WO2024109269A1

WO2024109269A1 - At instruction permission management method and apparatus, computer device, and storage medium

Info

Publication number: WO2024109269A1
Application number: PCT/CN2023/118330
Authority: WO
Inventors: 王斌
Original assignee: 西安广和通无线软件有限公司
Priority date: 2022-11-24
Filing date: 2023-09-12
Publication date: 2024-05-30
Also published as: CN115730293A

Abstract

The present application discloses an AT instruction permission management method and apparatus, a computer device, and a storage medium. The AT instruction comprises at least two permission modes. The AT instruction permission management method comprises the following steps executed by a second device: receiving a permission switch request sent by a first device, the permission switch request comprising a first target permission mode; when the first target permission mode has a higher permission level than a current permission mode of an AT instruction, sending permission switching information to the first device according to the permission switch request; receiving permission confirmation information sent by the first device, and switching the permission mode of the AT instruction to the first target permission mode according to the permission confirmation information, the permission confirmation information being generated according to the permission switching information. The AT instruction permission management method can enable an AT instruction to be used correctly and securely, significantly reducing AT instruction abuse.

Description

AT指令权限管理方法、装置、计算机设备和存储介质AT command authority management method, device, computer equipment and storage medium

本申请要求于2022年11月24日提交中国专利局、申请号为202211481242.8、申请名称为“AT指令权限管理方法、装置、计算机设备和存储介质”的中国专利申请的优先权，其全部内容通过引用结合在本申请中。This application claims priority to the Chinese patent application filed with the China Patent Office on November 24, 2022, with application number 202211481242.8 and application name “AT command authority management method, device, computer equipment and storage medium”, all contents of which are incorporated by reference in this application.

技术领域Technical Field

本申请涉及通信技术领域，尤其涉及一种AT指令权限管理方法、装置、计算机设备和存储介质。The present application relates to the field of communication technology, and in particular to an AT command authority management method, device, computer equipment and storage medium.

背景技术Background technique

通信模组通常采用AT(Attention)指令作为控制指令。上位机通过UART(Universal Asynchronous Receiver/Transmitter，通用异步收发传输器)或者USB(Universal Serial Bus，通用串行总线)等连接通信模组后可通过收发AT指令的方式与通信模组实现交互。然而，目前对于AT指令缺乏有效的安全监控手段，使得任何上位机连接到通信模组后都可以不受限制地控制通信模组，AT指令存在被滥用的风险。Communication modules usually use AT (Attention) commands as control commands. After the host computer is connected to the communication module through UART (Universal Asynchronous Receiver/Transmitter) or USB (Universal Serial Bus), it can interact with the communication module by sending and receiving AT commands. However, there is currently a lack of effective security monitoring methods for AT commands, so any host computer connected to the communication module can control the communication module without restriction, and there is a risk of AT commands being abused.

发明内容Summary of the invention

有鉴于此，本申请实施例提供了一种AT指令权限管理方法、装置、计算机设备和存储介质，用以解决AT指令存在被滥用的问题。In view of this, the embodiments of the present application provide an AT command permission management method, apparatus, computer device and storage medium to solve the problem of AT command abuse.

第一方面，本申请实施例提供了一种AT指令权限管理方法，所述AT指令包括至少两种权限模式，所述方法包括由第二设备执行的如下步骤：In a first aspect, an embodiment of the present application provides an AT instruction permission management method, wherein the AT instruction includes at least two permission modes, and the method includes the following steps performed by a second device:

接收第一设备发送的权限切换请求，其中，所述权限切换请求包括第一目标权限模式；Receiving a permission switching request sent by a first device, wherein the permission switching request includes a first target permission mode;

当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，根据所述权限切换请求向所述第一设备发送权限切换信息；When the first target permission mode is higher than the permission level of the current AT command permission mode, the permission level is switched according to the permission level. Requesting to send permission switching information to the first device;

接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，其中，所述权限确认信息根据所述权限切换信息生成。Receive permission confirmation information sent by the first device, and switch the AT command permission mode to the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.

如上所述的方面和任一可能的实现方式，进一步提供一种实现方式，所述当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，根据所述权限切换请求向所述第一设备发送权限切换信息，包括：According to the above aspect and any possible implementation manner, an implementation manner is further provided, wherein when the first target permission mode has a higher permission level than the current AT command permission mode, sending permission switching information to the first device according to the permission switching request includes:

获取当前的所述AT指令权限模式；Get the current AT command permission mode;

将当前的所述AT指令权限模式和所述第一目标权限模式的所述权限级别进行比较；Compare the permission level of the current AT command permission mode with the permission level of the first target permission mode;

当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别高时，生成认证密码获取请求和校验随机数；When the first target permission mode has a higher permission level than the current AT command permission mode, generating an authentication password acquisition request and a verification random number;

将当前的所述AT指令权限模式、所述认证密码获取请求和所述校验随机数作为所述权限切换信息发送给所述第一设备。The current AT command authority mode, the authentication password acquisition request and the verification random number are sent to the first device as the authority switching information.

如上所述的方面和任一可能的实现方式，进一步提供一种实现方式，所述权限确认信息包括第二目标权限模式、所述第一设备的设备标识和认证密码，所述根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，包括：According to the above aspects and any possible implementation manner, an implementation manner is further provided, wherein the permission confirmation information includes a second target permission mode, a device identifier and an authentication password of the first device, and the switching of the AT command permission mode to the first target permission mode according to the permission confirmation information includes:

采用解密算法和所述第一设备的设备标识对所述认证密码进行解密，得到校验值，其中，所述认证密码根据所述第一设备的设备标识、所述校验随机数和加密算法生成，所述加密算法和所述解密算法与所述第一设备的设备标识具有映射关系；Decrypting the authentication password using a decryption algorithm and the device identification of the first device to obtain a verification value, wherein the authentication password is generated according to the device identification of the first device, the verification random number and the encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relationship with the device identification of the first device;

当所述校验值等于所述校验随机数，且所述第一目标权限模式和所述第二目标权限模式的所述权限模式相同时，将所述AT指令权限模式切换为所述第一目标权限模式。When the check value is equal to the check random number, and the permission modes of the first target permission mode and the second target permission mode are the same, the AT instruction permission mode is switched to the first target permission mode.

如上所述的方面和任一可能的实现方式，进一步提供一种实现方式，当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别低时，所述方法还包括：将所述AT指令权限模式切换为所述第一目标权限模式。According to the above aspects and any possible implementation method, an implementation method is further provided. When the first target permission mode is lower than the permission level of the current AT command permission mode, the method also includes: switching the AT command permission mode to the first target permission mode.

如上所述的方面和任一可能的实现方式，进一步提供一种实现方式，在所述接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式之后，所述方法还包括：According to the above aspect and any possible implementation manner, an implementation manner is further provided, wherein after receiving the permission confirmation information sent by the first device and switching the AT command permission mode to the first target permission mode according to the permission confirmation information, the method further includes:

生成权限变更信息，并将所述权限变更信息发送给所述第一设备；Generate permission change information, and send the permission change information to the first device;

接收所述第一设备发送的反馈信息，确认所述第一设备已获知所述AT指令权限模式切换为所述第一目标权限模式。 Feedback information sent by the first device is received to confirm that the first device has learned that the AT command permission mode is switched to the first target permission mode.

第二方面，本申请实施例还提供了一种AT指令权限管理方法，所述AT指令包括至少两种权限模式，所述方法包括由第一设备执行的如下步骤：In a second aspect, an embodiment of the present application further provides an AT instruction permission management method, wherein the AT instruction includes at least two permission modes, and the method includes the following steps performed by a first device:

获取用户输入的权限切换指令；Get the permission switching instruction entered by the user;

根据所述权限切换指令生成权限切换请求，并将所述权限切换请求发送到第二设备，其中，所述权限切换请求包括第一目标权限模式；generating a permission switching request according to the permission switching instruction, and sending the permission switching request to the second device, wherein the permission switching request includes a first target permission mode;

当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，接收所述第二设备发送的权限切换信息；When the first target permission mode has a higher permission level than the current AT command permission mode, receiving permission switching information sent by the second device;

根据所述权限切换信息向所述第二设备发送权限确认信息，以根据所述权限确认信息确定所述第二设备的所述AT指令权限模式。Sending permission confirmation information to the second device according to the permission switching information, so as to determine the AT command permission mode of the second device according to the permission confirmation information.

第三方面，本申请实施例提供了一种AT指令权限管理装置，包括：In a third aspect, an embodiment of the present application provides an AT command authority management device, including:

第一接收模块，用于第二设备接收第一设备发送的权限切换请求，其中，所述权限切换请求包括第一目标权限模式；A first receiving module, configured for receiving, by a second device, a permission switching request sent by a first device, wherein the permission switching request includes a first target permission mode;

第一发送模块，用于当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，所述第二设备根据所述权限切换请求向所述第一设备发送权限切换信息；A first sending module, configured to, when the first target permission mode has a higher permission level than the current AT command permission mode, send permission switching information to the first device according to the permission switching request by the second device;

第二接收模块，用于所述第二设备接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，其中，所述权限确认信息根据所述权限切换信息生成。The second receiving module is used for the second device to receive the permission confirmation information sent by the first device, and switch the AT command permission mode to the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.

进一步地，所述第一发送模块还具体用于：Furthermore, the first sending module is further specifically configured to:

当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别高，生成认证密码获取请求和校验随机数时；When the first target permission mode has a higher permission level than the current AT command permission mode, generating an authentication password acquisition request and a verification random number;

进一步地，所述权限确认信息包括第二目标权限模式、所述第一设备的设备标识和认证密码。Furthermore, the permission confirmation information includes the second target permission mode, the device identification and the authentication password of the first device.

进一步地，所述第二接收模块还具体用于：Furthermore, the second receiving module is further specifically configured to:

采用解密算法和所述第一设备的设备标识对所述认证密码进行解密，得到校验值，其中，所述认证密码根据所述第一设备的设备标识、所述校验随机数和加密算法生成，所述加密算法和所述解密算法与所述第一设备的设备标识具有映射关系；The authentication password is decrypted using a decryption algorithm and the device identification of the first device to obtain a verification value, wherein the authentication password is generated according to the device identification of the first device, the verification random number and the encryption algorithm, and the encryption algorithm A mapping relationship exists between the decryption algorithm and the device identification of the first device;

进一步地，当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别低时，所述AT指令权限管理装置还具体用于：Further, when the first target permission mode is lower than the permission level of the current AT command permission mode, the AT command permission management device is further specifically used to:

将所述AT指令权限模式切换为所述第一目标权限模式。The AT command permission mode is switched to the first target permission mode.

进一步地，所述AT指令权限管理装置还具体用于：Furthermore, the AT command authority management device is also specifically used for:

接收所述第一设备发送的反馈信息，确认所述第一设备已获知所述AT指令权限模式切换为所述第一目标权限模式。Feedback information sent by the first device is received to confirm that the first device has learned that the AT command permission mode is switched to the first target permission mode.

第四方面，本申请实施例还提供了一种AT指令权限管理装置，包括：In a fourth aspect, the embodiment of the present application further provides an AT command authority management device, including:

获取模块，用于第一设备获取用户输入的权限切换指令；An acquisition module, used for the first device to acquire a permission switching instruction input by a user;

第二发送模块，用于所述第一设备根据所述权限切换指令生成权限切换请求，并将所述权限切换请求发送到第二设备，其中，所述权限切换请求包括第一目标权限模式；A second sending module, configured for the first device to generate a permission switching request according to the permission switching instruction, and send the permission switching request to a second device, wherein the permission switching request includes a first target permission mode;

第三接收模块，用于当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，所述第一设备接收所述第二设备发送的权限切换信息；a third receiving module, configured to, when the first target permission mode has a higher permission level than the current AT command permission mode, cause the first device to receive permission switching information sent by the second device;

第三发送模块，用于所述第一设备根据所述权限切换信息向所述第二设备发送权限确认信息，以根据所述权限确认信息确定所述第二设备的所述AT指令权限模式。The third sending module is used for the first device to send permission confirmation information to the second device according to the permission switching information, so as to determine the AT command permission mode of the second device according to the permission confirmation information.

第五方面，本申请实施例提供一种计算机设备，包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令，所述处理器执行所述计算机可读指令时执行如第一方面所述AT指令权限管理方法的步骤。In a fifth aspect, an embodiment of the present application provides a computer device, comprising a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, wherein when the processor executes the computer-readable instructions, the processor performs the steps of the AT command authority management method described in the first aspect.

第六方面，本申请实施例提供一种计算机可读存储介质，所述计算机可读存储介质存储有计算机可读指令，所述计算机可读指令被处理器执行时实现如第一方面所述AT指令权限管理方法的步骤。In a sixth aspect, an embodiment of the present application provides a computer-readable storage medium, wherein the computer-readable storage medium stores computer-readable instructions, and when the computer-readable instructions are executed by a processor, the steps of the AT instruction permission management method as described in the first aspect are implemented.

本申请的一个或多个实施例的细节在下面的附图和描述中提出。本申请的其他特征、目的和优点将从说明书、附图以及权利要求书变得明显。The details of one or more embodiments of the present application are set forth in the following drawings and description. Other features, objects, and advantages of the present application will become apparent from the description, drawings, and claims.

附图说明 BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本申请实施例的技术方案，下面将对实施例中所需要使用的附图作简单地介绍，显而易见地，下面描述中的附图仅仅是本申请的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动性的前提下，还可以根据这些附图获得其它的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for use in the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present application. For ordinary technicians in this field, other drawings can be obtained based on these drawings without paying creative labor.

图1是本申请实施例中一种AT指令权限管理方法的流程图；FIG1 is a flow chart of an AT command authority management method according to an embodiment of the present application;

图2是本申请实施例中一种AT指令权限模式切换的流程图；FIG2 is a flow chart of an AT command permission mode switching in an embodiment of the present application;

图3是本申请实施例中一种与AT指令权限管理方法一一对应的装置的原理框图；FIG3 is a block diagram of a device corresponding to the AT command authority management method in an embodiment of the present application;

图4是本申请实施例中另一种与AT指令权限管理方法一一对应的装置的原理框图；FIG4 is a schematic block diagram of another device corresponding to the AT command authority management method in an embodiment of the present application;

图5是本申请实施例中一种计算机设备的示意图。FIG. 5 is a schematic diagram of a computer device in an embodiment of the present application.

具体实施方式Detailed ways

为了更好的理解本申请的技术方案，下面结合附图对本申请实施例进行详细描述。In order to better understand the technical solution of the present application, the embodiments of the present application are described in detail below with reference to the accompanying drawings.

应当明确，所描述的实施例仅仅是本申请一部分实施例，而不是全部的实施例。基于本申请中的实施例，本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例，都属于本申请保护的范围。It should be clear that the described embodiments are only part of the embodiments of the present application, rather than all the embodiments. Based on the embodiments in the present application, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present application.

在本申请实施例中使用的术语是仅仅出于描述特定实施例的目的，而非旨在限制本申请。在本申请实施例和所附权利要求书中所使用的单数形式的“一种”、“”和“该”也旨在包括多数形式，除非上下文清楚地表示其他含义。The terms used in the embodiments of the present application are only for the purpose of describing specific embodiments, and are not intended to limit the present application. The singular forms "a", "an", "the" and "the" used in the embodiments of the present application and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings.

应当理解，本文中使用的术语“和/或”仅仅是一种描述关联对象的相同的字段，表示可以存在三种关系，例如，A和/或B，可以表示：单独存在A，同时存在A和B，单独存在B这三种情况。另外，本文中字符“/”，一般表示前后关联对象是一种“或”的关系。It should be understood that the term "and/or" used in this article is only a description of the same field of the associated objects, indicating that there can be three relationships. For example, A and/or B can represent: A exists alone, A and B exist at the same time, and B exists alone. In addition, the character "/" in this article generally indicates that the associated objects before and after are in an "or" relationship.

应当理解，尽管在本申请实施例中可能采用术语第一、第二、第三等来描述预设范围等，但这些预设范围不应限于这些术语。这些术语仅用来将预设范围彼此区分开。例如，在不脱离本申请实施例范围的情况下，第一预设范围也可以被称为第二预设范围，类似地，第二预设范围也可以被称为第一预设范围。It should be understood that, although the terms first, second, third, etc. may be used to describe preset ranges, etc. in the embodiments of the present application, these preset ranges should not be limited to these terms. These terms are only used to distinguish preset ranges from each other. For example, without departing from the scope of the embodiments of the present application, the first preset range may also be referred to as the second preset range, and similarly, the second preset range may also be referred to as the first preset range.

取决于语境，如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”或“响应于检测”。类似地，取决于语境，短语“如果确定”或“如果检测(陈述的条件或事件)”可以被解释成为“当确定时”或“响应于确定”或“当检测(陈述的条件或事件)时”或“响应于检测(陈述的条件或事件)”。Depending on the context, the word "if" as used herein may be interpreted as "when" or "when" or "in response to" Similarly, the phrases “if it is determined” or “if (stated condition or event) is detected” may be interpreted as “when it is determined” or “in response to determining” or “when detecting (stated condition or event)” or “in response to detecting (stated condition or event)”, depending on the context.

本申请提供一种AT指令权限管理方法。图1是本申请实施例中一种AT指令权限管理方法的流程图。该AT指令权限管理方法可应用在上位机和通信模组及相关的计算机设备上。本申请中，上位机需在通过AT指令权限授权认证的前提下才可对通信模组进行对应权限级别的控制，与传统技术存在的上位机对通信模组进行控制的方式相比，本申请的方法能够显著较少AT指令被滥用的情况，使得AT指令能够更正确、安全地被使用。如图1所示，该AT指令权限管理方法包括如下步骤：The present application provides an AT command permission management method. FIG1 is a flow chart of an AT command permission management method in an embodiment of the present application. The AT command permission management method can be applied to a host computer, a communication module and related computer devices. In the present application, the host computer can only control the communication module at the corresponding permission level after passing the AT command permission authorization authentication. Compared with the way in which the host computer controls the communication module in the traditional technology, the method of the present application can significantly reduce the abuse of AT commands, so that AT commands can be used more correctly and safely. As shown in FIG1, the AT command permission management method includes the following steps:

S10：第一设备获取用户输入的权限切换指令。S10: The first device obtains a permission switching instruction input by a user.

其中，第一设备具体可以是指上位机，该上位机是指可以直接发出控制指令的计算机，如可通过发出AT指令实现对连接的通信模组的控制。The first device may specifically refer to a host computer, which refers to a computer that can directly issue control instructions, such as controlling a connected communication module by issuing AT instructions.

其中，权限切换指令是用于触发第一设备向第二设备发送权限切换请求的指令。权限切换请求是指切换第二设备的AT指令权限模式的请求。The permission switching instruction is an instruction for triggering the first device to send a permission switching request to the second device. The permission switching request refers to a request for switching the AT command permission mode of the second device.

在一实施例中，用户可以通过在上位机中输入权限切换指令的方式，以使得第二设备切换当前的AT指令权限模式，令第一设备能够在切换后的AT指令权限模式下，通过发送AT指令实现对第二设备的控制。In one embodiment, the user can input a permission switching instruction in the host computer to switch the second device to the current AT command permission mode, so that the first device can control the second device by sending AT commands in the switched AT command permission mode.

本申请中，AT指令包括至少两种权限模式。在一实施例中，AT指令具体可设置为如普通模式、工程模式和特权模式这三种权限模式。其中，普通模式下仅支持执行普通指令，为通信模组默认的AT指令权限模式。工程模式下可支持执行工程指令和普通指令，该工程模式的权限级别高于普通模式。特权模式下可支持执行特权指令、工程指令和普通指令，特权模式的权限级别高于工程模式和普通模式。进一步地，普通指令具体可包括公开的用户可正常使用的AT指令。工程指令具体为用于产线生产、内部工具如分区备份、调试端口开启指令、功能参数设置等。特权指令用于通信模组的一些关键信息查询或者特殊功能的开启以及特殊功能参数设置等。In the present application, AT instructions include at least two permission modes. In one embodiment, AT instructions can be specifically set to three permission modes such as normal mode, engineering mode and privileged mode. Among them, only ordinary instructions are supported in normal mode, which is the default AT instruction permission mode of the communication module. Engineering mode can support the execution of engineering instructions and ordinary instructions, and the permission level of the engineering mode is higher than that of the normal mode. Privileged mode can support the execution of privileged instructions, engineering instructions and ordinary instructions, and the permission level of the privileged mode is higher than that of the engineering mode and the normal mode. Further, ordinary instructions may specifically include AT instructions that can be used normally by public users. Engineering instructions are specifically used for production line production, internal tools such as partition backup, debug port opening instructions, function parameter settings, etc. Privileged instructions are used for some key information queries of communication modules or the opening of special functions and the setting of special function parameters.

本申请中，将通信模组接收并实现功能反馈的AT指令进行分类，并根据不同分类的AT指令实现不同的AT指令权限模式控制，使得用户无法通过上位机设备对通信模组发送的AT指令随意进行控制，规范化了AT指令的使用范围。 In this application, the AT commands received by the communication module and implementing function feedback are classified, and different AT command permission mode controls are implemented according to the AT commands of different classifications, so that users cannot arbitrarily control the AT commands sent by the communication module through the host device, and the use scope of the AT commands is standardized.

S20：第一设备根据权限切换指令生成权限切换请求，并将权限切换请求发送到第二设备，其中，权限切换请求包括第一目标权限模式。S20: The first device generates a permission switching request according to the permission switching instruction, and sends the permission switching request to the second device, wherein the permission switching request includes the first target permission mode.

其中，权限目标模式是指用户所期望的AT指令权限模式。在该权限目标模式下，第一设备能够通过发送特定的AT指令对第二设备发出控制指令。The permission target mode refers to the AT command permission mode expected by the user. In this permission target mode, the first device can issue a control instruction to the second device by sending a specific AT instruction.

在一实施例中，第一设备在接收到用户输入的权限切换指令后，将触发权限切换请求并将该权限切换请求发送到第二设备。该权限切换请求包括第一目标权限模式，以使得第二设备能够根据该第一目标权限模式进行AT指令权限模式的切换，令第一设备能够在第一目标权限模式下发送相应权限的AT指令对第二设备实现功能控制。In one embodiment, after receiving the permission switching instruction input by the user, the first device triggers a permission switching request and sends the permission switching request to the second device. The permission switching request includes a first target permission mode, so that the second device can switch the AT instruction permission mode according to the first target permission mode, so that the first device can send the AT instruction of the corresponding permission in the first target permission mode to realize the function control of the second device.

S30：第二设备接收第一设备发送的权限切换请求。S30: The second device receives the permission switching request sent by the first device.

S40：当第一目标权限模式比当前的AT指令权限模式的权限级别高时，第二设备根据权限切换请求向第一设备发送权限切换信息。S40: When the first target permission mode is higher than the permission level of the current AT command permission mode, the second device sends permission switching information to the first device according to the permission switching request.

其中，权限切换信息用于第一设备及第二设备实现AT指令权限模式的提升认证。在权限切换信息中，携带有一些实现权限模式的提升认证的信息。The permission switching information is used by the first device and the second device to implement the elevated authentication of the AT command permission mode. The permission switching information carries some information for implementing the elevated authentication of the permission mode.

在一实施例中，若第一设备发送的第一目标权限模式比第二设备当前的AT指令权限模式的权限级别高，则认为第一设备发送的权限切换请求是一个要求对AT指令权限模式进行级别提升的请求，接下来的过程是第一设备及第二设备间实现AT指令权限模式的提升认证的过程。具体地，第二设备将根据权限切换请求向第一设备发送权限切换信息，以完成AT指令权限模式的提升认证。In one embodiment, if the first target permission mode sent by the first device is higher than the permission level of the current AT command permission mode of the second device, the permission switching request sent by the first device is considered to be a request for upgrading the level of the AT command permission mode, and the following process is a process of implementing the upgrade authentication of the AT command permission mode between the first device and the second device. Specifically, the second device will send permission switching information to the first device according to the permission switching request to complete the upgrade authentication of the AT command permission mode.

S50：第一设备接收第二设备发送的权限切换信息。S50: The first device receives the permission switching information sent by the second device.

S60：第一设备根据权限切换信息向第二设备发送权限确认信息。S60: The first device sends permission confirmation information to the second device according to the permission switching information.

其中，权限确认信息和权限切换信息同样用于第一设备及第二设备实现AT指令权限模式的提升认证，该权限确认信息是针对第一设备接收的权限切换信息所反馈的信息，用于最终与第二设备的信息认证，从而完成权限提升认证。Among them, the permission confirmation information and permission switching information are also used by the first device and the second device to implement the elevated authentication of the AT command permission mode. The permission confirmation information is the information fed back for the permission switching information received by the first device, and is used for the final information authentication with the second device, thereby completing the permission elevation authentication.

在一实施例中，第一设备在接收到权限切换信息后，将相应地生成用于权限提升认证的权限确认信息并发送到第二设备，以使得第二设备根据该权限确认信息进行权限提升认证，使得第二设备能够切换到第一设备所期待的AT指令权限模式。In one embodiment, after receiving the permission switching information, the first device will accordingly generate permission confirmation information for permission escalation authentication and send it to the second device, so that the second device can perform permission escalation authentication according to the permission confirmation information, so that the second device can switch to the AT command permission mode expected by the first device.

S70：第二设备接收第一设备发送的权限确认信息，根据权限确认信息将AT指令权限模式切换为第一目标权限模式。S70: The second device receives the permission confirmation information sent by the first device, and switches the AT command permission mode to the first target permission mode according to the permission confirmation information.

在一实施例中，当第二设备根据权限确认信息确认第一设备及第二设备之间的通信符合权限提升的认证时，第二设备将把AT指令权限模式切换至第一目标权限模式，以使得第一设备能够在该第一目标权限模式下，通过输入该权限下允许执行的AT指令实现对第二设备的控制。In one embodiment, when the second device confirms, based on the permission confirmation information, that the communication between the first device and the second device complies with the permission, When the authentication of the second device is performed under the limited enhancement, the second device will switch the AT command permission mode to the first target permission mode, so that the first device can control the second device by inputting AT commands allowed to be executed under the permission in the first target permission mode.

步骤S10-S70中，对AT指令设置了权限确认的机制，上位机在通过AT指令对通信模组发起控制时，首先需达到通信模组准许的权限级别的要求。当上位机所被准许的用于通信的权限级别足够高时，可相应地在该权限下对通信模组实现对应权限级别的控制，当上位机所被准许的用于通信的权限级别较低时，上位机需通过权限认证的方式提高通信模组的权限级别，从而提高被准许的用于通信的权限级别，以实现对通信模组的进一步控制。本申请实施例中，通过对AT指令设置权限等级，使得AT指令能够正确、安全地被使用，能够显著减少AT指令被滥用的情况。In steps S10-S70, a permission confirmation mechanism is set for AT instructions. When the host computer initiates control of the communication module through AT instructions, it must first meet the permission level requirements of the communication module. When the permission level for communication permitted by the host computer is high enough, the corresponding permission level can be controlled under this permission. When the permission level for communication permitted by the host computer is low, the host computer needs to increase the permission level of the communication module by means of permission authentication, thereby increasing the permission level for communication, so as to achieve further control of the communication module. In the embodiment of the present application, by setting the permission level for AT instructions, AT instructions can be used correctly and safely, which can significantly reduce the situation of AT instructions being abused.

进一步地，在步骤S40中，即当第一目标权限模式比当前的AT指令权限模式的权限级别高时，第二设备根据权限切换请求向第一设备发送权限切换信息的步骤中，具体包括如下步骤：Further, in step S40, that is, when the first target permission mode is higher than the permission level of the current AT command permission mode, the step of the second device sending permission switching information to the first device according to the permission switching request specifically includes the following steps:

S41：第二设备获取当前的AT指令权限模式。S41: The second device obtains the current AT command permission mode.

在一实施例中，在AT指令权限模式未切换前，第二设备所处的AT指令即当前的AT指令权限模式，例如，通信模组未进行过任何AT指令权限模式的切换，则根据默认的初始设置其当前的AT指令权限模式为普通模式。In one embodiment, before the AT command permission mode is switched, the AT command of the second device is the current AT command permission mode. For example, if the communication module has not switched any AT command permission mode, its current AT command permission mode is the normal mode according to the default initial setting.

S42：第二设备将当前的AT指令权限模式和第一目标权限模式的权限级别进行比较。S42: The second device compares the permission level of the current AT command permission mode with the permission level of the first target permission mode.

可以理解地，不同的AT指令权限模式对应的权限级别不同。在一实施例中，将第一设备发送的第一目标权限模式与第二设备当前的AT指令权限模式的权限级别进行比较，若第一目标权限模式与第二设备当前的AT指令权限模式不同，尤其是第一目标权限模式的权限级别高于第二设备当前的AT指令权限模式时，可触发第二设备向第一设备发送对当前的AT指令权限模式进行切换的相关信息。It is understandable that different AT command permission modes correspond to different permission levels. In one embodiment, the first target permission mode sent by the first device is compared with the permission level of the current AT command permission mode of the second device. If the first target permission mode is different from the current AT command permission mode of the second device, especially when the permission level of the first target permission mode is higher than the current AT command permission mode of the second device, the second device may be triggered to send relevant information for switching the current AT command permission mode to the first device.

S43：若第一目标权限模式比当前的AT指令权限模式的权限级别高，第二设备生成认证密码获取请求和校验随机数。S43: If the first target permission mode has a higher permission level than the current AT command permission mode, the second device generates an authentication password acquisition request and a verification random number.

其中，认证密码获取请求是指向第一设备获取认证密码的请求。校验随机数是用于身份校验的随机数，该身份校验是指与第一设备身份相关的校验。The authentication password acquisition request refers to a request for acquiring the authentication password from the first device. The verification random number is a random number used for identity verification, and the identity verification refers to verification related to the identity of the first device.

在一实施例中，当第一目标权限模式比当前的AT指令权限模式的权限级别高时，第二设备将认为第一设备有提升权限级别的需求，此时第二设备具体可生成认证密码获取请求和校验随机数来完成该AT指令权限模式的提升认证的过程。In one embodiment, when the first target permission mode is higher than the permission level of the current AT command permission mode, the second device will consider that the first device has a need to upgrade the permission level. At this time, the second device can specifically generate an authentication password acquisition request and verify a random number to complete the process of upgrading the authentication of the AT command permission mode.

S44：第二设备将当前的AT指令权限模式、认证密码获取请求和校验随机数作为权限切换信息发送给第一设备。S44: The second device uses the current AT command permission mode, the authentication password acquisition request and the verification random number as the permission switch The switching information is sent to the first device.

在一实施例中，权限切换信息具体可包括AT指令权限模式、认证密码获取请求和校验随机数，以使得第一设备能够根据这些信息生成认证密码，并发送到第二设备以实现AT指令权限模式的提升认证。In one embodiment, the permission switching information may specifically include an AT command permission mode, an authentication password acquisition request, and a verification random number, so that the first device can generate an authentication password based on this information and send it to the second device to achieve enhanced authentication of the AT command permission mode.

步骤S41-S44中，第二设备将当前的AT指令权限模式、认证密码获取请求和校验随机数作为权限切换信息发送给第一设备，以使得第一设备能够根据该权限切换信息以实现AT指令权限模式的提升认证。In steps S41-S44, the second device sends the current AT command permission mode, the authentication password acquisition request and the verification random number as permission switching information to the first device, so that the first device can implement the enhanced authentication of the AT command permission mode according to the permission switching information.

进一步地，权限确认信息包括第二目标权限模式、第一设备的设备标识和认证密码。Furthermore, the permission confirmation information includes the second target permission mode, the device identification and the authentication password of the first device.

其中，第二目标权限模式与第一目标权限模式可以是相同的。本申请实施例中，提出第二目标权限模式是为了验证第一设备和第二设备是否在同一AT通信通道上完成AT指令权限模式的提升认证过程。可以理解地，当第二目标权限模式与第一目标权限模式相同时，认为接收权限切换信息的第一设备和发送权限切换请求的第一设备是同一设备且在同一通信AT通信通道上完成信息传输。这样，可确保第一设备在请求第二设备提高AT指令权限模式时，在各自独立的AT通信通道上实现AT指令权限模式的切换。进一步地，第二设备和第一设备之间是支持多个AT通信通道来通过AT指令实现命令控制的，在每个AT通信通道中，通过对第一目标权限模式和第二目标权限模式的验证，可以为每个AT通信通道都设置独立的AT指令权限模式，这样，即便是在只有一台第二设备和一台第一设备的情况下，仍然能够通过设置不同的AT指令权限模式的方式实现AT指令的多权限控制。Among them, the second target permission mode and the first target permission mode may be the same. In the embodiment of the present application, the second target permission mode is proposed to verify whether the first device and the second device complete the AT instruction permission mode upgrade authentication process on the same AT communication channel. It can be understood that when the second target permission mode is the same as the first target permission mode, it is considered that the first device receiving the permission switching information and the first device sending the permission switching request are the same device and complete the information transmission on the same communication AT communication channel. In this way, it can be ensured that when the first device requests the second device to increase the AT instruction permission mode, the switching of the AT instruction permission mode is realized on each independent AT communication channel. Further, the second device and the first device support multiple AT communication channels to realize command control through AT instructions. In each AT communication channel, by verifying the first target permission mode and the second target permission mode, an independent AT instruction permission mode can be set for each AT communication channel. In this way, even if there is only one second device and one first device, multi-authority control of AT instructions can still be realized by setting different AT instruction permission modes.

其中，第一设备的设备标识是指能够唯一识别设备身份或者设备机型的标识，该第一设备的设备标识可以有多个存在形式，在此不作限定。The device identifier of the first device refers to an identifier that can uniquely identify the identity of the device or the model of the device. The device identifier of the first device can exist in multiple forms, which are not limited here.

其中，该认证密码可第一设备根据第一设备的设备标识、校验随机数，或者根据第一设备的设备标识、校验随机数和第二设备当前的AT指令权限模式，通过加密算法加密得到的。需要说明的是，该加密算法与第一设备的设备标识具有映射关系，也即，不同型号或者机号的第一设备其所对应的加密算法是不同的。这样，不同的AT指令权限模式可以使用不同的对第一设备的授权策略，如工程模式可以采用一型一密策略，特权模式可以使用一机一密策略。Among them, the authentication password can be obtained by encrypting the first device through an encryption algorithm according to the device identification of the first device, the verification random number, or according to the device identification of the first device, the verification random number and the current AT command permission mode of the second device. It should be noted that the encryption algorithm has a mapping relationship with the device identification of the first device, that is, the encryption algorithms corresponding to the first devices of different models or machine numbers are different. In this way, different AT command permission modes can use different authorization strategies for the first device, such as the engineering mode can adopt a one-type-one-password strategy, and the privileged mode can use a one-machine-one-password strategy.

进一步地，在步骤S70中，即第二设备接收第一设备发送的权限确认信息，根据权限确认信息将AT指令权限模式切换为第一目标权限模式的步骤中，具体包括如下步骤：Further, in step S70, that is, the second device receives the permission confirmation information sent by the first device, and switches the AT command permission mode to the first target permission mode according to the permission confirmation information, specifically includes the following steps:

S711：第二设备采用解密算法和第一设备的设备标识对认证密码进行解密，得到校验值，其中，认证密码根据第一设备的设备标识、校验随机数和加密算法生成，加密算法和解密算法与第一设备的设备标识具有映射关系。S711: The second device uses the decryption algorithm and the device identification of the first device to decrypt the authentication password to obtain a verification value, wherein the authentication password is generated according to the device identification of the first device, the verification random number and the encryption algorithm, and the encryption algorithm and the decryption algorithm A mapping relationship is established with the device identification of the first device.

在一实施例中，第二设备在解密阶段，将根据第一设备的设备标识以及认证密码进行解密(若加密阶段有对第二设备当前的AT指令权限模式进行加密的，则需要对称进行解密)，并得到校验值。以根据该校验值将与第二设备中预先算好并存储的待校验值进行比对，从而确认第二设备AT指令权限模式的切换。In one embodiment, during the decryption phase, the second device will decrypt according to the device identification and authentication password of the first device (if the current AT command permission mode of the second device is encrypted during the encryption phase, symmetric decryption is required), and obtain a verification value. The verification value is compared with the pre-calculated and stored value to be verified in the second device, thereby confirming the switching of the AT command permission mode of the second device.

S712：当校验值等于校验随机数，且第一目标权限模式和第二目标权限模式的权限模式相同时，第二设备将AT指令权限模式切换为第一目标权限模式。S712: When the check value is equal to the check random number, and the first target permission mode and the second target permission mode are the same, the second device switches the AT command permission mode to the first target permission mode.

在一实施例中，若校验值和待校验值相同，则第一设备要求第二设备提高权限级别的请求通过，第二设备将切换至更高级别的AT指令权限模式。通过第二设备授权给第一设备，第一设备可采用AT通道通信的方式，发出AT指令对第二设备进行控制。In one embodiment, if the check value and the value to be checked are the same, the request of the first device to the second device to increase the permission level is approved, and the second device will switch to a higher level AT command permission mode. Through the second device authorizing the first device, the first device can use the AT channel communication method to issue AT commands to control the second device.

步骤S711-S712中，第二设备通过对认证密码进行解密得到校验值，并利用该校验值确定第二设备AT指令权限模式的切换，这样，当第一设备计算得到的认证密码正确时，第二设备所解密得到的校验值也将是正确的，能够实现一型一密、一机一密的权限管理。可以理解地，本申请中，特定的第一设备能够使第二设备进行权限模式的提升切换，当第一设备能够正确地根据第二设备发送的权限切换信息生成权限确认信息时，第二设备可实现权限模式的提升切换。In steps S711-S712, the second device obtains a check value by decrypting the authentication password, and uses the check value to determine the switching of the AT command permission mode of the second device. In this way, when the authentication password calculated by the first device is correct, the check value decrypted by the second device will also be correct, and the permission management of one type and one password, one machine and one password can be realized. It can be understood that in this application, a specific first device can enable the second device to perform an upgrade switch of the permission mode. When the first device can correctly generate permission confirmation information according to the permission switching information sent by the second device, the second device can realize the upgrade switch of the permission mode.

进一步地，当第一目标权限模式比当前的AT指令权限模式的权限级别低时，该方法还包括如下步骤：Further, when the first target permission mode is lower than the permission level of the current AT command permission mode, the method further includes the following steps:

第二设备将AT指令权限模式切换为第一目标权限模式。The second device switches the AT command permission mode to the first target permission mode.

在一实施例中，若第一目标权限模式比当前的AT指令权限模式的权限级别低，则第二设备可认为这是降低权限级别的请求。第二设备可直接将AT指令权限模式切换为相较于第二设备当前的AT指令权限模式的权限级别低的第一目标权限模式。In one embodiment, if the first target permission mode is lower than the permission level of the current AT command permission mode, the second device may consider this to be a request to lower the permission level. The second device may directly switch the AT command permission mode to the first target permission mode with a lower permission level than the current AT command permission mode of the second device.

进一步地，在步骤S70之后，即第二设备接收第一设备发送的权限确认信息，根据权限确认信息将AT指令权限模式切换为第一目标权限模式的步骤之后，还包括如下步骤：Further, after step S70, that is, after the second device receives the permission confirmation information sent by the first device and switches the AT command permission mode to the first target permission mode according to the permission confirmation information, the following steps are also included:

S721：第二设备生成权限变更信息，并将权限变更信息发送给第一设备。S721: The second device generates permission change information, and sends the permission change information to the first device.

其中，权限变更信息是指表明第二设备AT指令权限模式变更的信息。The permission change information refers to information indicating that the permission mode of the AT command of the second device has been changed.

S722：第二设备接收第一设备发送的反馈信息，确认第一设备已获知AT指令权限模式切换为第一目标权限模式。S722: The second device receives feedback information sent by the first device, and confirms that the first device has learned that the AT command permission mode is switched to the first target permission mode.

其中，反馈信息是第一设备根据接收的权限变更信息所反馈的获知AT指令权限模式切换成功的信息。 The feedback information is information fed back by the first device based on the received permission change information, indicating that the AT command permission mode is successfully switched.

步骤S721-S722中，在第二设备完成AT指令权限模式切换后，将通知第一设备该切换成功的消息，而第一设备也会向第二设备反馈已获知第二设备完成AT指令权限模式切换成功的消息，这样，能够确定第一设备和第二设备双方都获知当前的AT指令权限模式，使得第一设备能够在该AT指令权限模式下通过发送AT指令实现对第二设备的控制。In steps S721-S722, after the second device completes the AT command permission mode switch, it will notify the first device of the successful switch, and the first device will also feedback to the second device a message that it has learned that the second device has successfully completed the AT command permission mode switch. In this way, it can be determined that both the first device and the second device are aware of the current AT command permission mode, so that the first device can control the second device by sending AT commands in the AT command permission mode.

图2是本申请实施例中一种AT指令权限模式切换的流程图。如图2所示，上位机为上述实施例提及的第一设备，(通信)模组为上述实施例提及的第二设备。具体地，模组在开机后默认进入普通模式，当上位机需要模组切换至指定权限模式时，将发送模式切换指令至模组。其中，以AT+CHMOD(改变权限的函数)作为模式切换指令为例，模式切换流程如图2所示：Figure 2 is a flow chart of an AT command permission mode switch in an embodiment of the present application. As shown in Figure 2, the host computer is the first device mentioned in the above embodiment, and the (communication) module is the second device mentioned in the above embodiment. Specifically, the module enters the normal mode by default after booting up. When the host computer requires the module to switch to the specified permission mode, it will send a mode switching instruction to the module. Among them, taking AT+CHMOD (function to change permissions) as an example of a mode switching instruction, the mode switching process is shown in Figure 2:

步骤1：上位机通过AT+CHMOD＝“MODE”命令切换模组权限模式，其中MODE参数可以标识普通模式、工程模式或特权模式。Step 1: The host computer switches the module permission mode through the AT+CHMOD="MODE" command, where the MODE parameter can identify the normal mode, engineering mode, or privileged mode.

步骤2：如果模组当前权限模式低于上位机需要设置的权限模式，如普通模式切换为过程模式或特权模式，则需要进行提权认证，例如：模组返回\r(回车符)\n(换行符)+CHMOD:“MODE”,”PIN REQUIRED”,”RAND(校验随机数)”其中MODE参数标识模组的当前模式，“PIN REQUIRED“为输入认证码的请求，”RAND“为计算认证码的随机数。Step 2: If the current permission mode of the module is lower than the permission mode that needs to be set by the host computer, such as switching from normal mode to process mode or privileged mode, it is necessary to perform privilege escalation authentication, for example: the module returns \r (carriage return) \n (line feed) + CHMOD: "MODE", "PIN REQUIRED", "RAND (verify random number)" where the MODE parameter identifies the current mode of the module, "PIN REQUIRED" is a request to enter the authentication code, and "RAND" is a random number for calculating the authentication code.

上位机根据RAND随机数和加密算法计算认证码PIN CODE，并通过AT+CHMOD＝”MODE”,”PIN CODE”再次尝试切换权限模式；模组根据RAND和解密算法校验PIN CODE，若校验通过，模组将当前AT通道切换至指定权限模式，并返回\r\nOK\r\n给上位机；若校验失败，模组保持原有模式并返回\r\nERROR\r\n给上位机。The host computer calculates the authentication code PIN CODE according to the RAND random number and encryption algorithm, and tries to switch the permission mode again through AT+CHMOD=”MODE”,”PIN CODE”; the module verifies PIN CODE according to RAND and the decryption algorithm. If the verification passes, the module switches the current AT channel to the specified permission mode and returns OK to the host computer; if the verification fails, the module maintains the original mode and returns ERROR to the host computer.

步骤3：如果模组当前权限模式高于上位机需要设置的权限模式，如特权模式切换到普通模式，则模组直接将当前AT通道切换至指定权限模式，并返回\r\nOK\r\n给上位机。Step 3: If the module's current permission mode is higher than the permission mode that the host computer needs to set, such as switching from privileged mode to normal mode, the module directly switches the current AT channel to the specified permission mode and returns OK to the host computer.

在本申请实施例中，对AT指令设置了权限确认的机制，上位机在通过AT指令对通信模组发起控制时，首先需达到通信模组准许的权限级别的要求。当上位机所被准许的用于通信的权限级别足够高时，可相应地在该权限下对通信模组实现对应权限级别的控制，当上位机所被准许的用于通信的权限级别较低时，上位机需通过权限认证的方式提高通信模组的权限级别，从而提高被准许的用于通信的权限级别，以实现对通信模组的进一步控制。本申请实施例中，通过对AT指令设置权限等级，使得AT指令能够正确、安全地被使用，能够显著减少AT指令被滥用的情况。In an embodiment of the present application, a permission confirmation mechanism is set for AT instructions. When the host computer initiates control of the communication module through AT instructions, it must first meet the permission level requirements of the communication module. When the permission level for communication permitted by the host computer is high enough, the corresponding permission level can be controlled under this permission. When the permission level for communication permitted by the host computer is low, the host computer needs to increase the permission level of the communication module by means of permission authentication, thereby increasing the permission level for communication, so as to achieve further control of the communication module. In an embodiment of the present application, by setting the permission level for AT instructions, AT instructions can be used correctly and safely, which can significantly reduce the situation where AT instructions are abused.

进一步地，本申请还将当前的AT指令权限模式、认证密码获取请求和校验随机数作为权限切换信息发送给第一设备，以使得第一设备能够根据该权限切换信息以实现AT指令权限模式的提升认证。Furthermore, the present application also sends the current AT command permission mode, the authentication password acquisition request and the verification random number as permission switching information to the first device, so that the first device can implement the AT command permission mode according to the permission switching information. Improved certification.

进一步地，本申请还通过对认证密码进行解密得到校验值，并利用该校验值确定第二设备AT指令权限模式的切换，这样，当第一设备计算得到的认证密码正确时，第二设备所解密得到的校验值也将是正确的，能够实现一型一密、一机一密的权限管理。Furthermore, the present application also obtains a verification value by decrypting the authentication password, and uses the verification value to determine the switching of the AT command permission mode of the second device. In this way, when the authentication password calculated by the first device is correct, the verification value decrypted by the second device will also be correct, and the permission management of one type and one password, and one machine and one password can be realized.

进一步地，本申请还可直接将AT指令权限模式切换为相较于第二设备当前的AT指令权限模式的权限级别低的第一目标权限模式。Furthermore, the present application may also directly switch the AT command permission mode to a first target permission mode having a lower permission level than the current AT command permission mode of the second device.

进一步地，在第二设备完成AT指令权限模式切换后，本申请还将通知第一设备该切换成功的消息，而第一设备也会向第二设备反馈已获知第二设备完成AT指令权限模式切换成功的消息，这样，能够确定第一设备和第二设备双方都获知当前的AT指令权限模式，使得第一设备能够在该AT指令权限模式下通过发送AT指令实现对第二设备的控制。Furthermore, after the second device completes the AT command permission mode switch, the present application will also notify the first device of the message that the switch is successful, and the first device will also feedback to the second device a message that it has learned that the second device has successfully completed the AT command permission mode switch. In this way, it can be determined that both the first device and the second device are aware of the current AT command permission mode, so that the first device can control the second device by sending AT commands in the AT command permission mode.

应理解，上述实施例中各步骤的序号的大小并不意味着执行顺序的先后，各过程的执行顺序应以其功能和内在逻辑确定，而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the serial numbers of the steps in the above embodiments does not mean the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present application.

图3是本申请实施例中一种与AT指令权限管理方法一一对应的装置的原理框图。如图3所示，该AT指令权限管理装置1包括第一接收模块10、第一发送模块20和第二接收模块30。FIG3 is a principle block diagram of a device corresponding to the AT command authority management method in an embodiment of the present application. As shown in FIG3 , the AT command authority management device 1 includes a first receiving module 10 , a first sending module 20 and a second receiving module 30 .

第一接收模块10，用于第二设备接收第一设备发送的权限切换请求，其中，权限切换请求包括第一目标权限模式。The first receiving module 10 is used for the second device to receive a permission switching request sent by the first device, wherein the permission switching request includes a first target permission mode.

第一发送模块20，用于当第一目标权限模式比当前的AT指令权限模式的权限级别高时，第二设备根据权限切换请求向第一设备发送权限切换信息。The first sending module 20 is configured to, when the first target permission mode has a higher permission level than the current AT command permission mode, cause the second device to send permission switching information to the first device according to the permission switching request.

第二接收模块30，用于第二设备接收第一设备发送的权限确认信息，根据权限确认信息将AT指令权限模式切换为第一目标权限模式，其中，权限确认信息根据权限切换信息生成。The second receiving module 30 is used for the second device to receive the permission confirmation information sent by the first device, and switch the AT command permission mode to the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.

进一步地，第一发送模块20还具体用于：Furthermore, the first sending module 20 is further specifically configured to:

获取当前的AT指令权限模式。Get the current AT command permission mode.

将当前的AT指令权限模式和第一目标权限模式的权限级别进行比较。The current AT command permission mode is compared with the permission level of the first target permission mode.

若第一目标权限模式比当前的AT指令权限模式的权限级别高，生成认证密码获取请求和校验随机数。If the first target authority mode has a higher authority level than the current AT command authority mode, an authentication password acquisition request and a verification random number are generated.

将当前的AT指令权限模式、认证密码获取请求和校验随机数作为权限切换信息发送给第一设备。 The current AT command authority mode, the authentication password acquisition request and the verification random number are sent to the first device as authority switching information.

进一步地，第二接收模块30还具体用于：Furthermore, the second receiving module 30 is further specifically configured to:

采用解密算法和第一设备的设备标识对认证密码进行解密，得到校验值，其中，认证密码根据第一设备的设备标识、校验随机数和加密算法生成，加密算法和解密算法与第一设备的设备标识具有映射关系。The authentication password is decrypted using a decryption algorithm and a device identification of the first device to obtain a verification value, wherein the authentication password is generated according to the device identification of the first device, a verification random number and an encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relationship with the device identification of the first device.

当校验值等于校验随机数，且第一目标权限模式和第二目标权限模式的权限模式相同时，将AT指令权限模式切换为第一目标权限模式。When the check value is equal to the check random number, and the first target permission mode and the second target permission mode are the same, the AT instruction permission mode is switched to the first target permission mode.

进一步地，当第一目标权限模式比当前的AT指令权限模式的权限级别低时，AT指令权限管理装置1还具体用于：Further, when the first target permission mode is lower than the permission level of the current AT command permission mode, the AT command permission management device 1 is further specifically used to:

将AT指令权限模式切换为第一目标权限模式。Switch the AT command permission mode to the first target permission mode.

进一步地，AT指令权限管理装置1还具体用于：Furthermore, the AT command authority management device 1 is also specifically used for:

生成权限变更信息，并将权限变更信息发送给第一设备。Generate permission change information, and send the permission change information to the first device.

接收第一设备发送的反馈信息，确认第一设备已获知AT指令权限模式切换为第一目标权限模式。Feedback information sent by the first device is received to confirm that the first device has learned that the AT command permission mode is switched to the first target permission mode.

图4是本申请实施例中另一种与AT指令权限管理方法一一对应的装置的原理框图。如图4所示，该AT指令权限管理装置2包括获取模块40、第二发送模块50、第三接收模块60和第三发送模块70。FIG4 is a principle block diagram of another device corresponding to the AT command authority management method in an embodiment of the present application. As shown in FIG4 , the AT command authority management device 2 includes an acquisition module 40 , a second sending module 50 , a third receiving module 60 and a third sending module 70 .

获取模块40，用于第一设备获取用户输入的权限切换指令。The acquisition module 40 is used for the first device to acquire the permission switching instruction input by the user.

第二发送模块50，用于所述第一设备根据所述权限切换指令生成权限切换请求，并将所述权限切换请求发送到第二设备，其中，所述权限切换请求包括第一目标权限模式。The second sending module 50 is configured for the first device to generate a permission switching request according to the permission switching instruction, and send the permission switching request to a second device, wherein the permission switching request includes a first target permission mode.

第三接收模块60，用于当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，所述第一设备接收所述第二设备发送的权限切换信息。The third receiving module 60 is configured to enable the first device to receive permission switching information sent by the second device when the permission level of the first target permission mode is higher than that of the current AT command permission mode.

第三发送模块70，用于所述第一设备根据所述权限切换信息向所述第二设备发送权限确认信息，以根据所述权限确认信息确定所述第二设备的所述AT指令权限模式。The third sending module 70 is configured for the first device to send permission confirmation information to the second device according to the permission switching information, so as to determine the AT command permission mode of the second device according to the permission confirmation information.

在本申请实施例中，对AT指令设置了权限确认的机制，上位机在通过AT指令对通信模组发起控制时，首先需达到通信模组准许的权限级别的要求。当上位机所被准许的用于通信的权限级别足够高时，可相应地在该权限下对通信模组实现对应权限级别的控制，当上位机所被准许的用于通信的权限级别较低时，上位机需通过权限认证的方式提高通信模组的权限级别，从而提高被准许的用于通信的权限级别，以实现对通信模组的进一步控制。本申请实施例中，通过对AT指令设置权限等级，使得AT指令能够正确、安全地被使用，能够显著减少AT指令被滥用的情况。In the embodiment of the present application, a permission confirmation mechanism is set for AT instructions. When the host computer initiates control of the communication module through AT instructions, it must first meet the permission level requirements of the communication module. When the permission level for communication permitted by the host computer is high enough, the communication module can be controlled at the corresponding permission level accordingly. When the permission level for communication permitted by the host computer is low, the host computer needs to increase the permission level of the communication module through permission authentication. Thus, the permission level for communication is increased to achieve further control over the communication module. In the embodiment of the present application, by setting the permission level for AT commands, AT commands can be used correctly and safely, which can significantly reduce the abuse of AT commands.

进一步地，本申请还将当前的AT指令权限模式、认证密码获取请求和校验随机数作为权限切换信息发送给第一设备，以使得第一设备能够根据该权限切换信息以实现AT指令权限模式的提升认证。本申请还通过对认证密码进行解密得到校验值，并利用该校验值确定第二设备AT指令权限模式的切换，这样，当第一设备计算得到的认证密码正确时，第二设备所解密得到的校验值也将是正确的，能够实现一型一密、一机一密的权限管理。本申请还可直接将AT指令权限模式切换为相较于第二设备当前的AT指令权限模式的权限级别低的第一目标权限模式。在第二设备完成AT指令权限模式切换后，本申请还将通知第一设备该切换成功的消息，而第一设备也会向第二设备反馈已获知第二设备完成AT指令权限模式切换成功的消息，这样，能够确定第一设备和第二设备双方都获知当前的AT指令权限模式，使得第一设备能够在该AT指令权限模式下通过发送AT指令实现对第二设备的控制。Furthermore, the present application also sends the current AT command permission mode, the authentication password acquisition request and the verification random number as permission switching information to the first device, so that the first device can realize the authentication of the AT command permission mode upgrade according to the permission switching information. The present application also obtains the verification value by decrypting the authentication password, and uses the verification value to determine the switching of the AT command permission mode of the second device. In this way, when the authentication password calculated by the first device is correct, the verification value decrypted by the second device will also be correct, and the permission management of one type and one password and one machine and one password can be realized. The present application can also directly switch the AT command permission mode to a first target permission mode with a lower permission level than the current AT command permission mode of the second device. After the second device completes the AT command permission mode switching, the present application will also notify the first device of the message of the successful switching, and the first device will also feedback to the second device the message that the second device has successfully completed the AT command permission mode switching. In this way, it can be determined that both the first device and the second device know the current AT command permission mode, so that the first device can control the second device by sending AT commands in the AT command permission mode.

本申请还提供一种计算机可读存储介质，计算机可读存储介质存储有计算机可读指令，计算机可读指令被处理器执行时实现如实施例的AT指令权限管理方法。The present application also provides a computer-readable storage medium, which stores computer-readable instructions. When the computer-readable instructions are executed by a processor, the AT instruction authority management method as in the embodiment is implemented.

本申请还提供一种计算机设备。图5是本申请实施例中一种计算机设备的示意图。如图5所示，计算机设备110包括处理器111、存储器112以及存储在存储器112中并可在处理器111上运行的计算机可读指令113。处理器111执行计算机可读指令113时实现AT指令权限管理方法的各个步骤。The present application also provides a computer device. FIG5 is a schematic diagram of a computer device in an embodiment of the present application. As shown in FIG5, the computer device 110 includes a processor 111, a memory 112, and a computer-readable instruction 113 stored in the memory 112 and executable on the processor 111. When the processor 111 executes the computer-readable instruction 113, each step of the AT command authority management method is implemented.

示例性地，计算机可读指令113可以被分割成一个或多个模块/单元，一个或者多个模块/单元被存储在存储器112中，并由处理器111执行，以完成本申请。一个或多个模块/单元可以是能够完成特定功能的一系列计算机可读指令段，该指令段用于描述计算机可读指令113在计算机设备110中的执行过程。Exemplarily, the computer readable instructions 113 may be divided into one or more modules/units, one or more modules/units are stored in the memory 112, and are executed by the processor 111 to complete the present application. One or more modules/units may be a series of computer readable instruction segments capable of completing a specific function, and the instruction segments are used to describe the execution process of the computer readable instructions 113 in the computer device 110.

计算机设备110可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。计算机设备可包括，但不仅限于，处理器111、存储器112。本领域技术人员可以理解，图5仅仅是计算机设备110的示例，并不构成对计算机设备110的限定，可以包括比图示更多或更少的部件，或者组合某些部件，或者不同的部件，例如计算机设备还可以包括输入输出设备、网络接入设备、总线等。The computer device 110 may be a computing device such as a desktop computer, a notebook, a PDA, or a cloud server. The computer device may include, but is not limited to, a processor 111 and a memory 112. Those skilled in the art will appreciate that FIG. 5 is only an example of the computer device 110 and does not constitute a limitation on the computer device 110. The computer device 110 may include more or fewer components than shown in the figure, or may combine certain components, or different components. For example, the computer device may also include input and output devices, network devices, and other components. Access devices, buses, etc.

所称处理器111可以是中央处理单元(Central Processing Unit，CPU)，还可以是其他通用处理器、数字信号处理器(Digital Signal Processor，DSP)、专用集成电路(Application Specific Integrated Circuit，ASIC)、现场可编程门阵列(Field-Programmable Gate Array，FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor 111 may be a central processing unit (CPU), or other general-purpose processors, digital signal processors (DSP), application-specific integrated circuits (ASIC), field-programmable gate arrays (FPGA), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general-purpose processor may be a microprocessor or any conventional processor, etc.

存储器112可以是计算机设备110的内部存储单元，例如计算机设备110的硬盘或内存。存储器112也可以是计算机设备110的外部存储设备，例如计算机设备110上配备的插接式硬盘，智能存储卡(Smart Media Card,SMC)，安全数字(Secure Digital,SD)卡，闪存卡(Flash Card)等。进一步地，存储器112还可以既包括计算机设备110的内部存储单元也包括外部存储设备。存储器112用于存储计算机可读指令以及计算机设备所需的其他程序和数据。存储器112还可以用于暂时地存储已经输出或者将要输出的数据。The memory 112 may be an internal storage unit of the computer device 110, such as a hard disk or memory of the computer device 110. The memory 112 may also be an external storage device of the computer device 110, such as a plug-in hard disk, a smart media card (SMC), a secure digital (SD) card, a flash card (Flash Card), etc. equipped on the computer device 110. Further, the memory 112 may also include both an internal storage unit of the computer device 110 and an external storage device. The memory 112 is used to store computer-readable instructions and other programs and data required by the computer device. The memory 112 may also be used to temporarily store data that has been output or is to be output.

本申请实施例可以基于人工智能技术对相关的数据进行获取和处理。其中，人工智能(Artificial Intelligence，AI)是利用数字计算机或者数字计算机控制的机器模拟、延伸和扩展人的智能，感知环境、获取知识并使用知识获得最佳结果的理论、方法、技术及应用***。The embodiments of the present application can acquire and process relevant data based on artificial intelligence technology. Among them, artificial intelligence (AI) is the theory, method, technology and application system that uses digital computers or machines controlled by digital computers to simulate, extend and expand human intelligence, perceive the environment, acquire knowledge and use knowledge to obtain the best results.

人工智能基础技术一般包括如传感器、专用人工智能芯片、云计算、分布式存储、大数据处理技术、操作/交互***、机电一体化等技术。人工智能软件技术主要包括计算机视觉技术、机器人技术、生物识别技术、语音处理技术、自然语言处理技术以及机器学习/深度学习等几大方向。The basic technologies of artificial intelligence generally include sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technology, operation/interaction systems, mechatronics, etc. Artificial intelligence software technologies mainly include computer vision technology, robotics technology, biometrics technology, speech processing technology, natural language processing technology, and machine learning/deep learning.

本申请实施例中，服务器可以是独立的服务器，也可以是提供云服务、云数据库、云计算、云函数、云存储、网络服务、云通信、中间件服务、域名服务、安全服务、内容分发网络(Content Delivery Network，CDN)、以及大数据和人工智能平台等基础云计算服务的云服务器。In the embodiments of the present application, the server can be an independent server or a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, content delivery networks (CDN), as well as big data and artificial intelligence platforms.

另外，在本申请各个实施例中的各功能单元可以集成在一个处理单元中，也可以是各个单元单独物理存在，也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现，也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.

所述集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储介质中。基于这样的理解，本申请实现上述实施例方法中的全部或部分流程，也可以通过计算机可读指令来指令相关的硬件来完成，所述的计算机可读指令可存储于一计算机可读存储介质中，该计算机可读指令在被处理器执行时，可实现上述各个方法实施例的步骤。其中，所述计算机可读指令包括计算机可读指令代码，所述计算机可读指令代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括：能够携带所述计算机可读指令代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是，所述计算机可读介质包含的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减，例如在某些司法管辖区，根据立法和专利实践，计算机可读介质不包括是电载波信号和电信信号。If the integrated module/unit is implemented in the form of a software functional unit and sold or used as an independent product, It can be stored in a computer-readable storage medium. Based on this understanding, the present application implements all or part of the processes in the above-mentioned embodiment method, and can also be completed by instructing the relevant hardware through computer-readable instructions. The computer-readable instructions can be stored in a computer-readable storage medium. When the computer-readable instructions are executed by the processor, the steps of the above-mentioned various method embodiments can be implemented. Among them, the computer-readable instructions include computer-readable instruction codes, and the computer-readable instruction codes can be in source code form, object code form, executable files or some intermediate forms. The computer-readable medium may include: any entity or device capable of carrying the computer-readable instruction code, recording medium, U disk, mobile hard disk, disk, optical disk, computer memory, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium. It should be noted that the content contained in the computer-readable medium can be appropriately increased or decreased according to the requirements of legislation and patent practice in the jurisdiction. For example, in some jurisdictions, according to legislation and patent practice, computer-readable media do not include electric carrier signals and telecommunication signals.

所属领域的技术人员可以清楚地了解到，为了描述的方便和简洁，仅以上述各功能单元、模块的划分进行举例说明，实际应用中，可以根据需要而将上述功能分配由不同的功能单元、模块完成，即将装置的内部结构划分成不同的功能单元或模块，以完成以上描述的全部或者部分功能。Those skilled in the art can clearly understand that for the convenience and simplicity of description, only the division of the above-mentioned functional units and modules is used as an example. In actual applications, the above-mentioned functions can be distributed and completed by different functional units and modules as needed, that is, the internal structure of the device can be divided into different functional units or modules to complete all or part of the functions described above.

以上实施例仅用以说明本申请的技术方案，而非对其限制；尽管参照前述实施例对本申请进行了详细的说明，本领域的普通技术人员应当理解：其依然可以对前述各实施例所记载的技术方案进行修改，或者对其中部分技术特征进行等同替换；而这些修改或者替换，并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围，均应包含在本申请的保护范围之内。 The above embodiments are only used to illustrate the technical solutions of the present application, rather than to limit them. Although the present application has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that they can still modify the technical solutions described in the aforementioned embodiments, or make equivalent replacements for some of the technical features therein. These modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the present application, and should all be included in the protection scope of the present application.

Claims

一种AT指令权限管理方法，其特征在于，所述AT指令包括至少两种权限模式，所述方法包括由第二设备执行的如下步骤：A method for managing AT command permissions, wherein the AT command includes at least two permission modes, and the method includes the following steps performed by a second device:

接收第一设备发送的权限切换请求，其中，所述权限切换请求包括第一目标权限模式；Receiving a permission switching request sent by a first device, wherein the permission switching request includes a first target permission mode;

当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，根据所述权限切换请求向所述第一设备发送权限切换信息；When the first target permission mode is higher than the permission level of the current AT command permission mode, sending permission switching information to the first device according to the permission switching request;

接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，其中，所述权限确认信息根据所述权限切换信息生成。Receive permission confirmation information sent by the first device, and switch the AT command permission mode to the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
根据权利要求1所述的方法，其特征在于，所述当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，根据所述权限切换请求向所述第一设备发送权限切换信息，包括：The method according to claim 1, characterized in that when the first target permission mode is higher than the permission level of the current AT command permission mode, sending permission switching information to the first device according to the permission switching request comprises:

获取当前的所述AT指令权限模式；Get the current AT command permission mode;

将当前的所述AT指令权限模式和所述第一目标权限模式的所述权限级别进行比较；Compare the permission level of the current AT command permission mode with the permission level of the first target permission mode;

当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别高时，生成认证密码获取请求和校验随机数；When the first target permission mode has a higher permission level than the current AT command permission mode, generating an authentication password acquisition request and a verification random number;

将当前的所述AT指令权限模式、所述认证密码获取请求和所述校验随机数作为所述权限切换信息发送给所述第一设备。The current AT command authority mode, the authentication password acquisition request and the verification random number are sent to the first device as the authority switching information.
根据权利要求2所述的方法，其特征在于，所述权限确认信息包括第二目标权限模式、所述第一设备的设备标识和认证密码，所述根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，包括：The method according to claim 2, characterized in that the permission confirmation information includes a second target permission mode, a device identifier and an authentication password of the first device, and switching the AT command permission mode to the first target permission mode according to the permission confirmation information comprises:

采用解密算法和所述第一设备的设备标识对所述认证密码进行解密，得到校验值，其中，所述认证密码根据所述第一设备的设备标识、所述校验随机数和加密算法生成，所述加密算法和所述解密算法与所述第一设备的设备标识具有映射关系；Decrypting the authentication password using a decryption algorithm and the device identification of the first device to obtain a verification value, wherein the authentication password is generated according to the device identification of the first device, the verification random number and the encryption algorithm, and the encryption algorithm and the decryption algorithm have a mapping relationship with the device identification of the first device;

当所述校验值等于所述校验随机数，且所述第一目标权限模式和所述第二目标权限模式的所述权限模式相同时，将所述AT指令权限模式切换为所述第一目标权限模式。When the check value is equal to the check random number, and the permission modes of the first target permission mode and the second target permission mode are the same, the AT instruction permission mode is switched to the first target permission mode.
根据权利要求1所述的方法，其特征在于，当所述第一目标权限模式比当前的所述AT指令权限模式的权限级别低时，所述方法还包括：The method according to claim 1, characterized in that when the first target permission mode is lower than the permission level of the current AT command permission mode, the method further comprises:

将所述AT指令权限模式切换为所述第一目标权限模式。The AT command permission mode is switched to the first target permission mode.
根据权利要求1-4任一项所述的方法，其特征在于，在所述接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式之后，所述方法还包括：The method according to any one of claims 1 to 4, characterized in that, in the receiving of the weight sent by the first device After the AT instruction permission mode is switched to the first target permission mode according to the permission confirmation information, the method further includes:

生成权限变更信息，并将所述权限变更信息发送给所述第一设备；Generate permission change information, and send the permission change information to the first device;

接收所述第一设备发送的反馈信息，确认所述第一设备已获知所述AT指令权限模式切换为所述第一目标权限模式。Feedback information sent by the first device is received to confirm that the first device has learned that the AT command permission mode is switched to the first target permission mode.
一种AT指令权限管理方法，其特征在于，所述AT指令包括至少两种权限模式，所述方法包括由第一设备执行的如下步骤：A method for managing AT command permissions, wherein the AT command includes at least two permission modes, and the method includes the following steps performed by a first device:

获取用户输入的权限切换指令；Get the permission switching instruction entered by the user;

根据所述权限切换指令生成权限切换请求，并将所述权限切换请求发送到第二设备，其中，所述权限切换请求包括第一目标权限模式；generating a permission switching request according to the permission switching instruction, and sending the permission switching request to the second device, wherein the permission switching request includes a first target permission mode;

当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，接收所述第二设备发送的权限切换信息；When the first target permission mode has a higher permission level than the current AT command permission mode, receiving permission switching information sent by the second device;

根据所述权限切换信息向所述第二设备发送权限确认信息，以根据所述权限确认信息确定所述第二设备的所述AT指令权限模式。Sending permission confirmation information to the second device according to the permission switching information, so as to determine the AT command permission mode of the second device according to the permission confirmation information.
一种AT指令权限管理装置，其特征在于，包括：An AT command authority management device, characterized in that it includes:

第一接收模块，用于第二设备接收第一设备发送的权限切换请求，其中，所述权限切换请求包括第一目标权限模式；A first receiving module, configured for receiving, by a second device, a permission switching request sent by a first device, wherein the permission switching request includes a first target permission mode;

第一发送模块，用于当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，所述第二设备根据所述权限切换请求向所述第一设备发送权限切换信息；A first sending module, configured to, when the first target permission mode has a higher permission level than the current AT command permission mode, send permission switching information to the first device according to the permission switching request by the second device;

第二接收模块，用于所述第二设备接收所述第一设备发送的权限确认信息，根据所述权限确认信息将所述AT指令权限模式切换为所述第一目标权限模式，其中，所述权限确认信息根据所述权限切换信息生成。The second receiving module is used for the second device to receive the permission confirmation information sent by the first device, and switch the AT command permission mode to the first target permission mode according to the permission confirmation information, wherein the permission confirmation information is generated according to the permission switching information.
一种AT指令权限管理装置，其特征在于，包括：An AT command authority management device, characterized in that it includes:

获取模块，用于第一设备获取用户输入的权限切换指令；An acquisition module, used for the first device to acquire a permission switching instruction input by a user;

第二发送模块，用于所述第一设备根据所述权限切换指令生成权限切换请求，并将所述权限切换请求发送到第二设备，其中，所述权限切换请求包括第一目标权限模式；A second sending module, configured for the first device to generate a permission switching request according to the permission switching instruction, and send the permission switching request to a second device, wherein the permission switching request includes a first target permission mode;

第三接收模块，用于当所述第一目标权限模式比当前的AT指令权限模式的权限级别高时，所述第一设备接收所述第二设备发送的权限切换信息；a third receiving module, configured to, when the first target permission mode has a higher permission level than the current AT command permission mode, cause the first device to receive permission switching information sent by the second device;

第三发送模块，用于所述第一设备根据所述权限切换信息向所述第二设备发送权限确认信息，以根据所述权限确认信息确定所述第二设备的所述AT指令权限模式。The third sending module is used for the first device to send a permission confirmation message to the second device according to the permission switching information. information, so as to determine the AT command permission mode of the second device according to the permission confirmation information.
一种计算机设备，包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令，其特征在于，所述处理器执行所述计算机可读指令时执行如权利要求1-6任一项所述AT指令权限管理方法的步骤。A computer device comprises a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, wherein the processor executes the steps of the AT command authority management method according to any one of claims 1 to 6 when executing the computer-readable instructions.
一种计算机可读存储介质，所述计算机可读存储介质存储有计算机可读指令，其特征在于，所述计算机可读指令被处理器执行时实现如权利要求1-6任一项所述AT指令权限管理方法的步骤。 A computer-readable storage medium stores computer-readable instructions, wherein the computer-readable instructions, when executed by a processor, implement the steps of the AT instruction authority management method according to any one of claims 1 to 6.