CN100388835C - Method of identifying legalness of mobile terminal user - Google Patents
Method of identifying legalness of mobile terminal user Download PDFInfo
- Publication number
- CN100388835C CN100388835C CNB2003101167672A CN200310116767A CN100388835C CN 100388835 C CN100388835 C CN 100388835C CN B2003101167672 A CNB2003101167672 A CN B2003101167672A CN 200310116767 A CN200310116767 A CN 200310116767A CN 100388835 C CN100388835 C CN 100388835C
- Authority
- CN
- China
- Prior art keywords
- portable terminal
- identification information
- information
- mobile phone
- phone users
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 238000012795 verification Methods 0.000 claims abstract description 41
- 238000004891 communication Methods 0.000 claims abstract description 16
- 238000013475 authorization Methods 0.000 claims description 42
- 230000008859 change Effects 0.000 claims description 14
- 238000004321 preservation Methods 0.000 claims description 8
- 230000006870 function Effects 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 3
- 230000008676 import Effects 0.000 claims description 3
- 230000000052 comparative effect Effects 0.000 claims description 2
- 238000011017 operating method Methods 0.000 claims description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 2
- 238000010295 mobile communication Methods 0.000 description 4
- 210000000056 organ Anatomy 0.000 description 3
- 238000000926 separation method Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 239000012467 final product Substances 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008450 motivation Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention discloses a method for verifying the validity of the user of a mobile terminal, which at least comprises: identification information used for verifying the validity of the user of a mobile terminal is previously set in the mobile terminal, and individualization information corresponding to the identification information is saved; the corresponding relation between the user subscription information to which the mobile terminal is corresponding and the identification information is previously saved in a verifying device; after the mobile terminal logs on a communication network, the validity of the user of the mobile terminal is verified according to whether the verification information corresponding to the individualization information saved in the mobile terminal and the verification information corresponding to the corresponding identification information saved in the verifying device are identical. The present invention can stop providing communication service for an invalid user or directly lock the mobile terminal owned by an invalid user by verifying the validity of the user of a mobile terminal, so that the problem that a mobile terminal is easy to steal and rob can be fundamentally solved; the present invention has a simple and reliable realization mode, and the present invention can not bring any inconvenience to a valid user.
Description
Technical field
The present invention relates to the verification technique of cordless communication network, be specifically related to a kind of method of verifying the mobile phone users legitimacy.
Background technology
Present portable terminal great majority adopt the mode of separation between machine and card, and just portable terminal itself is two independent parts with the subscriber card that is used for checking wireless network user profile, bond them together in use to get final product.Present subscriber card mainly is Subscriber Identity Module (SIM) card that is used for global mobile communication (GSM) system.This mode has a lot of outstanding advantages, for example the user wants to change the words of a portable terminal, only need to buy a new portable terminal and original SIM card is inserted into new portable terminal to get final product, like this, because user's information does not need to change, so the user does not need to handle to the communication operator formality of any replacing portable terminal yet.
But when adopting the separation between machine and card mode to bring great convenience, also cause portable terminal stolen and robbed phenomenon and happen occasionally, to such an extent as to portable terminal dare not be hung between waist some local people to the user.Because under the separation between machine and card mode, change a new SIM card on the portable terminal of robbing and just can have no obstacle ground use as long as steal in institute.Thereby the robber can sail again the steal portable terminal of robbing and sell profit like this.Like this, user not only economic interests is subjected to very big influence, but also need go to the common carrier place to handle a series of formalities, for example changes subscription data, has brought very big inconvenience to the user.
In order to solve portable terminal stolen problem of robbing easily, a kind of method relatively more commonly used is that cryptoguard is set on portable terminal.Startup password for example is set on portable terminal, all needs to import correct startup password at every turn when starting shooting, portable terminal could be carried out to subsequent operations such as network registries.If the startup password input is incorrect, this portable terminal just can not normally use.Even the robber has obtained user's portable terminal like this, also can not use and sell because not inputing correct password.Therefore, this method has solved portable terminal stolen problem of robbing easily to a certain extent.But for this a kind of method, validated user also needs to input password when each start, will bring very large trouble to validated user.Therefore, at present a lot of users are not provided with such startup password because feeling so each input startup password hell to pay, make this solution be difficult to be accepted and obtain the application of reality, thereby can not fundamentally solve portable terminal stolen problem of robbing easily by the user.
Also having a kind of solution is to build a large amount of equipment identity register (EIR) equipment, and the International Mobile Station Equipment Identification (IMEI) of those stolen mobile terminals is put into the blacklist of corresponding EIR.Like this, portable terminal when starting shooting logging in network at every turn, need all in EIR equipment, to check whether the pairing IMEI of this portable terminal is added in the blacklist, if in blacklist, found the IMEI of this portable terminal, network thinks that this mobile terminal user is the disabled user, thereby refuses its authentication request.The robber can not therefrom make a profit because resulting portable terminal can not reuse equally like this, thereby can fundamentally solve portable terminal stolen problem of robbing easily.But this method need be built a large amount of EIR equipment, needs to increase the construction of the network equipment, has both increased the cost of Virtual network operator, also makes troubles to Virtual network operator simultaneously.
Summary of the invention
In view of this, main purpose of the present invention provides a kind of method of verifying the mobile phone users legitimacy, and this method can fundamentally solve portable terminal, and easily stolen problem of robbing and implementation are simple and reliable.
Above-mentioned purpose of the present invention is solved by the following technical solutions:
A kind of method of verifying the mobile phone users legitimacy comprises the steps: at least
An identification information that is used to verify the mobile phone users legitimacy is set in portable terminal in advance, and preserves the customized information that obtains according to described identification information;
In Authentication devices, preserve the user signing contract information of mobile phone users correspondence and the corresponding relation between the identification information in advance;
After portable terminal signs in to communication network, send the solicited message of an acquisition request corresponding to the mobile terminal identification information of the CAMEL-Subscription-Information of mobile phone users to Authentication devices;
Authentication devices is searched corresponding identification information according to solicited message, and will send to portable terminal corresponding to the authorization information of identification information;
Whether portable terminal receives after the authorization information from Authentication devices, relatively consistent with the authorization information that obtains from the Authentication devices side corresponding to the authorization information of customized information in the portable terminal, to verify the legitimacy of mobile phone users.
Wherein, whether described comparison may further include after consistent corresponding to the authorization information of customized information in the portable terminal and the authorization information that obtains from the Authentication devices side: if judge that authorization information is inconsistent, portable terminal is carried out and is stopped locked service operation that user's operation is responded.And can further play the illegal acoustic information of expression user identity or send the illegal announcement information of expression user identity to communication network.
Above-mentioned purpose of the present invention can also be solved by the following technical solutions:
A kind of method of verifying the mobile phone users legitimacy comprises the steps: at least
An identification information that is used to verify the mobile phone users legitimacy is set in portable terminal in advance, and preserves the customized information that obtains according to described identification information;
In Authentication devices, preserve the user signing contract information of mobile phone users correspondence and the corresponding relation between the identification information in advance;
After portable terminal signed in to communication network, Authentication devices sent the solicited message of the customized information of request portable terminal preservation to this portable terminal;
After portable terminal receives this solicited message, to the authorization information of Authentication devices transmission corresponding to the customized information of being preserved;
After Authentication devices receives authorization information from portable terminal, relatively whether more consistent with authorization information corresponding to the identification information of preserving in the Authentication devices from the authorization information of portable terminal, to verify the legitimacy of mobile phone users.
Wherein, described comparison from the authorization information of portable terminal with whether consistent corresponding to the authorization information of the identification information of preserving in the Authentication devices after may further include: Authentication devices sends to portable terminal with comparative result information.And if judge that authorization information is inconsistent, Authentication devices can stop to provide service to portable terminal by the notifying communication network.
In the method for above two kinds of checking mobile phone users legitimacies, no matter be to carry out verification operation by portable terminal, still carry out verification operation by Authentication devices, the authorization information in customized information of preserving in portable terminal and the described verification operation can be an identification information.
Preferably, the customized information of preserving in portable terminal is an identification information, authorization information in the described verification operation is the summary info corresponding to identification information, at this moment, carry out before the described verification operation, this method further comprises: portable terminal and Authentication devices carry out same summary computing at the identification information of being preserved respectively, generate corresponding to the summary info of mobile terminal identification information with corresponding to the summary info of Authentication devices respective identification information.In addition, this method may further include by carrying out authentication and generates a random number, and the computing of making a summary is like this undertaken by uniting by identification information and random number.
Preferably, the customized information of preserving in portable terminal is the summary info of identification information, authorization information in the described verification operation is the summary info corresponding to identification information, described preservation this moment comprises according to the customized information that described identification information obtains: portable terminal generates and preserves the summary info corresponding to mobile terminal identification information at the computing of making a summary of set identification information; Further comprise before carrying out described verification operation: Authentication devices carries out same summary computing at the identification information of being preserved, and generates the summary info corresponding to Authentication devices respective identification information.
Preferably, this method further comprises: portable terminal and Authentication devices obtain a single channel encryption key in the process of portable terminal being carried out authentication, the The data single channel encryption key that transmits between portable terminal and the Authentication devices is encrypted, and portable terminal or Authentication devices are decrypted after receiving data encrypted.
This method can be carried out described verification operation after portable terminal signs in to network and waits for a random time.
In said method, may further include the verification operation response time that sets in advance a regulation, if the verification operation in regulation is not finished described verification operation within the response time, directly determine that the checking result is illegal or repeat verification operation for mobile phone users.
In said method, in portable terminal, preserve after the described customized information, may further include before the described corresponding relation of preservation in Authentication devices: the identification information that will be provided with in portable terminal in advance is saved in Authentication devices synchronously.The simultaneous operation here can be undertaken by calling out special number head and identification information being attached to the mode that sends after this number head, also can be undertaken by supplementary service command operation sign indicating number.The supplementary service command operation sign indicating number here comprises the command operation sign indicating number and the command operation sign indicating number that is used for sending to Authentication devices from portable terminal identification information that is used for being provided with at Authentication devices identification information.Simultaneous operation can also be that mobile phone users is saved in Authentication devices by the manual service mode that operator provides with the identification information notice that be provided with in advance according to identity information in portable terminal.
In said method, the identification information in the portable terminal be by user input or produce at random by portable terminal.
This method may further include in portable terminal and is provided with, checks, changes or remove the step of the customized information in the portable terminal.This method further comprises setting in advance and is used for being provided with, check, the operator password of the customized information in change or the removing portable terminal, describedly in portable terminal, be provided with carrying out, check, the operating procedure of changing or remove customized information further comprises before: the prompting user imports the setting that is used for that sets in advance, check, the operator password of the identification information in change or the removing portable terminal, whether the operator password of judging user's input is correct, if, permission is provided with in portable terminal, check, change or the operation of removing customized information, otherwise forbid described operation.
This method may further include the switching information of whether carrying out authentication function is set in portable terminal, described portable terminal comprises that further whether the switching information of verifying in the portable terminal is for opening after signing in to network, if carry out described verification operation, otherwise do not carry out verification operation.
Customized information in this method is to have the customized information that does not have the permanent hold function of power supply.Authentication devices can be attaching position register HLR or the AC of AUC.
From technical scheme of the present invention as can be seen, the present invention is provided with the customized information corresponding to the mobile communications network user totem information that can forever preserve in portable terminal, and set up the corresponding relation of this identification information and this mobile communications network user's subscription data, this corresponding relation is kept in this mobile communications network user's the Authentication devices of subscription data, by the Authentication devices comparison of portable terminal or network side corresponding to the authorization information that is kept at the identification information in the portable terminal with whether identical corresponding to the authorization information that is kept at the identification information in the Authentication devices, if it is identical, illustrate that mobile phone users is legal, otherwise the explanation mobile phone users is illegal.Implementation of the present invention is very simple, only a customized information corresponding to identification information need be set on portable terminal, and in Authentication devices, add the corresponding relation of identification information and CAMEL-Subscription-Information, behind the portable terminal logging in network, carry out a compare operation then.
For the stolen portable terminal of robbing, if the disabled user has changed SIM card, so because the change of the current CAMEL-Subscription-Information of this SIM card correspondence, make and in verification operation of the present invention, can find two authorization information differences, thereby the active user who determines portable terminal obtains this portable terminal by back door.Cooperate the position of locking portable terminal, record portable terminal this moment and report mode such as public security organ, make the disabled user not only can not use and steal the portable terminal profit of robbing, but also can be arrested rapidly, thereby stop the robber effectively and steal the motivation of robbing portable terminal, and then fundamentally solving portable terminal stolen problem of robbing easily.
Concerning the user, the process that identification information is set can not need the user to carry out complicated input by the automated randomized generation of portable terminal.After being provided with identification information, whether identical portable terminal can carry out identification information compare operation automatically after signing in to network, do not need the user to carry out troublesome operation such as the input startup password, therefore bring great advantage to the user, make the present invention practical more.
For Virtual network operator, only need in present existing CAMEL-Subscription-Information, increase an identification information, and after portable terminal signs in to network, carry out the compare operation of an identification information.The whole operation process is simple, and does not need common carrier to increase equipment investment, to almost not influence of operation cost, makes also therefore that the present invention is easier to be accepted by common carrier.
In sum, the present invention can fundamentally solve portable terminal stolen problem of robbing easily, and implementation is simple and reliable.
Description of drawings
Fig. 1 is an overview flow chart of the present invention.
Fig. 2 is the flow chart of the concrete proof procedure of first embodiment of the invention.
Fig. 3 is the flow chart of the concrete proof procedure of second embodiment of the invention.
Fig. 4 is the flow chart of the concrete proof procedure of third embodiment of the invention.
Fig. 5 is the flow chart of the concrete proof procedure of fourth embodiment of the invention.
Fig. 6 is the flow chart of the concrete proof procedure of fifth embodiment of the invention.
Fig. 7 is the flow chart of the concrete proof procedure of sixth embodiment of the invention.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
Fig. 1 shows overview flow chart of the present invention.As shown in Figure 1, at first in step 101, being provided with one in portable terminal can not have the permanent identification information of preserving of power supply, and preserves the customized information corresponding to this identification information.This identification information can be any character combination that figure place is not limit, and is preferably the use numerical character, and under portable terminal does not have electric power thus supplied, and this identification information still can be kept in the portable terminal and can not lose.
In step 102, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 103, after portable terminal signs in to network, by relatively corresponding to the authorization information of the customized information of self preserving in the portable terminal with verify the legitimacy of mobile terminal user corresponding to the authorization information of the identification information of preserving among the HLR.If two authorization information unanimities show that then the active user of portable terminal is legal, otherwise the active user of explanation portable terminal is illegal user, and this moment, portable terminal can lock with the refusal operation, and perhaps network can stop portable terminal being served.
Overall procedure of the present invention has been described above, and the present invention is described in detail below in conjunction with specific embodiment.
In the first embodiment of the present invention, verify its user's legitimacy by portable terminal.Specifically, comprise as shown in Figure 2 following steps.
In step 201, in portable terminal, be provided with and preserve the identification information that forever to preserve.
In step 202, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 203, portable terminal sends the solicited message of a request mobile terminal identification information to HLR by mobile switching centre (MSC) after signing in to network.
In step 204, HLR will send to corresponding mobile terminal corresponding to the identification information of active user's CAMEL-Subscription-Information of this portable terminal by MSC after the solicited message that receives from portable terminal.
In step 205, portable terminal is behind the identification information that receives from HLR, relatively whether the identification information that obtains from HLR is consistent with the identification information of self preserving, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, shows that then mobile terminal user is illegal user.
In the second embodiment of the present invention, verify its user's legitimacy equally by portable terminal self.Specifically, comprise as shown in Figure 3 following steps.
In step 301, the identification information that can forever preserve is set in portable terminal.
In step 302, portable terminal calculates summary info to identification information, and preserves this summary info, the customized information corresponding to identification information that the summary info is here just mentioned in the step 101.The concrete operations that summary info generates are common practise for a person skilled in the art, repeat no more here.
In step 303, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 304, portable terminal sends the solicited message of a request mobile terminal identification information to HLR by MSC after signing in to network.
In step 305, after HLR receives request from portable terminal, use the identification information of being preserved to generate summary info, then the summary info that generates is sent to portable terminal by MSC.
In step 306, whether the summary info of the identification information that portable terminal relatively obtains from HLR is consistent with the summary info of the identification information of self preserving, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, show that then mobile terminal user is illegal user.
Compare with first embodiment of the invention, second embodiment generates summary info by identification information, preserves this summary info then, and HLR will send to portable terminal by the summary info that identification information generates, thereby improve fail safe of the present invention.Certainly, also be appreciated that, portable terminal can only be preserved an original identification information, only generates summary info with the identification information of self preserving again after the summary info that receives the identification information that obtains from HLR, then two summary infos is compared.
In the third embodiment of the present invention, verify its user's legitimacy equally by portable terminal self.Specifically, comprise as shown in Figure 4 following steps.
In step 401, in portable terminal, be provided with and preserve the identification information that forever to preserve.
In step 402, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 403, mobile terminal-opening and sign in to network after, to the solicited message that HLR sends a request mobile terminal identification information, carry an interim random number that produces by MSC simultaneously.
In step 404, HLR receives after the request and random number from portable terminal, utilize identification information and the random number preserved to unite the computing of making a summary corresponding to active user's CAMEL-Subscription-Information of this portable terminal, generate a summary info, and summary info is sent to corresponding mobile terminal by MSC.
In step 405, after portable terminal receives summary info from HLR, utilize the random number that produces in the identification information oneself preserved and the step 403 to unite the computing of making a summary, generate a summary info.
In step 406, whether the summary info that portable terminal relatively obtains from HLR is with self to calculate resulting summary info consistent, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, show that then mobile terminal user is illegal user.
Compare with second embodiment of the invention, the 3rd embodiment further produces a random number, produces summary info by using identification information and random number join operation, then summary info is compared, thereby has further improved fail safe of the present invention.
In above-mentioned three kinds of embodiment, all be the checking of carrying out user validation at mobile terminal side.In the end a step demonstrate,prove out user identity illegal after, portable terminal can be carried out the locking keyboard, user's operation is stopped processing such as response, thereby makes the user can not re-use this portable terminal.And can send a warning message to common carrier by communication network, public security organ handles by the common carrier report, or directly reports to the police to public security organ.In addition, carry out the locking keyboard, when user's operation is stopped response etc. and handles, portable terminal can be play such as acoustic informations such as " you are illegal user ", to cause disabled user people around's attention.
In fourth embodiment of the invention, by the legitimacy of HLR checking mobile phone users.Its concrete following steps that comprise as shown in Figure 5 of handling.
In step 501, in portable terminal, be provided with and preserve the identification information that forever to preserve.
In step 502, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 503, after portable terminal signed in to network, portable terminal sent to HLR with the identification information of self preserving.Portable terminal can be after the requests for identification information order that the request portable terminal that receives HLR is preserved, and just sends described identification information to HLR.
In step 504, HLR searches portable terminal corresponding identification information according to active user's CAMEL-Subscription-Information of portable terminal correspondence.
In step 505, identification information that HLR relatively gets access to from portable terminal and the identification information that gets access to by step 504, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, show that then mobile terminal user is illegal user.
In the fifth embodiment of the present invention, verify its user's legitimacy equally by HLR.Specifically, comprise as shown in Figure 6 following steps.
In step 601, the identification information that can forever preserve is set in portable terminal.
In step 602, portable terminal generates summary info to identification information, and preserves this summary info.
In step 603, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 604, after portable terminal signed in to network, portable terminal sent to HLR with the summary info of self preserving.Portable terminal can be behind the summary info request command of the identification information that the request portable terminal that receives HLR is preserved, and just sends described summary info to HLR.
In step 605, HLR searches portable terminal corresponding identification information according to active user's CAMEL-Subscription-Information of portable terminal correspondence.
In step 606, HLR carries out same summary computing to finding identification information.
In step 607, summary info that HLR relatively gets access to from portable terminal and the summary info that calculates by step 606, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, show that then mobile terminal user is illegal user.
Compare with fourth embodiment of the invention, the 5th embodiment generates summary info to identification information and preserves this summary info then, and summary info is sent to HLR, and HLR generates summary info with identification information equally, compare two summary infos then, thereby improved fail safe of the present invention.Certainly, be appreciated that also portable terminal can only preserve an original identification information, only need be when HLR sends identification information again to the identification information of self the preserving computing of making a summary, then the summary info that calculates is sent to HLR.
In the sixth embodiment of the present invention, verify its user's legitimacy equally by HLR.Specifically, comprise as shown in Figure 7 following steps.
In step 701, in portable terminal, be provided with and preserve the identification information that forever to preserve.
In step 702, in the user signing contract information of HLR, increase user signing contract information and be arranged on corresponding relation between the identification information in the portable terminal.
In step 703, after portable terminal signed in to network, HLR produced a random number and sends this random number to portable terminal.
In step 704, portable terminal utilizes the identification information self preserved and received random number to unite the computing of making a summary, and obtains a summary info.
In step 705, portable terminal sends to HLR with the summary info that previous step obtains suddenly.
In step 706, HLR receives after the summary info from portable terminal, uses the random number that produces in the identification information of active user's CAMEL-Subscription-Information of portable terminal correspondence and the step 703 to unite the computing of making a summary.
In step 707, summary info that HLR relatively gets access to from portable terminal and the summary info that calculates by step 706, if the two unanimity, show that then mobile terminal user is a validated user, at this moment portable terminal can carry out any operation, if the two is inconsistent, show that then mobile terminal user is illegal user.
Compare with fifth embodiment of the invention, the 6th embodiment further produces a random number, produces summary info by using identification information and random number combined calculation, then summary info is compared, thereby has further improved fail safe of the present invention.
In the 4th to the 6th embodiment, if last step judges that the mobile phone users identity is illegal, HLR can lock this portable terminal by communication network, just stops to provide service to portable terminal.
In the above-described embodiments, portable terminal can obtain a single channel encryption key (KC) by after the authentication of AC among the present invention, and HLR also can obtain this KC simultaneously, and KC is sent to corresponding M SC preservation.Therefore, portable terminal sends to MSC after can using KC to encrypt when sending identification information or summary info to HLR, and sends to HLR after using the KC deciphering by MSC.In like manner, HLR can send to portable terminal when portable terminal sends identification information or summary info after using KC to encrypt at MSC, after portable terminal receives information encrypted, use KC to decipher this information, carries out subsequent operation then.
In above-mentioned all embodiment, all be the operation of after portable terminal logs on network, verifying the mobile phone users legitimacy.This operating process can be after portable terminal logs on network, and just authentication can wait for also that by carrying out immediately afterwards a random time carries out afterwards again.
In the present invention, then can be provided with the legitimacy of mobile phone users if verify with checking result notification portable terminal to user validation at mobile terminal side.If portable terminal is not verified the result in a period of time that sets in advance, for example the communication between portable terminal and the HLR goes wrong, and then carries out verification operation once more.This process can periodically or aperiodically repeat, till executing once complete verification operation.
If verify the legitimacy of mobile phone users, so when the obstructed out-of-date service that can directly lock of checking to this portable terminal in the HLR side.If perhaps HLR is not verified the result in a period of time that sets in advance, for example the communication between portable terminal and the HLR goes wrong, and then carries out verification operation once more.This process can periodically or aperiodically repeat, till this portable terminal is executed once complete verification operation.
In the present invention, can pass through dual mode from portable terminal to HLR transmission identification information or summary info.A kind of mode is to call out a special number head, and the above-mentioned information that will need then to send sends to HLR after being attached to this number head.For example, suppose that identification information is 5134356, call out a special number head 17999, then identification information 5134356 is attached to after 17999, just call out 179995134356, HLR will extract identification information 5134356 according to agreement in advance like this.The second way is to realize by increase supplementary service command operation sign indicating number in HLR.The identification information of portable terminal for example, is set at HLR by the SetPI command code that is used for being provided with identification information.Iff being that identification information with portable terminal sends to HLR and compares checking, and need in HLR, not carry out relative set, then can use the SendPI command code that is used to send identification information.
In the present invention, portable terminal produces identification information and can produce automatically, also can manually produce.Under situation about producing automatically, when if the user has selected antitheft operation execution anti-theft feature to be provided with by the menu of portable terminal, portable terminal judges whether the identification information of oneself preserving is empty, if be empty, the then automated randomized generation of portable terminal and preserve an identification information, then this identification information is sent among the HLR automatically, for example by using the SetPI command code.HLR sets up the corresponding relation between identification information and the portable terminal active user CAMEL-Subscription-Information after the identification information that has obtained portable terminal.If manually produce, portable terminal can require identification information of user oneself input, preserves the information of user's input after user's input, then this identification information is sent among the HLR.In automated manner, the identification information of Chan Shenging can be shown to the user at random.Portable terminal is not a sky if find the own identification information of preserving when carrying out anti-theft feature and be provided with, and then portable terminal directly sends to HLR with this identification information and preserves.
The operation that mobile phone users can be provided with, check, change and remove identification information.The user is provided with by above-mentioned execution anti-theft feature, opens anti-theft switch, will the setting or the change result of identification information be synchronized in the subscription data of this user among the HLR simultaneously; Equally,, close anti-theft switch, simultaneously corresponding identification information in the subscription data of this user among the HLR is emptied by the setting of cancellation anti-theft feature.It is the switching information that is used to determine whether to carry out authentication function that the anti-theft switch here can be understood as.
If verification operation carries out in the HLR side, then whether HLR can be that sky judges whether to carry out antitheft verification operation according to corresponding identification information in user's the subscription data.If verification operation carries out at mobile terminal side, then portable terminal judges whether to carry out antitheft verification operation according to anti-theft switch.
Can password be set at portable terminal, restriction to the setting of identification information, check, change and clear operation.For the ease of the Operation and Maintenance of validated user, portable terminal should be able to carry out attended operation to portable terminal under the state of not logining the mobile network.
For example, no matter be automated manner or manual mode, the user can check identification information, can further set in advance the password that the user was provided with, checks, changes and removed identification information this moment.The user need check that identification information must input password, and portable terminal judges whether password is correct, if correctly allow the user to check, otherwise does not allow the user to check.Like this, can prevent further that the robber from obtaining the user and being arranged on identification information in the portable terminal, thereby reach anti-theft effect.
Need to prove, after portable terminal is provided with anti-theft feature, no matter the user changes SIM card or replacing number, and the identification information of portable terminal does not change in this user's of corresponding HLR the subscription data, just still consistent with the identification information of portable terminal preservation, even portable terminal still can pass through verification operation of the present invention after changing SIM card so.On the contrary, if identification information changes in user's the subscription data, just no longer consistent with the identification information of portable terminal preservation, then portable terminal all can not pass through verification operation of the present invention.Therefore, for the stolen situation of portable terminal, because identification information can not be consistent with the identification information of the portable terminal of stealing in robber's the subscription data, therefore, the robber can't normally use this portable terminal.
If validated user has been forgotten the identification information that portable terminal is preserved, then this validated user can be checked this identification information by password; Equally, this user also can discover and seize the identification information that oneself is arranged in the subscription data according to proof of identification from operator.Therefore, portable terminal increases anti-theft feature, can not bring trouble in the maintenance to validated user.
Authentication devices among the present invention can be HLR, also can be that other any network equipments are finished function of the present invention.The function that HLR carries out can be carried out by AC, because present HLR and AC are positioned within the same physical entity, therefore adopts HLR to carry out verification operation.Be appreciated that at HLR and AC be respectively under the situation of two network equipments, all operations of the present invention can substitute HLR by AC.
Therefore be appreciated that the above only is preferred embodiment of the present invention, or not within the spirit and principles in the present invention not all in order to restriction the present invention, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (24)
1. a method of verifying the mobile phone users legitimacy comprises the steps: at least
An identification information that is used to verify the mobile phone users legitimacy is set in portable terminal in advance, and preserves the customized information that obtains according to described identification information;
In Authentication devices, preserve the user signing contract information of mobile phone users correspondence and the corresponding relation between the described identification information in advance;
After portable terminal signs in to communication network, send the solicited message of an acquisition request corresponding to the mobile terminal identification information of the CAMEL-Subscription-Information of mobile phone users to Authentication devices;
Authentication devices is searched corresponding described identification information according to solicited message, and will send to portable terminal corresponding to the authorization information of described identification information;
Whether portable terminal receives after the authorization information from Authentication devices, relatively consistent with the authorization information that obtains from the Authentication devices side corresponding to the authorization information of customized information in the portable terminal, to verify the legitimacy of mobile phone users.
2. the method for checking mobile phone users legitimacy according to claim 1, it is characterized in that, whether described comparison further comprises after consistent corresponding to the authorization information of customized information in the portable terminal and the authorization information that obtains from the Authentication devices side: if judge that described authorization information is inconsistent, portable terminal is carried out and is stopped locked service operation that user's operation is responded.
3. the method for checking mobile phone users legitimacy according to claim 2, it is characterized in that, after carrying out the locked service operation, further comprise: play the illegal acoustic information of expression user identity or send the illegal announcement information of expression user identity to communication network.
4. a method of verifying the mobile phone users legitimacy comprises the steps: at least
An identification information that is used to verify the mobile phone users legitimacy is set in portable terminal in advance, and preserves the customized information that obtains according to described identification information;
In Authentication devices, preserve the user signing contract information of mobile phone users correspondence and the corresponding relation between the described identification information in advance;
After portable terminal signed in to communication network, Authentication devices sent the solicited message of the customized information of request portable terminal preservation to this portable terminal;
After portable terminal receives this solicited message, to the authorization information of Authentication devices transmission corresponding to the customized information of being preserved;
After Authentication devices receives authorization information from portable terminal, relatively whether more consistent with authorization information corresponding to the identification information of preserving in the Authentication devices from the authorization information of portable terminal, to verify the legitimacy of mobile phone users.
5. the method for checking mobile phone users legitimacy according to claim 4, it is characterized in that, described comparison from the authorization information of portable terminal with whether consistent corresponding to the authorization information of the identification information of preserving in the Authentication devices after further comprise: Authentication devices sends to portable terminal with comparative result information.
6. the method for checking mobile phone users legitimacy according to claim 4, it is characterized in that, described comparison from the authorization information of portable terminal with whether consistent corresponding to the authorization information of the identification information of preserving in the Authentication devices after further comprise: if judge that described authorization information is inconsistent, Authentication devices notifying communication network stops to provide service to portable terminal.
7. according to the method for claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that described customized information of preserving and the described authorization information in the described verification operation are identification informations in portable terminal.
8. according to the method for claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that, the described customized information of preserving in portable terminal is an identification information, described authorization information in the described verification operation is the summary info corresponding to identification information, carry out before the described verification operation, this method further comprises: portable terminal and Authentication devices carry out same summary computing at the identification information of being preserved respectively, generate corresponding to the summary info of mobile terminal identification information with corresponding to the summary info of Authentication devices respective identification information.
9. the method for checking mobile phone users legitimacy according to claim 8 is characterized in that, this method further comprises by carrying out authentication and generate a random number, and described summary computing is united by identification information and described random number and carried out.
10. according to the method for claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that, the described customized information of preserving in portable terminal is the summary info of identification information, described authorization information in the described verification operation is the summary info corresponding to identification information, described preservation comprises according to the customized information that described identification information obtains: portable terminal generates and preserves the summary info corresponding to mobile terminal identification information at the computing of making a summary of set identification information; Further comprise before carrying out described verification operation: Authentication devices carries out same summary computing at the identification information of being preserved, and generates the summary info corresponding to Authentication devices respective identification information.
11. method according to claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that, this method further comprises: portable terminal and Authentication devices obtain a single channel encryption key in the process of portable terminal being carried out authentication, the The data single channel encryption key that transmits between portable terminal and the Authentication devices is encrypted, and portable terminal or Authentication devices are decrypted after receiving data encrypted.
12. the method according to claim 1 or 4 described checking mobile phone users legitimacies is characterized in that, carries out described verification operation after portable terminal signs in to network and waits for a random time.
13. method according to claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that, this method further comprises the verification operation response time that sets in advance a regulation, if the verification operation in described regulation is not finished described verification operation within the response time, directly determine that the checking result is illegal or repeat verification operation for mobile phone users.
14. method according to claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that preserve described customized information and further comprise afterwards and preserve described corresponding relation in Authentication devices before in portable terminal: the identification information that will be provided with in advance is saved in Authentication devices synchronously in portable terminal.
15. the method for checking mobile phone users legitimacy according to claim 14 is characterized in that, described simultaneous operation is to be undertaken by calling out special number head and described identification information being attached to the mode that sends after this number head.
16. the method for checking mobile phone users legitimacy according to claim 14 is characterized in that, described simultaneous operation is undertaken by supplementary service command operation sign indicating number.
17. the method for checking mobile phone users legitimacy according to claim 16, it is characterized in that described supplementary service command operation sign indicating number comprises the command operation sign indicating number and the command operation sign indicating number that is used for sending to Authentication devices from portable terminal identification information that is used for being provided with at Authentication devices identification information.
18. the method for checking mobile phone users legitimacy according to claim 14, it is characterized in that described simultaneous operation is that mobile phone users is saved in Authentication devices by the manual service mode that operator provides with the identification information notice that be provided with in advance according to identity information in portable terminal.
19. the method according to claim 1 or 4 described checking mobile phone users legitimacies is characterized in that, the identification information in the described portable terminal be by user input or produce at random by portable terminal.
20. the method according to claim 1 or 4 described checking mobile phone users legitimacies is characterized in that this method further is included in the portable terminal and is provided with, checks, changes or remove the step of customized information.
21. the method for checking mobile phone users legitimacy according to claim 20, it is characterized in that, this method further comprises setting in advance and is used for being provided with, check, the operator password of the customized information in change or the removing portable terminal, describedly in portable terminal, be provided with carrying out, check, the operating procedure of changing or remove customized information further comprises before: the prompting user imports the setting that is used for that sets in advance, check, the operator password of the identification information in change or the removing portable terminal, whether the operator password of judging user's input is correct, if, permission is provided with in portable terminal, check, change or the operation of removing customized information, otherwise forbid described operation.
22. method according to claim 1 or 4 described checking mobile phone users legitimacies, it is characterized in that, this method further is included in the switching information of whether carrying out authentication function is set in the portable terminal, described portable terminal comprises that further whether the switching information of verifying in the portable terminal is for opening after signing in to network, if, carry out described verification operation, otherwise do not carry out verification operation.
23. the method according to claim 1 or 4 described checking mobile phone users legitimacies is characterized in that, the described customized information of preserving in portable terminal is to have the customized information that does not have the permanent hold function of power supply.
24. the method according to claim 1 or 4 described checking mobile phone users legitimacies is characterized in that, described Authentication devices is attaching position register HLR or the AC of AUC.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101167672A CN100388835C (en) | 2003-11-21 | 2003-11-21 | Method of identifying legalness of mobile terminal user |
| PCT/CN2004/001325 WO2005050910A1 (en) | 2003-11-21 | 2004-11-22 | A method for authenticating the device’s self-validity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2003101167672A CN100388835C (en) | 2003-11-21 | 2003-11-21 | Method of identifying legalness of mobile terminal user |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1620166A CN1620166A (en) | 2005-05-25 |
| CN100388835C true CN100388835C (en) | 2008-05-14 |
Family
ID=34760762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2003101167672A Expired - Lifetime CN100388835C (en) | 2003-11-21 | 2003-11-21 | Method of identifying legalness of mobile terminal user |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100388835C (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100337502C (en) * | 2004-07-28 | 2007-09-12 | 华为技术有限公司 | Method for logic binding and verifying parts in device |
| CN100452908C (en) * | 2005-11-16 | 2009-01-14 | 乔超 | System and method for preventing software and hardware with communication condition / function from being embezzled |
| CN101141731B (en) * | 2007-08-08 | 2010-06-02 | 中兴通讯股份有限公司 | Method and apparatus for implementing terminal network locking |
| CN102111275B (en) * | 2011-04-01 | 2014-12-03 | 王冬梅 | User authentication and authorization method and system for implementing user authentication and authorization method |
| CN102984689B (en) * | 2012-11-21 | 2017-02-15 | 东莞宇龙通信科技有限公司 | System and method for verifying mobile terminal |
| US9344885B2 (en) * | 2013-03-14 | 2016-05-17 | Intel Deutschland Gmbh | Communication devices and cellular wide area radio base station |
| CN103702329A (en) * | 2013-11-15 | 2014-04-02 | 北京创毅讯联科技股份有限公司 | Communication terminal identity authentication method, communication terminal and base station |
| CN105072249A (en) * | 2015-07-07 | 2015-11-18 | 百度在线网络技术(北京)有限公司 | Method and device of preventing mobile device from being stolen, and corresponding mobile device |
| CN110809266A (en) * | 2018-08-05 | 2020-02-18 | 王正伟 | Mobile communication control method based on time tag |
| CN114499925A (en) * | 2018-08-06 | 2022-05-13 | 华为技术有限公司 | Subscription information configuration method and communication equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1182339A (en) * | 1996-02-09 | 1998-05-20 | 刘杰 | Anti-theft method for the number code of mobile telephone |
| WO2000045243A1 (en) * | 1999-01-29 | 2000-08-03 | Telia Ab (Publ) | Protection against theft for personal digital assistant |
| WO2002051106A1 (en) * | 2000-12-18 | 2002-06-27 | Robert, Patrick | Method for protecting nomad devices against theft, corresponding device and installation |
| CN1399490A (en) * | 2002-08-15 | 2003-02-26 | 西安西电捷通无线网络通信有限公司 | Safe access method of mobile terminal to radio local area network |
-
2003
- 2003-11-21 CN CNB2003101167672A patent/CN100388835C/en not_active Expired - Lifetime
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1182339A (en) * | 1996-02-09 | 1998-05-20 | 刘杰 | Anti-theft method for the number code of mobile telephone |
| WO2000045243A1 (en) * | 1999-01-29 | 2000-08-03 | Telia Ab (Publ) | Protection against theft for personal digital assistant |
| WO2002051106A1 (en) * | 2000-12-18 | 2002-06-27 | Robert, Patrick | Method for protecting nomad devices against theft, corresponding device and installation |
| CN1399490A (en) * | 2002-08-15 | 2003-02-26 | 西安西电捷通无线网络通信有限公司 | Safe access method of mobile terminal to radio local area network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1620166A (en) | 2005-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR0181566B1 (en) | Efficient real-time user identification and encryption method of communication system and device therefor | |
| FI101584B (en) | Check your mobile subscriber ID | |
| JP4623915B2 (en) | Communication protection system and method | |
| EP1562394B1 (en) | Apparatus and method for setting use restriction of mobile communication terminal | |
| AU684434B2 (en) | Method and apparatus for authentication in a communication system | |
| EP1371255B1 (en) | Method for enabling pki functions in a smart card | |
| KR19990077193A (en) | Authentication Key Management in Mobile Communication Systems | |
| CN1767430B (en) | Authentication method | |
| CN101960738A (en) | Method and system of providing personal information control service for mobile communication terminal | |
| CN102262793A (en) | Entrance guard control method and entrance guard control system | |
| CN1684411B (en) | Method for verifying user's legitimate of mobile terminal | |
| CN101816165A (en) | Methods for determining whether femtocell is authorized to provide wireless connectivity to a mobile unit | |
| CN104303583B (en) | System and method for establishing secure connection in a communications system | |
| CN100388835C (en) | Method of identifying legalness of mobile terminal user | |
| KR100631689B1 (en) | Theft prevention method and system of mobile communication terminal | |
| CN100413368C (en) | A method for verifying user card validity | |
| CN100362880C (en) | Identification method of mobile terminal user legalness | |
| CN101583126A (en) | Card locking method, subscriber identity module card and mobile terminal | |
| CN1705263B (en) | Validity verification method of mobile terminal user and mobile terminal thereof | |
| CN101977379A (en) | Authentication method and device of mobile terminal | |
| CN109495894B (en) | Method and system for preventing pseudo base station | |
| EP1311136A1 (en) | Authentication in telecommunications networks | |
| CN101877852A (en) | User access control method and system | |
| CN105072084B (en) | The method for building up of mobile terminal and external equipment data connection | |
| CN100518056C (en) | Method for producing user card authentication random number of network apparatus and authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200611 Address after: 401420 A District, Chongqing Qijiang District, South Street Bridge River Industrial Park Patentee after: Meiai (Chongqing) Technology Development Co.,Ltd. Address before: 518000 Baoan District Xin'an street, Shenzhen, Guangdong, No. 625, No. 625, Nuo platinum Plaza, Patentee before: SHENZHEN SHANGGE INTELLECTUAL PROPERTY SERVICE Co.,Ltd. Effective date of registration: 20200611 Address after: 518000 Baoan District Xin'an street, Shenzhen, Guangdong, No. 625, No. 625, Nuo platinum Plaza, Patentee after: SHENZHEN SHANGGE INTELLECTUAL PROPERTY SERVICE Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201125 Address after: Group 10, Sanmiao village, Xingren Town, Tongzhou District, Nantong City, Jiangsu Province, 226000 Patentee after: Nantong leituo Electronic Co.,Ltd. Address before: 401420 A District, Chongqing Qijiang District, South Street Bridge River Industrial Park Patentee before: Meiai (Chongqing) Technology Development Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CX01 | Expiry of patent term |
Granted publication date: 20080514 |
|
| CX01 | Expiry of patent term |