处理,转化为肉眼可见的图像。ISP还可以对图像的噪点,亮度,肤色进行算法优化。ISP还可以对拍摄场景的曝光,色温等参数优化。在一些实施例中,ISP可以设置在摄像头293中。The ISP is used for processing the data fed back by the camera 293 . For example, when taking a picture, open the shutter, the light is transmitted to the photosensitive element of the camera through the lens, and the light signal is converted into an electrical signal, and the photosensitive element of the camera transmits the electrical signal to the ISP for processing, and converts it into an image visible to the naked eye. ISP can also perform algorithm optimization on image noise, brightness, and skin color. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be located in the camera 293 .
摄像头293用于捕获静态图像或视频。物体通过镜头生成光学图像投射到感光元件。感光元件可以是电荷耦合器件(charge coupled device,CCD)或互补金属氧化物半导体(complementary metal-oxide-semiconductor,CMOS)光电晶体管。感光元件把光信号转换成电信号,之后将电信号传递给ISP转换成数字图像信号。ISP将数字图像信号输出到DSP加工处理。DSP将数字图像信号转换成标准的RGB,YUV等格式的图像信号。在一些实 施例中,终端设备200可以包括1个或N个摄像头293,N为大于1的正整数。Camera 293 is used to capture still images or video. The object generates an optical image through the lens and projects it to the photosensitive element. The photosensitive element may be a charge coupled device (CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the light signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other image signals. In some embodiments, the terminal device 200 may include 1 or N cameras 293, where N is a positive integer greater than 1.
数字信号处理器用于处理数字信号,除了可以处理数字图像信号,还可以处理其他数字信号。例如,当终端设备200在频点选择时,数字信号处理器用于对频点能量进行傅里叶变换等。Digital signal processors are used to process digital signals. In addition to digital image signals, they can also process other digital signals. For example, when the terminal device 200 selects a frequency point, the digital signal processor is used to perform Fourier transform on the energy of the frequency point.
视频编解码器用于对数字视频压缩或解压缩。终端设备200可以支持一种或多种视频编解码器。这样,终端设备200可以播放或录制多种编码格式的视频,例如:动态图像专家组(moving picture experts group,MPEG)1,MPEG2,MPEG3,MPEG4等。Video codecs are used to compress or decompress digital video. The terminal device 200 may support one or more video codecs. In this way, the terminal device 200 can play or record videos in various encoding formats, for example: moving picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4, etc.
NPU为神经网络(neural-network,NN)计算处理器,通过借鉴生物神经网络结构,例如借鉴人脑神经元之间传递模式,对输入信息快速处理,还可以不断的自学习。通过NPU可以实现终端设备200的智能认知等应用,例如:图像识别,人脸识别,语音识别,文本理解等。The NPU is a neural-network (NN) computing processor. By referring to the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process input information and continuously learn by itself. Applications such as intelligent cognition of the terminal device 200 can be implemented through the NPU, such as image recognition, face recognition, speech recognition, text understanding, and the like.
外部存储器接口220可以用于连接外部存储卡,例如Micro SD卡,实现扩展终端设备200的存储能力。外部存储卡通过外部存储器接口220与处理器210通信,实现数据存储功能。例如将音乐,视频等文件保存在外部存储卡中。The external memory interface 220 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the terminal device 200. The external memory card communicates with the processor 210 through the external memory interface 220 to implement a data storage function. Such as saving music, video and other files in the external memory card.
内部存储器121可以用于存储计算机可执行程序代码,所述可执行程序代码包括指令。处理器210通过运行存储在内部存储器121的指令,从而执行终端设备200的各种功能应用以及数据处理。内部存储器121可以包括存储程序区和存储数据区。其中,存储程序区可存储操作系统,至少一个功能所需的应用程序(比如声音播放功能,图像播放功能等)等。存储数据区可存储终端设备200使用过程中所创建的数据(比如音频数据,电话本等)等。此外,内部存储器121可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件,闪存器件,通用闪存存储器(universal flash storage,UFS)等。The internal memory 121 may be used to store computer-executable program codes including instructions. The processor 210 executes various functional applications and data processing of the terminal device 200 by executing instructions stored in the internal memory 121 . The internal memory 121 may include an area for storing programs and an area for storing data. Wherein, the stored program area can store an operating system, at least one application program required by a function (such as a sound playing function, an image playing function, etc.) and the like. The storage data area can store data created during the use of the terminal device 200 (such as audio data, phonebook, etc.) and the like. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (universal flash storage, UFS) and the like.
终端设备200可以通过音频模块270,扬声器270A,受话器270B,麦克风270C,耳机接口270D,以及应用处理器等实现音频功能。例如音乐播放,录音等。The terminal device 200 may implement an audio function through an audio module 270, a speaker 270A, a receiver 270B, a microphone 270C, an earphone interface 270D, and an application processor. Such as music playback, recording, etc.
音频模块270用于将数字音频信息转换成模拟音频信号输出,也用于将模拟音频输入转换为数字音频信号。音频模块270还可以用于对音频信号编码和解码。在一些实施例中,音频模块270可以设置于处理器210中,或将音频模块270的部分功能模块设置于处理器210中。The audio module 270 is used to convert digital audio information into analog audio signal output, and is also used to convert analog audio input into digital audio signal. The audio module 270 may also be used to encode and decode audio signals. In some embodiments, the audio module 270 can be set in the processor 210 , or some functional modules of the audio module 270 can be set in the processor 210 .
扬声器270A,也称“喇叭”,用于将音频电信号转换为声音信号。终端设备200可以通过扬声器270A收听音乐,或收听免提通话。 Speaker 270A, also referred to as a "horn", is used to convert audio electrical signals into sound signals. The terminal device 200 can listen to music through the speaker 270A, or listen to hands-free calls.
受话器270B,也称“听筒”,用于将音频电信号转换成声音信号。当终端设备200接听电话或语音信息时,可以通过将受话器270B靠近人耳接听语音。Receiver 270B, also called "earpiece", is used to convert audio electrical signals into audio signals. When the terminal device 200 receives a phone call or voice information, the receiver 270B can be placed close to the human ear to receive the voice.
麦克风270C,也称“话筒”,“传声器”,用于将声音信号转换为电信号。当拨打电话或发送语音信息时,用户可以通过人嘴靠近麦克风270C发声,将声音信号输入到麦克风270C。终端设备200可以设置至少一个麦克风270C。在另一些实施例中,终端设备200可以设置两个麦克风270C,除了采集声音信号,还可以实现降噪功能。在另一些实施例中,终端设备200还可以设置三个,四个或更多麦克风270C,实现采集声音信号,降噪,还可以识别声音来源,实现定向录音功能等。The microphone 270C, also called "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 270C with a human mouth, and input the sound signal into the microphone 270C. The terminal device 200 may be provided with at least one microphone 270C. In some other embodiments, the terminal device 200 may be provided with two microphones 270C, which may also implement a noise reduction function in addition to collecting sound signals. In some other embodiments, the terminal device 200 can also be provided with three, four or more microphones 270C, so as to collect sound signals, reduce noise, identify sound sources, and realize directional recording functions, etc.
耳机接口270D用于连接有线耳机。耳机接口270D可以是USB接口230,也可以是 3.5mm的开放移动终端设备平台(open mobile terminal platform,OMTP)标准接口,美国蜂窝电信工业协会(cellular telecommunications industry association of the USA,CTIA)标准接口。The earphone interface 270D is used for connecting wired earphones. The earphone interface 270D may be a USB interface 230, or a 3.5mm open mobile terminal platform (open mobile terminal platform, OMTP) standard interface, or a cellular telecommunications industry association of the USA (CTIA) standard interface.
压力传感器280A用于感受压力信号,可以将压力信号转换成电信号。在一些实施例中,压力传感器280A可以设置于显示屏294。压力传感器280A的种类很多,如电阻式压力传感器,电感式压力传感器,电容式压力传感器等。电容式压力传感器可以是包括至少两个具有导电材料的平行板。当有力作用于压力传感器280A,电极之间的电容改变。终端设备200根据电容的变化确定压力的强度。当有触摸操作作用于显示屏294,终端设备200根据压力传感器280A检测所述触摸操作强度。终端设备200也可以根据压力传感器280A的检测信号计算触摸的位置。在一些实施例中,作用于相同触摸位置,但不同触摸操作强度的触摸操作,可以对应不同的操作指令。例如:当有触摸操作强度小于第一压力阈值的触摸操作作用于短消息应用图标时,执行查看短消息的指令。当有触摸操作强度大于或等于第一压力阈值的触摸操作作用于短消息应用图标时,执行新建短消息的指令。The pressure sensor 280A is used to sense the pressure signal and convert the pressure signal into an electrical signal. In some embodiments, pressure sensor 280A may be located on display screen 294 . There are many types of pressure sensors 280A, such as resistive pressure sensors, inductive pressure sensors, and capacitive pressure sensors. A capacitive pressure sensor may be comprised of at least two parallel plates with conductive material. When a force is applied to the pressure sensor 280A, the capacitance between the electrodes changes. The terminal device 200 determines the intensity of pressure according to the change in capacitance. When a touch operation acts on the display screen 294, the terminal device 200 detects the intensity of the touch operation according to the pressure sensor 280A. The terminal device 200 may also calculate the touched position according to the detection signal of the pressure sensor 280A. In some embodiments, touch operations acting on the same touch position but with different touch operation intensities may correspond to different operation instructions. For example: when a touch operation with a touch operation intensity less than the first pressure threshold acts on the short message application icon, an instruction to view short messages is executed. When a touch operation whose intensity is greater than or equal to the first pressure threshold acts on the icon of the short message application, the instruction of creating a new short message is executed.
陀螺仪传感器280B可以用于确定终端设备200的运动姿态。在一些实施例中,可以通过陀螺仪传感器280B确定终端设备200围绕三个轴(即,x,y和z轴)的角速度。陀螺仪传感器280B可以用于拍摄防抖。示例性的,当按下快门,陀螺仪传感器280B检测终端设备200抖动的角度,根据角度计算出镜头模组需要补偿的距离,让镜头通过反向运动抵消终端设备200的抖动,实现防抖。陀螺仪传感器280B还可以用于导航,体感游戏场景。The gyroscope sensor 280B can be used to determine the motion posture of the terminal device 200 . In some embodiments, the angular velocity of the terminal device 200 around three axes (ie, x, y and z axes) can be determined by the gyro sensor 280B. The gyro sensor 280B can be used for image stabilization. Exemplarily, when the shutter is pressed, the gyro sensor 280B detects the shaking angle of the terminal device 200, calculates the distance that the lens module needs to compensate according to the angle, and allows the lens to counteract the shaking of the terminal device 200 through reverse movement to achieve anti-shake. The gyro sensor 280B can also be used for navigation and somatosensory game scenes.
气压传感器280C用于测量气压。在一些实施例中,终端设备200通过气压传感器280C测得的气压值计算海拔高度,辅助定位和导航。The air pressure sensor 280C is used to measure air pressure. In some embodiments, the terminal device 200 calculates the altitude based on the air pressure value measured by the air pressure sensor 280C to assist in positioning and navigation.
磁传感器280D包括霍尔传感器。终端设备200可以利用磁传感器280D检测翻盖皮套的开合。在一些实施例中,当终端设备200是翻盖机时,终端设备200可以根据磁传感器280D检测翻盖的开合。进而根据检测到的皮套的开合状态或翻盖的开合状态,设置翻盖自动解锁等特性。The magnetic sensor 280D includes a Hall sensor. The terminal device 200 may use the magnetic sensor 280D to detect the opening and closing of the flip holster. In some embodiments, when the terminal device 200 is a clamshell machine, the terminal device 200 may detect opening and closing of the clamshell according to the magnetic sensor 280D. Furthermore, according to the detected opening and closing state of the leather case or the opening and closing state of the flip cover, features such as automatic unlocking of the flip cover are set.
加速度传感器280E可检测终端设备200在各个方向上(一般为三轴)加速度的大小。当终端设备200静止时可检测出重力的大小及方向。还可以用于识别终端设备姿态,应用于横竖屏切换,计步器等应用。The acceleration sensor 280E can detect the acceleration of the terminal device 200 in various directions (generally three axes). When the terminal device 200 is stationary, the magnitude and direction of gravity can be detected. It can also be used to recognize the posture of terminal equipment, and can be used in applications such as horizontal and vertical screen switching, pedometers, etc.
距离传感器280F,用于测量距离。终端设备200可以通过红外或激光测量距离。在一些实施例中,拍摄场景,终端设备200可以利用距离传感器280F测距以实现快速对焦。The distance sensor 280F is used to measure the distance. The terminal device 200 can measure the distance by infrared or laser. In some embodiments, when shooting a scene, the terminal device 200 may use the distance sensor 280F for distance measurement to achieve fast focusing.
接近光传感器280G可以包括例如发光二极管(LED)和光检测器,例如光电二极管。发光二极管可以是红外发光二极管。终端设备200通过发光二极管向外发射红外光。终端设备200使用光电二极管检测来自附近物体的红外反射光。当检测到充分的反射光时,可以确定终端设备200附近有物体。当检测到不充分的反射光时,终端设备200可以确定终端设备200附近没有物体。终端设备200可以利用接近光传感器280G检测用户手持终端设备200贴近耳朵通话,以便自动熄灭屏幕达到省电的目的。接近光传感器280G也可用于皮套模式,口袋模式自动解锁与锁屏。Proximity light sensor 280G may include, for example, a light emitting diode (LED) and a light detector, such as a photodiode. The light emitting diodes may be infrared light emitting diodes. The terminal device 200 emits infrared light through the light emitting diode. The terminal device 200 detects infrared reflected light from nearby objects using a photodiode. When sufficient reflected light is detected, it can be determined that there is an object near the terminal device 200 . When insufficient reflected light is detected, the terminal device 200 may determine that there is no object near the terminal device 200 . The terminal device 200 can use the proximity light sensor 280G to detect that the user holds the terminal device 200 close to the ear to make a call, so as to automatically turn off the screen to save power. Proximity light sensor 280G can also be used in leather case mode, automatic unlock and lock screen in pocket mode.
环境光传感器280L用于感知环境光亮度。终端设备200可以根据感知的环境光亮度自适应调节显示屏294亮度。环境光传感器280L也可用于拍照时自动调节白平衡。环境 光传感器280L还可以与接近光传感器280G配合,检测终端设备200是否在口袋里,以防误触。The ambient light sensor 280L is used for sensing ambient light brightness. The terminal device 200 can adaptively adjust the brightness of the display screen 294 according to the perceived ambient light brightness. The ambient light sensor 280L can also be used to automatically adjust the white balance when taking pictures. The ambient light sensor 280L can also cooperate with the proximity light sensor 280G to detect whether the terminal device 200 is in the pocket, so as to prevent accidental touch.
指纹传感器280H用于采集指纹。终端设备200可以利用采集的指纹特性实现指纹解锁,访问应用锁,指纹拍照,指纹接听来电等。The fingerprint sensor 280H is used to collect fingerprints. The terminal device 200 can use the collected fingerprint characteristics to implement fingerprint unlocking, access to application locks, take pictures with fingerprints, answer incoming calls with fingerprints, and so on.
温度传感器280J用于检测温度。在一些实施例中,终端设备200利用温度传感器280J检测的温度,执行温度处理策略。例如,当温度传感器280J上报的温度超过阈值,终端设备200执行降低位于温度传感器280J附近的处理器的性能,以便降低功耗实施热保护。在另一些实施例中,当温度低于另一阈值时,终端设备200对电池242加热,以避免低温导致终端设备200异常关机。在其他一些实施例中,当温度低于又一阈值时,终端设备200对电池242的输出电压执行升压,以避免低温导致的异常关机。The temperature sensor 280J is used to detect temperature. In some embodiments, the terminal device 200 uses the temperature detected by the temperature sensor 280J to implement a temperature processing strategy. For example, when the temperature reported by the temperature sensor 280J exceeds the threshold, the terminal device 200 executes reducing the performance of a processor located near the temperature sensor 280J, so as to reduce power consumption and implement thermal protection. In some other embodiments, when the temperature is lower than another threshold, the terminal device 200 heats the battery 242 to avoid abnormal shutdown of the terminal device 200 caused by the low temperature. In some other embodiments, when the temperature is lower than another threshold, the terminal device 200 boosts the output voltage of the battery 242 to avoid abnormal shutdown caused by low temperature.
触摸传感器280K,也称“触控面板”。触摸传感器280K可以设置于显示屏294,由触摸传感器280K与显示屏294组成触摸屏,也称“触控屏”。触摸传感器280K用于检测作用于其上或附近的触摸操作。触摸传感器可以将检测到的触摸操作传递给应用处理器,以确定触摸事件类型。可以通过显示屏294提供与触摸操作相关的视觉输出。在另一些实施例中,触摸传感器280K也可以设置于终端设备200的表面,与显示屏294所处的位置不同。Touch sensor 280K, also known as "touch panel". The touch sensor 280K can be arranged on the display screen 294, and the touch sensor 280K and the display screen 294 form a touch screen, also called “touch screen”. The touch sensor 280K is used to detect a touch operation on or near it. The touch sensor can pass the detected touch operation to the application processor to determine the type of touch event. Visual output related to touch operations can be provided through the display screen 294 . In some other embodiments, the touch sensor 280K may also be disposed on the surface of the terminal device 200 , which is different from the position of the display screen 294 .
骨传导传感器280M可以获取振动信号。在一些实施例中,骨传导传感器280M可以获取人体声部振动骨块的振动信号。骨传导传感器280M也可以接触人体脉搏,接收血压跳动信号。在一些实施例中,骨传导传感器280M也可以设置于耳机中,结合成骨传导耳机。音频模块270可以基于所述骨传导传感器280M获取的声部振动骨块的振动信号,解析出语音信号,实现语音功能。应用处理器可以基于所述骨传导传感器280M获取的血压跳动信号解析心率信息,实现心率检测功能。The bone conduction sensor 280M can acquire vibration signals. In some embodiments, the bone conduction sensor 280M can acquire the vibration signal of the vibrating bone mass of the human voice. The bone conduction sensor 280M can also contact the human pulse and receive the blood pressure beating signal. In some embodiments, the bone conduction sensor 280M can also be disposed in the earphone, combined into a bone conduction earphone. The audio module 270 can analyze the voice signal based on the vibration signal of the vibrating bone mass of the vocal part acquired by the bone conduction sensor 280M, so as to realize the voice function. The application processor can analyze the heart rate information based on the blood pressure beating signal acquired by the bone conduction sensor 280M, so as to realize the heart rate detection function.
按键290包括开机键,音量键等。按键290可以是机械按键。也可以是触摸式按键。终端设备200可以接收按键输入,产生与终端设备200的用户设置以及功能控制有关的键信号输入。The keys 290 include a power key, a volume key and the like. The key 290 may be a mechanical key. It can also be a touch button. The terminal device 200 may receive key input and generate key signal input related to user settings and function control of the terminal device 200 .
马达291可以产生振动提示。马达291可以用于来电振动提示,也可以用于触摸振动反馈。例如,作用于不同应用(例如拍照,音频播放等)的触摸操作,可以对应不同的振动反馈效果。作用于显示屏294不同区域的触摸操作,马达291也可对应不同的振动反馈效果。不同的应用场景(例如:时间提醒,接收信息,闹钟,游戏等)也可以对应不同的振动反馈效果。触摸振动反馈效果还可以支持自定义。The motor 291 can generate a vibrating reminder. The motor 291 can be used for incoming call vibration prompts, and can also be used for touch vibration feedback. For example, touch operations applied to different applications (such as taking pictures, playing audio, etc.) may correspond to different vibration feedback effects. The motor 291 can also correspond to different vibration feedback effects for touch operations acting on different areas of the display screen 294 . Different application scenarios (for example: time reminder, receiving information, alarm clock, games, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect can also support customization.
指示器292可以是指示灯,可以用于指示充电状态,电量变化,也可以用于指示消息,未接来电,通知等。The indicator 292 can be an indicator light, which can be used to indicate the charging status, the change of the battery capacity, and also can be used to indicate messages, missed calls, notifications and so on.
SIM卡接口295用于连接SIM卡。SIM卡可以通过插入SIM卡接口295,或从SIM卡接口295拔出,实现和终端设备200的接触和分离。终端设备200可以支持1个或N个SIM卡接口,N为大于1的正整数。SIM卡接口295可以支持Nano SIM卡,Micro SIM卡,SIM卡等。同一个SIM卡接口295可以同时插入多张卡。所述多张卡的类型可以相同,也可以不同。SIM卡接口295也可以兼容不同类型的SIM卡。SIM卡接口295也可以兼容外部存储卡。终端设备200通过SIM卡和网络交互,实现通话以及数据通信等功能。在一些实施例中,终端设备200采用eSIM,即:嵌入式SIM卡。eSIM卡可以嵌在终 端设备200中,不能和终端设备200分离。The SIM card interface 295 is used for connecting a SIM card. The SIM card can be connected and separated from the terminal device 200 by inserting it into the SIM card interface 295 or pulling it out from the SIM card interface 295 . The terminal device 200 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. SIM card interface 295 can support Nano SIM card, Micro SIM card, SIM card etc. Multiple cards can be inserted into the same SIM card interface 295 at the same time. The types of the multiple cards may be the same or different. The SIM card interface 295 is also compatible with different types of SIM cards. The SIM card interface 295 is also compatible with external memory cards. The terminal device 200 interacts with the network through the SIM card to implement functions such as calling and data communication. In some embodiments, the terminal device 200 adopts an eSIM, that is, an embedded SIM card. The eSIM card can be embedded in the terminal device 200 and cannot be separated from the terminal device 200.
终端设备的软件系统可以采用分层架构,事件驱动架构,微核架构,微服务架构,或云架构。本申请以分层架构的Android系统为例,示例性说明终端设备的软件结构。The software system of the terminal device may adopt a layered architecture, an event-driven architecture, a micro-kernel architecture, a micro-service architecture, or a cloud architecture. This application takes the Android system with a layered architecture as an example to illustrate the software structure of the terminal device.
图3是本申请的终端设备200的软件结构框图。FIG. 3 is a block diagram of the software structure of the terminal device 200 of the present application.
终端设备200的分层架构将软件分成若干个层,每一层都有清晰的角色和分工。层与层之间通过软件接口通信。在一些实施例中,将Android系统分为四层,从上至下分别为应用程序层,应用程序框架层,安卓运行时(Android runtime)和系统库,以及内核层。The layered architecture of the terminal device 200 divides the software into several layers, and each layer has a clear role and division of labor. Layers communicate through software interfaces. In some embodiments, the Android system is divided into four layers, which are respectively the application program layer, the application program framework layer, the Android runtime (Android runtime) and the system library, and the kernel layer from top to bottom.
应用程序层可以包括一系列应用程序包。The application layer can consist of a series of application packages.
如图3所示,应用程序包可以包括相机,图库,日历,通话,地图,导航,WLAN,蓝牙,音乐,视频,短信息等应用程序。As shown in FIG. 3, the application package may include applications such as camera, gallery, calendar, call, map, navigation, WLAN, Bluetooth, music, video, and short message.
应用程序框架层为应用程序层的应用程序提供应用编程接口(application programming interface,API)和编程框架。应用程序框架层包括一些预先定义的函数。The application framework layer provides an application programming interface (application programming interface, API) and a programming framework for applications in the application layer. The application framework layer includes some predefined functions.
如图3所示,应用程序框架层可以包括窗口管理器,内容提供器,视图系统,电话管理器,资源管理器,通知管理器,安全管理模块等。As shown in Figure 3, the application framework layer can include window manager, content provider, view system, phone manager, resource manager, notification manager, security management module, etc.
窗口管理器用于管理窗口程序。窗口管理器可以获取显示屏大小,判断是否有状态栏,锁定屏幕,截取屏幕等。A window manager is used to manage window programs. The window manager can get the size of the display screen, determine whether there is a status bar, lock the screen, capture the screen, etc.
内容提供器用来存放和获取数据,并使这些数据可以被应用程序访问。所述数据可以包括视频,图像,音频,拨打和接听的电话,浏览历史和书签,电话簿等。Content providers are used to store and retrieve data and make it accessible to applications. Said data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebook, etc.
视图系统包括可视控件,例如显示文字的控件,显示图片的控件等。视图系统可用于构建应用程序。显示界面可以由一个或多个视图组成的。例如,包括短信通知图标的显示界面,可以包括显示文字的视图以及显示图片的视图。The view system includes visual controls, such as controls for displaying text, controls for displaying pictures, and so on. The view system can be used to build applications. A display interface can consist of one or more views. For example, a display interface including a text message notification icon may include a view for displaying text and a view for displaying pictures.
电话管理器用于提供终端设备200的通信功能。例如通话状态的管理(包括接通,挂断等)。The phone manager is used to provide the communication function of the terminal device 200 . For example, the management of call status (including connected, hung up, etc.).
资源管理器为应用程序提供各种资源,比如本地化字符串,图标,图片,布局文件,视频文件等等。The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on.
通知管理器使应用程序可以在状态栏中显示通知信息,可以用于传达告知类型的消息,可以短暂停留后自动消失,无需用户交互。比如通知管理器被用于告知下载完成,消息提醒等。通知管理器还可以是以图表或者滚动条文本形式出现在系统顶部状态栏的通知,例如后台运行的应用程序的通知,还可以是以对话窗口形式出现在屏幕上的通知。例如在状态栏提示文本信息,发出提示音,终端设备200振动,指示灯闪烁等。The notification manager enables the application to display notification information in the status bar, which can be used to convey notification-type messages, and can automatically disappear after a short stay without user interaction. For example, the notification manager is used to notify the download completion, message reminder, etc. The notification manager can also be a notification that appears on the top status bar of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window. For example, a text message is displayed in the status bar, a prompt sound is issued, the terminal device 200 vibrates, and the indicator light flashes.
安全管理模块为本申请新增的功能模块,可以实现本申请提供的安全调用服务的方法及其它安全相关的方法,本申请将在后续实施例中详细描述。The security management module is a newly added functional module of this application, which can implement the method of securely invoking services provided by this application and other security-related methods, which will be described in detail in subsequent embodiments of this application.
应理解,本申请列举了将安全管理模块设置在应用程序框架层的情况,该安全管理模块还可以设置在内核层中,本申请对此不作限定。只要与本申请提供的安全管理模块相同的功能,均在本申请的保护范围之内。It should be understood that the present application cites the case of setting the security management module at the application framework layer, and the security management module may also be set at the kernel layer, which is not limited in the present application. As long as it has the same function as the security management module provided by this application, it is within the scope of protection of this application.
Android Runtime包括核心库和虚拟机。Android runtime负责安卓系统的调度和管理。Android Runtime includes core library and virtual machine. The Android runtime is responsible for the scheduling and management of the Android system.
核心库包含两部分:一部分是java语言需要调用的功能函数,另一部分是安卓的核心库。The core library consists of two parts: one part is the function function that the java language needs to call, and the other part is the core library of Android.
应用程序层和应用程序框架层运行在虚拟机中。虚拟机将应用程序层和应用程序框架 层的java文件执行为二进制文件。虚拟机用于执行对象生命周期的管理,堆栈管理,线程管理,安全和异常的管理,以及垃圾回收等功能。The application layer and the application framework layer run in virtual machines. The virtual machine executes the java files of the application program layer and the application program framework layer as binary files. The virtual machine is used to perform functions such as object life cycle management, stack management, thread management, security and exception management, and garbage collection.
系统库可以包括多个功能模块。例如:表面管理器(surface manager),媒体库(Media Libraries),三维(3D)图形处理库(例如:OpenGL ES),二维(2D)图形引擎(例如:SGL)等。A system library can include multiple function modules. For example: surface manager (surface manager), media library (Media Libraries), three-dimensional (3D) graphics processing library (for example: OpenGL ES), two-dimensional (2D) graphics engine (for example: SGL), etc.
表面管理器用于对显示子系统进行管理,并且为多个应用程序提供了2D和3D图层的融合。The surface manager is used to manage the display subsystem and provides the fusion of 2D and 3D layers for multiple applications.
媒体库支持多种常用的音频,视频格式回放和录制,以及静态图像文件等。媒体库可以支持多种音视频编码格式,例如:MPEG4,H.264,MP3,AAC,AMR,JPG,PNG等。The media library supports playback and recording of various commonly used audio and video formats, as well as still image files, etc. The media library can support a variety of audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.
三维图形处理库用于实现三维图形绘图,图像渲染,合成,和图层处理等。The 3D graphics processing library is used to implement 3D graphics drawing, image rendering, compositing, and layer processing, etc.
二维图形引擎是2D绘图的绘图引擎。The 2D graphics engine is a drawing engine for 2D drawing.
内核层是硬件和软件之间的层。内核层至少包含显示驱动,Wi-Fi驱动,蓝牙驱动,音频驱动,传感器驱动。此外,内核层还可以包括进程调度模块、磁盘数据模块等,本申请对此不做限定。The kernel layer is the layer between hardware and software. The kernel layer includes at least a display driver, a Wi-Fi driver, a Bluetooth driver, an audio driver, and a sensor driver. In addition, the kernel layer may also include a process scheduling module, a disk data module, etc., which are not limited in this application.
可以理解的是,图3示出的系统框架层、系统库与运行时层包含的部件,并不构成对终端设备200的具体限定。在本申请另一些实施例中,终端设备200可以包括比图示更多或更少的部件,或者组合某些部件,或者拆分某些部件,或者不同的部件布置。It can be understood that the components included in the system framework layer, system library, and runtime layer shown in FIG. 3 do not constitute a specific limitation on the terminal device 200 . In other embodiments of the present application, the terminal device 200 may include more or fewer components than shown in the figure, or combine certain components, or separate certain components, or arrange different components.
应理解,以上列举的图2为可能的一种终端设备的结构图,图3为可能的一种终端设备的软件架构图。为了便于理解,本申请以下实施例将以图1所示的多终端设备网络中两个终端设备(例如第一设备和第二设备)之间的服务调用为例,终端设备可以具有图2所述的结构、图3所示的软件结构。其中,将申请调用服务的第一电子设备称为“服务申请设备”,将提供服务的第二电子设备称为“服务提供设备”。It should be understood that FIG. 2 listed above is a structural diagram of a possible terminal device, and FIG. 3 is a software architecture diagram of a possible terminal device. For ease of understanding, the following embodiments of this application will take the service call between two terminal devices (such as the first device and the second device) in the multi-terminal device network shown in Figure 1 as an example, and the terminal device may have the The structure described above, the software structure shown in Figure 3. Wherein, the first electronic device that applies for invoking a service is called a "service application device", and the second electronic device that provides a service is called a "service providing device".
应理解,服务申请设备和服务提供设备都可以包括图3中的应用程序框架层的安全管理模块,且同一个终端设备既可以作为服务申请设备(或者称为“服务调用设备”),还可以作为服务提供设备。例如,图1中的设备A可以申请调用设备B的服务和/或应用,同时设备B还可以反过来申请调用设备A的服务和/或应用。当设备A申请调用设备B的服务和/或应用时,设备A为服务申请设备,设备B为服务提供设备;当设备B反过来申请调用设备A的服务和/或应用时,设备B为服务申请设备,设备A为服务提供设备,本申请对此不做限定。It should be understood that both the service application device and the service provision device can include the security management module of the application framework layer in Figure 3, and the same terminal device can be used as a service application device (or called a "service calling device"), or Devices are provided as a service. For example, device A in FIG. 1 may apply for invoking the service and/or application of device B, and device B may in turn apply for invoking the service and/or application of device A. When device A applies to call the service and/or application of device B, device A applies for the device for the service, and device B provides the device for the service; when device B in turn applies for calling the service and/or application of device A, device B is the service Apply for equipment, and equipment A provides equipment for the service, which is not limited in this application.
本申请下文的实施例以服务为例进行描述。应理解,应用和服务的区别在于:应用是终端设备上安装的由第三方提供的应用程序(application,APP),例如,视频应用、地图应用、聊天应用等,服务是终端设备的操作系统提供的功能,例如,拍照、定位服务、短信息等。但是,在多终端设备网络中均可实现分布式应用和服务,因此下文的相关过程同样适用于应用。The following embodiments of the present application are described by taking services as an example. It should be understood that the difference between an application and a service is that an application is an application (application, APP) installed on a terminal device provided by a third party, for example, a video application, a map application, a chat application, etc., and a service is provided by an operating system of the terminal device. functions, such as taking pictures, location services, SMS, etc. However, distributed applications and services can be implemented in a network of multiple terminal devices, so the relevant procedures below are also applicable to applications.
本申请中,对终端设备和服务分别设置有安全等级,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn。为了确保服务数据的安全性,终端设备的安全等级和服务的安全等级之间有对应关系,终端设备只可以处理与自身的安全等级相同或者更低级的服务,此处的安全等级相同或者更低级可以有多种解释,在下文中详细描述。In this application, security levels are respectively set for terminal equipment and services, for example, security levels for terminal equipment include L1-Lm, and security levels for services include SL1-SLn. In order to ensure the security of service data, there is a corresponding relationship between the security level of the terminal device and the security level of the service. The terminal device can only process services with the same or lower security level as its own, and the security level here is the same or lower. Various interpretations are possible, described in detail below.
图4为本申请提供的安全调用服务的方法的过程400的流程图。过程400可由两个终 端设备200共同执行,其中一个终端设备作为服务调用设备,另一个终端设备作为服务提供设备。过程400描述为一系列的步骤或操作,应理解,过程400可以以各种顺序执行和/或同时发生,不限于图4所示的执行顺序。过程400可以包括:FIG. 4 is a flowchart of a process 400 of the method for securely invoking a service provided by the present application. The process 400 can be jointly executed by two terminal devices 200, wherein one terminal device is used as a service calling device, and the other terminal device is used as a service providing device. The process 400 is described as a series of steps or operations. It should be understood that the process 400 may be executed in various orders and/or concurrently, and is not limited to the execution order shown in FIG. 4 . Process 400 may include:
步骤401、服务调用设备获取设备的第二安全等级。Step 401, the service calling device obtains the second security level of the device.
设备自身的安全等级可以写入终端设备的属性文件或者固件中,这样服务调用设备在调用服务提供设备上的服务时,可以先从相应的文件中读取安全等级。The security level of the device itself can be written into the property file or firmware of the terminal device, so that when the service calling device calls the service on the service providing device, it can first read the security level from the corresponding file.
步骤402、服务调用设备向服务提供设备发送服务调用请求。Step 402, the service calling device sends a service calling request to the service providing device.
服务调用设备以发请求的方式调用服务提供设备上的服务。The service calling device calls the service on the service providing device by sending a request.
服务调用请求包括要调用的服务的标识,以使得服务提供设备可以根据该服务的标识确定服务调用设备要调用的服务,进而确定该服务的第一安全等级。The service invocation request includes the identifier of the service to be invoked, so that the service providing device can determine the service to be invoked by the service invocation device according to the service identifier, and then determine the first security level of the service.
服务调用请求还包括服务调用设备的安全等级的标识,以使得服务提供设备可以根据服务调用设备的安全等级的标识确定出第二安全等级。多终端设备网络建立之时,各个终端设备可以配置安全等级表,该表中包括多个安全等级及其对应的标识,这样服务提供设备可以根据服务调用设备的安全等级的标识确定其安全等级。The service invocation request further includes the identification of the security level of the service invoking device, so that the service providing device can determine the second security level according to the identification of the security level of the service invoking device. When a multi-terminal device network is established, each terminal device can be configured with a security level table, which includes multiple security levels and their corresponding identifiers, so that the service providing device can determine its security level according to the identifier of the security level of the service calling device.
可选的,如果服务调用设备没有执行步骤401,可以在服务调用请求中携带设备的标识,此时服务提供设备可以根据设备的标识确定出服务调用设备,进而确定出服务调用设备的第二安全等级。多终端设备网络建立之时,各个终端设备可以配置终端设备的安全等级信息表,其包括各个终端设备的标识和安全等级的对应关系,这样服务提供设备可以基于服务调用设备的标识确定其安全等级。Optionally, if the service invoking device does not perform step 401, the device identifier may be carried in the service invocation request. At this time, the service providing device may determine the service invoking device according to the device identifier, and then determine the second security of the service invoking device. grade. When a multi-terminal device network is established, each terminal device can be configured with a security level information table of the terminal device, which includes the correspondence between the identification of each terminal device and the security level, so that the service provider device can determine its security level based on the identification of the service calling device .
步骤403、服务提供设备根据服务调用请求获取服务的第一安全等级。Step 403, the service providing device acquires the first security level of the service according to the service invocation request.
本申请中,终端设备的操作系统提供了服务的安全等级配置接口,该服务的安全等级配置接口包括但不限于以下几种形式:In this application, the operating system of the terminal device provides a service security level configuration interface, and the service security level configuration interface includes but is not limited to the following forms:
1、在服务的配置文件中,增加安全等级字段。1. In the service configuration file, add a security level field.
例如,配置文件(config文件)中包括字段Securelevel:SL1。Securelevel为config文件中新增的安全等级字段,SL1是预先设置的或者由服务的供应商写入。For example, the configuration file (config file) includes the field Securelevel: SL1. Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
又例如,配置文件(例如xml/config/Json文件)中包括Securelevel字段,配置格式如下:For another example, the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
{{
……...
“Securelevel”:“SL2”"Securelevel": "SL2"
……...
}}
上述配置可以由服务的供应商实施。The above configuration can be implemented by the provider of the service.
2、提供安全配置页面,由用户设置服务的安全等级2. Provide a security configuration page, and the user can set the security level of the service
用户在启动服务时,可以向用户展示安全配置页面,由用户写入或者选择该服务的安全等级。应理解,终端操作系统还可以以其它方式向用户提供设置安全等级的界面或接口,本申请对此不做具体限定。When the user starts the service, the security configuration page can be displayed to the user, and the user can write or select the security level of the service. It should be understood that the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
例如,For example,
Start service_AStart service_A
Securelevel SL3Securelevel SL3
3、根据服务的特征信息匹配其安全等级3. Match the security level according to the characteristic information of the service
例如,服务可以采用秘钥签名提供安全保证,因此可以将服务的秘钥签名等级和服务的安全等级对应起来,由服务的秘钥签名等级反映其安全等级。例如,安全等级为SL1的服务采用SL1级别的秘钥签名;安全等级为SL2的服务采用SL2级别的秘钥签名。For example, services can use key signatures to provide security guarantees. Therefore, the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
又例如,可以将服务的程序的存储路径和服务的安全等级对应起来,由服务的程序的存储路径反映其安全等级。例如,服务的程序的存储路径在system路径下,其安全等级为SL2,服务的程序的存储路径在data路径下,其安全等级为SL1。For another example, the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program. For example, the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
应理解,除了上述三种方法外,终端设备的操作系统还可以提供其他安全等级配置接口,以对服务的安全等级进行配置化,本申请并不限定配置的具体实施方式。It should be understood that, in addition to the above three methods, the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
基于上述几种方式,服务提供设备可以获取服务调用设备要调用的服务的第一安全等级,例如,可以读取config文件中的字段Securelevel的取值,将SL1作为第一安全等级;或者,读取服务的配置项中的字段Securelevel,将SL1作为第一安全等级;或者,获取服务的秘钥签名等级,将其对应的安全等级作为第一安全等级;或者,获取服务的程序的存储路径,根据该存储路径确定服务的第二安全等级。Based on the above methods, the service providing device can obtain the first security level of the service to be invoked by the service calling device, for example, it can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read Take the field Securelevel in the configuration item of the service, and use SL1 as the first security level; or, obtain the secret key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the service program, The second security level of the service is determined according to the storage path.
步骤404、服务提供设备根据服务调用请求获取服务调用设备的第二安全等级。Step 404, the service providing device obtains the second security level of the service calling device according to the service calling request.
如上所述,服务调用请求可以包括服务调用设备的标识,服务提供设备可以从安全等级信息表中查找与该标识对应的安全等级,将其作为第二安全等级。或者,服务调用请求可以包括服务调用设备的安全等级的标识,服务提供设备可以从安全等级表中查找与该标识对应的安全等级,将其作为第二安全等级。As mentioned above, the service invocation request may include the identifier of the service invoking device, and the service providing device may look up the security level corresponding to the identifier from the security level information table, and use it as the second security level. Alternatively, the service invocation request may include an identifier of the security level of the service invoking device, and the service providing device may search the security level table for the security level corresponding to the identifier, and use it as the second security level.
应理解,服务提供设备还可以以其它方式存储终端设备的标识和安全等级之间的对应关系,或者终端设备的安全等级的标识和安全等级之间的对应关系,本申请对此不做具体限定。It should be understood that the service providing device may also store the correspondence between the identification of the terminal device and the security level in other ways, or the correspondence between the identification of the security level of the terminal equipment and the security level, which is not specifically limited in this application. .
步骤405、服务提供设备根据第一安全等级和第二安全等级确定服务调用设备是否具备调用服务的权限。Step 405, the service providing device determines whether the service calling device has the right to call the service according to the first security level and the second security level.
在一种可能的实现方式中,服务提供设备可以判断第一安全等级是否小于第二安全等级。当第一安全等级小于第二安全等级时,确定服务调用设备具备调用服务的权限;或者,当第一安全等级大于或等于第二安全等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine whether the first security level is smaller than the second security level. When the first security level is lower than the second security level, it is determined that the service calling device has the right to call the service; or, when the first security level is greater than or equal to the second security level, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用相同的判定标准,例如,终端设备的安全等级和服务的安全等级均包括L1~Lm,这样两个安全等级就是相同的标准。In this manner, the security level of the terminal device and the security level of the service may use the same judgment standard. For example, the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
第一安全等级小于第二安全等级,表示服务的安全等级小于服务调用设备的安全等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The first security level is lower than the second security level, indicating that the security level of the service is lower than that of the service calling device, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
在一种可能的实现方式中,服务提供设备可以确定第二安全等级对应的服务最高等级,判断第一安全等级是否小于服务最高等级。当第一安全等级小于服务最高等级时,确定服务调用设备具备调用服务的权限;当第一安全等级大于或等于服务最高等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine the highest service level corresponding to the second security level, and determine whether the first security level is smaller than the highest service level. When the first security level is less than the highest service level, it is determined that the service calling device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括 L1~Lm,服务的安全等级包括SL1~SLn,m<n,一个终端设备的安全等级可以对应一个或多个服务的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m<n, and the security level of one terminal device may correspond to one or more security levels of the service.
第二安全等级对应的服务最高等级是指服务调用设备可以调用的服务最高等级,如果是比服务最高等级更高级的服务,服务调用设备就不能调用。第一安全等级小于服务最高等级,表示服务的安全等级小于服务调用设备可以调用的服务的最高等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The highest level of service corresponding to the second security level refers to the highest level of service that the service calling device can call. If the service is higher than the highest service level, the service calling device cannot call it. The first security level is lower than the highest level of the service, which means that the security level of the service is lower than the highest level of the service that the service calling device can call, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
在一种可能的实现方式中,服务提供设备可以确定第一安全等级对应的设备最低等级,判断第二安全等级是否大于或等于设备最低等级。当第二安全等级大于设备最低等级时,确定服务调用设备具备调用服务的权限;当第二安全等级小于或等于设备最低等级时,确定服务调用设备不具备调用服务的权限。In a possible implementation manner, the service providing device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the service calling device has the right to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the service calling device does not have the right to call the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m大于n,一个服务的安全等级可以对应一个或多个终端设备的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m is greater than n, and one security level of the service may correspond to the security levels of one or more terminal devices.
第一安全等级对应的设备最低等级是指可以调用服务的设备最低等级,如果服务调用设备的安全等级还低于设备最低等级,就不能调用服务。第二安全等级大于设备最低等级,表示服务调用设备的安全等级大于可以调用服务的终端设备的最低等级,服务调用设备可以调用该服务,因此服务提供设备判定服务调用设备具备调用服务的权限。The lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can call the service. If the security level of the service calling device is lower than the lowest level of the device, the service cannot be called. The second security level is greater than the lowest level of the device, which means that the security level of the service calling device is greater than the lowest level of the terminal device that can call the service, and the service calling device can call the service, so the service providing device determines that the service calling device has the authority to call the service.
应理解,除了上述三种判定规则外,还可以以其它规则确定服务调用设备是否具备调用服务的权限,本申请对此不做具体限定。It should be understood that, in addition to the above three determination rules, other rules may also be used to determine whether the service calling device has the right to call the service, which is not specifically limited in the present application.
由此可见,服务提供设备对服务调用设备的安全等级和被调用的服务的安全等级进行匹配,只有符合安全等级规则(即低安全等级的终端设备不能调用高安全等级的服务,高安全等级的终端设备可以调用低安全等级的服务),服务调用设备才具备调用服务提供设备上的服务的权限,确保了服务的安全性。It can be seen that the service providing device matches the security level of the service invoking device with the security level of the called service. The terminal device can call a service with a low security level), and the service calling device has the authority to call the service on the service providing device, ensuring the security of the service.
步骤406、当服务调用设备具备调用服务的权限时,服务提供设备允许服务调用设备调用服务。Step 406: When the service calling device has the right to call the service, the service providing device allows the service calling device to call the service.
经过步骤405的判断后,服务提供设备可以确定服务调用设备是否具备调用服务的权限。允许服务调用设备调用服务表示服务调用设备可以使用该服务,并获取到该服务的数据。After the judgment in step 405, the service providing device can determine whether the service calling device has the authority to call the service. Allowing the service calling device to call the service means that the service calling device can use the service and obtain the data of the service.
本申请,通过对终端设备和服务分别设置安全等级,并基于二者的安全等级确定终端设备是否具备调用其它终端设备上的服务的权限,使得低安全等级的终端设备不能调用高安全等级的服务,高安全等级的终端设备可以调用低安全等级的服务,确保了服务的安全性。In this application, by separately setting security levels for terminal equipment and services, and based on the security levels of the two, it is determined whether the terminal equipment has the authority to call services on other terminal equipment, so that terminal equipment with a low security level cannot call services with a high security level , terminal equipment with a high security level can call services with a low security level, ensuring the security of services.
应理解,上述实施例描述了服务调用设备安全调用服务提供设备上的服务的过程,服务提供设备还可以参照上述步骤实施服务调用设备安全调用服务提供设备上的应用的过程,当服务调用设备具备调用应用的权限时,允许服务调用设备调用该服务,获得该服务的数据。It should be understood that the above-mentioned embodiment describes the process of the service calling device securely calling the service on the service providing device. When calling the permission of the application, the service calling device is allowed to call the service and obtain the data of the service.
图5为本申请提供的安全注册服务的方法的过程500的流程图。过程500可由一个终端设备200执行,具体的可以由终端设备的操作系统执行。过程500描述为一系列的步骤 或操作,应理解,过程500可以以各种顺序执行和/或同时发生,不限于图5所示的执行顺序。过程500可以包括:FIG. 5 is a flowchart of a process 500 of the method for secure registration service provided by the present application. The process 500 can be executed by a terminal device 200, specifically, it can be executed by an operating system of the terminal device. The process 500 is described as a series of steps or operations. It should be understood that the process 500 may be executed in various orders and/or concurrently, and is not limited to the execution order shown in FIG. 5 . Process 500 may include:
步骤501、获取服务注册请求。 Step 501, obtain a service registration request.
用户在初次使用服务时,为了确保用户数据安全,需要用户注册该服务,例如,输入用户设置的用户名和密码。当用户执行上述操作的过程中,终端设备的操作系统会接收到来自触摸屏的操作指令,该操作指令包含了服务注册请求。When the user uses the service for the first time, in order to ensure the security of user data, the user is required to register the service, for example, enter the user name and password set by the user. When the user performs the above operations, the operating system of the terminal device will receive an operation instruction from the touch screen, and the operation instruction includes a service registration request.
步骤502、获取终端设备请求注册的服务的第一安全等级。 Step 502, acquiring the first security level of the service for which the terminal device requests to register.
本申请中,终端设备的操作系统提供了服务的安全等级配置接口,该服务的安全等级配置接口包括但不限于以下几种形式:In this application, the operating system of the terminal device provides a service security level configuration interface, and the service security level configuration interface includes but is not limited to the following forms:
1、在服务的配置文件中,增加安全等级字段。1. In the service configuration file, add a security level field.
例如,配置文件(config文件)中包括字段Securelevel:SL1。Securelevel为config文件中新增的安全等级字段,SL1是预先设置的或者由服务的供应商写入。For example, the configuration file (config file) includes the field Securelevel: SL1. Securelevel is a newly added security level field in the config file, and SL1 is preset or written by the service provider.
又例如,配置文件(例如xml/config/Json文件)中包括Securelevel字段,配置格式如下:For another example, the configuration file (such as xml/config/Json file) includes the Securelevel field, and the configuration format is as follows:
{{
……...
“Securelevel”:“SL2”"Securelevel": "SL2"
……...
}}
上述配置可以由服务的供应商实施。The above configuration can be implemented by the provider of the service.
2、提供安全配置页面,由用户设置服务的安全等级2. Provide a security configuration page, and the user can set the security level of the service
用户在启动服务时,可以向用户展示安全配置页面,由用户写入或者选择该服务的安全等级。应理解,终端操作系统还可以以其它方式向用户提供设置安全等级的界面或接口,本申请对此不做具体限定。When the user starts the service, the security configuration page can be displayed to the user, and the user can write or select the security level of the service. It should be understood that the terminal operating system may also provide the user with an interface or interface for setting the security level in other ways, which is not specifically limited in this application.
例如,For example,
Start service_AStart service_A
Securelevel SL3Securelevel SL3
3、根据服务的特征信息匹配其安全等级3. Match the security level according to the characteristic information of the service
例如,服务可以采用秘钥签名提供安全保证,因此可以将服务的秘钥签名等级和服务的安全等级对应起来,由服务的秘钥签名等级反映其安全等级。例如,安全等级为SL1的服务采用SL1级别的秘钥签名;安全等级为SL2的服务采用SL2级别的秘钥签名。For example, services can use key signatures to provide security guarantees. Therefore, the service key signature level can be associated with the service security level, and the service key signature level reflects its security level. For example, a service with a security level of SL1 is signed with an SL1-level key; a service with a security level of SL2 is signed with a SL2-level key.
又例如,可以将服务的程序的存储路径和服务的安全等级对应起来,由服务的程序的存储路径反映其安全等级。例如,服务的程序的存储路径在system路径下,其安全等级为SL2,服务的程序的存储路径在data路径下,其安全等级为SL1。For another example, the storage path of the service program may be associated with the security level of the service, and the security level of the service program may be reflected by the storage path of the service program. For example, the storage path of the service program is under the system path, and its security level is SL2, and the storage path of the service program is under the data path, and its security level is SL1.
应理解,除了上述三种方法外,终端设备的操作系统还可以提供其他安全等级配置接口,以对服务的安全等级进行配置化,本申请并不限定配置的具体实施方式。It should be understood that, in addition to the above three methods, the operating system of the terminal device may also provide other security level configuration interfaces to configure the security level of the service, and this application does not limit the specific implementation of the configuration.
基于上述几种方式,终端设备可以获取要注册的服务的第一安全等级,例如,可以读取config文件中的字段Securelevel的取值,将SL1作为第一安全等级;或者,读取服务的配置项中的字段Securelevel,将SL1作为第一安全等级;或者,获取服务的秘钥签名等 级,将其对应的安全等级作为第一安全等级;或者,获取服务的程序的存储路径,根据该存储路径确定服务的第二安全等级。Based on the above methods, the terminal device can obtain the first security level of the service to be registered, for example, you can read the value of the field Securelevel in the config file, and use SL1 as the first security level; or, read the configuration of the service The field Securelevel in the item, set SL1 as the first security level; or, obtain the key signature level of the service, and use its corresponding security level as the first security level; or, obtain the storage path of the program of the service, according to the storage path Determines the second security level for the service.
步骤503、获取终端设备的第二安全等级。 Step 503, acquire the second security level of the terminal device.
设备自身的安全等级可以写入终端设备的属性文件或者固件中,这样终端设备在注册服务时,可以先从相应的文件中读取设备的安全等级即为第二安全等级。The security level of the device itself can be written into the property file or firmware of the terminal device, so that when the terminal device registers for the service, it can first read the security level of the device from the corresponding file as the second security level.
步骤504、根据第一安全等级和第二安全等级确定终端设备是否具备注册服务的权限。Step 504: Determine whether the terminal device has the right to register the service according to the first security level and the second security level.
在一种可能的实现方式中,终端设备的操作系统可以判断第一安全等级是否小于第二安全等级。当第一安全等级小于第二安全等级时,确定终端设备具备注册服务的权限;或者,当第一安全等级大于或等于第二安全等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine whether the first security level is lower than the second security level. When the first security level is lower than the second security level, it is determined that the terminal device has the authority to register for the service; or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the authority to register for the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用相同的判定标准,例如,终端设备的安全等级和服务的安全等级均包括L1~Lm,这样两个安全等级就是相同的标准。In this manner, the security level of the terminal device and the security level of the service may use the same judgment standard. For example, the security level of the terminal device and the security level of the service both include L1-Lm, so the two security levels are the same standard.
第一安全等级小于第二安全等级,表示服务的安全等级小于终端设备的安全等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The first security level is lower than the second security level, indicating that the security level of the service is lower than that of the terminal device, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
在一种可能的实现方式中,终端设备的操作系统可以确定第二安全等级对应的服务最高等级,判断第一安全等级是否小于服务最高等级。当第一安全等级小于服务最高等级时,确定终端设备具备注册服务的权限;当第一安全等级大于或等于服务最高等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine the highest service level corresponding to the second security level, and determine whether the first security level is lower than the highest service level. When the first security level is less than the highest service level, it is determined that the terminal device has the authority to register for the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the authority to register for the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m<n,一个终端设备的安全等级可以对应一个或多个服务的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m<n, and the security level of one terminal device may correspond to one or more security levels of the service.
第二安全等级对应的服务最高等级是指终端设备可以注册的服务最高等级,如果是比服务最高等级更高级的服务,终端设备就不能注册。第一安全等级小于服务最高等级,表示服务的安全等级小于终端设备可以注册的服务的最高等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The highest service level corresponding to the second security level refers to the highest service level that the terminal device can register with. If the service is higher than the highest service level, the terminal device cannot register. The first security level is lower than the highest service level, indicating that the security level of the service is lower than the highest level of services that the terminal device can register for, and the terminal device can register for the service, so the operating system of the terminal device determines that the terminal device has the authority to register for the service.
在一种可能的实现方式中,终端设备的操作系统可以确定第一安全等级对应的设备最低等级,判断第二安全等级是否大于或等于设备最低等级。当第二安全等级大于设备最低等级时,确定终端设备具备注册服务的权限;当第二安全等级小于或等于设备最低等级时,确定终端设备不具备注册服务的权限。In a possible implementation manner, the operating system of the terminal device may determine the lowest level of the device corresponding to the first security level, and determine whether the second security level is greater than or equal to the lowest level of the device. When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to register the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the authority to register the service.
该方式中,终端设备的安全等级和服务的安全等级可以采用不同的判定标准,但是,终端设备的安全等级和服务的安全等级之间有对应关系,例如,终端设备的安全等级包括L1~Lm,服务的安全等级包括SL1~SLn,m大于n,一个服务的安全等级可以对应一个或多个终端设备的安全等级。In this method, the security level of the terminal equipment and the security level of the service can adopt different judgment standards, but there is a corresponding relationship between the security level of the terminal equipment and the security level of the service. For example, the security level of the terminal equipment includes L1~Lm , the security levels of the service include SL1˜SLn, m is greater than n, and one security level of the service may correspond to the security levels of one or more terminal devices.
第一安全等级对应的设备最低等级是指可以注册服务的设备最低等级,如果终端设备的安全等级还低于设备最低等级,就不能注册服务。第二安全等级大于设备最低等级,表示终端设备的安全等级大于可以注册服务的终端设备的最低等级,终端设备可以注册该服务,因此终端设备的操作系统判定终端设备具备注册服务的权限。The lowest level of equipment corresponding to the first security level refers to the lowest level of equipment that can register for services. If the security level of a terminal device is lower than the lowest level of equipment, it cannot register for services. The second security level is greater than the lowest level of the device, which means that the security level of the terminal device is greater than the lowest level of the terminal device that can register for the service, and the terminal device can register for the service. Therefore, the operating system of the terminal device determines that the terminal device has the authority to register for the service.
应理解,除了上述三种判定规则外,还可以以其它规则确定终端设备是否具备注册服 务的权限,本申请对此不做具体限定。It should be understood that, in addition to the above three determination rules, other rules may also be used to determine whether the terminal device has the authority to register the service, which is not specifically limited in this application.
由此可见,终端设备的操作系统对终端设备的安全等级和被注册的服务的安全等级进行匹配,只有符合安全等级规则(即低安全等级的终端设备不能注册高安全等级的服务,高安全等级的终端设备可以注册低安全等级的服务),终端设备才具备注册终端设备的操作系统上的服务的权限,确保了服务的安全性。It can be seen that the operating system of the terminal device matches the security level of the terminal device with the security level of the registered service. The terminal device can register a service with a low security level), the terminal device has the authority to register the service on the operating system of the terminal device, ensuring the security of the service.
步骤505、当终端设备具备注册服务的权限时,允许终端设备注册服务。 Step 505, when the terminal device has the authority to register for the service, allow the terminal device to register for the service.
经过步骤504的判断后,终端设备的操作系统可以确定终端设备是否具备注册服务的权限。允许终端设备注册服务表示终端设备可以注册该服务,并获取到该服务的数据。After the judgment in step 504, the operating system of the terminal device can determine whether the terminal device has the authority to register the service. Allowing a terminal device to register with a service means that the terminal device can register with the service and obtain data of the service.
本申请,通过对终端设备和服务分别设置安全等级,并基于二者的安全等级确定终端设备是否具备注册其上的服务的权限,使得低安全等级的终端设备不能注册高安全等级的服务,高安全等级的终端设备可以注册低安全等级的服务,确保了服务的安全性。In this application, by separately setting security levels for terminal equipment and services, and based on the security levels of the two, it is determined whether the terminal equipment has the authority to register services on it, so that terminal equipment with low security levels cannot register services with high security levels. A terminal device with a security level can register a service with a low security level, which ensures the security of the service.
应理解,上述实施例描述了终端设备安全注册本地的服务的过程,终端设备的操作系统还可以参照上述步骤实施终端设备安全安装服务的过程,当终端设备具备安装服务的权限时,允许终端设备安装服务。It should be understood that the above-mentioned embodiment describes the process of securely registering a local service on a terminal device. The operating system of the terminal device can also refer to the above steps to implement the process of securely installing the service on the terminal device. When the terminal device has the authority to install the service, the terminal device is allowed to install service.
图6为本申请提供的安全调用服务的装置600的一个示例性的结构图,如图6所示,装置600可以应用于上述实施例的中的终端设备。本实施例的装置600可以包括:获取模块601和处理模块602。其中,FIG. 6 is an exemplary structural diagram of an apparatus 600 for securely invoking a service provided by the present application. As shown in FIG. 6 , the apparatus 600 may be applied to the terminal device in the foregoing embodiment. The apparatus 600 in this embodiment may include: an acquiring module 601 and a processing module 602 . in,
获取模块601,用于获取终端设备请求调用的服务的第一安全等级;获取所述终端设备的第二安全等级;处理模块602,用于根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限;当所述终端设备具备调用所述服务的权限时,允许所述终端设备调用所述服务。The obtaining module 601 is used to obtain the first security level of the service requested by the terminal device; to obtain the second security level of the terminal device; the processing module 602 is used to obtain the first security level according to the first security level and the second security level Determine whether the terminal device has the right to call the service; when the terminal device has the right to call the service, allow the terminal device to call the service.
在一种可能的实现方式中,所述处理模块602,具体用于判断所述第一安全等级是否小于所述第二安全等级;当所述第一安全等级小于所述第二安全等级时,确定所述终端设备具备调用所述服务的权限;或者,当所述第一安全等级大于或等于所述第二安全等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine whether the first security level is lower than the second security level; when the first security level is lower than the second security level, Determining that the terminal device has the right to call the service; or, when the first security level is greater than or equal to the second security level, determining that the terminal device does not have the right to call the service.
在一种可能的实现方式中,所述处理模块602,具体用于确定所述第二安全等级对应的服务最高等级;判断所述第一安全等级是否小于所述服务最高等级;当所述第一安全等级小于所述服务最高等级时,确定所述终端设备具备调用所述服务的权限;当所述第一安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine the highest service level corresponding to the second security level; determine whether the first security level is less than the highest service level; When a security level is less than the highest service level, it is determined that the terminal device has the right to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to call the service. permissions for the services described above.
在一种可能的实现方式中,所述处理模块602,具体用于确定所述第一安全等级对应的设备最低等级;判断所述第二安全等级是否大于所述设备最低等级;当所述第二安全等级大于所述设备最低等级时,确定所述终端设备具备调用所述服务的权限;当所述第二安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备调用所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine the lowest level of equipment corresponding to the first security level; determine whether the second security level is greater than the lowest level of the equipment; When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to call the service permissions for the services described above.
在一种可能的实现方式中,所述获取模块601,还用于接收所述终端设备发送的服务调用请求。In a possible implementation manner, the obtaining module 601 is further configured to receive a service invocation request sent by the terminal device.
在一种可能的实现方式中,所述服务调用请求包括所述服务的标识;所述获取模块601,具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第一安全等级;或者,获取所述服务的用户配置信息获取所述第一安全等级;或者,根据所述服务的特征信息获取所述第一安全等级,所述特征信息包括所述服务的秘钥签名级别或者所述 服务的程序的存储路径。In a possible implementation manner, the service call request includes the identifier of the service; the obtaining module 601 is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain The first security level; or, acquiring the user configuration information of the service to acquire the first security level; or, acquiring the first security level according to characteristic information of the service, the characteristic information including the service The signature level of the secret key or the storage path of the program of the service.
在一种可能的实现方式中,所述获取模块601,具体用于当所述服务调用请求包括所述终端设备的标识时,根据所述终端设备的标识获取所述第二安全等级;或者,当所述服务调用请求包括所述终端设备的安全等级标识时,根据所述终端设备的安全等级标识获取所述第二安全等级。In a possible implementation manner, the acquiring module 601 is specifically configured to acquire the second security level according to the identifier of the terminal device when the service call request includes the identifier of the terminal device; or, When the service invocation request includes the security level identifier of the terminal device, the second security level is acquired according to the security level identifier of the terminal device.
在一种可能的实现方式中,所述获取模块601,还用于获取终端设备请求注册的服务的第三安全等级;获取所述终端设备的第四安全等级;所述处理模块602,还用于根据所述第三安全等级和所述第四安全等级确定所述终端设备是否具备注册所述服务的权限;当所述终端设备具备注册所述服务的权限时,允许所述终端设备注册所述服务。In a possible implementation manner, the acquiring module 601 is further configured to acquire the third security level of the service for which the terminal device requests registration; acquire the fourth security level of the terminal device; the processing module 602 is also configured to Determine whether the terminal device has the authority to register the service according to the third security level and the fourth security level; when the terminal device has the authority to register the service, allow the terminal device to register the service described services.
在一种可能的实现方式中,所述处理模块602,具体用于判断所述第三安全等级是否小于所述第四安全等级;当所述第三安全等级小于所述第四安全等级时,确定所述终端设备具备注册所述服务的权限;或者,当所述第三安全等级大于或等于所述第四安全等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine whether the third security level is lower than the fourth security level; when the third security level is lower than the fourth security level, Determining that the terminal device has the right to register the service; or, when the third security level is greater than or equal to the fourth security level, determining that the terminal device does not have the right to register the service.
在一种可能的实现方式中,所述处理模块602,具体用于确定所述第四安全等级对应的服务最高等级;判断所述第三安全等级是否小于所述服务最高等级;当所述第三安全等级小于所述服务最高等级时,确定所述终端设备具备注册所述服务的权限;当所述第三安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine the highest service level corresponding to the fourth security level; determine whether the third security level is smaller than the highest service level; When the third security level is less than the highest service level, it is determined that the terminal device has the right to register the service; when the third security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to register permissions for the services described above.
在一种可能的实现方式中,所述处理模块602,具体用于确定所述第三安全等级对应的设备最低等级;判断所述第四安全等级是否大于所述设备最低等级;当所述第四安全等级大于所述设备最低等级时,确定所述终端设备具备注册所述服务的权限;当所述第四安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备注册所述服务的权限。In a possible implementation manner, the processing module 602 is specifically configured to determine the lowest level of equipment corresponding to the third security level; determine whether the fourth security level is greater than the lowest level of equipment; Fourth, when the security level is greater than the lowest level of the device, it is determined that the terminal device has the right to register the service; when the fourth security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to register permissions for the services described above.
在一种可能的实现方式中,所述获取模块601,还用于获取服务注册请求。In a possible implementation manner, the acquiring module 601 is further configured to acquire a service registration request.
在一种可能的实现方式中,所述服务注册请求包括所述服务的标识;所述获取模块601,具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第三安全等级;或者,获取所述服务的用户配置信息获取所述第三安全等级;或者,根据所述服务的特征信息获取所述第三安全等级,所述特征信息包括所述服务的秘钥签名等级或者所述服务的程序的存储路径。In a possible implementation manner, the service registration request includes the identifier of the service; the obtaining module 601 is specifically configured to determine the service according to the identifier of the service; read the configuration file of the service to obtain The third security level; or, acquiring the third security level from user configuration information of the service; or, acquiring the third security level according to characteristic information of the service, the characteristic information including the service The signature level of the secret key or the storage path of the program of the service.
本实施例的装置,可以用于执行图4或图5所示方法实施例的技术方案,其实现原理和技术效果类似,此处不再赘述。The device in this embodiment can be used to execute the technical solution of the method embodiment shown in FIG. 4 or FIG. 5 , and its implementation principle and technical effect are similar, and details are not repeated here.
在实现过程中,上述方法实施例的各步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。处理器可以是通用处理器、数字信号处理器(digital signal processor,DSP)、特定应用集成电路(application-specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。本申请公开的方法的步骤可以直接体现为硬件编码处理器执行完成,或者用编码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器读取存储器中的信息,结合其硬件完成上述方法的步骤。In the implementation process, each step of the above-mentioned method embodiments may be completed by an integrated logic circuit of hardware in a processor or instructions in the form of software. The processor can be a general-purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA), or other possible Program logic devices, discrete gate or transistor logic devices, discrete hardware components. A general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like. The steps of the method disclosed in the present application can be directly implemented by a hardware coded processor, or executed by a combination of hardware and software modules in the coded processor. The software module can be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, register. The storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware.
上述各实施例中提及的存储器可以是易失性存储器或非易失性存储器,或可包括易失 性和非易失性存储器两者。其中,非易失性存储器可以是只读存储器(read-only memory,ROM)、可编程只读存储器(programmable ROM,PROM)、可擦除可编程只读存储器(erasable PROM,EPROM)、电可擦除可编程只读存储器(electrically EPROM,EEPROM)或闪存。易失性存储器可以是随机存取存储器(random access memory,RAM),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(static RAM,SRAM)、动态随机存取存储器(dynamic RAM,DRAM)、同步动态随机存取存储器(synchronous DRAM,SDRAM)、双倍数据速率同步动态随机存取存储器(double data rate SDRAM,DDR SDRAM)、增强型同步动态随机存取存储器(enhanced SDRAM,ESDRAM)、同步连接动态随机存取存储器(synchlink DRAM,SLDRAM)和直接内存总线随机存取存储器(direct rambus RAM,DR RAM)。应注意,本文描述的系统和方法的存储器旨在包括但不限于这些和任意其它适合类型的存储器。The memories mentioned in the above embodiments may be volatile memories or nonvolatile memories, or may include both volatile and nonvolatile memories. Among them, the non-volatile memory can be read-only memory (read-only memory, ROM), programmable read-only memory (programmable ROM, PROM), erasable programmable read-only memory (erasable PROM, EPROM), electrically programmable Erases programmable read-only memory (electrically EPROM, EEPROM) or flash memory. Volatile memory can be random access memory (RAM), which acts as external cache memory. By way of illustration and not limitation, many forms of RAM are available such as static random access memory (static RAM, SRAM), dynamic random access memory (dynamic RAM, DRAM), synchronous dynamic random access memory (synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous connection dynamic random access memory (synchlink DRAM, SLDRAM ) and direct memory bus random access memory (direct rambus RAM, DR RAM). It should be noted that the memory of the systems and methods described herein is intended to include, but not be limited to, these and any other suitable types of memory.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Those skilled in the art can appreciate that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present application.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed systems, devices and methods may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or May be integrated into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple network units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(read-only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the functions described above are realized in the form of software function units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (personal computer, server, or network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disc and other media that can store program codes. .
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。The above is only a specific implementation of the application, but the scope of protection of the application is not limited thereto. Anyone familiar with the technical field can easily think of changes or substitutions within the technical scope disclosed in the application. Should be covered within the protection scope of this application. Therefore, the protection scope of the present application should be determined by the protection scope of the claims.

Claims (29)

  1. 一种安全调用服务的方法,其特征在于,包括:A method for securely invoking a service, characterized by comprising:
    获取终端设备请求调用的服务的第一安全等级;Obtain the first security level of the service requested by the terminal device;
    获取所述终端设备的第二安全等级;Acquiring the second security level of the terminal device;
    根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限;determining whether the terminal device has the authority to call the service according to the first security level and the second security level;
    当所述终端设备具备调用所述服务的权限时,允许所述终端设备调用所述服务。When the terminal device has the right to call the service, the terminal device is allowed to call the service.
  2. 根据权利要求1所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限,包括:The method according to claim 1, wherein the determining whether the terminal device has the authority to invoke the service according to the first security level and the second security level comprises:
    判断所述第一安全等级是否小于所述第二安全等级;judging whether the first security level is smaller than the second security level;
    当所述第一安全等级小于所述第二安全等级时,确定所述终端设备具备调用所述服务的权限;When the first security level is smaller than the second security level, determine that the terminal device has the authority to invoke the service;
    或者,当所述第一安全等级大于或等于所述第二安全等级时,确定所述终端设备不具备调用所述服务的权限。Or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the right to invoke the service.
  3. 根据权利要求1所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限,包括:The method according to claim 1, wherein the determining whether the terminal device has the authority to invoke the service according to the first security level and the second security level comprises:
    确定所述第二安全等级对应的服务最高等级;determining the highest service level corresponding to the second security level;
    判断所述第一安全等级是否小于所述服务最高等级;judging whether the first security level is less than the highest service level;
    当所述第一安全等级小于所述服务最高等级时,确定所述终端设备具备调用所述服务的权限;When the first security level is less than the highest level of the service, determine that the terminal device has the authority to invoke the service;
    当所述第一安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备调用所述服务的权限。When the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to invoke the service.
  4. 根据权利要求1所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限,包括:The method according to claim 1, wherein the determining whether the terminal device has the authority to invoke the service according to the first security level and the second security level comprises:
    确定所述第一安全等级对应的设备最低等级;determining the lowest level of equipment corresponding to the first security level;
    判断所述第二安全等级是否大于所述设备最低等级;judging whether the second security level is greater than the lowest level of the device;
    当所述第二安全等级大于所述设备最低等级时,确定所述终端设备具备调用所述服务的权限;When the second security level is greater than the lowest level of the device, determine that the terminal device has the authority to call the service;
    当所述第二安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备调用所述服务的权限。When the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to invoke the service.
  5. 根据权利要求1-4中任一项所述的方法,其特征在于,所述获取终端设备请求调用的服务的第一安全等级之前,还包括:The method according to any one of claims 1-4, characterized in that before obtaining the first security level of the service requested by the terminal device, further comprising:
    接收所述终端设备发送的服务调用请求。Receive a service invocation request sent by the terminal device.
  6. 根据权利要求5所述的方法,其特征在于,所述服务调用请求包括所述服务的标识;所述获取终端设备请求调用的服务的第一安全等级,包括:The method according to claim 5, wherein the service invocation request includes an identification of the service; the acquiring the first security level of the service requested by the terminal device includes:
    根据所述服务的标识确定所述服务;determining the service according to the identifier of the service;
    读取所述服务的配置文件获取所述第一安全等级;或者,获取所述服务的用户配置信息获取所述第一安全等级;或者,根据所述服务的特征信息获取所述第一安全等级,所述 特征信息包括所述服务的秘钥签名级别或者所述服务的程序的存储路径。Read the configuration file of the service to obtain the first security level; or obtain the user configuration information of the service to obtain the first security level; or obtain the first security level according to the characteristic information of the service , the characteristic information includes the key signature level of the service or the storage path of the program of the service.
  7. 根据权利要求5或6所述的方法,其特征在于,所述获取所述终端设备的第二安全等级,包括:The method according to claim 5 or 6, wherein the obtaining the second security level of the terminal device comprises:
    当所述服务调用请求包括所述终端设备的标识时,根据所述终端设备的标识获取所述第二安全等级;或者,When the service invocation request includes the identifier of the terminal device, acquiring the second security level according to the identifier of the terminal device; or,
    当所述服务调用请求包括所述终端设备的安全等级标识时,根据所述终端设备的安全等级标识获取所述第二安全等级。When the service invocation request includes the security level identifier of the terminal device, the second security level is acquired according to the security level identifier of the terminal device.
  8. 一种安全注册服务的方法,其特征在于,包括:A method for securely registering a service, characterized by comprising:
    获取终端设备请求注册的服务的第一安全等级;Obtain the first security level of the service for which the terminal device requests registration;
    获取所述终端设备的第二安全等级;Acquiring the second security level of the terminal device;
    根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备注册所述服务的权限;determining whether the terminal device has the authority to register the service according to the first security level and the second security level;
    当所述终端设备具备注册所述服务的权限时,允许所述终端设备注册所述服务。When the terminal device has the right to register for the service, allow the terminal device to register for the service.
  9. 根据权利要求8所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备注册所述服务的权限,包括:The method according to claim 8, wherein the determining whether the terminal device has the authority to register the service according to the first security level and the second security level comprises:
    判断所述第一安全等级是否小于所述第二安全等级;judging whether the first security level is smaller than the second security level;
    当所述第一安全等级小于所述第二安全等级时,确定所述终端设备具备注册所述服务的权限;When the first security level is smaller than the second security level, determine that the terminal device has the authority to register the service;
    或者,当所述第一安全等级大于或等于所述第二安全等级时,确定所述终端设备不具备注册所述服务的权限。Or, when the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the right to register the service.
  10. 根据权利要求8所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备注册所述服务的权限,包括:The method according to claim 8, wherein the determining whether the terminal device has the authority to register the service according to the first security level and the second security level comprises:
    确定所述第二安全等级对应的服务最高等级;determining the highest service level corresponding to the second security level;
    判断所述第一安全等级是否小于所述服务最高等级;judging whether the first security level is less than the highest service level;
    当所述第一安全等级小于所述服务最高等级时,确定所述终端设备具备注册所述服务的权限;When the first security level is less than the highest level of the service, determine that the terminal device has the authority to register the service;
    当所述第一安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备注册所述服务的权限。When the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not have the right to register the service.
  11. 根据权利要求8所述的方法,其特征在于,所述根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备注册所述服务的权限,包括:The method according to claim 8, wherein the determining whether the terminal device has the authority to register the service according to the first security level and the second security level comprises:
    确定所述第一安全等级对应的设备最低等级;determining the lowest level of equipment corresponding to the first security level;
    判断所述第二安全等级是否大于所述设备最低等级;judging whether the second security level is greater than the lowest level of the device;
    当所述第二安全等级大于所述设备最低等级时,确定所述终端设备具备注册所述服务的权限;When the second security level is greater than the minimum level of the device, determine that the terminal device has the authority to register the service;
    当所述第二安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备注册所述服务的权限。When the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not have the right to register the service.
  12. 根据权利要求8-11中任一项所述的方法,其特征在于,所述获取终端设备请求注册的服务的第一安全等级之前,还包括:The method according to any one of claims 8-11, characterized in that before acquiring the first security level of the service for which the terminal device requests registration, it further includes:
    获取服务注册请求。Get service registration request.
  13. 根据权利要求12所述的方法,其特征在于,所述服务注册请求包括所述服务的标识;所述获取终端设备请求注册的服务的第一安全等级,包括:The method according to claim 12, wherein the service registration request includes the identification of the service; and the obtaining the first security level of the service for which the terminal device requests registration includes:
    根据所述服务的标识确定所述服务;determining the service according to the identifier of the service;
    读取所述服务的配置文件获取所述第一安全等级;或者,获取所述服务的用户配置信息获取所述第一安全等级;或者,根据所述服务的特征信息获取所述第一安全等级,所述特征信息包括所述服务的秘钥签名等级或者所述服务的程序的存储路径。Read the configuration file of the service to obtain the first security level; or obtain the user configuration information of the service to obtain the first security level; or obtain the first security level according to the characteristic information of the service , the characteristic information includes the key signature level of the service or the storage path of the program of the service.
  14. 一种安全调用服务的装置,其特征在于,包括:A device for securely invoking a service, characterized by comprising:
    获取模块,用于获取终端设备请求调用的服务的第一安全等级;获取所述终端设备的第二安全等级;An acquisition module, configured to acquire the first security level of the service requested by the terminal device; acquire the second security level of the terminal device;
    处理模块,用于根据所述第一安全等级和所述第二安全等级确定所述终端设备是否具备调用所述服务的权限;当所述终端设备具备调用所述服务的权限时,允许所述终端设备调用所述服务。A processing module, configured to determine whether the terminal device has the right to call the service according to the first security level and the second security level; when the terminal device has the right to call the service, allow the The terminal device invokes the service.
  15. 根据权利要求14所述的装置,其特征在于,所述处理模块,具体用于判断所述第一安全等级是否小于所述第二安全等级;当所述第一安全等级小于所述第二安全等级时,确定所述终端设备具备调用所述服务的权限;或者,当所述第一安全等级大于或等于所述第二安全等级时,确定所述终端设备不具备调用所述服务的权限。The device according to claim 14, wherein the processing module is specifically configured to judge whether the first security level is lower than the second security level; when the first security level is lower than the second security level When the first security level is greater than or equal to the second security level, it is determined that the terminal device does not have the authority to call the service.
  16. 根据权利要求14所述的装置,其特征在于,所述处理模块,具体用于确定所述第二安全等级对应的服务最高等级;判断所述第一安全等级是否小于所述服务最高等级;当所述第一安全等级小于所述服务最高等级时,确定所述终端设备具备调用所述服务的权限;当所述第一安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备调用所述服务的权限。The device according to claim 14, wherein the processing module is specifically configured to determine the highest service level corresponding to the second security level; determine whether the first security level is less than the highest service level; when When the first security level is less than the highest service level, it is determined that the terminal device has the authority to call the service; when the first security level is greater than or equal to the highest service level, it is determined that the terminal device does not Have permission to call the service described.
  17. 根据权利要求14所述的装置,其特征在于,所述处理模块,具体用于确定所述第一安全等级对应的设备最低等级;判断所述第二安全等级是否大于所述设备最低等级;当所述第二安全等级大于所述设备最低等级时,确定所述终端设备具备调用所述服务的权限;当所述第二安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备调用所述服务的权限。The device according to claim 14, wherein the processing module is specifically configured to determine the lowest level of equipment corresponding to the first security level; determine whether the second security level is greater than the lowest level of the equipment; when When the second security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to call the service; when the second security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not Have permission to call the service described.
  18. 根据权利要求14-17中任一项所述的装置,其特征在于,所述获取模块,还用于接收所述终端设备发送的服务调用请求。The apparatus according to any one of claims 14-17, wherein the obtaining module is further configured to receive a service invocation request sent by the terminal device.
  19. 根据权利要求18所述的装置,其特征在于,所述服务调用请求包括所述服务的标识;所述获取模块,具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第一安全等级;或者,获取所述服务的用户配置信息获取所述第一安全等级;或者,根据所述服务的特征信息获取所述第一安全等级,所述特征信息包括所述服务的秘钥签名级别或者所述服务的程序的存储路径。The device according to claim 18, wherein the service call request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the identifier of the service The configuration file obtains the first security level; or, obtains the user configuration information of the service to obtain the first security level; or obtains the first security level according to characteristic information of the service, and the characteristic information includes The key signature level of the service or the storage path of the program of the service.
  20. 根据权利要求18或19所述的装置,其特征在于,所述获取模块,具体用于当所述服务调用请求包括所述终端设备的标识时,根据所述终端设备的标识获取所述第二安全等级;或者,当所述服务调用请求包括所述终端设备的安全等级标识时,根据所述终端设备的安全等级标识获取所述第二安全等级。The apparatus according to claim 18 or 19, wherein the acquiring module is specifically configured to acquire the second A security level; or, when the service invocation request includes the security level identifier of the terminal device, acquiring the second security level according to the security level identifier of the terminal device.
  21. 根据权利要求14-20中任一项所述的装置,所述获取模块,还用于获取终端设备请求注册的服务的第三安全等级;获取所述终端设备的第四安全等级;The apparatus according to any one of claims 14-20, the acquiring module is further configured to acquire a third security level of a service for which a terminal device requests registration; acquire a fourth security level of the terminal device;
    所述处理模块,还用于根据所述第三安全等级和所述第四安全等级确定所述终端设备是否具备注册所述服务的权限;当所述终端设备具备注册所述服务的权限时,允许所述终端设备注册所述服务。The processing module is further configured to determine whether the terminal device has the right to register the service according to the third security level and the fourth security level; when the terminal device has the right to register the service, The terminal device is allowed to register with the service.
  22. 根据权利要求21所述的装置,其特征在于,所述处理模块,具体用于判断所述第三安全等级是否小于所述第四安全等级;当所述第三安全等级小于所述第四安全等级时,确定所述终端设备具备注册所述服务的权限;或者,当所述第三安全等级大于或等于所述第四安全等级时,确定所述终端设备不具备注册所述服务的权限。The device according to claim 21, wherein the processing module is specifically configured to determine whether the third security level is lower than the fourth security level; when the third security level is lower than the fourth security level When the third security level is greater than or equal to the fourth security level, it is determined that the terminal device does not have the authority to register for the service.
  23. 根据权利要求21所述的装置,其特征在于,所述处理模块,具体用于确定所述第四安全等级对应的服务最高等级;判断所述第三安全等级是否小于所述服务最高等级;当所述第三安全等级小于所述服务最高等级时,确定所述终端设备具备注册所述服务的权限;当所述第三安全等级大于或等于所述服务最高等级时,确定所述终端设备不具备注册所述服务的权限。The device according to claim 21, wherein the processing module is specifically configured to determine the highest service level corresponding to the fourth security level; determine whether the third security level is less than the highest service level; when When the third security level is less than the highest service level, it is determined that the terminal device has the authority to register the service; when the third security level is greater than or equal to the highest service level, it is determined that the terminal device does not Have permission to register for said service.
  24. 根据权利要求21所述的装置,其特征在于,所述处理模块,具体用于确定所述第三安全等级对应的设备最低等级;判断所述第四安全等级是否大于所述设备最低等级;当所述第四安全等级大于所述设备最低等级时,确定所述终端设备具备注册所述服务的权限;当所述第四安全等级小于或等于所述设备最低等级时,确定所述终端设备不具备注册所述服务的权限。The device according to claim 21, wherein the processing module is specifically configured to determine the lowest level of equipment corresponding to the third security level; determine whether the fourth security level is greater than the lowest level of the equipment; when When the fourth security level is greater than the lowest level of the device, it is determined that the terminal device has the authority to register the service; when the fourth security level is less than or equal to the lowest level of the device, it is determined that the terminal device does not Have permission to register for said service.
  25. 根据权利要求21-24中任一项所述的装置,其特征在于,所述获取模块,还用于获取服务注册请求。The device according to any one of claims 21-24, wherein the acquiring module is further configured to acquire a service registration request.
  26. 根据权利要求25所述的装置,其特征在于,所述服务注册请求包括所述服务的标识;所述获取模块,具体用于根据所述服务的标识确定所述服务;读取所述服务的配置文件获取所述第三安全等级;或者,获取所述服务的用户配置信息获取所述第三安全等级;或者,根据所述服务的特征信息获取所述第三安全等级,所述特征信息包括所述服务的秘钥签名等级或者所述服务的程序的存储路径。The device according to claim 25, wherein the service registration request includes an identifier of the service; the obtaining module is specifically configured to determine the service according to the identifier of the service; read the identifier of the service The configuration file obtains the third security level; or, obtains the user configuration information of the service to obtain the third security level; or obtains the third security level according to characteristic information of the service, and the characteristic information includes The key signature level of the service or the storage path of the program of the service.
  27. 一种终端设备,其特征在于,包括:A terminal device, characterized in that it includes:
    一个或多个处理器;one or more processors;
    存储器,用于存储一个或多个程序;memory for storing one or more programs;
    当所述一个或多个程序被所述一个或多个处理器执行,使得所述一个或多个处理器实现如权利要求1-13中任一项所述的方法。When the one or more programs are executed by the one or more processors, the one or more processors are made to implement the method according to any one of claims 1-13.
  28. 一种计算机可读存储介质,其特征在于,包括计算机程序,所述计算机程序在计算机上被执行时,使得所述计算机执行权利要求1-13中任一项所述的方法。A computer-readable storage medium, characterized by comprising a computer program, and when the computer program is executed on a computer, the computer executes the method according to any one of claims 1-13.
  29. 一种计算机程序产品,其特征在于,所述计算机程序产品包括计算机程序代码,当所述计算机程序代码在计算机上运行时,使得计算机执行权利要求1-13中任一项所述的方法。A computer program product, characterized in that the computer program product includes computer program code, and when the computer program code is run on a computer, the computer is made to execute the method according to any one of claims 1-13.
PCT/CN2022/102477 2021-07-14 2022-06-29 Method for securely calling service, and method and apparatus for securely registering service WO2023284555A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110795692.3 2021-07-14
CN202110795692.3A CN115701018A (en) 2021-07-14 2021-07-14 Method for safely calling service, method and device for safely registering service

Publications (1)

Publication Number Publication Date
WO2023284555A1 true WO2023284555A1 (en) 2023-01-19

Family

ID=84919017

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/102477 WO2023284555A1 (en) 2021-07-14 2022-06-29 Method for securely calling service, and method and apparatus for securely registering service

Country Status (2)

Country Link
CN (1) CN115701018A (en)
WO (1) WO2023284555A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116226886B (en) * 2023-03-22 2024-02-09 中国移动通信集团广东有限公司 Information security management method and system for software information system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101282254A (en) * 2007-04-02 2008-10-08 华为技术有限公司 Method, system and apparatus for managing household network equipment
CN101383828A (en) * 2008-10-13 2009-03-11 中国电信股份有限公司 JavaScript object calling method, system and terminal
US20150042449A1 (en) * 2013-08-09 2015-02-12 Lg Cns Co., Ltd. Method of controlling mobile terminal based on location information and applying security policy based on priority rules, and system thereof
CN105264934A (en) * 2013-04-15 2016-01-20 德国捷德有限公司 Mobile station comprising security resources with different security levels
CN105790957A (en) * 2016-04-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 eSIM card data sharing method and related equipment and system thereof
WO2018076368A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Method and system for safely operating device in local area network, and device therefor

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101282254A (en) * 2007-04-02 2008-10-08 华为技术有限公司 Method, system and apparatus for managing household network equipment
CN101383828A (en) * 2008-10-13 2009-03-11 中国电信股份有限公司 JavaScript object calling method, system and terminal
CN105264934A (en) * 2013-04-15 2016-01-20 德国捷德有限公司 Mobile station comprising security resources with different security levels
US20150042449A1 (en) * 2013-08-09 2015-02-12 Lg Cns Co., Ltd. Method of controlling mobile terminal based on location information and applying security policy based on priority rules, and system thereof
CN105790957A (en) * 2016-04-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 eSIM card data sharing method and related equipment and system thereof
WO2018076368A1 (en) * 2016-10-31 2018-05-03 美的智慧家居科技有限公司 Method and system for safely operating device in local area network, and device therefor

Also Published As

Publication number Publication date
CN115701018A (en) 2023-02-07

Similar Documents

Publication Publication Date Title
WO2020259452A1 (en) Full-screen display method for mobile terminal, and apparatus
US20220050656A1 (en) Method for displaying ui component and electronic device
US11868463B2 (en) Method for managing application permission and electronic device
US20230021994A1 (en) Cross-Device Content Projection Method and Electronic Device
CN110276177B (en) Login method of intelligent terminal and electronic equipment
WO2021052204A1 (en) Address book-based device discovery method, audio and video communication method, and electronic device
WO2021253975A1 (en) Permission management method and apparatus for application, and electronic device
WO2022042770A1 (en) Method for controlling communication service state, terminal device and readable storage medium
US20230262065A1 (en) Atomic Ability Invoking Method and Terminal Device
WO2020107463A1 (en) Electronic device control method and electronic device
US20240031450A1 (en) Method and apparatus for processing push message
WO2021218429A1 (en) Method for managing application window, and terminal device and computer-readable storage medium
CN111615820B (en) Method and equipment for performing domain name resolution by sending key value to GRS server
EP4195199A1 (en) Noise reduction method and noise reduction apparatus
US20230297700A1 (en) Permission Management Method and Terminal Device
US20230418630A1 (en) Operation sequence adding method, electronic device, and system
CN114124980B (en) Method, device, system, terminal and storage medium for starting application
WO2023284555A1 (en) Method for securely calling service, and method and apparatus for securely registering service
CN114006698B (en) token refreshing method and device, electronic equipment and readable storage medium
WO2022135195A1 (en) Method and apparatus for displaying virtual reality interface, device, and readable storage medium
WO2021147483A1 (en) Data sharing method and apparatus
WO2023024887A1 (en) Cross-device authentication method and apparatus
WO2023155583A1 (en) Cross-device application management method, electronic device, and system
WO2023109636A1 (en) Application card display method and apparatus, terminal device, and readable storage medium
US20230342335A1 (en) File sharing method and electronic device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22841193

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE