CN111143827A - Information processing method, device and system - Google Patents

Information processing method, device and system Download PDF

Info

Publication number
CN111143827A
CN111143827A CN201911388275.6A CN201911388275A CN111143827A CN 111143827 A CN111143827 A CN 111143827A CN 201911388275 A CN201911388275 A CN 201911388275A CN 111143827 A CN111143827 A CN 111143827A
Authority
CN
China
Prior art keywords
electronic device
information
signature
authority
configuration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911388275.6A
Other languages
Chinese (zh)
Other versions
CN111143827B (en
Inventor
高晔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CN201911388275.6A priority Critical patent/CN111143827B/en
Publication of CN111143827A publication Critical patent/CN111143827A/en
Application granted granted Critical
Publication of CN111143827B publication Critical patent/CN111143827B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present disclosure provides an information processing method for a first electronic device, the method including: receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters; determining whether the second electronic device has the authority to set the configuration information based on the first authority information; and setting the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information. The present disclosure also provides an information processing apparatus and an information processing system.

Description

Information processing method, device and system
Technical Field
The present disclosure relates to an information processing method, an information processing apparatus, and an information processing system.
Background
In order to ensure the security of the electronic device, a password is generally required to be set for the first system of the electronic device, so as to ensure that parameters of the first system of the electronic device are not tampered with at will. For example, the first System may be a BIOS (Basic input output System). However, in the related art, when setting the password for the BIOS system, manual setting is required on the current electronic device, and this process is time-consuming and labor-consuming. Especially when the number of the electronic devices is large, if the password is set for the BIOS system by a manual setting method, the setting efficiency is low and the operation is inconvenient.
Disclosure of Invention
One aspect of the present disclosure provides an information processing method for a first electronic device, the method including: receiving a setting request from a second electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, the setting request comprises first permission information and target parameters, determining whether the second electronic device has permission for setting the configuration information or not based on the first permission information, and setting the configuration information based on the target parameters in response to determining that the second electronic device has permission for setting the configuration information.
Optionally, the first electronic device has first signature information of an authorization server, the first signature information is stored in the first system, before the first electronic device enters a second system, the first electronic device can determine, through the first system, whether the second electronic device has an authority to set the configuration information based on the first signature information, where the number of access paths for accessing the first system is less than the number of access paths for accessing the second system.
Optionally, before the determining whether the second electronic device has the right to set the configuration information based on the first right information, the method further includes: receiving an authorization request from the second electronic device, wherein the authorization request includes second authorization information, verifying the second authorization information based on the first signature information, and storing the verified second authorization information in the first electronic device, so that the first electronic device determines whether the second electronic device has authorization to set the configuration information based on the second authorization information.
Optionally, the second electronic device has second signature information of an authorization server, where the second signature information is used to generate at least one of the first right information and the second right information. Wherein the verifying the second rights information based on the first signature information comprises: determining whether the second authority information has the second signature information, determining whether the second signature information is identical to the first signature information in response to determining that the second authority information has the second signature information, and determining that the second authority information is verified in response to determining that the second signature information is identical to the first signature information.
Optionally, the determining, based on the first permission information, whether the second electronic device has a permission to set the configuration information includes: and acquiring second signature information in the first authority information, and determining whether the second electronic equipment has the authority for setting the configuration information or not based on the second signature information in the second authority information and the second signature information in the first authority information.
Another aspect of the present disclosure provides an information processing method for a second electronic device, the method including: sending a setting request to a first electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters. Wherein the first electronic device is capable of determining whether the second electronic device has an authority to set the configuration information based on the first authority information; and in response to determining that the second electronic device has permission to set the configuration information, setting the configuration information based on the target parameter.
Another aspect of the present disclosure provides an information processing method for an authorization server, the method including: the method comprises the steps of sending first signature information to first electronic equipment, receiving a signature request of second electronic equipment, responding to the signature request, and sending second signature information to the second electronic equipment so that the second electronic equipment can generate at least one of first authority information and second authority information based on the second signature information. Wherein the first electronic device is configured to perform the method as described above and the second electronic device is configured to perform the method as described above.
Another aspect of the present disclosure provides an information processing apparatus including: the device comprises a first receiving module, a determining module and a setting module. The first receiving module receives a setting request from a second electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters. The determining module is used for determining whether the second electronic equipment has the authority of setting the configuration information or not based on the first authority information. A setting module that sets the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
Optionally, the first electronic device has first signature information of an authorization server, the first signature information is stored in the first system, before the first electronic device enters a second system, the first electronic device can determine, through the first system, whether the second electronic device has an authority to set the configuration information based on the first signature information, where the number of access paths for accessing the first system is less than the number of access paths for accessing the second system.
Optionally, before the determining whether the second electronic device has the authority to set the configuration information based on the first authority information, the information processing apparatus is further configured to: receiving an authorization request from the second electronic device, wherein the authorization request includes second authorization information, verifying the second authorization information based on the first signature information, and storing the verified second authorization information in the first electronic device, so that the first electronic device determines whether the second electronic device has authorization to set the configuration information based on the second authorization information.
Optionally, the second electronic device has second signature information of an authorization server, where the second signature information is used to generate at least one of the first right information and the second right information. Wherein the verifying the second rights information based on the first signature information comprises: determining whether the second authority information has the second signature information, determining whether the second signature information is identical to the first signature information in response to determining that the second authority information has the second signature information, and determining that the second authority information is verified in response to determining that the second signature information is identical to the first signature information.
Optionally, the determining, based on the first permission information, whether the second electronic device has a permission to set the configuration information includes: and acquiring second signature information in the first authority information, and determining whether the second electronic equipment has the authority for setting the configuration information or not based on the second signature information in the second authority information and the second signature information in the first authority information.
Another aspect of the present disclosure provides an information processing apparatus including: the device comprises a first sending module, a second receiving module and a second sending module. The first sending module sends the first signature information to the first electronic device. And the second receiving module is used for receiving the signature request of the second electronic equipment. And the second sending module is used for responding to the signature request and sending second signature information to the second electronic equipment so that the second electronic equipment generates at least one of the first authority information and the second authority information based on the second signature information. Wherein the first electronic device is configured to perform the method as described above and the second electronic device is configured to perform the method as described above.
Another aspect of the present disclosure provides an information processing system including: the device comprises a first electronic device, a second electronic device and an authorization server. Wherein the authorization server is configured to perform: the first signature information is sent to the first electronic device, a signature request of the second electronic device is received, and second signature information is sent to the second electronic device in response to the signature request. Wherein the second electronic device is configured to perform: the method comprises the steps of sending a signature request to the authorization server, receiving second signature information generated by the authorization server in response to the signature request, generating first authority information based on the second signature information, and sending a setting request to the first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device. Wherein the first electronic device is configured to perform: receiving a setting request from the second electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, the setting request comprises first permission information and target parameters, determining whether the second electronic device has permission for setting the configuration information or not based on the first permission information, and setting the configuration information based on the target parameters in response to determining that the second electronic device has permission for setting the configuration information.
Another aspect of the disclosure provides a non-transitory readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
Drawings
For a more complete understanding of the present disclosure and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
fig. 1 schematically shows an application scenario of an information processing method according to an embodiment of the present disclosure;
fig. 2 schematically shows a flow chart of an information processing method for a first electronic device according to an embodiment of the present disclosure;
fig. 3 schematically shows a flow chart of an information processing method for a first electronic device according to another embodiment of the present disclosure;
FIG. 4 schematically shows a flow chart of an information processing method for an authorization server according to an embodiment of the present disclosure;
FIG. 5A schematically illustrates a flow chart of an information processing method for an information processing system according to an embodiment of the present disclosure;
FIG. 5B schematically shows a schematic diagram of an information handling system according to an embodiment of the present disclosure;
fig. 6 schematically shows a block diagram of an information processing apparatus for a first electronic device according to an embodiment of the present disclosure;
fig. 7 schematically shows a block diagram of an information processing apparatus for an authorization server according to an embodiment of the present disclosure; and
FIG. 8 schematically shows a block diagram of a computer system for implementing information processing according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Some block diagrams and/or flow diagrams are shown in the figures. It will be understood that some blocks of the block diagrams and/or flowchart illustrations, or combinations thereof, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable control apparatus to produce a machine, such that the instructions, which execute via the processor, create means for implementing the functions/acts specified in the block diagrams and/or flowchart block or blocks.
Accordingly, the techniques of this disclosure may be implemented in hardware and/or software (including firmware, microcode, etc.). In addition, the techniques of this disclosure may take the form of a computer program product on a computer-readable medium having instructions stored thereon for use by or in connection with an instruction execution system. In the context of this disclosure, a computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the instructions. For example, the computer readable medium can include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the computer readable medium include: magnetic storage devices, such as magnetic tape or Hard Disk Drives (HDDs); optical storage devices, such as compact disks (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or wired/wireless communication links.
An embodiment of the present disclosure provides an information processing method for a first electronic device, including: receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters. Then, it is determined whether the second electronic device has an authority to set the configuration information based on the first authority information, and the configuration information is set based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
Fig. 1 schematically shows an application scenario of an information processing method according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a scenario in which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, but does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, the application scenario 100 includes, for example, a plurality of first electronic devices 111, 112, 113, and so on. The application scenario 100 may also include a second electronic device 120.
According to an embodiment of the present disclosure, the first electronic device and the second electronic device 120 may be, for example, a server, a desktop, a notebook, or the like.
In the embodiment of the present disclosure, the second electronic device 120 may be used to set configuration information of a plurality of first electronic devices in batch, for example. The configuration information may be, for example, a BIOS password of the first electronic device. The second electronic device 120 may remotely set the BIOS password of the first electronic device, for example.
Specifically, the second electronic device 120 may, for example, uniformly set the BIOS passwords of the plurality of first electronic devices, that is, the BIOS passwords of the plurality of first electronic devices are the same. Alternatively, the second electronic device 120 may also set the BIOS password of each first electronic device separately, that is, the BIOS password of each first electronic device may be different.
According to the embodiment of the disclosure, the configuration information of the plurality of first electronic devices is remotely set in batches through the second electronic device, so that the process of setting the configuration information is more efficient, convenient, time-saving and labor-saving.
An information processing method according to an exemplary embodiment of the present disclosure is described below with reference to fig. 2 to 5B in conjunction with an application scenario of fig. 1. It should be noted that the above application scenarios are merely illustrated for the convenience of understanding the spirit and principles of the present disclosure, and the embodiments of the present disclosure are not limited in this respect. Rather, embodiments of the present disclosure may be applied to any scenario where applicable.
Fig. 2 schematically shows a flowchart of an information processing method for a first electronic device according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S210 to S230, for example.
In operation S210, a setting request from a second electronic device is received, where the setting request is used to request setting of configuration information of a first electronic device, the configuration information is used to access a first system of the first electronic device, and the setting request includes first permission information and a target parameter.
According to an embodiment of the present disclosure, a first electronic device includes, for example, a first system and a second system. Wherein the first system is for example used for guiding the first electronic device into the second system. For example, the first system may be a basic input output system (BIOS system) and the second system may be an operating system, for example. In an embodiment of the disclosure, the configuration information may be a BIOS password of the first electronic device. A first system of the first electronic device may be accessed based on the BIOS password.
According to an embodiment of the present disclosure, when a second electronic device remotely sets configuration information of a first electronic device, the second electronic device may transmit a setting request including first authority information and target parameters to the first electronic device. The first permission information is used for representing whether the second electronic equipment has permission for setting the configuration information of the first electronic equipment. The target parameter may be, for example, a BIOS password. When the first permission information indicates that the second electronic device has the permission to set the configuration information of the first electronic device, the target parameter may be configured as a BIOS password of the first electronic device.
In operation S220, it is determined whether the second electronic device has a right to set the configuration information based on the first rights information.
In operation S230, in response to determining that the second electronic device has the authority to set the configuration information, the configuration information is set based on the target parameter.
According to the embodiment of the disclosure, after the first electronic device receives the setting request of the second electronic device, the first permission information in the setting request can be verified to determine whether the first permission information represents that the second electronic device has permission to set the configuration information. If the first permission information passes the verification of the first electronic device, the first electronic device may receive the target parameter in the setting request and set the configuration information based on the target parameter, for example, configure the target parameter as a BIOS password of the first electronic device.
It can be understood that the technical scheme of the embodiment of the disclosure can realize that the second electronic device remotely sets the configuration information of the first electronic device in batch. Specifically, when the first electronic device receives a setting request of the second electronic device, the first authority information in the setting request is firstly verified, and if the first authority information is verified, the first electronic device can set the configuration information of the first electronic device based on the target parameter in the setting request. Through the technical scheme of the embodiment of the disclosure, the effects of more efficient, convenient, time-saving and labor-saving processes of setting the configuration information are achieved.
Fig. 3 schematically shows a flowchart of an information processing method for a first electronic device according to another embodiment of the present disclosure.
As shown in fig. 3, on the basis of the embodiment shown in fig. 2, the method of the embodiment of the present disclosure further includes operations S310 to S330. The operations S310 to S330 may be performed before the operation S220, for example.
For ease of understanding, before describing operations S310 to S330, first signature information is explained.
In the embodiment of the present disclosure, the first electronic device has, for example, first signature information of the authorization server, and the first signature information is, for example, stored in a first system of the first electronic device. Before the first electronic device enters the second system, the first electronic device can determine whether the second electronic device has the authority to set the configuration information based on the first signature information through the first system.
Wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system. In other words, the difficulty of accessing the first system of the first electronic device is greater than the difficulty of accessing the second system, indicating that the security level of the first system stored information is higher than the security level of the second system stored information. Therefore, the first signature information is stored in the first system, and the security of the first signature information can be ensured to a large extent.
In addition, the first signature information is stored in the first system, and can be acquired before the first electronic device enters the second system, so that whether the second electronic device has the authority for setting the configuration information or not can be determined through the first signature information. The first signature information is acquired before the first electronic equipment enters the second system, so that the process of setting the configuration information is quicker, the first electronic equipment does not need to wait for entering the second system, and the waiting time is reduced.
For example, the first electronic device may perform an authentication operation with the second electronic device based on the stored first signature information, and the authentication operation may be, for example, a handshake operation with the first electronic device before the second electronic device sets the configuration information of the first electronic device. After the second electronic device successfully handshakes with the first electronic device (completes the right of confirmation), the second electronic device can further set the configuration information of the first electronic device.
According to the embodiment of the present disclosure, the process of determining the right is described in operations S310 to S330, for example, as follows. The operations S310 to S330 may be performed before the operation S220, for example. Alternatively, operations S310 to S330 may be performed before operation S210, for example.
In operation S310, an authorization request from the second electronic device is received, wherein the authorization request includes the second authorization information.
According to the embodiment of the present disclosure, the second electronic device has second signature information of the authorization server. The second signature information is for example mutually matched with the first signature information in the first electronic device. That is, the second signature information and the first signature information may be paired signature information. Wherein the second signature information may be used to generate the first rights information and the second rights information. For example, the first right information and the second right information each have, for example, second signature information.
In operation S320, the second rights information is verified based on the first signature information.
According to the embodiment of the present disclosure, the second right information has, for example, second signature information. Therefore, the first electronic device can verify the second signature information in the second authority information by using the first signature information after receiving the authorization request of the second electronic device. If the first signature information and the second signature information in the second authority information match, it may be determined that the second authority information passes the verification of the first electronic device.
Specifically, for example, it may be first determined whether the second right information has the second signature information. If it is determined that the second authority information has the second signature information, it may be determined whether the second signature information is identical to the first signature information. If it is determined that the second signature information is identical to the first signature information, it may be determined that the second right information passes the verification of the first electronic device.
In operation S330, the verified second rights information is stored in the first electronic device, so that the first electronic device determines whether the second electronic device has a right to set the configuration information based on the second rights information.
According to the embodiment of the present disclosure, if the second authority information passes the verification of the first electronic device, the second authority information may be stored in the first electronic device, so that the first electronic device may verify the first authority information from the second electronic device based on the stored second authority information when performing the operation S220.
Specifically, after the process of the right confirmation is completed, operation S220 in fig. 2 may be performed. The operation S220 may include, for example: first, second signature information in the first authority information is obtained. Then, whether the second electronic device has the authority to set the configuration information is determined based on the second signature information in the second authority information and the second signature information in the first authority information. For example, if the second signature information in the second authority information and the second signature information in the first authority information are identical, it is determined that the first authority information passes the verification of the first electronic device, and then the first electronic device may set the configuration information of the first electronic device based on the target parameter.
It can be understood that, after the first electronic device and the second electronic device in the embodiment of the disclosure successfully determine the right, the second electronic device may remotely set the configuration information of the first electronic device in batch, so that the process of setting the configuration information is more convenient and faster. No matter in the process of right confirmation or the process of setting, the first electronic device needs to verify whether the second electronic device has corresponding right, so that the safety of configuration is comprehensively guaranteed.
Another embodiment of the present disclosure further provides an information processing method for a second electronic device, where the method includes: and sending a setting request to the first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters.
The first electronic equipment can determine whether the second electronic equipment has the authority for setting the configuration information or not based on the first authority information; and setting the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
Fig. 4 schematically shows a flowchart of an information processing method for an authorization server according to an embodiment of the present disclosure.
As shown in fig. 4, the method includes operations S410 to S430, for example.
In operation S410, first signature information is transmitted to a first electronic device.
In operation S420, a signature request of a second electronic device is received.
In operation S430, in response to the signing request, second signature information is transmitted to the second electronic device, so that the second electronic device generates at least one of the first rights information and the second rights information based on the second signature information.
Wherein the first electronic device and the second electronic device may perform the method as described above.
Fig. 5A schematically shows a flowchart of an information processing method for an information processing system according to an embodiment of the present disclosure.
As shown in fig. 5A, the information processing system includes, for example, a first electronic device, a second electronic device, and an authorization server. The information processing method executed by the information processing system includes, for example, operations S501 to S514.
In operation S501, first signature information is transmitted to a first electronic device by an authorization server.
In operation S502, a signature request is transmitted to an authorization server by a second electronic device.
In operation S503, a signature request of the second electronic device is received by the authorization server.
In operation S504, second signature information is transmitted to the second electronic device by the authorization server in response to the signature request.
In operation S505, second signature information generated by the authorization server in response to the signature request is received by the second electronic device.
In operation S506, second rights information is generated by the second electronic device based on the second signature information, and a right confirmation request is transmitted to the first electronic device, wherein the right confirmation request includes the second rights information.
In operation S507, an authentication request from the second electronic device is received by the first electronic device, wherein the authentication request includes the second rights information.
In operation S508, the second rights information is verified by the first electronic device based on the first signature information.
In operation S509, the verified second rights information is stored in the first electronic device by the first electronic device, so that the first electronic device determines whether the second electronic device has a right to set the configuration information based on the second rights information.
In operation S510, first rights information is generated by the second electronic device based on the second signature information.
In operation S511, a setting request for requesting setting of configuration information of a first electronic device is transmitted to the first electronic device by a second electronic device.
In operation S512, a setting request from a second electronic device is received by a first electronic device, wherein the setting request is used to request setting of configuration information of the first electronic device, the configuration information is used to access a first system of the first electronic device, and the setting request includes first permission information and a target parameter.
In operation S513, it is determined by the first electronic device whether the second electronic device has an authority to set the configuration information based on the first authority information.
In operation S514, the configuration information is set, by the first electronic device, based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
FIG. 5B schematically shows a schematic diagram of an information handling system according to an embodiment of the disclosure.
As shown in fig. 5B, the information processing system includes, for example, a plurality of first electronic devices 111, 112, 113, and the like, a second electronic device 120, and an authorization server 130.
For example, the authorization server 130 may send the first signature information to the plurality of first electronic devices 111, 112, 113. The plurality of first electronic devices 111, 112, 113 may store the first signature information into the first system for facilitating subsequent verification of the rights of the second electronic device 120 based on the first signature information.
In the disclosed embodiment, the authorization server 130 may interact with the second electronic device 120. For example, the authorization server 130 may receive a signature request of the second electronic device 120 and transmit the second signature information to the second electronic device 120, so that the second electronic device 120 sets the configuration information of the plurality of first electronic devices 111, 112, 113 based on the second signature information.
After the first electronic devices 111, 112, 113 receive the first signature information and the second electronic device 120 receives the second signature information, the first electronic devices 111, 112, 113 and the second electronic device 120 may enter the authentication phase and the configuration information setting phase. The specific processes of the right determining stage and the setting stage of the configuration information are the same as or similar to those described in the above embodiments, and are not described herein again.
In one case, the authorization server 130 may be, for example, a device of a service provider, such as a vendor of a first system that produces the plurality of first electronic devices 111, 112, 113. The service provider stores the first signature information in a first system of the plurality of first electronic devices 111, 112, 113, e.g. via the authorization server 130. The second electronic device 120 may also be a device produced by the service provider, for example.
In addition, the plurality of first electronic devices 111, 112, 113 and the second electronic device 120 may be devices inside a certain organization, for example. The second electronic device 120 may be, for example, a general control device inside the organization, which may be used to remotely control the plurality of first electronic devices 111, 112, 113. The organization purchases, for example, at least from a service provider, a plurality of first electronic devices 111, 112, 113. After the institution purchases the plurality of first electronic devices 111, 112, 113, the service provider may send the second signature information to the second electronic device 120 inside the institution through the authorization server 130, so that the second electronic device 120 performs an authorization operation with the plurality of first electronic devices 111, 112, 113 based on the second signature information, so as to confirm whether the second electronic device 120 has an authority to set the configuration information of the plurality of first electronic devices 111, 112, 113. And after confirming that the second electronic device 120 has the setting authority, the second electronic device 120 can remotely set the configuration information of the plurality of first electronic devices 111, 112, 113 in batch.
Fig. 6 schematically shows a block diagram of an information processing apparatus for a first electronic device according to an embodiment of the present disclosure.
As shown in fig. 6, the information processing apparatus 600 for a first electronic device includes, for example, a first receiving module 610, a determining module 620, and a setting module 630.
The first receiving module 610 may be configured to receive a setting request from a second electronic device, where the setting request is used to request setting of configuration information of the first electronic device, the configuration information is used to access a first system of the first electronic device, and the setting request includes first permission information and a target parameter. According to the embodiment of the present disclosure, the first receiving module 610 may, for example, perform operation S210 described above with reference to fig. 2, which is not described herein again.
The determining module 620 may be configured to determine whether the second electronic device has a right to set the configuration information based on the first right information. According to the embodiment of the present disclosure, the determining module 620 may perform, for example, the operation S220 described above with reference to fig. 2, which is not described herein again.
The setting module 630 may be configured to set the configuration information based on the target parameter in response to determining that the second electronic device has permission to set the configuration information. According to the embodiment of the present disclosure, the setting module 630 may perform, for example, the operation S230 described above with reference to fig. 2, which is not described herein again.
According to the embodiment of the disclosure, the first electronic device has first signature information of an authorization server, the first signature information is stored in a first system, and before the first electronic device enters a second system, the first electronic device can determine whether the second electronic device has authority to set configuration information through the first system based on the first signature information, wherein the number of access paths for accessing the first system is less than that for accessing the second system.
According to the embodiment of the present disclosure, before determining whether the second electronic device has the authority to set the configuration information based on the first authority information, the information processing apparatus is further configured to perform: receiving an authorization request from the second electronic device, wherein the authorization request comprises second authority information, verifying the second authority information based on the first signature information, and storing the verified second authority information in the first electronic device, so that the first electronic device determines whether the second electronic device has the authority for setting the configuration information based on the second authority information.
According to the embodiment of the present disclosure, the second electronic device has second signature information of the authorization server, the second signature information being used to generate at least one of the first right information and the second right information. Wherein verifying the second rights information based on the first signature information comprises: determining whether the second right information has second signature information, determining whether the second signature information is identical to the first signature information in response to determining that the second right information has the second signature information, and determining that the second right information is verified in response to determining that the second signature information is identical to the first signature information.
According to an embodiment of the present disclosure, determining whether the second electronic device has the authority to set the configuration information based on the first authority information includes: and acquiring second signature information in the first authority information, and determining whether the second electronic equipment has the authority for setting the configuration information or not based on the second signature information in the second authority information and the second signature information in the first authority information.
Fig. 7 schematically shows a block diagram of an information processing apparatus for an authorization server according to an embodiment of the present disclosure.
As shown in fig. 7, the information processing apparatus 700 for an authorization server includes, for example, a first transmitting module 710, a second receiving module 720, and a second transmitting module 730.
The first sending module 710 may be configured to send the first signature information to the first electronic device. According to the embodiment of the present disclosure, the first sending module 710 may, for example, perform operation S410 described above with reference to fig. 4, which is not described herein again.
The second receiving module 720 may be configured to receive a signature request of a second electronic device. According to the embodiment of the present disclosure, the second receiving module 720 may, for example, perform operation S420 described above with reference to fig. 4, which is not described herein again.
The second sending module 730 may be configured to send the second signature information to the second electronic device in response to the signature request, so that the second electronic device generates at least one of the first right information and the second right information based on the second signature information. According to the embodiment of the present disclosure, the second sending module 730 may, for example, perform the operation S430 described above with reference to fig. 4, which is not described herein again.
According to an embodiment of the present disclosure, a first electronic device is configured to perform the method of the embodiment of the present disclosure, and a second electronic device is configured to perform the method of the embodiment of the present disclosure.
Any number of modules, sub-modules, units, sub-units, or at least part of the functionality of any number thereof according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, and sub-units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in any other reasonable manner of hardware or firmware by integrating or packaging a circuit, or in any one of or a suitable combination of software, hardware, and firmware implementations. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the disclosure may be at least partially implemented as a computer program module, which when executed may perform the corresponding functions.
FIG. 8 schematically shows a block diagram of a computer system for implementing information processing according to an embodiment of the present disclosure. The computer system illustrated in FIG. 8 is only one example and should not impose any limitations on the scope of use or functionality of embodiments of the disclosure.
As shown in fig. 8, a computer system 800 implementing information processing includes a processor 801, a computer-readable storage medium 802. The system 800 may perform a method according to an embodiment of the present disclosure.
In particular, the processor 801 may include, for example, a general purpose microprocessor, an instruction set processor and/or related chip set and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), and/or the like. The processor 801 may also include onboard memory for caching purposes. The processor 801 may be a single processing unit or a plurality of processing units for performing the different actions of the method flows according to embodiments of the present disclosure.
Computer-readable storage medium 802 may be, for example, any medium that can contain, store, communicate, propagate, or transport the instructions. For example, a readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the readable storage medium include: magnetic storage devices, such as magnetic tape or Hard Disk Drives (HDDs); optical storage devices, such as compact disks (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or wired/wireless communication links.
The computer-readable storage medium 802 may include a computer program 803, which computer program 803 may include code/computer-executable instructions that, when executed by the processor 801, cause the processor 801 to perform a method according to an embodiment of the present disclosure, or any variant thereof.
The computer program 803 may be configured with, for example, computer program code comprising computer program modules. For example, in an example embodiment, code in computer program 803 may include one or more program modules, including for example 803A, module 803B, … …. It should be noted that the division and number of the modules are not fixed, and those skilled in the art may use suitable program modules or program module combinations according to actual situations, so that the processor 801 may execute the method according to the embodiment of the present disclosure or any variation thereof when the program modules are executed by the processor 801.
Any number of the above modules, sub-modules, units, sub-units, or at least part of the functionality of any number thereof may be implemented as computer program modules described with reference to fig. 8, which when executed by the processor 801 may perform the corresponding operations described above, in accordance with embodiments of the present disclosure.
The present disclosure also provides a computer-readable medium, which may be embodied in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The above-mentioned computer-readable medium carries one or more programs which, when executed, implement the above-mentioned information processing method.
According to embodiments of the present disclosure, a computer readable medium may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, optical fiber cable, radio frequency signals, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
While the disclosure has been shown and described with reference to certain exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims and their equivalents. Accordingly, the scope of the present disclosure should not be limited to the above-described embodiments, but should be defined not only by the appended claims, but also by equivalents thereof.

Claims (10)

1. An information processing method for a first electronic device, the method comprising:
receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters;
determining whether the second electronic device has the authority to set the configuration information based on the first authority information; and
setting the configuration information based on the target parameter in response to determining that the second electronic device has permission to set the configuration information.
2. The method of claim 1, wherein the first electronic device has first signature information of an authorization server, the first signature information being stored in the first system, the first electronic device being capable of determining, by the first system, whether the second electronic device has an authority to set the configuration information based on the first signature information before the first electronic device enters a second system;
wherein a number of access paths for accessing the first system is less than a number of access paths for accessing the second system.
3. The method of claim 2, prior to the determining whether the second electronic device has the authority to set the configuration information based on the first authority information, the method further comprising:
receiving an authorization request from the second electronic device, wherein the authorization request comprises second authority information;
verifying the second rights information based on the first signature information; and
and storing the second authority information which passes the verification in the first electronic equipment so that the first electronic equipment can determine whether the second electronic equipment has the authority for setting the configuration information or not based on the second authority information.
4. The method of claim 3, wherein:
the second electronic equipment is provided with second signature information of an authorization server, and the second signature information is used for generating at least one of the first right information and the second right information;
wherein the verifying the second rights information based on the first signature information comprises:
determining whether the second rights information has the second signature information;
in response to determining that the second rights information has the second signature information, determining whether the second signature information is consistent with the first signature information; and
in response to determining that the second signature information is consistent with the first signature information, determining that the second rights information is verified.
5. The method of claim 3 or 4, wherein the determining whether the second electronic device has the authority to set the configuration information based on the first authority information comprises:
acquiring second signature information in the first authority information; and
and determining whether the second electronic equipment has the authority to set the configuration information or not based on second signature information in the second authority information and second signature information in the first authority information.
6. An information processing method for a second electronic device, the method comprising:
sending a setting request to a first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters;
wherein the first electronic device is capable of determining whether the second electronic device has an authority to set the configuration information based on the first authority information; and in response to determining that the second electronic device has permission to set the configuration information, setting the configuration information based on the target parameter.
7. An information processing method for an authorization server, the method comprising:
sending the first signature information to the first electronic device;
receiving a signature request of a second electronic device; and
transmitting second signature information to the second electronic device in response to the signature request so that the second electronic device generates at least one of first right information and second right information based on the second signature information,
wherein the first electronic device is configured to perform the method according to any of claims 1-5 and the second electronic device is configured to perform the method according to claim 6.
8. An information processing apparatus comprising:
the device comprises a first receiving module, a second receiving module and a first display module, wherein the first receiving module is used for receiving a setting request from a second electronic device, the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters;
a determination module that determines whether the second electronic device has an authority to set the configuration information based on the first authority information; and
a setting module that sets the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
9. An information processing apparatus comprising:
the first sending module is used for sending the first signature information to the first electronic equipment;
the second receiving module is used for receiving a signature request of the second electronic equipment; and
a second transmitting module that transmits second signature information to the second electronic device in response to the signature request so that the second electronic device generates at least one of first right information and second right information based on the second signature information,
wherein the first electronic device is configured to perform the method according to any of claims 1-5 and the second electronic device is configured to perform the method according to claim 6.
10. An information processing system comprising:
a first electronic device;
a second electronic device; and
an authorization server;
wherein the authorization server is configured to perform:
sending first signature information to the first electronic device;
receiving a signature request of the second electronic device;
sending second signature information to the second electronic device in response to the signature request;
wherein the second electronic device is configured to perform:
sending a signature request to the authorization server;
receiving second signature information generated by the authorization server in response to the signature request;
generating first permission information based on the second signature information;
sending a setting request to the first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device;
wherein the first electronic device is configured to perform:
receiving a setting request from the second electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first permission information and target parameters;
determining whether the second electronic device has the authority to set the configuration information based on the first authority information; and
setting the configuration information based on the target parameter in response to determining that the second electronic device has permission to set the configuration information.
CN201911388275.6A 2019-12-27 2019-12-27 Information processing method, device and system Active CN111143827B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911388275.6A CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911388275.6A CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Publications (2)

Publication Number Publication Date
CN111143827A true CN111143827A (en) 2020-05-12
CN111143827B CN111143827B (en) 2023-04-28

Family

ID=70521489

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911388275.6A Active CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Country Status (1)

Country Link
CN (1) CN111143827B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1941697A (en) * 2005-09-30 2007-04-04 三星电子株式会社 Security method and system and computer-readable medium storing computer program for executing the security method
CN101980233A (en) * 2010-10-15 2011-02-23 上海聚力传媒技术有限公司 Method and equipment for authenticating service based on equipment identifier
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN106972993A (en) * 2017-03-31 2017-07-21 联想(北京)有限公司 Information processing method and electronic equipment
US20180145967A1 (en) * 2016-11-18 2018-05-24 Canon Kabushiki Kaisha Authorization server, non-transitory computer-readable medium, and authority delegating system
CN109740340A (en) * 2018-12-28 2019-05-10 联想(北京)有限公司 Information processing method and electronic equipment
CN110197059A (en) * 2016-10-25 2019-09-03 苹果公司 For managing the user interface of the access to the voucher used in operation

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1941697A (en) * 2005-09-30 2007-04-04 三星电子株式会社 Security method and system and computer-readable medium storing computer program for executing the security method
CN101980233A (en) * 2010-10-15 2011-02-23 上海聚力传媒技术有限公司 Method and equipment for authenticating service based on equipment identifier
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN110197059A (en) * 2016-10-25 2019-09-03 苹果公司 For managing the user interface of the access to the voucher used in operation
US20180145967A1 (en) * 2016-11-18 2018-05-24 Canon Kabushiki Kaisha Authorization server, non-transitory computer-readable medium, and authority delegating system
CN106972993A (en) * 2017-03-31 2017-07-21 联想(北京)有限公司 Information processing method and electronic equipment
CN109740340A (en) * 2018-12-28 2019-05-10 联想(北京)有限公司 Information processing method and electronic equipment

Also Published As

Publication number Publication date
CN111143827B (en) 2023-04-28

Similar Documents

Publication Publication Date Title
US10798076B2 (en) Securely authorizing access to remote resources
US20150089593A1 (en) Method and system for using a vibration signature as an authentication key
US11316683B2 (en) Systems and methods for providing IoT security service using hardware security module
CN107690175B (en) Method and equipment for managing wireless access point
CN110688428B (en) Method and device for issuing intelligent contracts
CN112651705A (en) Mail processing method, device, equipment and medium
US20220014353A1 (en) Method by which device shares digital key
US11636184B2 (en) Method for providing cloud-based service
EP2897079B1 (en) Executing unprotected mode services in a protected mode environment
CN106888448A (en) Using method for down loading, safety element and terminal
CN115629824B (en) GPU starting method, device, equipment, storage medium and program product
CN110969437B (en) Method, system, electronic device and medium for obtaining virtual bank card payment authority
CN111143827B (en) Information processing method, device and system
CN109635558B (en) Access control method, device and system
US9521215B1 (en) Micro cloud image uploading
CN109697343B (en) Verification method and system and computer system
CN110855718B (en) Enterprise user registration method and device, electronic equipment and computer readable medium
KR101464940B1 (en) Method and system for performing payment by authentication of user
US20160317934A1 (en) Game server having internal game resource, method of playing a game using the game server, and game development system including the game server
US11245694B2 (en) User terminal apparatus and control method thereof
CN108540469B (en) Voice processing method and electronic equipment
CN110795720A (en) Information processing method, system, electronic device, and computer-readable medium
WO2024040509A1 (en) Implementation of device seamless update with pre-authorization policy in trusted execution environment
CN110691108B (en) Picture downloading and saving method and electronic equipment
US20220216985A1 (en) Information processing terminal, information processing device, information processing method, program, and information processing system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant