diff --git a/bundle.json b/bundle.json
index 4222a801e966a4ccc7a0e9303cb9839dceea5ea0..46171115d678ec476a2de0cfd3cbc94ddd6c9758 100755
--- a/bundle.json
+++ b/bundle.json
@@ -32,6 +32,8 @@
                 "accessibility",
                 "audio_framework",
                 "c_utils",
+                "device_security_level",
+                "device_manager",
                 "distributed_hardware_fwk",
                 "drivers_interface_audio",
                 "drivers_interface_distributed_audio",
diff --git a/interfaces/inner_kits/native_cpp/audio_sink/include/daudio_sink_ipc_callback.h b/interfaces/inner_kits/native_cpp/audio_sink/include/daudio_sink_ipc_callback.h
index da6bdc96a8e7ad38ff7754290c75d9ca002961eb..5b96362a0cc10d44cae31463e1afcfd82dec4b58 100644
--- a/interfaces/inner_kits/native_cpp/audio_sink/include/daudio_sink_ipc_callback.h
+++ b/interfaces/inner_kits/native_cpp/audio_sink/include/daudio_sink_ipc_callback.h
@@ -30,7 +30,7 @@ public:
     ~DAudioSinkIpcCallback() override = default;
 
     int32_t OnNotifyResourceInfo(const ResourceEventType &type, const std::string &subType,
-        const std::string &networkId, bool &isSensitive, bool &isSameAccout) override;
+        const std::string &networkId, bool &isSensitive, bool &isSameAccount) override;
     void PushPrivacyResCallback(const std::shared_ptr<PrivacyResourcesListener> &listener);
 
 private:
diff --git a/interfaces/inner_kits/native_cpp/audio_sink/include/idaudio_sink_ipc_callback.h b/interfaces/inner_kits/native_cpp/audio_sink/include/idaudio_sink_ipc_callback.h
index 15974dfad3a53706a191e488be05d987243876da..a95cf5c175c850a391b42168740b5ef796b46846 100644
--- a/interfaces/inner_kits/native_cpp/audio_sink/include/idaudio_sink_ipc_callback.h
+++ b/interfaces/inner_kits/native_cpp/audio_sink/include/idaudio_sink_ipc_callback.h
@@ -30,7 +30,7 @@ public:
 
     ~IDAudioSinkIpcCallback() override {}
     virtual int32_t OnNotifyResourceInfo(const ResourceEventType &type, const std::string &subType,
-        const std::string &networkId, bool &isSensitive, bool &isSameAccout) = 0;
+        const std::string &networkId, bool &isSensitive, bool &isSameAccount) = 0;
 };
 } // DistributedHardware
 } // OHOS
diff --git a/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback.cpp b/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback.cpp
index aaf78e2fc1bb93d71b9c2c13c9ec65329369e37d..226efb4bfb940921a469e0c037c81ee386937ff8 100644
--- a/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback.cpp
+++ b/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback.cpp
@@ -26,16 +26,16 @@
 namespace OHOS {
 namespace DistributedHardware {
 int32_t DAudioSinkIpcCallback::OnNotifyResourceInfo(const ResourceEventType &type, const std::string &subType,
-    const std::string &networkId, bool &isSensitive, bool &isSameAccout)
+    const std::string &networkId, bool &isSensitive, bool &isSameAccount)
 {
-    DHLOGI("On notify the resource info, subType: %s, networkId: %s, isSensitive: %d, isSameAccout: %d",
-        subType.c_str(), networkId.c_str(), isSensitive, isSameAccout);
+    DHLOGI("On notify the resource info, subType: %s, networkId: %s, isSensitive: %d, isSameAccount: %d",
+        subType.c_str(), networkId.c_str(), isSensitive, isSameAccount);
 
     int32_t ret = DH_SUCCESS;
     std::lock_guard<std::mutex> resourceLck(privacyResMtx_);
     auto iter = privacyResCallback_.begin();
     if (iter != privacyResCallback_.end()) {
-        ret = (*iter)->OnPrivaceResourceMessage(type, subType, networkId, isSensitive, isSameAccout);
+        ret = (*iter)->OnPrivaceResourceMessage(type, subType, networkId, isSensitive, isSameAccount);
     }
     return ret;
 }
diff --git a/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback_stub.cpp b/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback_stub.cpp
index 49e244a618e8b93c788a22b21d87539438df6a11..a0f6258c4d77f03efee1a072129bf067dece6a64 100644
--- a/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback_stub.cpp
+++ b/interfaces/inner_kits/native_cpp/audio_sink/src/daudio_sink_ipc_callback_stub.cpp
@@ -51,12 +51,19 @@ int32_t DAudioSinkIpcCallbackStub::OnRemoteRequest(uint32_t code, MessageParcel
 int32_t DAudioSinkIpcCallbackStub::OnNotifyResourceInfoInner(MessageParcel &data, MessageParcel &reply,
     MessageOption &option)
 {
-    ResourceEventType type = static_cast<ResourceEventType>(data.ReadInt32());
-    std::string subType = data.ReadString();
-    std::string networkId = data.ReadString();
-    bool isSensitive = data.ReadBool();
-    bool isSameAccout = data.ReadBool();
-    return OnNotifyResourceInfo(type, subType, networkId, isSensitive, isSameAccout);
+    int32_t ret = DH_SUCCESS;
+    bool isSensitive;
+    bool isSameAccount;
+    do {
+        ResourceEventType type = static_cast<ResourceEventType>(data.ReadInt32());
+        std::string subType = data.ReadString();
+        std::string networkId = data.ReadString();
+        ret = OnNotifyResourceInfo(type, subType, networkId, isSensitive, isSameAccount);
+    } while (0);
+    reply.WriteInt32(ret);
+    reply.WriteBool(isSensitive);
+    reply.WriteBool(isSameAccount);
+    return DH_SUCCESS;
 }
 } // DistributedHardware
 } // OHOS
\ No newline at end of file
diff --git a/sa_profile/daudio.cfg b/sa_profile/daudio.cfg
index 0c9229e57a981db427675f9bad26542c006592e7..38b9502b66c84d6aeca2cdf3b6f81a11bd35a43a 100644
--- a/sa_profile/daudio.cfg
+++ b/sa_profile/daudio.cfg
@@ -5,7 +5,11 @@
         "uid" : "daudio",
         "gid" : ["daudio", "system"],
         "apl" : "system_basic",
-        "permission" : ["ohos.permission.MICROPHONE", "ohos.permission.DISTRIBUTED_DATASYNC"],
+        "permission" : [
+            "ohos.permission.MICROPHONE",
+            "ohos.permission.DISTRIBUTED_DATASYNC",
+            "ohos.permission.ACCESS_SERVICE_DM"
+        ],
         "ondemand" : true,
         "secon" : "u:r:daudio:s0"
     }]
diff --git a/services/audiomanager/managersink/include/daudio_sink_dev.h b/services/audiomanager/managersink/include/daudio_sink_dev.h
index 3d64da3d97c4f5a0416f0ebe7d4be4c7391d1318..5fa56684090b7b9dad8f28a13371070f7a00ab03 100644
--- a/services/audiomanager/managersink/include/daudio_sink_dev.h
+++ b/services/audiomanager/managersink/include/daudio_sink_dev.h
@@ -56,6 +56,7 @@ public:
     int32_t PauseDistributedHardware(const std::string &networkId);
     int32_t ResumeDistributedHardware(const std::string &networkId);
     int32_t StopDistributedHardware(const std::string &networkId);
+    void JudgeDeviceStatus();
 
 private:
     int32_t TaskOpenDSpeaker(const std::string &args);
@@ -76,7 +77,6 @@ private:
     int32_t from_json(const json &j, AudioParam &audioParam);
     int32_t HandleEngineMessage(uint32_t type, std::string content, std::string devId);
     int32_t SendAudioEventToRemote(const AudioEvent &event);
-    void JudgeDeviceStatus();
 
     int32_t ParseDhidFromEvent(std::string args);
     int32_t ConvertString2Int(std::string val);
diff --git a/services/audiomanager/managersink/include/daudio_sink_manager.h b/services/audiomanager/managersink/include/daudio_sink_manager.h
index e9892a6d107fa015228184ff556774cea121a16a..a88bcba4b07c44e09e91860d56a4ac4d26d59ba7 100644
--- a/services/audiomanager/managersink/include/daudio_sink_manager.h
+++ b/services/audiomanager/managersink/include/daudio_sink_manager.h
@@ -20,6 +20,10 @@
 #include <mutex>
 
 #include "single_instance.h"
+#include "device_manager.h"
+#include "device_manager_callback.h"
+#include "device_security_defines.h"
+#include "device_security_info.h"
 
 #include "daudio_sink_dev.h"
 #include "idaudio_source.h"
@@ -36,6 +40,10 @@ public:
     int32_t OnProviderEvent(const AVTransEvent &event) override;
 };
 
+class DeviceInitCallback : public DmInitCallback {
+    void OnRemoteDied() override;
+};
+
 class DAudioSinkManager {
 DECLARE_SINGLE_INSTANCE_BASE(DAudioSinkManager);
 public:
@@ -61,6 +69,10 @@ private:
     int32_t UnloadAVSenderEngineProvider();
     int32_t LoadAVReceiverEngineProvider();
     int32_t UnloadAVReceiverEngineProvider();
+    bool CheckDeviceSecurityLevel(const std::string &srcDeviceId, const std::string &dstDeviceId);
+    int32_t GetDeviceSecurityLevel(const std::string &udid);
+    std::string GetUdidByNetworkId(const std::string &networkId);
+    int32_t VerifySecurityLevel(const std::string &devId);
 
 private:
     static constexpr const char* DEVCLEAR_THREAD = "sinkClearTh";
@@ -77,7 +89,10 @@ private:
     IAVEngineProvider *rcvProviderPtr_ = nullptr;
     void *pSHandler_ = nullptr;
     void *pRHandler_ = nullptr;
+    bool isSensitive_;
+    bool isSameAccount_;
     sptr<IDAudioSinkIpcCallback> ipcSinkCallback_ = nullptr;
+    std::shared_ptr<DmInitCallback> initCallback_;
 };
 } // DistributedHardware
 } // OHOS
diff --git a/services/audiomanager/managersink/src/daudio_sink_manager.cpp b/services/audiomanager/managersink/src/daudio_sink_manager.cpp
index 7de419e6d02e9904621a115eb82753b60493ade9..1141d410ffb145b3e37229eb6c0557e192ce15c7 100644
--- a/services/audiomanager/managersink/src/daudio_sink_manager.cpp
+++ b/services/audiomanager/managersink/src/daudio_sink_manager.cpp
@@ -33,6 +33,7 @@ static const std::string PARAM_CLOSE_SPEAKER = "{\"audioParam\":null,\"dhId\":\"
     std::to_string(PIN_OUT_SPEAKER) + "\",\"eventType\":12}";
 static const std::string PARAM_CLOSE_MIC = "{\"audioParam\":null,\"dhId\":\"" +
     std::to_string(PIN_IN_MIC) + "\",\"eventType\":22}";
+const int DEFAULT_DEVICE_SECURITY_LEVEL = -1;
 
 IMPLEMENT_SINGLE_INSTANCE(DAudioSinkManager);
 using AVTransProviderClass = IAVEngineProvider *(*)(const std::string &);
@@ -62,6 +63,7 @@ DAudioSinkManager::~DAudioSinkManager()
 int32_t DAudioSinkManager::Init(const sptr<IDAudioSinkIpcCallback> &sinkCallback)
 {
     DHLOGI("Init audio sink manager.");
+    initCallback_ = std::make_shared<DeviceInitCallback>();
     ipcSinkCallback_ = sinkCallback;
     int32_t ret = GetLocalDeviceNetworkId(localNetworkId_);
     if (ret != DH_SUCCESS) {
@@ -183,18 +185,18 @@ int32_t DAudioSinkManager::CreateAudioDevice(const std::string &devId)
 
     int32_t ret = ERR_DH_AUDIO_FAILED;
     if (channelState_ == ChannelState::SPK_CONTROL_OPENED) {
+        std::string subType = "speaker";
         ret = dev->InitAVTransEngines(ChannelState::SPK_CONTROL_OPENED, rcvProviderPtr_);
     }
     if (channelState_ == ChannelState::MIC_CONTROL_OPENED) {
         ret = dev->InitAVTransEngines(ChannelState::MIC_CONTROL_OPENED, sendProviderPtr_);
+        if (!ret) {
+            ret = VerifySecurityLevel(devId);
+        }
     }
     if (ret != DH_SUCCESS) {
         DHLOGE("Init av transport sender engine failed.");
-        dev->SleepAudioDev();
-        {
-            std::lock_guard<std::mutex> lock(devMapMutex_);
-            audioDevMap_.erase(devId);
-        }
+        dev->JudgeDeviceStatus();
         return ERR_DH_AUDIO_FAILED;
     }
     return DH_SUCCESS;
@@ -403,5 +405,112 @@ int32_t DAudioSinkManager::StopDistributedHardware(const std::string &networkId)
     }
     return DH_SUCCESS;
 }
+
+bool DAudioSinkManager::CheckDeviceSecurityLevel(const std::string &srcDeviceId, const std::string &dstDeviceId)
+{
+    DHLOGI("CheckDeviceSecurityLevel srcDeviceId %s, dstDeviceId %s.", srcDeviceId.c_str(), dstDeviceId.c_str());
+    std::string srcUdid = GetUdidByNetworkId(srcDeviceId);
+    if (srcUdid.empty()) {
+        DHLOGE("src udid is empty");
+        return false;
+    }
+    std::string dstUdid = GetUdidByNetworkId(dstDeviceId);
+    if (dstUdid.empty()) {
+        DHLOGE("dst udid is empty");
+        return false;
+    }
+    DHLOGI("CheckDeviceSecurityLevel srcUdid %s, dstUdid %s.", srcUdid.c_str(), dstUdid.c_str());
+    int32_t srcDeviceSecurityLevel = GetDeviceSecurityLevel(srcUdid);
+    int32_t dstDeviceSecurityLevel = GetDeviceSecurityLevel(dstUdid);
+    DHLOGI("SrcDeviceSecurityLevel, level is %d", srcDeviceSecurityLevel);
+    DHLOGI("dstDeviceSecurityLevel, level is %d", dstDeviceSecurityLevel);
+    if (srcDeviceSecurityLevel == DEFAULT_DEVICE_SECURITY_LEVEL ||
+        srcDeviceSecurityLevel < dstDeviceSecurityLevel) {
+        DHLOGE("The device security of source device is lower.");
+        return false;
+    }
+    return true;
+}
+
+int32_t DAudioSinkManager::GetDeviceSecurityLevel(const std::string &udid)
+{
+    DeviceIdentify devIdentify;
+    devIdentify.length = DEVICE_ID_MAX_LEN;
+    int32_t ret = memcpy_s(devIdentify.identity, DEVICE_ID_MAX_LEN, udid.c_str(), DEVICE_ID_MAX_LEN);
+    if (ret != DH_SUCCESS) {
+        DHLOGE("Str copy failed %d", ret);
+        return DEFAULT_DEVICE_SECURITY_LEVEL;
+    }
+    DeviceSecurityInfo *info = nullptr;
+    ret = RequestDeviceSecurityInfo(&devIdentify, nullptr, &info);
+    if (ret != DH_SUCCESS) {
+        DHLOGE("Request device security info failed %d", ret);
+        FreeDeviceSecurityInfo(info);
+        info = nullptr;
+        return DEFAULT_DEVICE_SECURITY_LEVEL;
+    }
+    int32_t level = 0;
+    ret = GetDeviceSecurityLevelValue(info, &level);
+    DHLOGE("Get device security level, level is %d", level);
+    FreeDeviceSecurityInfo(info);
+    info = nullptr;
+    if (ret != DH_SUCCESS) {
+        DHLOGE("Get device security level failed %d", ret);
+        return DEFAULT_DEVICE_SECURITY_LEVEL;
+    }
+    return level;
+}
+
+std::string DAudioSinkManager::GetUdidByNetworkId(const std::string &networkId)
+{
+    if (networkId.empty()) {
+        DHLOGE("networkId is empty!");
+        return "";
+    }
+    int32_t ret = DeviceManager::GetInstance().InitDeviceManager(PKG_NAME, initCallback_);
+    if (ret != ERR_OK) {
+        DHLOGE("InitDeviceManager failed ret = %d", ret);
+    }
+    std::string udid = "";
+    ret = DeviceManager::GetInstance().GetUdidByNetworkId(PKG_NAME, networkId, udid);
+    if (ret != ERR_OK) {
+        DHLOGE("GetUdidByNetworkId failed ret = %d", ret);
+        return "";
+    }
+    return udid;
+}
+
+int32_t DAudioSinkManager::VerifySecurityLevel(const std::string &devId)
+{
+    std::string subType = "mic";
+    int32_t ret = ipcSinkCallback_->OnNotifyResourceInfo(ResourceEventType::EVENT_TYPE_QUERY_RESOURCE, subType, devId,
+        isSensitive_, isSameAccount_);
+    if (ret != DH_SUCCESS) {
+        DHLOGE("Query resource failed, ret: %d", ret);
+        return ret;
+    }
+    DHLOGI("VerifySecurityLevel isSensitive: %d, isSameAccount: %d", isSensitive_, isSameAccount_);
+    if (isSensitive_ && !isSameAccount_) {
+        DHLOGE("Privacy resource must be logged in with same account.");
+        return ERR_DH_AUDIO_FAILED;
+    }
+
+    std::string sinkDevId = "";
+    ret = GetLocalDeviceNetworkId(sinkDevId);
+    if (ret != DH_SUCCESS) {
+        DHLOGE("GetLocalDeviceNetworkId failed, ret: %d", ret);
+        return ret;
+    }
+    if (isSensitive_ && !CheckDeviceSecurityLevel(devId, sinkDevId)) {
+        DHLOGE("Check device security level failed!");
+        return ERR_DH_AUDIO_FAILED;
+    }
+    return DH_SUCCESS;
+}
+
+void DeviceInitCallback::OnRemoteDied()
+{
+    DHLOGI("DeviceInitCallback OnRemoteDied");
+}
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/audiomanager/servicesink/BUILD.gn b/services/audiomanager/servicesink/BUILD.gn
index e6fd761a1c1859216599e39cb11cc39da1ba0a16..1fbb84158efd1b70fc98884227df6d932f6c3573 100755
--- a/services/audiomanager/servicesink/BUILD.gn
+++ b/services/audiomanager/servicesink/BUILD.gn
@@ -94,6 +94,8 @@ ohos_shared_library("distributed_audio_sink") {
     "audio_framework:audio_client",
     "audio_framework:audio_renderer",
     "c_utils:utils",
+    "device_manager:devicemanagersdk",
+    "device_security_level:dslm_sdk",
     "distributed_hardware_fwk:distributed_av_receiver",
     "distributed_hardware_fwk:distributed_av_sender",
     "distributed_hardware_fwk:libdhfwk_sdk",
diff --git a/services/audiomanager/servicesink/include/daudio_sink_ipc_callback_proxy.h b/services/audiomanager/servicesink/include/daudio_sink_ipc_callback_proxy.h
index 01b0b17a111c011901b1779c801e87d38cd8af20..c8628f32140545bbab07dbcaf9250e03a9645e41 100644
--- a/services/audiomanager/servicesink/include/daudio_sink_ipc_callback_proxy.h
+++ b/services/audiomanager/servicesink/include/daudio_sink_ipc_callback_proxy.h
@@ -28,7 +28,7 @@ public:
 
     ~DAudioSinkIpcCallbackProxy() {}
     int32_t OnNotifyResourceInfo(const ResourceEventType &type, const std::string &subType,
-        const std::string &networkId, bool &isSensitive, bool &isSameAccout) override;
+        const std::string &networkId, bool &isSensitive, bool &isSameAccount) override;
 
 private:
     static inline BrokerDelegator<DAudioSinkIpcCallbackProxy> delegator_;
diff --git a/services/audiomanager/servicesink/src/daudio_sink_ipc_callback_proxy.cpp b/services/audiomanager/servicesink/src/daudio_sink_ipc_callback_proxy.cpp
index 28d78ae429c96a2eb0b78a849b0d0af398bda472..3386cfab76caa958e8fa897b90ad606012fbfc97 100644
--- a/services/audiomanager/servicesink/src/daudio_sink_ipc_callback_proxy.cpp
+++ b/services/audiomanager/servicesink/src/daudio_sink_ipc_callback_proxy.cpp
@@ -23,7 +23,7 @@
 namespace OHOS {
 namespace DistributedHardware {
 int32_t DAudioSinkIpcCallbackProxy::OnNotifyResourceInfo(const ResourceEventType &type, const std::string &subType,
-    const std::string &networkId, bool &isSensitive, bool &isSameAccout)
+    const std::string &networkId, bool &isSensitive, bool &isSameAccount)
 {
     MessageParcel data;
     MessageParcel reply;
@@ -33,13 +33,14 @@ int32_t DAudioSinkIpcCallbackProxy::OnNotifyResourceInfo(const ResourceEventType
     }
 
     int32_t resType = static_cast<int32_t>(type);
-    if (!data.WriteInt32(resType) || !data.WriteString(subType) || !data.WriteString(networkId) ||
-        !data.WriteBool(isSensitive) || !data.WriteBool(isSameAccout)) {
+    if (!data.WriteInt32(resType) || !data.WriteString(subType) || !data.WriteString(networkId)) {
         return ERR_DH_AUDIO_SA_WRITE_PARAM_FAIED;
     }
 
     Remote()->SendRequest(NOTIFY_RESOURCEINFO, data, reply, option);
     int32_t ret = reply.ReadInt32();
+    isSensitive = reply.ReadBool();
+    isSameAccount = reply.ReadBool();
     return ret;
 }
 } // namespace DistributedHardware