Currently, with the increase of the complexity of the terminal device and growth of services, demands of managing and configuring a terminal device in a manner of Over The Air (OTA) are increasingly urgent. To manage a terminal device in the manner of OTA with security, the Open Mobile Alliance (OMA) developed a DM protocol. The terminal device supporting the OMA DM service function generally has a DM client, responsible for performing operations such as OMA DM protocol parsing, session management, and session security. Meanwhile, the terminal device supporting the OMA DM service function generally further includes a device management tree (DMT). The DMT organizes all available management objects in the terminal device together, and each node in the DMT has a unique Unified Resource Identity (URI) for being located.
FIG. 1 is a schematic structural diagram of a DMT. As shown in FIG. 1, the summit is a root node of the DMT, the root node includes child nodes (internal nodes or leaf nodes), and each internal node may further include child nodes. The node of a higher level that the child nodes are subordinate to is referred to as a parent node. On the basis of the DMT as shown in FIG. 1, a DM server sends related management commands such as Get, Add, Replace, Delete, and Exec to the nodes of the DMT through the OMA DM protocol, and the terminal device is managed through operations on the DMT (except a part of interactive commands).
In a solution of the prior art, each node on the DMT includes a property value of an access control list (ACL). The ACL is used to control an operation right of the DM server for each node, and specifies the DM commands that a certain DM server can execute on a target node. The ACL may be inherited, and a specific inheritance method is as follows: When a property value of an ACL of a certain node is empty, an ACL of its parent node is searched. If the ACL of the parent node is also empty, a grandparent node of the target node is searched, and so forth, until an ACL which is not empty is found, and the ACL which is not empty is inherited.
When the DM server needs to visit or operate a property or value of a certain node, if an ACL of the target node is not endowed with a right corresponding to the server, a value of the ACL of the target node must be firstly replaced to endow the DM server with a corresponding operation right; and then the DM server is enabled to perform a corresponding visit or operation. In the prior art, to replace an ACL of a target node, the DM server must have a Replace right of the node or its parent node. If the DM server has the Replace right of the target node or its parent node, the ACL is directly replaced. If the DM server does not have the Replace right of the target node or its parent node, it is searched whether the DM server has a Replace right of a grandparent node of the target node. If the DM server has a Replace right of a grandparent node of the target node, the value of the ACL of the parent node is firstly replaced so that the DM server acquires the Replace right, then the ACL of the target node is replaced, and the process that the ACL of the target node is replaced is carried out level-by-level accordingly.
In the implementation of the present invention, the inventor found at least the following defects in the solution of the prior art. If the DMT has multi-level rights, to get a node management right, the DM server gets an ACL of an entire subtree, and the ACL of the entire subtree includes a great deal of useless information; or the DM server sends a plurality of Get commands, one Get command only gets an ACL of one node, an ACL of a corresponding node is replaced level-by-level, and the plurality of Get commands causes complex interactions and a large number of messages. In this manner, the number of times of message interaction between the DM server and the terminal device are increased, pressure is caused on processing capabilities of the DM server and the terminal device as well as on network transmission, and the efficiency and performance of terminal device management are reduced.