CN-122001621-A - Device verification method, device, electronic device, storage medium and product

Abstract

The disclosure provides a device verification method, a device, an electronic device, a storage medium and a product. The method comprises the steps of responding to a use request aiming at target equipment, obtaining multi-dimensional verification information of the target equipment, wherein the multi-dimensional verification information at least comprises hardware identity information, user behavior information and running environment information, carrying out reliability assessment on the hardware identity information, the user behavior information and the running environment information to obtain a reliability assessment result of the target equipment, determining an authorization strategy aiming at the target equipment based on the reliability assessment result, carrying out multi-dimensional verification on the equipment, improving the comprehensiveness of verification, reducing various risks such as hardware counterfeiting, cross-store hang-up, script cheating and the like, and improving the use safety of the equipment.

Inventors

• HONG WEIBIN
• ZHU ZHIJIAN
• HOU KANGKANG

Assignees

• 咪咕互动娱乐有限公司
• 咪咕文化科技有限公司
• 中国移动通信集团有限公司

Dates

Publication Date

20260508

Application Date

20251230

Claims (10)

1. 1. A device authentication method, comprising: responding to a use request aiming at target equipment, and acquiring multi-dimensional verification information of the target equipment, wherein the multi-dimensional verification information at least comprises hardware identity information, user behavior information and running environment information; Performing credibility evaluation on the hardware identity information, the user behavior information and the running environment information to obtain a credibility evaluation result of the target equipment; And determining an authorization policy for the target device based on the reliability evaluation result.
2. 2. The method according to claim 1, wherein the performing the reliability evaluation on the hardware identity information, the user behavior information, and the running environment information to obtain the reliability evaluation result of the target device includes: determining an expected performance index according to the hardware identity information, and determining the hardware credibility of the target equipment based on the expected performance index and the actual performance index of the target equipment; Analyzing the user behavior information to obtain an operation sequence mode of a user, and determining the behavior credibility based on the operation sequence mode and a target operation mode; determining the environment credibility of the target equipment based on the running environment information and the target environment information; and determining a credibility evaluation result of the target equipment based on the hardware credibility, the behavior credibility and the environment credibility.
3. 3. The method of claim 1, wherein the determining an authorization policy for the target device based on the trust evaluation result comprises: Determining that an authorization policy for the target device is to grant use rights in response to the reliability evaluation result meeting a preset reliability condition; and determining that the authorization policy for the target equipment is to reject the use request and generating security alarm information in response to the reliability evaluation result not meeting a preset reliability condition.
4. 4. The method of claim 1, wherein the method further comprises: generating a verification record based on the multi-dimensional verification information, the credibility evaluation result and the authorization policy; and storing the verification record into a target distributed storage system.
5. 5. The method of claim 1, wherein after determining an authorization policy for the target device based on the trust evaluation, the method further comprises: And responding to the authorization policy to grant the use permission, monitoring the running state of the target equipment, and updating the authorization policy according to the monitoring result.
6. 6. The method of claim 5, wherein the monitoring the operational status of the target device in response to the authorization policy being granted usage rights and updating the authorization policy based on the monitoring result comprises: responding to the authorization policy to grant the use permission, and acquiring performance index fluctuation information of the target equipment in the target time, the connection state of the external equipment and the characteristic change of the surrounding environment; determining whether an abnormal event exists in the target equipment or not based on the performance index fluctuation information, the connection state of the external equipment and the characteristic change of the surrounding environment; determining an anomaly level of the target device according to the severity of the anomaly event in response to the target device having the anomaly event, the anomaly level including a slight anomaly, a medium anomaly, and a severe anomaly; and executing a handling operation corresponding to the abnormal grade according to the mapping relation between the abnormal grade and the handling operation to update the authorization policy, wherein the handling operation comprises logging, limiting part of functions or forcing interruption of a session.
7. 7. A device authentication apparatus, comprising: the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for responding to a use request aiming at target equipment and acquiring multi-dimensional verification information of the target equipment, and the multi-dimensional verification information at least comprises hardware identity information, user behavior information and running environment information; the evaluation unit is used for carrying out reliability evaluation on the hardware identity information, the user behavior information and the running environment information to obtain a reliability evaluation result of the target equipment; and the determining unit is used for determining an authorization strategy aiming at the target equipment based on the credibility evaluation result.
8. 8. An electronic device, comprising: At least one processor, and A memory communicatively coupled to the at least one processor, wherein, The memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1 to 6.
9. 9. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1 to 6.
10. 10. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1 to 6.

Description

Device verification method, device, electronic device, storage medium and product Technical Field The disclosure relates to the technical field of computer security, and in particular relates to a device verification method, a device, electronic equipment, a storage medium and a product. Background In the related equipment verification scheme, verification is realized through one-to-one binding equipment by adopting physical dongle authentication, but the problems of poor sharing adaptability, easiness in copying and cracking and high management cost exist, the multi-user high-frequency alternate use scene cannot be dealt with, and the cloud account authentication is adopted to only check the account passwords and basic hardware information, so that risks such as hardware counterfeiting, environment cheating and automatic script operation are easily suffered, the problems of equipment performance counterfeiting, account fraudulent use and the like are frequently caused, and the safety of equipment use is not high. Disclosure of Invention The disclosure provides a device verification method, a device, an electronic device, a storage medium and a product, so as to solve the problem of low safety of device use in the related art. An embodiment of a first aspect of the present disclosure proposes a device authentication method, the method comprising: Responding to a use request aiming at target equipment, and acquiring multi-dimensional verification information of the target equipment, wherein the multi-dimensional verification information at least comprises hardware identity information, user behavior information and running environment information; Performing reliability assessment on the hardware identity information, the user behavior information and the running environment information to obtain a reliability assessment result of the target equipment; based on the trust evaluation result, an authorization policy for the target device is determined. In an embodiment, performing reliability evaluation on the hardware identity information, the user behavior information and the running environment information to obtain a reliability evaluation result of the target device, including: determining an expected performance index according to the hardware identity information, and determining the hardware credibility of the target equipment based on the expected performance index and the actual performance index of the target equipment; Analyzing the user behavior information to obtain an operation sequence mode of a user, and determining the behavior credibility based on the operation sequence mode and a target operation mode; determining the environment credibility of the target equipment based on the running environment information and the target environment information; and determining a credibility evaluation result of the target equipment based on the hardware credibility, the behavior credibility and the environment credibility. In an embodiment, determining an authorization policy for the target device based on the trust evaluation result comprises: Determining that an authorization policy for the target device is to grant use rights in response to the reliability evaluation result meeting a preset reliability condition; and determining that the authorization policy for the target equipment is to reject the use request and generating security alarm information in response to the reliability evaluation result not meeting a preset reliability condition. In an embodiment, the method provided by the present disclosure further comprises: generating a verification record based on the multi-dimensional verification information, the credibility evaluation result and the authorization policy; and storing the verification record into a target distributed storage system. In an embodiment, after determining the authorization policy for the target device based on the trust evaluation result, the method provided by the present disclosure further includes: And responding to the authorization policy to grant the use permission, monitoring the running state of the target equipment, and updating the authorization policy according to the monitoring result. In one embodiment, in response to the authorization policy granting the usage rights, monitoring an operation state of the target device, and updating the authorization policy according to a monitoring result, including: responding to the authorization policy to grant the use permission, and acquiring performance index fluctuation information of the target equipment in the target time, the connection state of the external equipment and the characteristic change of the surrounding environment; determining whether an abnormal event exists in the target equipment or not based on the performance index fluctuation information, the connection state of the external equipment and the characteristic change of the surrounding environment; determining an anomaly level of the target devi