diff --git a/en/application-dev/file-management/figures/faf-data-flow.png b/en/application-dev/file-management/figures/faf-data-flow.png
new file mode 100644
index 0000000000000000000000000000000000000000..d3c6fd90b59712bf2728208f247d531b919b4b3b
Binary files /dev/null and b/en/application-dev/file-management/figures/faf-data-flow.png differ
diff --git a/en/application-dev/file-management/figures/public-file-operation.png b/en/application-dev/file-management/figures/public-file-operation.png
new file mode 100644
index 0000000000000000000000000000000000000000..bb434a499da63e2245bd806bfc6e0d42686d883d
Binary files /dev/null and b/en/application-dev/file-management/figures/public-file-operation.png differ
diff --git a/en/application-dev/reference/apis/js-apis-fileio.md b/en/application-dev/reference/apis/js-apis-fileio.md
index 5287fd266fe6f903e650c82619c0d0ceee4dcd24..1907d07949a70bb223dfec959d5ff66607e743c3 100644
--- a/en/application-dev/reference/apis/js-apis-fileio.md
+++ b/en/application-dev/reference/apis/js-apis-fileio.md
@@ -31,7 +31,7 @@ class MainAbility extends Ability {
 }
  ```
 
- For details about how to obtain the stage model context, see [AbilityContext](js-apis-ability-context.md#abilitycontext).
+For details about how to obtain the stage model context, see [UIAbilityContext](js-apis-inner-application-uiAbilityContext.md).
 
 FA Model
 
diff --git a/en/application-dev/security/accesstoken-guidelines.md b/en/application-dev/security/accesstoken-guidelines.md
index 4dac868289b313395215112ece84a8dfab77b6b9..a006a6ff28fb6d31bc236c11b56505621695930b 100644
--- a/en/application-dev/security/accesstoken-guidelines.md
+++ b/en/application-dev/security/accesstoken-guidelines.md
@@ -2,7 +2,7 @@
 
 ## When to Use
 
-The [Ability Privilege Level (APL)](accesstoken-overview.md#app-apls) of an application can be **normal**, **system_basic**, or **system_core**. The default APL is **normal**. The [permission types](accesstoken-overview.md#permission-types) include **system_grant** and **user_grant**. For details about the permissions for applications, see the [Application Permission List](permission-list.md).
+The [Ability Privilege Level (APL)](accesstoken-overview.md#application-apls) of an application can be **normal**, **system_basic**, or **system_core**. The default APL is **normal**. The [permission types](accesstoken-overview.md#permission-types) include **system_grant** and **user_grant**. For details about the permissions for applications, see the [Application Permission List](permission-list.md).
 
 This document describes the following operations:
 
@@ -305,7 +305,7 @@ reqPermissions() {
 By default, the **user_grant** permissions must be dynamically authorized by the user through a dialog box. However, if you do not want the user authorization dialog box to display for pre-installed applications, you can pre-authorize the permissions, for example, the **ohos.permission.MICROPHONE** permission, in the [**install_list_permission.json**](https://gitee.com/openharmony/vendor_hihope/blob/master/rk3568/preinstall-config/install_list_permissions.json) file. The **install_list_permissions.json** file is in the **/system/etc/app/** directory on a device, and is loaded when the device starts. When the application is installed, the **user_grant** permissions in the file are granted.<br> The **install_list_permissions.json** file contains the following fields:
 
 - **bundleName**: bundle name of the application.
-- **app_signature**: fingerprint information of the application. For details, see [Application Privilege Configuration Guide](../../device-dev/subsystems/subsys-app-privilege-config-guide.md#configuration-in-install_list_capabilityjson).
+- **app_signature**: fingerprint information of the application. For details, see **Configuration in install_list_capability.json** in the [Application Privilege Configuration Guide](../../device-dev/subsystems/subsys-app-privilege-config-guide.md).
 - **permissions**: **name** specifies the name of the **user_grant** permission to pre-authorize. **userCancellable** specifies whether the user can revoke the pre-authorization. The value **true** means the user can revoke the pre-authorization; the value **false** means the opposite.
 
 > **NOTE**<br>This file is available only for preinstalled applications.
diff --git a/en/application-dev/security/permission-verify-guidelines.md b/en/application-dev/security/permission-verify-guidelines.md
index 5ac3dbabdbfad6226fac252f7891f25aef734596..641d36fe5da48130f6d93fc7b93a5321f9f7ba08 100644
--- a/en/application-dev/security/permission-verify-guidelines.md
+++ b/en/application-dev/security/permission-verify-guidelines.md
@@ -6,7 +6,7 @@ To protect sensitive data and eliminate security threads on core abilities, you
 
 ## Available APIs
 
-The table below lists only the API used in this guide. For more information, see [AbilityContext](../reference/apis/js-apis-ability-context.md).
+The table below lists only the API used in this guide. For more information, see [Application Access Control](../reference/apis/js-apis-abilityAccessCtrl.md).
 
 | API                                                      | Description                                            |
 | ------------------------------------------------------------ | --------------------------------------------------- |