diff --git a/services/privacymanager/sa_profile/3505.json b/services/privacymanager/sa_profile/3505.json
index 73e5f1c577348f61c352939e8bd2474aee9ca5ce..d8f3c203d7d53844a5ec77fb28cf677a7c787ca1 100644
--- a/services/privacymanager/sa_profile/3505.json
+++ b/services/privacymanager/sa_profile/3505.json
@@ -6,7 +6,7 @@
             "libpath": "libprivacy_manager_service.z.so",
             "run-on-create": true,
             "depend_time_out": 60000,
-            "distributed": true,
+            "distributed": false,
             "depend": [ 3503 ],
             "dump_level": 1
         }
diff --git a/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp b/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp
index e0d119d05741503729297bef8392dfa4abf6b793..61a921a9a32dc0082636085ee579e3e98298dda2 100644
--- a/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp
+++ b/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp
@@ -26,6 +26,8 @@ namespace Security {
 namespace AccessToken {
 namespace {
 static const int32_t MAX_ONBYTES_RECEIVED_DATA_LEN = 1024 * 1024 * 10;
+static const std::string TOKEN_SYNC_PACKAGE_NAME = "ohos.security.distributed_access_token";
+static const std::string TOKEN_SYNC_SOCKET_NAME = "ohos.security.atm_channel.";
 } // namespace
 
 std::mutex SoftBusSocketListener::socketMutex_;
@@ -39,6 +41,16 @@ void SoftBusSocketListener::OnBind(int32_t socket, PeerSocketInfo info)
         LOGE(ATM_DOMAIN, ATM_TAG, "Socket fd invalid.");
         return;
     }
+    std::string peerSessionName(info.name);
+    if (peerSessionName.find(TOKEN_SYNC_SOCKET_NAME) != 0) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Peer session name(%{public}s) is invalid.", info.name);
+        return;
+    }
+    std::string packageName(info.pkgName);
+    if (packageName != TOKEN_SYNC_PACKAGE_NAME) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Peer pkgname(%{public}s) is invalid.", info.pkgName);
+        return;
+    }
 
     std::string peerNetworkId(info.networkId);
     std::lock_guard<std::mutex> guard(socketMutex_);
diff --git a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
index 9c1ab2fd90d927557bb49d2d17fb12be066f2dc9..dcf5f4c820d63e0669c6019c25c33ce1aeeb88b5 100644
--- a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
+++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp
@@ -34,6 +34,10 @@ int32_t TokenSyncManagerStub::OnRemoteRequest(
     uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
 {
     LOGI(ATM_DOMAIN, ATM_TAG, "%{public}s called, code: %{public}d", __func__, code);
+    if (!IPCSkeleton::IsLocalCalling()) {
+        LOGE(ATM_DOMAIN, ATM_TAG, "Unsupported rpc calling.");
+        return ERROR_IPC_REQUEST_FAIL;
+    }
     std::u16string descriptor = data.ReadInterfaceToken();
     if (descriptor != ITokenSyncManager::GetDescriptor()) {
         LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
index be54f37349f40a7bb3fb2e3cf4164699fe4dedf2..3db4b6bafe428fcaaaa3acffb130eecd44429e33 100644
--- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
+++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp
@@ -62,6 +62,9 @@ static std::string g_udid = "deviceid-1:udid-001";
 static int32_t g_selfUid;
 static AccessTokenID g_selfTokenId = 0;
 static const int32_t OUT_OF_MAP_SOCKET = 2;
+static const std::string TOKEN_SYNC_PACKAGE_NAME = "ohos.security.distributed_access_token";
+static const std::string TOKEN_SYNC_SOCKET_NAME = "ohos.security.atm_channel.";
+static const uint32_t SOCKET_NAME_MAX_LEN = 256;
 
 class TokenSyncServiceTest : public testing::Test {
 public:
@@ -609,10 +612,15 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level1)
     g_ptrDeviceStateCallback->OnDeviceOnline(g_devInfo); // create channel
 
     char networkId[DEVICEID_MAX_LEN + 1];
+    char pkgName[SOCKET_NAME_MAX_LEN + 1];
+    char peerName[SOCKET_NAME_MAX_LEN + 1];
     strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001");
-
+    strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str());
+    strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str());
     PeerSocketInfo info = {
+        .name = peerName,
         .networkId = networkId,
+        .pkgName = pkgName
     };
     SoftBusSocketListener::OnBind(1, info);
     SoftBusSocketListener::OnClientBytes(1, recvBuffer, recvLen);
@@ -1336,11 +1344,17 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level1)
     std::string udid = "test_udId";
     auto cmd = std::make_shared<TestBaseRemoteCommand>();
     char networkId[DEVICEID_MAX_LEN + 1];
-    int recvLen = 0x1000;
+    char pkgName[SOCKET_NAME_MAX_LEN + 1];
+    char peerName[SOCKET_NAME_MAX_LEN + 1];
     strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001");
+    strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str());
+    strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str());
     PeerSocketInfo info = {
+        .name = peerName,
         .networkId = networkId,
+        .pkgName = pkgName
     };
+    int recvLen = 0x1000;
     SoftBusSocketListener::OnBind(0, info);
     int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd);
     ASSERT_EQ(Constant::SUCCESS, ret);
@@ -1389,6 +1403,60 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level1)
     SoftBusSocketListener::OnShutdown(OUT_OF_MAP_SOCKET, SHUTDOWN_REASON_UNKNOWN);
 }
 
+/**
+ * @tc.name: RemoteCommandManager004
+ * @tc.desc: RemoteCommandManager004 function test
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(TokenSyncServiceTest, RemoteCommandManager004, TestSize.Level0)
+{
+    RemoteCommandManager::GetInstance().Init();
+    std::string udid = "test_udId";
+    auto cmd = std::make_shared<TestBaseRemoteCommand>();
+    char networkId[DEVICEID_MAX_LEN + 1];
+    char pkgName[SOCKET_NAME_MAX_LEN + 1];
+    char peerName[SOCKET_NAME_MAX_LEN + 1];
+    strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001");
+    strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str());
+    strcpy_s(peerName, SOCKET_NAME_MAX_LEN, "invalid");
+    PeerSocketInfo info = {
+        .name = peerName,
+        .networkId = networkId,
+        .pkgName = pkgName
+    };
+    SoftBusSocketListener::OnBind(1, info);
+    int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd);
+    ASSERT_EQ(Constant::SUCCESS, ret);
+}
+
+/**
+ * @tc.name: RemoteCommandManager005
+ * @tc.desc: RemoteCommandManager005 function test
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(TokenSyncServiceTest, RemoteCommandManager005, TestSize.Level0)
+{
+    RemoteCommandManager::GetInstance().Init();
+    std::string udid = "test_udId";
+    auto cmd = std::make_shared<TestBaseRemoteCommand>();
+    char networkId[DEVICEID_MAX_LEN + 1];
+    char pkgName[SOCKET_NAME_MAX_LEN + 1];
+    char peerName[SOCKET_NAME_MAX_LEN + 1];
+    strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001");
+    strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, "invalid");
+    strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str());
+    PeerSocketInfo info = {
+        .name = peerName,
+        .networkId = networkId,
+        .pkgName = pkgName
+    };
+    SoftBusSocketListener::OnBind(1, info);
+    int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd);
+    ASSERT_EQ(Constant::SUCCESS, ret);
+}
+
 /**
  * @tc.name: ProcessDeviceCommandImmediately001
  * @tc.desc: ProcessDeviceCommandImmediately function test