CN111143827B - Information processing method, device and system - Google Patents

Information processing method, device and system Download PDF

Info

Publication number
CN111143827B
CN111143827B CN201911388275.6A CN201911388275A CN111143827B CN 111143827 B CN111143827 B CN 111143827B CN 201911388275 A CN201911388275 A CN 201911388275A CN 111143827 B CN111143827 B CN 111143827B
Authority
CN
China
Prior art keywords
information
electronic device
signature
authority
configuration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911388275.6A
Other languages
Chinese (zh)
Other versions
CN111143827A (en
Inventor
高晔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CN201911388275.6A priority Critical patent/CN111143827B/en
Publication of CN111143827A publication Critical patent/CN111143827A/en
Application granted granted Critical
Publication of CN111143827B publication Critical patent/CN111143827B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present disclosure provides an information processing method for a first electronic device, the method including: receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of a first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters; determining whether the second electronic device has the authority for setting the configuration information based on the first authority information; and in response to determining that the second electronic device has the authority to set the configuration information, setting the configuration information based on the target parameter. The present disclosure also provides an information processing apparatus and an information processing system.

Description

Information processing method, device and system
Technical Field
The present disclosure relates to an information processing method, an information processing apparatus, and an information processing system.
Background
In order to ensure the security of the electronic device, it is generally necessary to set a password for the first system of the electronic device, so as to ensure that the parameters of the first system of the electronic device are not tampered with at will. For example, the first system may be a BIOS (Basic Input Output System ). However, the related art requires manual setting on the current electronic device when setting the password for the BIOS system, which is time consuming and laborious. Particularly, when the number of electronic devices is large, if the password is set for the BIOS system by means of manual setting, the problems of low setting efficiency and inconvenient operation will result.
Disclosure of Invention
One aspect of the present disclosure provides an information processing method for a first electronic device, the method including: receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, the setting request comprises first authority information and target parameters, determining whether the second electronic device has authority to set the configuration information based on the first authority information, and setting the configuration information based on the target parameters in response to determining that the second electronic device has authority to set the configuration information.
Optionally, the first electronic device has first signature information of an authorization server, the first signature information is stored in the first system, and before the first electronic device enters the second system, the first electronic device can determine whether the second electronic device has a right to set the configuration information based on the first signature information through the first system, wherein the number of access paths for accessing the first system is smaller than the number of access paths for accessing the second system.
Optionally, before the determining, based on the first permission information, whether the second electronic device has permission to set the configuration information, the method further includes: and receiving an authorization request from the second electronic equipment, wherein the authorization request comprises second authority information, verifying the second authority information based on the first signature information, and storing the verified second authority information in the first electronic equipment so that the first electronic equipment can determine whether the second electronic equipment has the authority for setting the configuration information based on the second authority information.
Optionally, the second electronic device has second signature information of the authorization server, where the second signature information is used to generate at least one of the first rights information and the second rights information. Wherein said verifying said second rights information based on said first signature information comprises: determining whether the second authority information has the second signature information, determining whether the second signature information is consistent with the first signature information in response to determining that the second authority information has the second signature information, and determining that the second authority information is verified in response to determining that the second signature information is consistent with the first signature information.
Optionally, determining whether the second electronic device has the authority to set the configuration information based on the first authority information includes: acquiring second signature information in the first permission information, and determining whether the second electronic equipment has permission for setting the configuration information or not based on the second signature information in the second permission information and the second signature information in the first permission information.
Another aspect of the present disclosure provides an information processing method for a second electronic device, the method including: and sending a setting request to the first electronic equipment, wherein the setting request is used for requesting to set configuration information of the first electronic equipment, the configuration information is used for accessing a first system of the first electronic equipment, and the setting request comprises first authority information and target parameters. The first electronic device can determine whether the second electronic device has the authority for setting the configuration information or not based on the first authority information; and in response to determining that the second electronic device has the right to set the configuration information, setting the configuration information based on the target parameter.
Another aspect of the present disclosure provides an information processing method for an authorization server, the method including: and sending the first signature information to the first electronic device, receiving a signature request of the second electronic device, and responding to the signature request, and sending the second signature information to the second electronic device, so that the second electronic device generates at least one of the first authority information and the second authority information based on the second signature information. Wherein the first electronic device is configured to perform the method as described above and the second electronic device is configured to perform the method as described above.
Another aspect of the present disclosure provides an information processing apparatus including: the device comprises a first receiving module, a determining module and a setting module. The first receiving module receives a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters. And the determining module is used for determining whether the second electronic equipment has the authority for setting the configuration information or not based on the first authority information. And a setting module for setting the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
Optionally, the first electronic device has first signature information of an authorization server, the first signature information is stored in the first system, and before the first electronic device enters the second system, the first electronic device can determine whether the second electronic device has a right to set the configuration information based on the first signature information through the first system, wherein the number of access paths for accessing the first system is smaller than the number of access paths for accessing the second system.
Optionally, before the determining, based on the first permission information, whether the second electronic device has permission to set the configuration information, the information processing apparatus is further configured to perform: and receiving an authorization request from the second electronic equipment, wherein the authorization request comprises second authority information, verifying the second authority information based on the first signature information, and storing the verified second authority information in the first electronic equipment so that the first electronic equipment can determine whether the second electronic equipment has the authority for setting the configuration information based on the second authority information.
Optionally, the second electronic device has second signature information of the authorization server, where the second signature information is used to generate at least one of the first rights information and the second rights information. Wherein said verifying said second rights information based on said first signature information comprises: determining whether the second authority information has the second signature information, determining whether the second signature information is consistent with the first signature information in response to determining that the second authority information has the second signature information, and determining that the second authority information is verified in response to determining that the second signature information is consistent with the first signature information.
Optionally, determining whether the second electronic device has the authority to set the configuration information based on the first authority information includes: acquiring second signature information in the first permission information, and determining whether the second electronic equipment has permission for setting the configuration information or not based on the second signature information in the second permission information and the second signature information in the first permission information.
Another aspect of the present disclosure provides an information processing apparatus including: the device comprises a first sending module, a second receiving module and a second sending module. The first sending module sends the first signature information to the first electronic equipment. The second receiving module receives the signature request of the second electronic device. And the second sending module is used for responding to the signature request and sending second signature information to the second electronic equipment so that the second electronic equipment can generate at least one of the first authority information and the second authority information based on the second signature information. Wherein the first electronic device is configured to perform the method as described above and the second electronic device is configured to perform the method as described above.
Another aspect of the present disclosure provides an information processing system including: the system comprises a first electronic device, a second electronic device and an authorization server. Wherein the authorization server is configured to perform: and sending the first signature information to the first electronic equipment, receiving a signature request of the second electronic equipment, and responding to the signature request, and sending the second signature information to the second electronic equipment. Wherein the second electronic device is configured to perform: sending a signature request to the authorization server, receiving second signature information generated by the authorization server in response to the signature request, generating first authority information based on the second signature information, and sending a setting request to the first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device. Wherein the first electronic device is configured to perform: receiving a setting request from the second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, the setting request comprises first authority information and target parameters, determining whether the second electronic device has authority to set the configuration information or not based on the first authority information, and setting the configuration information based on the target parameters in response to determining that the second electronic device has authority to set the configuration information.
Another aspect of the present disclosure provides a non-transitory readable storage medium storing computer executable instructions which, when executed, are configured to implement a method as described above.
Another aspect of the present disclosure provides a computer program comprising computer executable instructions which, when executed, are adapted to carry out the method as described above.
Drawings
For a more complete understanding of the present disclosure and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
fig. 1 schematically illustrates an application scenario of an information processing method according to an embodiment of the present disclosure;
fig. 2 schematically illustrates a flowchart of an information processing method for a first electronic device according to an embodiment of the present disclosure;
fig. 3 schematically illustrates a flowchart of an information processing method for a first electronic device according to another embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow chart of an information processing method for an authorization server according to an embodiment of the disclosure;
FIG. 5A schematically illustrates a flowchart of an information processing method for an information handling system according to an embodiment of the present disclosure;
FIG. 5B schematically illustrates a schematic diagram of an information handling system according to an embodiment of the present disclosure;
Fig. 6 schematically shows a block diagram of an information processing apparatus for a first electronic device according to an embodiment of the present disclosure;
fig. 7 schematically illustrates a block diagram of an information processing apparatus for an authorization server according to an embodiment of the present disclosure; and
fig. 8 schematically illustrates a block diagram of a computer system for implementing information processing according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where expressions like at least one of "A, B and C, etc. are used, the expressions should generally be interpreted in accordance with the meaning as commonly understood by those skilled in the art (e.g.," a system having at least one of A, B and C "shall include, but not be limited to, a system having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a formulation similar to at least one of "A, B or C, etc." is used, in general such a formulation should be interpreted in accordance with the ordinary understanding of one skilled in the art (e.g. "a system with at least one of A, B or C" would include but not be limited to systems with a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Some of the block diagrams and/or flowchart illustrations are shown in the figures. It will be understood that some blocks of the block diagrams and/or flowchart illustrations, or combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable control apparatus, such that the instructions, when executed by the processor, create means for implementing the functions/acts specified in the block diagrams and/or flowchart.
Thus, the techniques of this disclosure may be implemented in hardware and/or software (including firmware, microcode, etc.). Additionally, the techniques of this disclosure may take the form of a computer program product on a computer-readable medium having instructions stored thereon, the computer program product being usable by or in connection with an instruction execution system. In the context of this disclosure, a computer-readable medium may be any medium that can contain, store, communicate, propagate, or transport the instructions. For example, a computer-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the computer readable medium include: magnetic storage devices such as magnetic tape or hard disk (HDD); optical storage devices such as compact discs (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or a wired/wireless communication link.
The embodiment of the disclosure provides an information processing method for a first electronic device, which comprises the following steps: receiving a setting request from the second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters. Then, based on the first authority information, it is determined whether the second electronic device has the authority to set the configuration information, and in response to determining that the second electronic device has the authority to set the configuration information, the configuration information is set based on the target parameter.
Fig. 1 schematically illustrates an application scenario of an information processing method according to an embodiment of the present disclosure. It should be noted that fig. 1 is merely an example of a scenario in which embodiments of the present disclosure may be applied to assist those skilled in the art in understanding the technical content of the present disclosure, but does not mean that embodiments of the present disclosure may not be used in other devices, systems, environments, or scenarios.
As shown in fig. 1, the application scenario 100 comprises, for example, a plurality of first electronic devices 111, 112, 113, etc. The application scenario 100 may also include a second electronic device 120.
According to an embodiment of the present disclosure, the first electronic device and the second electronic device 120 may be, for example, a server, a desktop, a notebook, or the like.
In the embodiment of the present disclosure, the second electronic device 120 may be used to set configuration information of a plurality of first electronic devices in batch, for example. The configuration information may be, for example, a BIOS password of the first electronic device. The second electronic device 120 may, for example, remotely set a BIOS password of the first electronic device.
Specifically, the second electronic device 120 may, for example, uniformly set the BIOS passwords of the plurality of first electronic devices, that is, the BIOS passwords of the plurality of first electronic devices are the same. Alternatively, the second electronic device 120 may also set the BIOS password of each first electronic device separately, i.e., the BIOS password of each first electronic device may be different.
According to the embodiment of the disclosure, the configuration information of the plurality of first electronic devices is remotely set in batches through the second electronic devices, so that the process of setting the configuration information is more efficient, convenient, time-saving and labor-saving.
An information processing method according to an exemplary embodiment of the present disclosure is described below with reference to fig. 2 to 5B in conjunction with the application scenario of fig. 1. It should be noted that the above application scenario is only shown for the convenience of understanding the spirit and principles of the present disclosure, and the embodiments of the present disclosure are not limited in any way in this respect. Rather, embodiments of the present disclosure may be applied to any scenario where applicable.
Fig. 2 schematically illustrates a flowchart of an information processing method for a first electronic device according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S210 to S230, for example.
In operation S210, a setting request is received from the second electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request includes first permission information and a target parameter.
According to an embodiment of the present disclosure, the first electronic device comprises, for example, a first system and a second system. Wherein the first system is for example for guiding the first electronic device into the second system. For example, the first system may be a basic input output system (BIOS system), and the second system may be an operating system, for example. In an embodiment of the present disclosure, the configuration information may be a BIOS password of the first electronic device. A first system of the first electronic device may be entered based on the BIOS password.
According to the embodiment of the disclosure, when the second electronic device remotely sets the configuration information of the first electronic device, the second electronic device may send a setting request including the first permission information and the target parameter to the first electronic device. The first permission information is used for representing whether the second electronic equipment has permission for setting configuration information of the first electronic equipment. The target parameter may be, for example, a BIOS password. When the first permission information characterizes that the second electronic device has permission to set configuration information of the first electronic device, the target parameter may be configured as a BIOS password of the first electronic device.
In operation S220, it is determined whether the second electronic device has a right to set the configuration information based on the first right information.
In operation S230, in response to determining that the second electronic device has the authority to set the configuration information, the configuration information is set based on the target parameter.
According to the embodiment of the disclosure, after the first electronic device receives the setting request of the second electronic device, the first authority information in the setting request can be verified to determine whether the first authority information characterizes the second electronic device to have the authority of setting configuration information. If the first permission information passes the verification of the first electronic device, the first electronic device may receive the target parameter in the setting request and set the configuration information based on the target parameter, for example, configure the target parameter as a BIOS password of the first electronic device.
It can be appreciated that the technical scheme of the embodiment of the disclosure can realize remote batch setting of the configuration information of the first electronic device by the second electronic device. Specifically, when the first electronic device receives the setting request of the second electronic device, first the first authority information in the setting request is verified, and if the first authority information passes the verification, the first electronic device may set its configuration information based on the target parameter in the setting request. Through the technical scheme of the embodiment of the disclosure, the effects of more high efficiency, convenience, time saving and labor saving in the process of setting configuration information are realized.
Fig. 3 schematically illustrates a flowchart of an information processing method for a first electronic device according to another embodiment of the present disclosure.
As shown in fig. 3, on the basis of the embodiment shown in fig. 2, the method of the embodiment of the present disclosure further includes operations S310 to S330. The operations S310 to S330 may be performed, for example, before the operation S220.
For ease of understanding, the first signature information is first explained before describing operations S310 to S330.
In an embodiment of the disclosure, the first electronic device has, for example, first signature information of the authorization server, which is stored, for example, in a first system of the first electronic device. Before the first electronic device enters the second system, the first electronic device can determine whether the second electronic device has the right to set the configuration information based on the first signature information through the first system.
Wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system. In other words, the difficulty of accessing the first system of the first electronic device is greater than the difficulty of accessing the second system, which characterizes the security level of the stored information of the first system as being higher than the security level of the stored information of the second system. Therefore, the first signature information is stored in the first system, so that the security of the first signature information can be ensured to a large extent.
In addition, the first signature information is stored in the first system, and the first signature information can be acquired before the first electronic device enters the second system, so that whether the second electronic device has the authority for setting the configuration information or not can be determined through the first signature information. The method for acquiring the first signature information before the first electronic equipment enters the second system realizes the process of setting the configuration information more quickly, does not need to wait for the first electronic equipment to enter the second system, and reduces the waiting time.
For example, the first electronic device may perform an authentication operation with the second electronic device based on the stored first signature information, and the authentication operation may be, for example, a handshake operation with the first electronic device before the second electronic device sets the configuration information of the first electronic device. After the second electronic device successfully handshakes with the first electronic device (completes the right), the second electronic device can further set the configuration information of the first electronic device.
According to an embodiment of the present disclosure, the process of the right determination is described in operations S310 to S330, for example, as follows. The operations S310 to S330 may be performed, for example, before the operation S220. Alternatively, operations S310 to S330 may be performed before operation S210, for example.
In operation S310, an authorization request from the second electronic device is received, wherein the authorization request includes second rights information.
According to an embodiment of the disclosure, the second electronic device has second signature information of the authorization server. The second signature information matches, for example, the first signature information in the first electronic device. That is, the second signature information and the first signature information may be paired signature information. Wherein the second signature information may be used to generate the first rights information and the second rights information. For example, the first authority information and the second authority information each have, for example, second signature information.
In operation S320, the second authority information is verified based on the first signature information.
According to the embodiment of the disclosure, the second authority information is provided with second signature information. Thus, the first electronic device can verify the second signature information in the second authority information by using the first signature information after receiving the request for the right of the second electronic device. If the first signature information matches the second signature information in the second rights information, it may be determined that the second rights information is verified by the first electronic device.
Specifically, it may be first determined whether the second authority information has the second signature information, for example. If it is determined that the second authority information has the second signature information, it may be determined whether the second signature information is identical to the first signature information. If it is determined that the second signature information is consistent with the first signature information, it may be determined that the second rights information is verified by the first electronic device.
In operation S330, the verified second right information is stored in the first electronic device, so that the first electronic device determines whether the second electronic device has the right to set the configuration information based on the second right information.
According to the embodiment of the present disclosure, if the second authority information passes the verification of the first electronic device, the second authority information may be stored in the first electronic device, so that the first electronic device may verify the first authority information from the second electronic device based on the stored second authority information when performing the above operation S220.
Specifically, after the process of determining the right is completed, operation S220 in fig. 2 may be performed. The above operation S220 may include, for example: first, second signature information in the first authority information is acquired. Then, it is determined whether the second electronic device has the right to set the configuration information based on the second signature information in the second right information and the second signature information in the first right information. For example, if the second signature information in the second authority information and the second signature information in the first authority information are identical, it is determined that the first authority information passes the verification of the first electronic device, and then the first electronic device may set the configuration information of the first electronic device based on the target parameter.
It can be understood that after the first electronic device and the second electronic device in the embodiment of the disclosure succeed in confirming the right, the second electronic device can remotely set the configuration information of the first electronic device in batches, so that the process of setting the configuration information is more convenient and quicker. Whether the right confirming process or the setting process is adopted, the first electronic equipment needs to verify whether the second electronic equipment has corresponding rights or not, and the safety of configuration is comprehensively ensured.
Another embodiment of the present disclosure further provides an information processing method for a second electronic device, including, for example: and sending a setting request to the first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises the first authority information and the target parameter.
The first electronic device can determine whether the second electronic device has the authority for setting the configuration information or not based on the first authority information; and in response to determining that the second electronic device has the authority to set the configuration information, setting the configuration information based on the target parameter.
Fig. 4 schematically illustrates a flowchart of an information processing method for an authorization server according to an embodiment of the present disclosure.
As shown in fig. 4, the method includes operations S410 to S430, for example.
In operation S410, first signature information is transmitted to a first electronic device.
In operation S420, a signature request of the second electronic device is received.
In response to the signature request, the second signature information is transmitted to the second electronic device so that the second electronic device generates at least one of the first rights information and the second rights information based on the second signature information in operation S430.
Wherein the first electronic device and the second electronic device may perform the method as described above.
Fig. 5A schematically illustrates a flowchart of an information processing method for an information processing system according to an embodiment of the present disclosure.
As shown in fig. 5A, the information processing system includes, for example, a first electronic device, a second electronic device, and an authorization server. The information processing method performed by the information processing system includes operations S501 to S514, for example.
In operation S501, first signature information is transmitted to a first electronic device by an authorization server.
In operation S502, a signature request is transmitted by the second electronic device to the authorization server.
In operation S503, a signature request of the second electronic device is received by the authorization server.
In operation S504, second signature information is transmitted to the second electronic device by the authorization server in response to the signature request.
In operation S505, second signature information generated by the authorization server in response to the signature request is received by the second electronic device.
In operation S506, second right information is generated by the second electronic device based on the second signature information, and an acknowledgement request is sent to the first electronic device, wherein the acknowledgement request includes the second right information.
In operation S507, an authorization request from the second electronic device is received by the first electronic device, wherein the authorization request includes second rights information.
In operation S508, the second authority information is verified by the first electronic device based on the first signature information.
In operation S509, the verified second right information is stored in the first electronic device by the first electronic device so that the first electronic device determines whether the second electronic device has the right to set the configuration information based on the second right information.
In operation S510, first authority information is generated by the second electronic device based on the second signature information.
In operation S511, a setting request is transmitted by the second electronic device to the first electronic device, wherein the setting request is for requesting setting of configuration information of the first electronic device.
In operation S512, a setting request from the second electronic device is received by the first electronic device, wherein the setting request is used for requesting setting of configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request includes the first authority information and the target parameter.
In operation S513, it is determined by the first electronic device whether the second electronic device has the right to set the configuration information based on the first right information.
In operation S514, the configuration information is set by the first electronic device based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
Fig. 5B schematically illustrates a schematic diagram of an information processing system according to an embodiment of the present disclosure.
As shown in fig. 5B, the information processing system includes, for example, a plurality of first electronic devices 111, 112, 113, and the like, a second electronic device 120, and an authorization server 130.
For example, the authorization server 130 may send the first signature information to the plurality of first electronic devices 111, 112, 113. The plurality of first electronic devices 111, 112, 113 may store the first signature information into the first system for facilitating subsequent verification of the rights of the second electronic device 120 based on the first signature information.
In the disclosed embodiment, the authorization server 130 may interact with the second electronic device 120. For example, the authorization server 130 may receive the signature request of the second electronic device 120 and transmit second signature information to the second electronic device 120, so that the second electronic device 120 sets configuration information of the plurality of first electronic devices 111, 112, 113 based on the second signature information.
After the first electronic devices 111, 112, 113 receive the first signature information and the second electronic device 120 receives the second signature information, the first electronic devices 111, 112, 113 and the second electronic device 120 may enter an authorization stage and a configuration stage. The specific process of the authorization stage and the configuration information setting stage is the same as or similar to the process described in the above embodiment, and will not be described herein.
In one case, the authorization server 130 may be, for example, a device of a service provider, such as a manufacturer of the first system that produces the plurality of first electronic devices 111, 112, 113. The service provider stores the first signature information in a first system of the plurality of first electronic devices 111, 112, 113, e.g. by means of the authorization server 130. The second electronic device 120 may be, for example, a device produced by the service provider.
The plurality of first electronic devices 111, 112, 113 and the second electronic device 120 may be devices inside a certain organization, for example. The second electronic device 120 may be, for example, a master control device within the facility, which may be used to remotely control the plurality of first electronic devices 111, 112, 113. The institution purchases the plurality of first electronic devices 111, 112, 113, for example, at least from a service provider. After the organization purchases the plurality of first electronic devices 111, 112, 113, the service provider may send second signature information to the second electronic device 120 inside the organization through the authorization server 130, so that the second electronic device 120 performs an authentication operation with the plurality of first electronic devices 111, 112, 113 based on the second signature information, so as to confirm whether the second electronic device 120 has authority to set configuration information of the plurality of first electronic devices 111, 112, 113. And after confirming that the second electronic device 120 has the setting authority, the second electronic device 120 can remotely set configuration information of the plurality of first electronic devices 111, 112, 113 in batch.
Fig. 6 schematically shows a block diagram of an information processing apparatus for a first electronic device according to an embodiment of the present disclosure.
As shown in fig. 6, the information processing apparatus 600 for a first electronic device includes, for example, a first receiving module 610, a determining module 620, and a setting module 630.
The first receiving module 610 may be configured to receive a setting request from the second electronic device, where the setting request is configured to request setting of configuration information of the first electronic device, the configuration information is configured to access a first system of the first electronic device, and the setting request includes the first permission information and the target parameter. According to an embodiment of the present disclosure, the first receiving module 610 may perform, for example, operation S210 described above with reference to fig. 2, which is not described herein.
The determining module 620 may be configured to determine whether the second electronic device has the right to set the configuration information based on the first right information. The determining module 620 may, for example, perform operation S220 described above with reference to fig. 2 according to an embodiment of the present disclosure, which is not described herein.
The setting module 630 may be configured to set the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information. According to an embodiment of the present disclosure, the setting module 630 may perform, for example, operation S230 described above with reference to fig. 2, which is not described herein.
According to the embodiment of the disclosure, the first electronic device has first signature information of the authorization server, the first signature information is stored in the first system, and before the first electronic device enters the second system, the first electronic device can determine whether the second electronic device has the authority for setting the configuration information or not through the first system based on the first signature information, wherein the number of access paths for accessing the first system is smaller than the number of access paths for accessing the second system.
According to an embodiment of the present disclosure, before determining whether the second electronic device has the right to set the configuration information based on the first right information, the information processing apparatus is further configured to perform: and receiving an authorization request from the second electronic device, wherein the authorization request comprises second authority information, verifying the second authority information based on the first signature information, and storing the verified second authority information in the first electronic device so that the first electronic device determines whether the second electronic device has the authority for setting the configuration information based on the second authority information.
According to an embodiment of the present disclosure, the second electronic device has second signature information of the authorization server, the second signature information being used to generate at least one of the first rights information and the second rights information. Wherein verifying the second rights information based on the first signature information includes: determining whether the second rights information has second signature information, determining whether the second signature information is consistent with the first signature information in response to determining that the second rights information has second signature information, and determining that the second rights information is authenticated in response to determining that the second signature information is consistent with the first signature information.
According to an embodiment of the present disclosure, determining whether the second electronic device has the right to set the configuration information based on the first right information includes: and acquiring second signature information in the first permission information, and determining whether the second electronic equipment has permission for setting configuration information or not based on the second signature information in the second permission information and the second signature information in the first permission information.
Fig. 7 schematically illustrates a block diagram of an information processing apparatus for an authorization server according to an embodiment of the present disclosure.
As shown in fig. 7, the information processing apparatus 700 for an authorization server includes, for example, a first transmission module 710, a second reception module 720, and a second transmission module 730.
The first sending module 710 may be configured to send the first signature information to the first electronic device. According to an embodiment of the present disclosure, the first transmitting module 710 may perform, for example, operation S410 described above with reference to fig. 4, which is not described herein.
The second receiving module 720 may be configured to receive a signature request of the second electronic device. According to an embodiment of the present disclosure, the second receiving module 720 may perform, for example, operation S420 described above with reference to fig. 4, which is not described herein.
The second transmitting module 730 may be configured to transmit the second signature information to the second electronic device in response to the signature request, so that the second electronic device generates at least one of the first rights information and the second rights information based on the second signature information. The second transmitting module 730 may, for example, perform operation S430 described above with reference to fig. 4 according to an embodiment of the present disclosure, which is not described herein.
According to an embodiment of the present disclosure, a first electronic device is configured to perform a method of an embodiment of the present disclosure, and a second electronic device is configured to perform a method of an embodiment of the present disclosure.
Any number of modules, sub-modules, units, sub-units, or at least some of the functionality of any number of the sub-units according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented as split into multiple modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system-on-chip, a system-on-substrate, a system-on-package, an Application Specific Integrated Circuit (ASIC), or in any other reasonable manner of hardware or firmware that integrates or encapsulates the circuit, or in any one of or a suitable combination of three of software, hardware, and firmware. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be at least partially implemented as computer program modules, which when executed, may perform the corresponding functions.
Fig. 8 schematically illustrates a block diagram of a computer system for implementing information processing according to an embodiment of the disclosure. The computer system illustrated in fig. 8 is merely an example, and should not be construed as limiting the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 8, a computer system 800 implementing information processing includes a processor 801, a computer readable storage medium 802. The system 800 may perform a method according to an embodiment of the present disclosure.
In particular, the processor 801 may include, for example, a general purpose microprocessor, an instruction set processor and/or an associated chipset and/or special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), or the like. The processor 801 may also include on-board memory for caching purposes. The processor 801 may be a single processing unit or multiple processing units for performing different actions of the method flows according to embodiments of the disclosure.
The computer-readable storage medium 802 may be, for example, any medium that can contain, store, communicate, propagate, or transport the instructions. For example, a readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. Specific examples of the readable storage medium include: magnetic storage devices such as magnetic tape or hard disk (HDD); optical storage devices such as compact discs (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and/or a wired/wireless communication link.
The computer-readable storage medium 802 may include a computer program 803, which computer program 803 may include code/computer executable instructions, which when executed by the processor 801, cause the processor 801 to perform a method according to an embodiment of the disclosure or any variation thereof.
The computer program 803 may be configured with computer program code comprising computer program modules, for example. For example, in an example embodiment, code in computer program 803 may include one or more program modules, including 803A, 803B, … …, for example. It should be noted that the division and number of modules is not fixed, and that a person skilled in the art may use suitable program modules or combinations of program modules depending on the actual situation, which when executed by the processor 801, enable the processor 801 to perform the methods according to embodiments of the present disclosure or any variations thereof.
According to embodiments of the present disclosure, any of the above-described modules, sub-modules, units, at least part of the functionality of any of the sub-units may be implemented as computer program modules described with reference to fig. 8, which, when executed by the processor 801, may implement the respective operations described above.
The present disclosure also provides a computer-readable medium that may be embodied in the apparatus/device/system described in the above embodiments; or may exist alone without being assembled into the apparatus/device/system. The computer readable medium carries one or more programs which, when executed, implement the above information processing method.
According to embodiments of the present disclosure, the computer readable medium may be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this disclosure, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present disclosure, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, fiber optic cable, radio frequency signals, or the like, or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments of the disclosure and/or in the claims may be combined in various combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the disclosure. In particular, the features recited in the various embodiments of the present disclosure and/or the claims may be variously combined and/or combined without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of the present disclosure.
While the present disclosure has been shown and described with reference to certain exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present disclosure as defined by the appended claims and their equivalents. The scope of the disclosure should, therefore, not be limited to the above-described embodiments, but should be determined not only by the following claims, but also by the equivalents of the following claims.

Claims (8)

1. An information processing method for a first electronic device, the method comprising:
receiving a setting request from a second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, the setting request comprises first authority information and target parameters, the first electronic device is provided with first signature information of an authorization server, and the first signature information is stored in the first system;
before the first electronic equipment enters a second system, the first electronic equipment performs right-confirming operation on the second electronic equipment based on the first signature information through the first system; wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system;
After the right confirming operation is completed, determining whether the second electronic equipment has the right for setting the configuration information or not based on the first right information; and
setting the configuration information based on the target parameter in response to determining that the second electronic device has the right to set the configuration information;
wherein, the right-confirming operation comprises:
receiving an acknowledgement request from the second electronic equipment, wherein the acknowledgement request comprises second authority information;
verifying the second rights information based on the first signature information; and
and storing the verified second permission information in the first electronic device, so that the first electronic device determines whether the second electronic device has permission for setting the configuration information or not based on the second permission information.
2. The method according to claim 1, wherein:
the second electronic device has second signature information of an authorization server, and the second signature information is used for generating at least one of the first authority information and the second authority information;
wherein said verifying said second rights information based on said first signature information comprises:
Determining whether the second authority information has the second signature information;
in response to determining that the second rights information has the second signature information, determining whether the second signature information is consistent with the first signature information; and
in response to determining that the second signature information is consistent with the first signature information, determining that the second rights information is verified.
3. The method of claim 1 or 2, wherein the determining, based on the first permission information, whether the second electronic device has permission to set the configuration information comprises:
acquiring second signature information in the first authority information; and
and determining whether the second electronic device has the authority for setting the configuration information or not based on second signature information in the second authority information and second signature information in the first authority information.
4. An information processing method for a second electronic device, the method comprising:
sending a setting request to a first electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters; the first electronic equipment is provided with first signature information of an authorization server, and the first signature information is stored in the first system;
Before the first electronic equipment enters a second system, the first electronic equipment performs right-confirming operation on the second electronic equipment based on the first signature information through the first system; wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system; the right-confirming operation of the second electronic equipment comprises the following steps: receiving an acknowledgement request from the second electronic equipment, wherein the acknowledgement request comprises second authority information; verifying the second rights information based on the first signature information; storing the verified second permission information in the first electronic device, so that the first electronic device determines whether the second electronic device has permission to set the configuration information based on the second permission information;
the first electronic device can determine whether the second electronic device has the authority for setting the configuration information or not based on the first authority information; and in response to determining that the second electronic device has the right to set the configuration information, setting the configuration information based on the target parameter.
5. An information processing method for an authorization server, the method comprising:
transmitting the first signature information to the first electronic device;
receiving a signature request of the second electronic device; and
transmitting second signature information to the second electronic device in response to the signature request, so that the second electronic device generates at least one of first authority information and second authority information based on the second signature information,
wherein the first electronic device is configured to perform the method according to any of claims 1-3 and the second electronic device is configured to perform the method according to claim 4.
6. An information processing apparatus comprising:
the first receiving module is used for receiving a setting request from the second electronic equipment, wherein the setting request is used for requesting to set configuration information of the first electronic equipment, the configuration information is used for accessing a first system of the first electronic equipment, and the setting request comprises first authority information and target parameters; the first electronic equipment is provided with first signature information of an authorization server, and the first signature information is stored in the first system;
before the first electronic equipment enters a second system, the first electronic equipment performs right-confirming operation on the second electronic equipment based on the first signature information through the first system; wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system; the right-confirming operation of the second electronic equipment comprises the following steps: receiving an acknowledgement request from the second electronic equipment, wherein the acknowledgement request comprises second authority information; verifying the second rights information based on the first signature information; storing the verified second permission information in the first electronic device, so that the first electronic device determines whether the second electronic device has permission to set the configuration information based on the second permission information;
A determining module configured to determine, based on the first permission information, whether the second electronic device has permission to set the configuration information; and
and a setting module for setting the configuration information based on the target parameter in response to determining that the second electronic device has the authority to set the configuration information.
7. An information processing apparatus comprising:
the first sending module is used for sending the first signature information to the first electronic equipment;
the second receiving module receives a signature request of the second electronic equipment; and
a second transmitting module that transmits second signature information to the second electronic device in response to the signature request so that the second electronic device generates at least one of first authority information and second authority information based on the second signature information,
wherein the first electronic device is configured to perform the method according to any of claims 1-3 and the second electronic device is configured to perform the method according to claim 4.
8. An information processing system, comprising:
a first electronic device;
a second electronic device; and
an authorization server;
wherein the authorization server is configured to perform:
Transmitting first signature information to the first electronic device;
receiving a signature request of the second electronic device;
transmitting second signature information to the second electronic device in response to the signature request;
wherein the second electronic device is configured to perform:
sending a signature request to the authorization server;
receiving second signature information generated by the authorization server in response to the signature request;
generating first rights information based on the second signature information;
sending a setting request to the first electronic equipment, wherein the setting request is used for requesting to set configuration information of the first electronic equipment;
wherein the first electronic device is configured to perform:
receiving a setting request from the second electronic device, wherein the setting request is used for requesting to set configuration information of the first electronic device, the configuration information is used for accessing a first system of the first electronic device, and the setting request comprises first authority information and target parameters; the first electronic equipment is provided with first signature information of an authorization server, and the first signature information is stored in the first system;
before the first electronic equipment enters a second system, the first electronic equipment performs right-confirming operation on the second electronic equipment based on the first signature information through the first system; wherein the number of access paths for accessing the first system is less than the number of access paths for accessing the second system; the right-confirming operation of the second electronic equipment comprises the following steps: receiving an acknowledgement request from the second electronic equipment, wherein the acknowledgement request comprises second authority information; verifying the second rights information based on the first signature information; storing the verified second permission information in the first electronic device, so that the first electronic device determines whether the second electronic device has permission to set the configuration information based on the second permission information;
Determining whether the second electronic device has a right to set the configuration information based on the first right information; and
in response to determining that the second electronic device has permission to set the configuration information, the configuration information is set based on the target parameter.
CN201911388275.6A 2019-12-27 2019-12-27 Information processing method, device and system Active CN111143827B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911388275.6A CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911388275.6A CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Publications (2)

Publication Number Publication Date
CN111143827A CN111143827A (en) 2020-05-12
CN111143827B true CN111143827B (en) 2023-04-28

Family

ID=70521489

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911388275.6A Active CN111143827B (en) 2019-12-27 2019-12-27 Information processing method, device and system

Country Status (1)

Country Link
CN (1) CN111143827B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1941697A (en) * 2005-09-30 2007-04-04 三星电子株式会社 Security method and system and computer-readable medium storing computer program for executing the security method
CN101980233A (en) * 2010-10-15 2011-02-23 上海聚力传媒技术有限公司 Method and equipment for authenticating service based on equipment identifier
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN106972993A (en) * 2017-03-31 2017-07-21 联想(北京)有限公司 Information processing method and electronic equipment
CN109740340A (en) * 2018-12-28 2019-05-10 联想(北京)有限公司 Information processing method and electronic equipment
CN110197059A (en) * 2016-10-25 2019-09-03 苹果公司 For managing the user interface of the access to the voucher used in operation

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018081643A (en) * 2016-11-18 2018-05-24 キヤノン株式会社 Authorization server and control method thereof, program, and right transfer system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1941697A (en) * 2005-09-30 2007-04-04 三星电子株式会社 Security method and system and computer-readable medium storing computer program for executing the security method
CN101980233A (en) * 2010-10-15 2011-02-23 上海聚力传媒技术有限公司 Method and equipment for authenticating service based on equipment identifier
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN110197059A (en) * 2016-10-25 2019-09-03 苹果公司 For managing the user interface of the access to the voucher used in operation
CN106972993A (en) * 2017-03-31 2017-07-21 联想(北京)有限公司 Information processing method and electronic equipment
CN109740340A (en) * 2018-12-28 2019-05-10 联想(北京)有限公司 Information processing method and electronic equipment

Also Published As

Publication number Publication date
CN111143827A (en) 2020-05-12

Similar Documents

Publication Publication Date Title
US10798076B2 (en) Securely authorizing access to remote resources
CN109714348B (en) Authority processing method, device, equipment and medium based on block chain
US20150089593A1 (en) Method and system for using a vibration signature as an authentication key
US10015668B2 (en) Method of establishing communications
CN111191212B (en) Block chain-based digital certificate processing method, device, equipment and storage medium
CN112651705B (en) Mail processing method, device, equipment and medium
US20220294642A1 (en) Use Right Information Processing Device, Use Right Information Processing System, and Use Right Information Processing Method, Based on Smart Contract
CN110519764B (en) Security verification method, system, computer device and medium of communication device
US20220014353A1 (en) Method by which device shares digital key
US9455972B1 (en) Provisioning a mobile device with a security application on the fly
KR20220050102A (en) Bluetooth Device Controlling Method And Device of Threof
US11190519B2 (en) Dock administration using a token
CN111600787B (en) Information processing method, information processing apparatus, electronic device, and medium
US10061908B2 (en) Program editing device, program management device, and computer readable medium
CN111143827B (en) Information processing method, device and system
CN114444029B (en) Use right verification method and device during VR application operation and electronic equipment
CN110969437B (en) Method, system, electronic device and medium for obtaining virtual bank card payment authority
CN109635558B (en) Access control method, device and system
CN111724165B (en) Block chain-based transaction verification method and device, electronic equipment and medium
CN112767142B (en) Processing method, device, computing equipment and medium for transaction file
US20210157936A1 (en) Methods and systems for facilitating joint submissions
KR101464940B1 (en) Method and system for performing payment by authentication of user
US20160317934A1 (en) Game server having internal game resource, method of playing a game using the game server, and game development system including the game server
CN112751713A (en) Block chain-based link establishing method, device and storage medium
CN112752262B (en) Networking method of household electrical appliance, household electrical appliance and terminal equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant