CN115686694A

CN115686694A - Automatic screen unlocking method and device for operating system applied to RPA platform

Info

Publication number: CN115686694A
Application number: CN202110859875.7A
Authority: CN
Inventors: 李伟; 李海传; 谢长弘; 穆铁马; 陈宁华; 严昱超; 鲁晨橙; 戚靓亮; 陈爽月; 罗琼
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Group Zhejiang Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Group Zhejiang Co Ltd
Priority date: 2021-07-28
Filing date: 2021-07-28
Publication date: 2023-02-03

Abstract

The invention discloses an automatic screen unlocking method and device for an operating system of an RPA platform. The method comprises the following steps: receiving user data input by the robot through a calling interface; carrying out process communication with a user login process by using a pipeline technology, pulling up a user session and a desktop according to user data, activating a login interface process, and calling a login certificate to carry out security authentication; and if the security authentication is passed, simulating to log in the operating system according to the user data, and completing unlocking of the operating system. The scheme provided by the invention aims at solving the problem that the operating system unlocks the screen when the RPA process automation robot executes, and uses the system bottom layer security authentication technology to simulate the user to log in for unlocking and locking the screen.

Description

Method and device for automatically unlocking screen of operating system applied to RPA platform

技术领域technical field

本发明涉及通信技术领域，具体涉及一种应用于RPA平台的操作系统自动解锁屏方法及装置。The present invention relates to the field of communication technology, in particular to a method and device for automatically unlocking a screen of an operating system applied to an RPA platform.

背景技术Background technique

随着无人值守机器人数量越来越多，对机器需求数量越来越大，同时相应数据安全的要求越来越严，现有的技术方案面临以下问题：1)维护性差：外置设备方案仅限制于实体机，并且依赖于现场的硬件设备；一旦部署高密度机器人，需要依次登录多个账户，耗时长；2)稳定性差：远程桌面方案需提供机器作为跳板机，一旦跳板机出现故障，均会影响到相关机器；WinIO方案，依赖于外设驱动，通过在用户登录过程时间较长，容易受外界干扰；3)安全性差：外置设备方案会放置实体机在现场，会存在无关人员接触到设备的安全风险，远程桌面方案跳板机存在一旦沦陷全局影响的安全风险；4)兼容性差：各个方案均在特定环境下才能实现，外置设备方案需要实体机，WinIO受限于高版本系统安全策略限制，远程桌面方案需要跳板机。因此，亟需一种方案来解决现有方案维护性差、安全性差、稳定性差、兼容性差的问题。With the increasing number of unattended robots, the demand for machines is increasing, and the corresponding data security requirements are becoming more and more stringent. The existing technical solutions are facing the following problems: 1) Poor maintainability: external equipment solutions It is only limited to physical machines and depends on on-site hardware devices; once a high-density robot is deployed, multiple accounts need to be logged in sequentially, which takes a long time; 2) Poor stability: the remote desktop solution needs to provide a machine as a springboard, once the springboard fails , will affect related machines; the WinIO solution relies on peripheral drivers, and is susceptible to external interference due to the long time in the user login process; 3) Poor security: the external device solution will place the physical machine on site, and there will be irrelevant The safety risk of personnel coming into contact with the device, the remote desktop solution springboard machine has the security risk of global impact once it falls; 4) Poor compatibility: each solution can only be realized in a specific environment, the external device solution requires a physical machine, and WinIO is limited by high Version system security policy restrictions, the remote desktop solution needs a springboard machine. Therefore, there is an urgent need for a solution to solve the problems of poor maintainability, poor security, poor stability, and poor compatibility of existing solutions.

发明内容Contents of the invention

鉴于上述问题，提出了本发明实施例以便提供一种克服上述问题或者至少部分地解决上述问题的应用于RPA平台的操作系统自动解锁屏方法及装置。In view of the above problems, embodiments of the present invention are proposed to provide a method and device for automatically unlocking the screen of an operating system applied to an RPA platform to overcome the above problems or at least partially solve the above problems.

根据本发明实施例的一个方面，提供了一种应用于RPA平台的操作系统自动解锁屏方法，操作系统内预先注册有登录凭证，方法包括：According to an aspect of an embodiment of the present invention, a method for automatically unlocking the screen of an operating system applied to an RPA platform is provided. Login credentials are pre-registered in the operating system, and the method includes:

接收机器人通过调用接口所输入的用户数据；Receive the user data input by the robot by calling the interface;

利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；Use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication;

若通过安全认证，则根据用户数据模拟登录操作系统，完成操作系统解锁。If the security authentication is passed, the operating system is simulated to be logged in according to the user data to complete the unlocking of the operating system.

根据本发明实施例的另一方面，提供了一种应用于RPA平台的操作系统自动解锁屏装置，操作系统内预先注册有登录凭证，装置包括：According to another aspect of the embodiments of the present invention, an operating system automatic screen unlocking device applied to an RPA platform is provided. Login credentials are pre-registered in the operating system, and the device includes:

接收模块，适于接收机器人通过调用接口所输入的用户数据；The receiving module is suitable for receiving user data input by the robot through calling the interface;

安全认证模块，适于利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；The security authentication module is suitable for process communication with the user login process using pipeline technology, pulls up the user session and desktop according to the user data, activates the login interface process, and invokes the login credential for security authentication;

解锁模块，适于若通过安全认证，则根据用户数据模拟登录操作系统，完成操作系统解锁。The unlocking module is suitable for simulating logging in to the operating system according to the user data to complete the unlocking of the operating system if the security authentication is passed.

根据本发明实施例的又一方面，提供了一种计算设备，包括：处理器、存储器、通信接口和通信总线，处理器、存储器和通信接口通过通信总线完成相互间的通信；According to yet another aspect of the embodiments of the present invention, a computing device is provided, including: a processor, a memory, a communication interface, and a communication bus, and the processor, the memory, and the communication interface complete mutual communication through the communication bus;

存储器用于存放至少一可执行指令，可执行指令使处理器执行上述应用于RPA平台的操作系统自动解锁屏方法对应的操作。The memory is used to store at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the method for automatically unlocking the screen of the operating system applied to the RPA platform.

根据本发明实施例的再一方面，提供了一种计算机存储介质，存储介质中存储有至少一可执行指令，可执行指令使处理器执行如上述应用于RPA平台的操作系统自动解锁屏方法对应的操作。According to still another aspect of the embodiments of the present invention, a computer storage medium is provided, and at least one executable instruction is stored in the storage medium, and the executable instruction causes the processor to execute the corresponding method for automatically unlocking the screen of the operating system applied to the RPA platform as described above. operation.

本发明提供的方案，针对RPA流程自动化机器人执行时操作系统解锁屏的问题，使用系统底层安全认证技术模拟用户登录进行解锁与锁屏，该方案无实体机和虚拟机环境限制、适配Windows操作系统XP及其以上版本，兼容性高，解锁过程更加快速、稳定、安全。The solution provided by the present invention aims at the problem of unlocking the screen of the operating system when the RPA process automation robot executes, and uses the security authentication technology at the bottom of the system to simulate user login to unlock and lock the screen. This solution has no physical machine and virtual machine environment restrictions and is compatible with Windows operation The system is XP and above, with high compatibility, and the unlocking process is faster, more stable and safer.

上述说明仅是本发明实施例技术方案的概述，为了能够更清楚了解本发明实施例的技术手段，而可依照说明书的内容予以实施，并且为了让本发明实施例的上述和其它目的、特征和优点能够更明显易懂，以下特举本发明实施例的具体实施方式。The above description is only an overview of the technical solutions of the embodiments of the present invention. In order to better understand the technical means of the embodiments of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and The advantages can be more obvious and understandable, and the specific implementation manners of the embodiments of the present invention are enumerated below.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述，各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的，而并不认为是对本发明实施例的限制。而且在整个附图中，用相同的参考符号表示相同的部件。在附图中：Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating the preferred embodiments and are not considered as limiting the embodiments of the present invention. Also throughout the drawings, the same reference numerals are used to designate the same components. In the attached picture:

图1A示出了本发明实施例提供的应用于RPA平台的操作系统自动解锁屏方法流程图；Fig. 1A shows the flow chart of the method for automatically unlocking the screen of the operating system applied to the RPA platform provided by the embodiment of the present invention;

图1B为本发明实施例提供的应用于RPA平台的操作系统自动解锁屏的功能架构示意图；FIG. 1B is a schematic diagram of the functional architecture of the automatic unlocking screen of the operating system applied to the RPA platform provided by the embodiment of the present invention;

图1C为操作系统解锁过程中用户登录代理的运行原理图；FIG. 1C is a schematic diagram of the operation of the user login agent during the unlocking process of the operating system;

图2示出了本发明实施例提供的应用于RPA平台的操作系统自动解锁屏装置的结构示意图；FIG. 2 shows a schematic structural diagram of an operating system automatic screen unlocking device applied to an RPA platform provided by an embodiment of the present invention;

图3示出了本发明实施例提供的计算设备的结构示意图。Fig. 3 shows a schematic structural diagram of a computing device provided by an embodiment of the present invention.

具体实施方式Detailed ways

下面将参照附图更详细地描述本发明的示例性实施例。虽然附图中显示了本发明的示例性实施例，然而应当理解，可以以各种形式实现本发明而不应被这里阐述的实施例所限制。相反，提供这些实施例是为了能够更透彻地理解本发明，并且能够将本发明的范围完整的传达给本领域的技术人员。Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present invention are shown in the drawings, it should be understood that the invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present invention and to fully convey the scope of the present invention to those skilled in the art.

图1A示出了本发明实施例提供的应用于RPA平台的操作系统自动解锁屏方法的流程图。操作系统内预先注册有登录凭证，如图1A所示，该方法包括以下步骤：FIG. 1A shows a flowchart of a method for automatically unlocking a screen of an operating system applied to an RPA platform provided by an embodiment of the present invention. Login credentials are pre-registered in the operating system, as shown in Figure 1A, the method includes the following steps:

步骤S101，接收机器人通过调用接口所输入的用户数据。Step S101, receiving user data input by the robot through calling the interface.

本实施例提供的应用于RPA平台的操作系统自动解锁屏方法以Windows服务(Windows Service)常驻进程方式部署，其适用于Windows XP及其以上版本的操作系统，并向机器人提供标准接口供其调用，机器人可以通过调用所提供的标准接口输入用户数据，例如，用户账号和用户密码，Windows服务中设置有用户登录代理(用户登录Agent)，因此，机器人将输入的用户数据发送给用户登录代理，用户登录代理接收机器人通过调用接口所输入的用户数据，这里接收用户数据的目的是基于用户数据模拟用户登录以实现解锁操作系统。The method for automatically unlocking the screen of the operating system applied to the RPA platform provided by this embodiment is deployed in the form of a Windows service (Windows Service) resident process, which is applicable to operating systems of Windows XP and above versions, and provides a standard interface to the robot for its Call, the robot can input user data by calling the standard interface provided, for example, user account number and user password, the user login agent (user login Agent) is set in the Windows service, so the robot sends the input user data to the user login agent , the user login agent receives the user data input by the robot through calling the interface. The purpose of receiving user data here is to simulate user login based on the user data to unlock the operating system.

步骤S102，利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证。Step S102, using the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication.

图1B为本发明实施例提供的应用于RPA平台的操作系统自动解锁屏的功能架构示意图，如图1B所示，Windows服务包含用户登录Agent，用户登录Agent在接收到机器人通过调用接口所输入的用户数据后，根据当前系统版本，再通过管道技术(Windows Pipeline)与用户登录进程(Winlogn.exe)进行进程通讯，根据用户账户和用户密码拉起对应的用户会话(Session)和桌面(Desktop)，激活登录界面进程(Logonui.exe)并通过注册表(Regedit)中信息调用登录凭证来进行安全认证。Figure 1B is a schematic diagram of the functional architecture of the automatic unlocking screen of the operating system applied to the RPA platform provided by the embodiment of the present invention. As shown in Figure 1B, the Windows service includes the user login Agent, and the user login Agent receives the input from the robot through the calling interface. After the user data, according to the current system version, process communication with the user login process (Winlogn.exe) through the pipeline technology (Windows Pipeline), and pull up the corresponding user session (Session) and desktop (Desktop) according to the user account and user password , activate the login interface process (Logonui.exe) and call the login credentials through the information in the registry (Regedit) for security authentication.

其中，登录凭证是模拟自动解锁装置的钥匙，基于操作系统的安全登录机制依赖于此凭证。登录凭证(Credential)是基于图形化识别和验证技术(GINA)及凭证提供技术(Credential Provider技术)融合生成的库文件(dll文件)，其中GINA适配XP、Win2003，Credential Provider适配Win Vista\Win2008及其以上。Wherein, the login credential is a key for simulating the automatic unlocking device, and the security login mechanism based on the operating system depends on this credential. The login credential (Credential) is a library file (dll file) generated based on the fusion of the graphic identification and verification technology (GINA) and the credential provider technology (Credential Provider technology). GINA is adapted to XP and Win2003, and Credential Provider is adapted to Win Vista\ Win2008 and above.

注册时使用具备系统管理员的账号运行装置提供的注册软件即可完成自动注册。程序会根据不同的操作系统版本，自动选择相应的注册方式。When registering, use the registration software provided by the device with the account of the system administrator to complete the automatic registration. The program will automatically select the corresponding registration method according to different operating system versions.

步骤S103，若通过安全认证，则根据用户数据模拟登录操作系统，完成操作系统解锁。In step S103, if the security authentication is passed, the operating system is simulated to log in according to the user data, and the unlocking of the operating system is completed.

若通过安全认证，则根据用户数据模拟登录操作系统，完成操作系统解锁，以创建多用户会话(Session)，基于会话创建桌面层并保持(Desktop Layout)，便可提供机器人可以计算机视觉捕获UI界面、鼠标键盘事件。If the security authentication is passed, the operating system is simulated to be logged in according to the user data, and the operating system is unlocked to create a multi-user session (Session). Based on the session, the desktop layer is created and maintained (Desktop Layout), and the robot can capture the UI interface with computer vision. , Mouse and keyboard events.

图1C为操作系统解锁过程中用户登录代理的运行原理图，如图1B所示，操作系统解锁过程主要分为以下几个步骤：Figure 1C is a schematic diagram of the operation of the user login agent during the unlocking process of the operating system. As shown in Figure 1B, the unlocking process of the operating system is mainly divided into the following steps:

1)凭证注册：在注册了登录凭证的前提下，当Windows启动的时候，会根据注册表信息进行登录凭证自身注册；1) Credentials registration: On the premise of registering the login credentials, when Windows starts, it will register the login credentials itself according to the registry information;

2)身份验证：机器人发送解锁请求，通过进程通讯(IPC)、或者远端通讯Socket的方式将用户数据(包含用户账号和用户密码)给到用户登录Agent，用户登录Agent对所接收到的用户数据进行身份验证，确保请求的用户账号与机器人所属用户一致，屏蔽越权解锁；2) Identity verification: the robot sends an unlock request, and sends user data (including user account number and user password) to the user login Agent through process communication (IPC) or remote communication Socket, and the user login Agent checks the received user data. The data is authenticated to ensure that the requested user account is consistent with the user to which the robot belongs, and unauthorized unlocking is blocked;

3)系统回调：将用户账号和用户密码写入内存，并触发系统用户登录安全进程回调Agent凭证认证函数；3) System callback: write the user account number and user password into the memory, and trigger the system user login security process to call back the Agent credential authentication function;

4)凭证认证：系统回调成功后，依赖当前注册的登录凭证进行安全认证，结合获取的用户账号和用户密码，登录系统，完成解锁；4) Credential authentication: After the system callback is successful, rely on the currently registered login credentials for security authentication, and combine the obtained user account and user password to log in to the system and complete the unlocking;

5)解锁通知：解锁成功后，反馈解锁结果反馈给机器人。5) Unlock notification: After the unlock is successful, the unlock result will be fed back to the robot.

在本发明一种可选实施方式中，方法还包括：In an optional embodiment of the present invention, the method also includes:

利用钩子技术捕获操作系统的系统状态，例如，调用系统事件函数获取系统事件标记的系统状态；Use hook technology to capture the system state of the operating system, for example, call the system event function to obtain the system state marked by the system event;

判断系统状态是否为登录状态；Determine whether the system status is the login status;

若否，则利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；If not, use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication;

若是，则对用于登录操作系统的用户数据进行身份验证；If so, authenticate the user data used to log into the operating system;

若验证未通过，则利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；If the verification fails, use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication;

若验证通过，则向机器人反馈解锁结果。If the verification is passed, the unlocking result is fed back to the robot.

具体地，Windows服务包含捕获系统状态代理(捕获系统状态Agent)，捕获系统状态Agent通过调用应用程序接口(Win32 API)中Wtsapi32.dll、User32.dll提供的函数，绑定操作系统登录、锁屏等事件，对事件变化进行标记，通过所标记的事件来确定系统状态。Specifically, the Windows service includes the capture system state agent (capture system state Agent), and the capture system state Agent binds the operating system login, lock screen by calling functions provided by Wtsapi32.dll and User32.dll in the application program interface (Win32 API). and other events, mark the event changes, and determine the system state through the marked events.

在捕获到操作系统的系统状态后，需要判断系统状态是否为登录状态，若否，则利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；After capturing the system state of the operating system, it is necessary to judge whether the system state is the login state, if not, use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call Login credentials for security authentication;

若是，则对用于登录操作系统的用户数据进行身份验证，主要是为了屏蔽越权解锁，保证请求的用户账号与机器人所属用户一致；If so, authenticate the user data used to log in to the operating system, mainly to shield unauthorized unlocking and ensure that the requested user account is consistent with the user to which the robot belongs;

在本发明一种可选实施方式中，机器人在收到反馈的解锁结果后，按照预设的机器人流程进行作业，在此等待机器人执行完成后，还需要进行锁屏操作，目的是确保操作系统的安全，如果一旦有外界显示器会导致用户相关系统均暴露在外，降低了安全性；由于用户的会话和桌面会占用一定的CPU和内存，通过进行锁屏操作，能够节省系统资源。In an optional embodiment of the present invention, after the robot receives the feedback of the unlocking result, it performs the operation according to the preset robot process, and waits for the robot to complete the execution, and then needs to perform the lock screen operation, in order to ensure that the operating system If there is an external display, the user-related systems will be exposed, reducing security; since the user's session and desktop will occupy a certain amount of CPU and memory, the lock screen operation can save system resources.

方法还包括：接收机器人发送的锁屏请求，响应锁屏请求调用锁屏函数，完成操作系统上锁。The method also includes: receiving a screen lock request sent by the robot, and calling a screen lock function in response to the screen lock request, so as to complete the locking of the operating system.

Windows服务包含用户锁屏代理(用户锁屏Agent)，其通过应用程序接口(Win32API)调用锁屏函数LockWorkStation来实现操作系统上锁。The Windows service includes a user lock screen agent (user lock screen Agent), which calls a lock screen function LockWorkStation through an application program interface (Win32API) to implement locking of the operating system.

在进行锁屏操作前，还可以先捕获操作系统的系统状态，若系统状态表明操作系统当前事件需要进行响应，则可以通过应用程序接口(Win32 API)调用锁屏函数LockWorkStation来实现操作系统上锁。Before the lock screen operation, the system state of the operating system can also be captured first. If the system state indicates that the current event of the operating system needs to be responded to, the lock screen function LockWorkStation can be called through the application program interface (Win32 API) to realize the lock of the operating system. .

本实施例提供的应用于RPA平台的操作系统自动解锁屏方案中主要使用了GINA、Credential Providers、Winlogon技术适配各个版本系统，提供Windows Service供机器人调用，使用Windows Pipline、Win32 API、Regedit技术完成底层数据交互，最终实现机器人自动解锁操作系统。The automatic unlocking screen solution of the operating system applied to the RPA platform provided by this embodiment mainly uses GINA, Credential Providers, and Winlogon technologies to adapt to various versions of the system, provides Windows Service for robots to call, and uses Windows Pipline, Win32 API, and Regedit technologies to complete The underlying data interaction finally realizes the automatic unlocking of the operating system by the robot.

与现有技术相比，本实施例提供的方案具有如下优点：Compared with the prior art, the solution provided by this embodiment has the following advantages:

1)只需管理员运行安装程序注册登录凭证，改机器所有用户中的机器人都可直接调用发起登录，解锁系统，且无需外设辅助，维护性提高。1) Only the administrator needs to run the installation program to register the login credentials, and the robots in all users of the modified machine can directly call to initiate the login and unlock the system without the assistance of peripheral devices, which improves the maintainability.

2)自动解锁过程基于Windows底层的安全认证技术的登录凭证，并由管理员安装注册，需登录的用户账号和密码由机器人提供，更加安全可靠。2) The automatic unlocking process is based on the login credentials of the Windows underlying security authentication technology, and is installed and registered by the administrator. The user account and password to log in are provided by the robot, which is more secure and reliable.

3)以Windows服务方式常驻稳定运行，管道通讯响应速度快，用户账号瞬间解锁，更加稳定可靠。3) It is resident and stable in the form of Windows service, the response speed of pipeline communication is fast, and the user account is instantly unlocked, which is more stable and reliable.

4)支持WindowsXP及其以上版本，并支持搞密度机器人，无实体机和虚拟机的限制，无安全策略限制，兼容性提高。4) Support WindowsXP and above versions, and support density robots, no restrictions on physical machines and virtual machines, no security policy restrictions, and improved compatibility.

图2示出了本发明实施例提供的应用于RPA平台的操作系统自动解锁屏装置的结构示意图。操作系统内预先注册有登录凭证，如图2所示，该装置包括：接收模块201、安全认证模块202、解锁模块203。FIG. 2 shows a schematic structural diagram of an operating system automatic screen unlocking device applied to an RPA platform provided by an embodiment of the present invention. Login credentials are pre-registered in the operating system. As shown in FIG. 2 , the device includes: a receiving module 201 , a security authentication module 202 , and an unlocking module 203 .

接收模块201，适于接收机器人通过调用接口所输入的用户数据；The receiving module 201 is adapted to receive user data input by the robot through calling the interface;

安全认证模块202，适于利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；The security authentication module 202 is adapted to use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication;

解锁模块203，适于若通过安全认证，则根据用户数据模拟登录操作系统，完成操作系统解锁。The unlocking module 203 is adapted to simulate logging in to the operating system according to user data to complete the unlocking of the operating system if the security authentication is passed.

可选地，装置还包括：捕获模块，适于利用钩子技术捕获操作系统的系统状态；Optionally, the device further includes: a capture module adapted to capture the system state of the operating system by using hook technology;

判断模块，适于判断系统状态是否为登录状态；A judging module, adapted to judge whether the system status is a login status;

安全认证模块还适于：若系统状态不是登录状态，则利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证；The security authentication module is also suitable for: if the system status is not the login status, use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credential for security authentication;

身份验证模块，适于若系统状态是登录状态，则对用于登录操作系统的用户数据进行身份验证；The identity verification module is suitable for authenticating the user data used to log into the operating system if the system state is a login state;

安全认证模块还适于：若验证未通过，则利用管道技术与用户登录进程进行进程通讯，根据用户数据拉起用户会话和桌面，激活登录界面进程，调用登录凭证进行安全认证。The security authentication module is also suitable for: if the authentication fails, use the pipeline technology to communicate with the user login process, pull up the user session and desktop according to the user data, activate the login interface process, and call the login credentials for security authentication.

可选地，捕获模块进一步适于：调用系统事件函数获取系统事件标记的系统状态。Optionally, the capture module is further adapted to: call a system event function to obtain a system state marked by a system event.

可选地，装置还包括：锁屏模块，适于接收机器人发送的锁屏请求，响应锁屏请求调用锁屏函数，完成操作系统上锁。Optionally, the device further includes: a screen-locking module adapted to receive a screen-locking request sent by the robot, and respond to the screen-locking request to call a screen-locking function to complete the locking of the operating system.

可选地，登录凭证是基于图形化识别和验证技术及凭证提供技术融合生成的库文件。Optionally, the login credential is a library file generated based on the fusion of graphical identification and verification technology and credential provision technology.

本发明实施例提供了一种非易失性计算机存储介质，所述计算机存储介质存储有至少一可执行指令，该计算机可执行指令可执行上述任意方法实施例中的应用于RPA平台的操作系统自动解锁屏方法。The embodiment of the present invention provides a non-volatile computer storage medium, the computer storage medium stores at least one executable instruction, and the computer executable instruction can execute the operating system applied to the RPA platform in any of the above method embodiments Auto unlock screen method.

图3示出了本发明实施例提供的计算设备的结构示意图，本发明具体实施例并不对计算设备的具体实现做限定。FIG. 3 shows a schematic structural diagram of a computing device provided by an embodiment of the present invention, and the specific embodiment of the present invention does not limit the specific implementation of the computing device.

如图3所示，该计算设备可以包括：处理器(processor)、通信接口(Communications Interface)、存储器(memory)、以及通信总线。As shown in FIG. 3 , the computing device may include: a processor (processor), a communication interface (Communications Interface), a memory (memory), and a communication bus.

其中：处理器、通信接口、以及存储器通过通信总线完成相互间的通信。通信接口，用于与其它设备比如客户端或其它服务器等的网元通信。处理器，用于执行程序，具体可以执行上述用于计算设备的应用于RPA平台的操作系统自动解锁屏方法实施例中的相关步骤。Wherein: the processor, the communication interface, and the memory complete the mutual communication through the communication bus. The communication interface is used to communicate with network elements of other devices such as clients or other servers. The processor is configured to execute the program, and specifically may execute the relevant steps in the above embodiment of the method for automatically unlocking the screen of the operating system applied to the RPA platform for the computing device.

具体地，程序可以包括程序代码，该程序代码包括计算机操作指令。Specifically, the program may include program code including computer operation instructions.

处理器可能是中央处理器CPU，或者是特定集成电路ASIC(Application SpecificIntegrated Circuit)，或者是被配置成实施本发明实施例的一个或多个集成电路。计算设备包括的一个或多个处理器，可以是同一类型的处理器，如一个或多个CPU；也可以是不同类型的处理器，如一个或多个CPU以及一个或多个ASIC。The processor may be a central processing unit CPU, or an ASIC (Application Specific Integrated Circuit), or one or more integrated circuits configured to implement the embodiments of the present invention. The one or more processors included in the computing device may be of the same type, such as one or more CPUs, or may be different types of processors, such as one or more CPUs and one or more ASICs.

存储器，用于存放程序。存储器可能包含高速RAM存储器，也可能还包括非易失性存储器(non-volatile memory)，例如至少一个磁盘存储器。Memory for storing programs. The memory may include a high-speed RAM memory, and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory.

程序具体可以用于使得处理器执行上述任意方法实施例中的应用于RPA平台的操作系统自动解锁屏方法。程序中各步骤的具体实现可以参见上述应用于RPA平台的操作系统自动解锁屏实施例中的相应步骤和单元中对应的描述，在此不赘述。所属领域的技术人员可以清楚地了解到，为描述的方便和简洁，上述描述的设备和模块的具体工作过程，可以参考前述方法实施例中的对应过程描述，在此不再赘述。The program may specifically be used to make the processor execute the method for automatically unlocking the screen of the operating system applied to the RPA platform in any of the above method embodiments. For the specific implementation of each step in the program, refer to the corresponding steps and corresponding descriptions in the units in the above-mentioned embodiment of the automatic unlocking screen of the operating system applied to the RPA platform, and details are not repeated here. Those skilled in the art can clearly understand that for the convenience and brevity of description, the specific working process of the above-described devices and modules can refer to the corresponding process description in the foregoing method embodiments, and details are not repeated here.

在此提供的算法或显示不与任何特定计算机、虚拟系统或者其它设备固有相关。各种通用系统也可以与基于在此的示教一起使用。根据上面的描述，构造这类系统所要求的结构是显而易见的。此外，本发明实施例也不针对任何特定编程语言。应当明白，可以利用各种编程语言实现在此描述的本发明实施例的内容，并且上面对特定语言所做的描述是为了披露本发明实施例的最佳实施方式。The algorithms or displays presented herein are not inherently related to any particular computer, virtual system, or other device. Various generic systems can also be used with the teachings based on this. The structure required to construct such a system is apparent from the above description. Furthermore, embodiments of the present invention are not directed to any particular programming language. It should be understood that various programming languages can be used to implement the contents of the embodiments of the present invention described herein, and the above description of specific languages is for disclosing the best implementation mode of the embodiments of the present invention.

在此处所提供的说明书中，说明了大量具体细节。然而，能够理解，本发明的实施例可以在没有这些具体细节的情况下实践。在一些实例中，并未详细示出公知的方法、结构和技术，以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

类似地，应当理解，为了精简本发明实施例并帮助理解各个发明方面中的一个或多个，在上面对本发明的示例性实施例的描述中，本发明实施例的各个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而，并不应将该公开的方法解释成反映如下意图：即所要求保护的本发明实施例要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说，如下面的权利要求书所反映的那样，发明方面在于少于前面公开的单个实施例的所有特征。因此，遵循具体实施方式的权利要求书由此明确地并入该具体实施方式，其中每个权利要求本身都作为本发明的单独实施例。Similarly, it should be understood that in the above description of the exemplary embodiments of the present invention, various features of the embodiments of the present invention are sometimes grouped together in order to simplify the embodiments of the present invention and facilitate understanding of one or more of the various inventive aspects. in a single embodiment, figure, or description thereof. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed embodiments of the invention require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

本领域那些技术人员可以理解，可以对实施例中的设备中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个设备中。可以把实施例中的模块或单元或组件组合成一个模块或单元或组件，以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外，可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述，本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings) and any method or method so disclosed may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

此外，本领域的技术人员能够理解，尽管在此的一些实施例包括其它实施例中所包括的某些特征而不是其它特征，但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。例如，在下面的权利要求书中，所要求保护的实施例的任意之一都可以以任意的组合方式来使用。Furthermore, those skilled in the art will understand that although some embodiments herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. And form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

本发明的各个部件实施例可以以硬件实现，或者以在一个或者多个处理器上运行的软件模块实现，或者以它们的组合实现。本领域的技术人员应当理解，可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的一些或者全部部件的一些或者全部功能。本发明实施例还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如，计算机程序和计算机程序产品)。这样的实现本发明实施例的程序可以存储在计算机可读介质上，或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到，或者在载体信号上提供，或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) may be used in practice to implement some or all functions of some or all components according to the embodiments of the present invention. Embodiments of the present invention can also be implemented as a device or apparatus program (eg, computer program and computer program product) for performing a part or all of the methods described herein. Such a program implementing an embodiment of the present invention may be stored on a computer-readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

应该注意的是上述实施例对本发明实施例进行说明而不是对本发明进行限制，并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中，不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明实施例可以借助于包括有若干不同元件的硬件以及借助于适当编程的计算机来实现。在列举了若干装置的单元权利要求中，这些装置中的若干个可以是通过同一个硬件项来具体体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。上述实施例中的步骤，除有特殊说明外，不应理解为对执行顺序的限定。It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. Embodiments of the invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a unit claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The use of the words first, second, and third, etc. does not indicate any order. These words can be interpreted as names. The steps in the above embodiments, unless otherwise specified, should not be construed as limiting the execution order.

Claims

1. An automatic screen unlocking method of an operating system applied to an RPA platform, wherein login credentials are registered in the operating system in advance, and the method comprises the following steps:

receiving user data input by the robot through a calling interface;

carrying out process communication with a user login process by using a pipeline technology, pulling up a user session and a desktop according to user data, activating a login interface process, and calling a login certificate to carry out security authentication;

and if the user passes the safety authentication, simulating to log in the operating system according to the user data, and completing unlocking of the operating system.

2. The method of claim 1, wherein the method further comprises:

capturing the system state of an operating system by utilizing a hook technology;

judging whether the system state is a login state or not;

if not, process communication is carried out with the user login process by using a pipeline technology, a user session and a desktop are pulled up according to user data, a login interface process is activated, and the login certificate is called for security authentication;

if so, performing identity authentication on user data for logging in the operating system;

if the verification fails, process communication is carried out with the user login process by using a pipeline technology, a user session and a desktop are pulled up according to user data, a login interface process is activated, and the login credentials are called for safety authentication.

3. The method of claim 2, wherein capturing the system state of the operating system using hooking techniques further comprises:

and calling a system event function to acquire the system state of the system event mark.

4. The method according to any one of claims 1-3, wherein the method further comprises: and receiving a screen locking request sent by the robot, responding to the screen locking request, and calling a screen locking function to complete the locking of the operating system.

5. The method of any of claims 1-3, wherein the login credentials are library files generated based on a graphical identification and authentication technique and a fusion of credential provisioning techniques.

6. An operating system automatic screen unlocking device applied to an RPA platform, wherein login credentials are registered in the operating system in advance, and the device comprises:

the receiving module is suitable for receiving user data input by the robot through the calling interface;

the safety authentication module is suitable for carrying out process communication with a user login process by utilizing a pipeline technology, pulling up a user session and a desktop according to user data, activating a login interface process, and calling the login credentials to carry out safety authentication;

and the unlocking module is suitable for simulating to log in the operating system according to the user data if the security authentication is passed, so as to finish unlocking the operating system.

7. The apparatus of claim 6, wherein the apparatus further comprises:

a capture module adapted to capture a system state of an operating system using hook technology;

the judging module is suitable for judging whether the system state is a login state or not;

the security authentication module is further adapted to: if the system state is not the login state, process communication is carried out with a user login process by using a pipeline technology, a user session and a desktop are pulled up according to user data, a login interface process is activated, and the login credential is called to carry out security authentication;

the identity authentication module is suitable for performing identity authentication on user data for logging in the operating system if the system state is a login state;

the security authentication module is further adapted to: if the verification fails, process communication is carried out with the user login process by using a pipeline technology, a user session and a desktop are pulled up according to user data, a login interface process is activated, and the login credentials are called for safety authentication.

8. The apparatus of claim 7, wherein the capture module is further adapted to: and calling a system event function to acquire the system state of the system event mark.

9. A computing device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;

the memory is used for storing at least one executable instruction, and the executable instruction causes the processor to execute the operation corresponding to the automatic screen unlocking method of the operating system applied to the RPA platform, as claimed in any one of claims 1-5.

10. A computer storage medium having at least one executable instruction stored therein, the executable instruction causing a processor to perform operations corresponding to the method for automatically unlocking a screen by an operating system applied to an RPA platform according to any one of claims 1 to 5.