Access token manager
In computer security, OpenHarmony Access token manager (ATM) is a component that facilitates unified application permission management based on access tokens within the OpenHarmony ecosystem that is used in OpenHarmony-based operating systems, Oniro OS distros and HarmonyOS with HarmonyOS NEXT iteration.[1]
It is built upon access tokens and serves as a centralized mechanism for managing app permissions. Access tokens encapsulate essential information about an app
- App ID: Identifies the app.
- User ID: Associated with the user.
- App APL (Ability Privilege Level): Determines the app’s privilege level.
- App permissions: Specify what resources and functions the app can access.
Each app’s access token is uniquely identified by a 32-bit device-specific token ID.[2]
Implementation
Developers utilize the ATM to handle permissions effectively. In certain scenarios, an app may require access to additional data or system functions beyond the default permissions. The ATM enables fine-grained control over permissions, allowing apps to access extended features when needed.
Permission Levels
The ATM manages permission levels, granting apps access to sensitive APIs across processes. These levels include:
- App APL: Determines the app’s overall privilege level.
- ACL (Access Control List): Defines specific permissions for resources.
- Authorization Processes: Govern how permissions are granted.[6]
See also
- Access-control list
- Cacls
- Capability-based security
- C-list
- Confused deputy problem
- DACL
- Extended file attributes
- File-system permissions
- Privilege (computing)
- Role-based access control (RBAC)
References
- ^ "Access Control Overview". GitHub. OpenAtom OpenHarmony. Retrieved 13 March 2024.
- ^ "ATM". Gitee. OpenAtom OpenHarmony. Retrieved 13 March 2024.
- ^ "HarmonyOS Distributed File System Development Guide". Substack. LivingInHarmony Blog. Retrieved 13 March 2024.
- ^ "Yes, HarmonyOS NEXT is a distributed and capability-based persistent AI operating system for IoT". Substack. LivingInHarmony Blog. Retrieved 13 March 2024.
- ^ "OpenAtom OpenHarmony". docs.openharmony.cn. Retrieved 2024-04-14.
- ^ "security_permission". GitHub. OpenAtom OpenHarmony. Retrieved 13 March 2024.