CN110619241A - Terminal protection method and device - Google Patents
Terminal protection method and device Download PDFInfo
- Publication number
- CN110619241A CN110619241A CN201910886020.6A CN201910886020A CN110619241A CN 110619241 A CN110619241 A CN 110619241A CN 201910886020 A CN201910886020 A CN 201910886020A CN 110619241 A CN110619241 A CN 110619241A
- Authority
- CN
- China
- Prior art keywords
- terminal
- pin code
- network connection
- protection
- management platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
Abstract
The invention provides a terminal protection method and device, and belongs to the technical field of intelligent terminal safety. The terminal protection method comprises the following steps: the terminal starts an abnormal protection mechanism and rejects a shutdown request of the terminal; maintaining the terminal in a network connection state; erasing the PIN code stored by the terminal; and acquiring real-time positioning information of the terminal and tracking the terminal. The terminal protection method can track the terminal when the terminal is lost, is beneficial to a loser to find the terminal back, and reduces property loss.
Description
Technical Field
The invention belongs to the technical field of intelligent terminal safety, and particularly relates to a terminal protection method and device.
Background
With the richness and increase of intelligent terminal service applications, terminals, especially portable intelligent terminals, become communication tools, indispensable data storage media and carriers of mobile payment, which are relied on for interaction in daily life of people, and the importance of the terminals is increasingly highlighted. However, the portability and high popularity of the intelligent terminal make it difficult for the intelligent terminal to avoid the risk of losing or being stolen, and the openness of the intelligent terminal system makes it difficult for the user to make up for data loss when the intelligent terminal is lost, and may cause the privacy of the user to be revealed, even cause property loss of the user.
Therefore, how to track the terminal by starting the terminal protection mechanism becomes a problem to be solved in the field when the terminal is lost.
Disclosure of Invention
Therefore, the invention provides a terminal protection method and a terminal protection device, which aim to solve the problem that the terminal cannot be tracked due to the loss of the terminal in the prior art.
In order to achieve the above object, a first aspect of the present invention provides a terminal protection method, including:
the terminal starts an abnormal protection mechanism and rejects a shutdown request of the terminal;
maintaining the terminal in a network connection state;
erasing the PIN code stored by the terminal;
and acquiring real-time positioning information of the terminal and tracking the terminal.
Further, before the terminal starts an abnormal protection mechanism and rejects the shutdown request of the terminal, the method further includes:
prompting a user to input a PIN code;
judging whether the PIN code input by the user is consistent with the PIN code stored by the terminal;
and accumulating the error times of the input PIN code, and starting the abnormal protection mechanism if the error times of the input PIN code exceed the preset times.
Further, the step of maintaining the network connection state of the terminal includes:
starting a first network connection;
judging whether the first network is in a connection state;
and if the first network is not in a connection state, starting a second network connection function of the terminal.
Further, the step of starting the second network connection function of the terminal includes:
the terminal establishes interaction with the terminal built-in isolation security domain through a terminal internal channel;
and the terminal built-in isolation security domain establishes interaction with the management platform through an air dedicated channel, so that a second network connection is established between the terminal and the management platform.
Further, the acquiring the real-time positioning information of the terminal and tracking the terminal includes:
and starting a built-in positioning function of the terminal, or acquiring real-time positioning information of the terminal by using a base station serving the terminal.
Further, after the erasing the PIN code stored in the terminal, the method further includes:
and starting a power saving mode of the terminal to prolong the standby time of the terminal.
Further, the terminal protection method further includes:
a data protection request is put forward;
and responding to a data protection instruction of a management platform, and uploading the data in the terminal to the management platform.
Further, after the uploading the data in the terminal to the management platform, the method further includes:
and deleting the data in the terminal.
Further, after the terminal starts the abnormal protection mechanism, the method further includes:
acquiring an image within the visible range of the terminal;
and uploading the image to a management platform.
In order to achieve the above object, a second aspect of the present invention provides a terminal protection device, comprising:
the abnormal protection module is used for starting an abnormal protection mechanism by the terminal and rejecting a shutdown request of the terminal;
the network connection module is used for enabling the terminal to keep a network connection state;
the erasing module is used for erasing the PIN pre-stored in the built-in isolation security domain of the terminal;
and the positioning module is used for acquiring the real-time positioning information of the terminal and tracking the terminal.
The invention has the following advantages:
according to the terminal protection method provided by the invention, after the terminal is lost, the terminal shutdown request is refused by starting the abnormal protection mechanism of the terminal, the terminal is kept in a network connection state, the PIN code stored in the terminal is erased, the real-time positioning information of the terminal is obtained, the terminal is tracked, a loser is facilitated to find the terminal back, and property loss is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a terminal protection method provided in this embodiment;
fig. 2 is a schematic block diagram of a terminal protection device according to this embodiment.
With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present invention, are given by way of illustration and explanation only, not limitation.
Fig. 1 is a flowchart of a terminal protection method according to a first embodiment of the present invention, and as shown in fig. 1, the terminal protection method includes the following steps:
step S101, the terminal starts an abnormal protection mechanism and rejects the shutdown request of the terminal.
When the terminal judges that the user carries out irregular operation on the terminal, an abnormal protection mechanism of the terminal is started, and a terminal shutdown request is refused, so that the terminal is kept in a startup state, and hardware conditions are provided for tracking the terminal. The abnormal protection mechanism is a self-protection mechanism of the terminal, and functions such as positioning the terminal and the like can be realized by starting the abnormal protection mechanism of the terminal, so that a user can be helped to track and retrieve the terminal.
In one embodiment, before the terminal starts the abnormal protection mechanism, the user is required to input a personal identification code to further verify whether the current operation on the terminal is a legal operation or an illegal operation. The Personal Identification Number (hereinafter, abbreviated as PIN code) is a Personal Identification Number of the SIM card, and can protect the security of the SIM card and thus the security of the terminal. Specifically, when the terminal judges that the user performs irregular operation on the terminal, the terminal prompts the user to input a PIN code and judges whether the PIN code input by the user is consistent with the PIN code stored in the terminal. And if the PIN code input by the user is consistent with the PIN code pre-stored in the terminal, the terminal is regarded as misoperation of a legal user or irregular operation of the legal user, receives a shutdown request of the terminal, and executes the shutdown operation of the terminal. If the user inputs the PIN code error, accumulating the times of the PIN code error input by the user, if the times of the PIN code error input exceed the preset times, considering that the current operation on the terminal is illegal, starting an abnormal protection mechanism of the terminal, rejecting a shutdown request of the terminal, keeping the terminal in a startup state, and providing a hardware condition for tracking the terminal. If a certain terminal receives a shutdown request in a screen locking state, the terminal sends a shutdown authorization request to the internal isolation security domain of the terminal. The terminal built-in isolation security domain judges that shutdown in the screen locking state belongs to irregular operation of a terminal user, firstly, a conventional protection mechanism is started, a corresponding protection program is triggered, and a popup window is popped up at the terminal to prompt the user to input a PIN code. It is assumed that the PIN code is pre-stored in the terminal and the maximum number of PIN code errors allowed in 10 minutes is 3. And after the user inputs the PIN code in the popup window, the protection program judges whether the PIN code input by the user is consistent with the PIN code stored in the built-in isolation security domain of the terminal. And if the PIN code input by the user is consistent with the PIN code pre-stored in the terminal, the shutdown operation is regarded as misoperation of a legal user or irregular operation of the legal user, the conventional protection mode of the terminal is closed, a shutdown request of the terminal is received, and the shutdown operation of the terminal is executed. If the PIN code input by the user is inconsistent with the PIN code prestored in the terminal, accumulating the error times of the PIN code input by the user, and if the error times of the PIN code input by the user in 10 minutes exceed the preset 3 times, considering that the operation of the current user on the terminal is illegal, starting an abnormal protection mechanism of the terminal, rejecting a shutdown request of the terminal, keeping the terminal in a startup state, and providing a hardware condition for the next tracking of the terminal. In this embodiment, the trigger of the terminal to start the abnormal protection mechanism is a shutdown operation in a screen locking state, and it should be noted that other abnormal operations belonging to the terminal may trigger the abnormal protection mechanism of the terminal.
In one embodiment, after the terminal enters the abnormal protection mechanism, the terminal may start a shooting device thereof to shoot, and upload influence data obtained by shooting to the management platform, and a user may extract features of an environment where the terminal is located, even features of an illegal operation terminal object, according to the influence data, to assist in tracking the terminal. For example, after a certain terminal enters an abnormal protection mechanism, shooting devices such as a local front camera and a rear camera of the terminal are started to shoot images within a visual range, and the image data is uploaded to a management platform. The user can analyze the image data, extract some environmental features of the environment where the terminal is located from the image data, and when the portrait of the illegal operation terminal object is shot, the biological features of the object can be extracted, so that the tracking of the terminal is assisted. Note that this embodiment can be performed at any stage after the terminal enters the abnormal protection mode.
In one embodiment, after the terminal enters the abnormal protection mechanism, the terminal may turn on its power saving mode, thereby increasing the standby time of the terminal and providing more time windows for tracking the terminal. Note that this embodiment can be performed at any stage after the terminal enters the abnormal protection mode.
Step S102, the terminal is enabled to maintain the network connection state.
After the terminal enters the abnormal mode, a network connection basis can be provided for the tracking of the terminal by keeping the network connection state of the terminal, and the network connection basis is a necessary condition for realizing the tracking of the terminal. The network connection of the terminal can be maintained through two methods, the first method is to realize the network connection through the network connection function built in the terminal, the second method is to establish the connection with the built-in isolation safety area through the internal channel of the terminal, and the built-in isolation safety area is connected with the management platform through the aerial dedicated channel, so that the network connection of the terminal is realized.
In one embodiment, after the terminal starts the abnormal protection mode, it is first determined whether the terminal is in a network connection state. If the terminal has started the built-in network connection function at present, such as establishing network connection through the mobile network, the existing mobile network connection state of the terminal is maintained, and the terminal is prohibited from closing the mobile network connection. If the terminal does not have network connection at present, and the built-in network connection function of the terminal cannot be used or the terminal does not have the built-in network connection function, the communication connection is realized through the built-in isolation security domain of the terminal. Specifically, the terminal establishes interaction with the terminal built-in isolation security domain through the terminal internal channel, and the terminal built-in isolation security domain establishes interaction with the management platform through the aerial dedicated channel, so that network connection is established between the terminal and the management platform, and the terminal always keeps network connection. For example, when the built-in network connection function of the terminal is unavailable or the terminal does not have the built-in network connection function, the terminal establishes a connection with a SIM/eSIM of the terminal through a machine-card channel inside the terminal, and the SIM/eSIM establishes a connection with the management platform through an air-dedicated channel, so that the terminal and the management platform establish a connection, and the network connection state of the terminal is maintained.
And step S103, erasing the PIN code stored in the terminal.
When the terminal enters an abnormal protection mode, the number of input errors of the PIN code of the user in the appointed time reaches the appointed number, and the user operating the terminal at the moment is judged to be an illegal user. In order to prevent an illegal user from acquiring the PIN code stored in the terminal by dragging the terminal, colliding the terminal and the like and realize further illegal operation on the terminal by using the PIN code, the PIN code stored in the terminal is erased by using the protection application of the terminal, so that the operations of carrying out illegal shutdown and the like on the PIN code acquired by inputting an illegal channel are avoided.
In one embodiment, after the terminal enters the abnormal protection mode, the PIN code erasing protection function of the terminal is started, and a protection program of an isolation security area built in the terminal directly erases a PIN code pre-stored in the isolation security area, so that the PIN code is invalid, and the terminal cannot be manually turned off. It should be noted that there are various ways to erase the PIN code, and this embodiment only gives an example, but does not limit the present invention.
And step S104, acquiring the real-time positioning information of the terminal and tracking the terminal.
The terminal enters an abnormal protection mode, the starting state is kept, the main purpose is to position the terminal in real time, and the real-time positioning information is sent to a management platform, so that the tracking of the terminal is realized. The other method is to realize the positioning of the terminal through an operator base station serving the terminal, and after the real-time positioning information of the terminal is obtained in any mode, the real-time positioning information is sent to a management platform to realize the tracking of the terminal.
In one embodiment, after the terminal enters the abnormal protection mode, the terminal starts an application program with a GPS positioning function in the terminal, and the application program starts the GPS positioning function built in the terminal, acquires real-time positioning information of the terminal, and sends the real-time positioning information to the management platform. When the terminal does not have the GPS positioning application program or the built-in positioning function of the terminal cannot be used, the terminal acquires real-time positioning information of the terminal by using an operator base station serving the terminal and sends the real-time positioning information to the management platform. Specifically, the terminal sends an assignment positioning request to an internal isolation security domain, the internal isolation security domain generates auxiliary positioning information according to the assignment positioning request, and the terminal or the internal isolation security domain sends the auxiliary positioning information to a management platform to realize positioning of the terminal. For example, when a built-in GPS positioning function of a terminal cannot be used, the terminal sends an assignment positioning request to its SIM/eSIM, the SIM card/eSIM generates corresponding auxiliary positioning information including, but not limited to, contents such as a terminal ID, an SIM/eSIM IMSI, a network affiliation, and the like according to the assignment positioning request, and the terminal or the SIM card/eSIM sends the positioning information to the management platform, thereby positioning the terminal.
It should be noted that, in addition to performing location tracking on the terminal, data protection may also be performed on the terminal, and the method specifically includes: and the terminal provides a data protection request, responds to a data protection instruction of the management platform and uploads the data in the terminal to the management platform. By carrying out data protection on the terminal, the terminal data can be prevented from being leaked to a certain extent and data loss can be recovered when the terminal data faces leakage danger or the terminal cannot be recovered.
In one embodiment, a user sends a data protection request to a management platform, and the management platform sends a data protection instruction to a lost terminal after receiving the data protection request. The data protection instruction content includes, but is not limited to, the type and order of data requested to be protected. And the lost terminal responds to a data protection instruction of the management platform, encrypts local corresponding data according to the requirement of the data protection instruction, uploads the encrypted data to the management platform according to the sequence of the instruction requirement, and determines whether to erase the local data according to the content of the data protection instruction after uploading is finished.
It should be further noted that, when the terminal is successfully recovered, a valid user of the terminal may apply for recovering the terminal state through the management platform. After the terminal enters an abnormal protection mode due to illegal operation, in order to prevent the PIN code of the user from being acquired by dragging the library and colliding the library to carry out illegal shutdown, the PIN code stored in the terminal is erased. When the terminal is recovered, the user can apply to close an abnormal protection mechanism of the terminal through the management platform, recover the normal use state of the terminal, and reset and store the PIN code of the terminal in the terminal.
In one embodiment, a terminal legal user sends a request for recovering the terminal state to a management platform through a personal account of the management platform, the management platform verifies the user identity after receiving the request, and sends a terminal state recovering instruction and a PIN code generating instruction to the terminal after the verification is passed. And after receiving the instruction, the terminal finishes the abnormal protection mode, sends a PIN code generation request to the built-in isolation security domain of the terminal, prompts a user to input a new PIN code after the built-in isolation security domain receives the PIN code generation request, and stores the input new PIN code in the built-in isolation security domain of the terminal.
Fig. 2 is a schematic block diagram illustrating a terminal protection device according to another exemplary embodiment, which may be implemented in part or in whole by software, hardware, or a combination of both. The terminal protection device may include: an exception protection module 201, a network connection module 202, an erasing module 203 and a positioning module 204.
An exception protection module 201, configured to start an exception protection mechanism for the terminal, and reject a shutdown request of the terminal.
When the terminal judges that the user performs irregular operation on the terminal, the abnormal protection module 201 starts an abnormal protection mechanism of the terminal and rejects a terminal shutdown request, so that the terminal is kept in a startup state, and a hardware condition is provided for tracking the terminal. The abnormal protection mechanism is a self-protection mechanism of the terminal, and functions such as positioning the terminal and the like can be realized by starting the abnormal protection mechanism of the terminal, so that a user can be helped to track and retrieve the terminal.
In one embodiment, before the anomaly protection module 201 starts the terminal anomaly protection mechanism, the user is required to input a personal identification code to further verify whether the current operation on the terminal is legal or illegal. The Personal Identification Number (hereinafter, abbreviated as PIN code) is a Personal Identification Number of the SIM card, and can protect the security of the SIM card and thus the security of the terminal. Specifically, when the terminal judges that the user performs irregular operation on the terminal, the terminal prompts the user to input a PIN code and judges whether the PIN code input by the user is consistent with the PIN code stored in the terminal. And if the PIN code input by the user is consistent with the PIN code pre-stored in the terminal, the terminal is regarded as misoperation of a legal user or irregular operation of the legal user, receives a shutdown request of the terminal, and executes the shutdown operation of the terminal. If the user inputs the PIN code error, accumulating the times of the PIN code error input by the user, if the times of the PIN code error input by the user exceeds the preset times, considering that the current operation on the terminal is illegal, starting an abnormal protection mechanism of the terminal by an abnormal protection module 201, rejecting a shutdown request of the terminal, keeping the terminal in a startup state, and providing a hardware condition for tracking the terminal. If a certain terminal receives a shutdown request in a screen locking state, the terminal sends a shutdown authorization request to the internal isolation security domain of the terminal. The terminal built-in isolation security domain judges that shutdown in the screen locking state belongs to irregular operation of a terminal user, firstly, a conventional protection mechanism is started, a corresponding protection program is triggered, and a popup window is popped up at the terminal to prompt the user to input a PIN code. It is assumed that the PIN code is pre-stored in the terminal and the maximum number of PIN code errors allowed in 10 minutes is 3. And after the user inputs the PIN code in the popup window, the protection program judges whether the PIN code input by the user is consistent with the PIN code stored in the built-in isolation security domain of the terminal. And if the PIN code input by the user is consistent with the PIN code pre-stored in the terminal, the shutdown operation is regarded as misoperation of a legal user or irregular operation of the legal user, the conventional protection mode of the terminal is closed, a shutdown request of the terminal is received, and the shutdown operation of the terminal is executed. If the PIN code input by the user is inconsistent with the PIN code prestored in the terminal, the number of times of error of PIN code input by the user is accumulated, if the number of times of error of PIN code input by the user in 10 minutes exceeds the preset 3 times, the operation of the current user on the terminal is considered to be illegal operation, the abnormal protection module 201 starts a terminal abnormal protection mechanism, rejects the shutdown request of the terminal, keeps the terminal in a startup state, and provides a hardware condition for the next tracking of the terminal. In this embodiment, the trigger of the terminal to start the abnormal protection mechanism is a shutdown operation in a screen locking state, and it should be noted that other abnormal operations belonging to the terminal may trigger the abnormal protection mechanism of the terminal.
In an embodiment, after the anomaly protection module 201 starts an anomaly protection mechanism of the terminal, the terminal may start a shooting device of the terminal to shoot, and upload impact data obtained by shooting to the management platform, and a user may extract features of an environment where the terminal is located, even features of an illegally-operated terminal object, according to the impact data, to assist in tracking the terminal. For example, after a certain terminal enters an abnormal protection mechanism, shooting devices such as a local front camera and a rear camera of the terminal are started to shoot images within a visual range, and the image data is uploaded to a management platform. The user can analyze the image data, extract some environmental features of the environment where the terminal is located from the image data, and when the portrait of the illegal operation terminal object is shot, the biological features of the object can be extracted, so that the tracking of the terminal is assisted. Note that this embodiment can be performed at any stage after the terminal enters the abnormal protection mode.
In one embodiment, after the abnormal protection module 201 starts the abnormal protection mechanism of the terminal, the terminal may start its power saving mode, thereby increasing the standby time of the terminal and providing more time windows for tracking the terminal. Note that this embodiment can be performed at any stage after the terminal enters the abnormal protection mode.
A network connection module 202, configured to enable the terminal to maintain a network connection state.
After the terminal enters the abnormal mode, the network connection module 202 maintains the network connection state of the terminal, so that a network connection basis can be provided for the tracking of the terminal, which is a necessary condition for realizing the tracking of the terminal. The network connection module 202 may maintain the network connection of the terminal through two methods, the first method is to implement the network connection through the network connection function built in the terminal, the second method is to establish the connection with the built-in isolation security zone through the internal channel of the terminal, and the built-in isolation security zone is to establish the connection with the management platform through the air dedicated channel, thereby implementing the network connection of the terminal.
In one embodiment, after the terminal starts the abnormal protection mode, the network connection module 202 first determines whether the terminal is in a network connection state. If the terminal has started the built-in network connection function at present, such as establishing network connection through the mobile network, the existing mobile network connection state of the terminal is maintained, and the terminal is prohibited from closing the mobile network connection. If the terminal does not have network connection at present, and the built-in network connection function of the terminal cannot be used or the terminal does not have the built-in network connection function, the communication connection is realized through the built-in isolation security domain of the terminal. Specifically, the terminal establishes interaction with the terminal built-in isolation security domain through the terminal internal channel, and the terminal built-in isolation security domain establishes interaction with the management platform through the aerial dedicated channel, so that network connection is established between the terminal and the management platform, and the terminal always keeps network connection. For example, when the built-in network connection function of the terminal is unavailable or the terminal does not have the built-in network connection function, the terminal establishes a connection with a SIM/eSIM of the terminal through a machine-card channel inside the terminal, and the SIM/eSIM establishes a connection with the management platform through an air-dedicated channel, so that the terminal and the management platform establish a connection, and the network connection state of the terminal is maintained.
An erasing module 203, configured to erase a PIN code pre-stored in the built-in isolated security domain of the terminal.
When the terminal enters an abnormal protection mode, the number of input errors of the PIN code of the user in the appointed time reaches the appointed number, and the user operating the terminal at the moment is judged to be an illegal user. In order to prevent an illegal user from acquiring the PIN code stored in the terminal by dragging the terminal, hitting the terminal and the like and further carrying out illegal operation on the terminal by using the PIN code, the PIN code stored in the terminal is erased by using the erasing module 203 of the terminal protection application, so that the operations of carrying out illegal shutdown and the like on the PIN code obtained by inputting an illegal channel are avoided.
In one embodiment, after the terminal enters the abnormal protection mode, the erasing module 203 starts a PIN code erasing protection function of the terminal, and a protection program of the terminal built-in isolation security area directly erases a PIN code pre-stored in the isolation security area, so that the PIN code is invalid, and the terminal cannot be manually powered off. It should be noted that there are various ways to erase the PIN code, and this embodiment only gives an example, but does not limit the present invention.
And the positioning module 204 is configured to acquire real-time positioning information of the terminal and track the terminal.
The terminal enters an abnormal protection mode, the starting state is kept, the main purpose is to position the terminal in real time, and the real-time positioning information is sent to a management platform, so that the tracking of the terminal is realized. The positioning module 204 mainly has two methods for positioning the terminal, one is to position the terminal through a GPS function built in the terminal, including various terminal applications with a positioning function, and the other is to position the terminal through an operator base station serving the terminal, and after obtaining real-time positioning information of the terminal through any method, the real-time positioning information is sent to a management platform to realize terminal tracking.
In one embodiment, after the terminal enters the abnormal protection mode, the terminal positioning module 204 starts an application program with a GPS positioning function in the terminal, and the application program starts the GPS positioning function built in the terminal, acquires real-time positioning information of the terminal, and sends the real-time positioning information to the management platform. When the terminal does not have a GPS positioning application or its built-in positioning function cannot be used, the terminal positioning module 204 acquires real-time positioning information of the terminal by using an operator base station serving the terminal, and sends the real-time positioning information to the management platform. Specifically, the terminal sends an assignment positioning request to an internal isolation security domain, the internal isolation security domain generates auxiliary positioning information according to the assignment positioning request, and the terminal or the internal isolation security domain sends the auxiliary positioning information to a management platform to realize positioning of the terminal. For example, when a built-in GPS positioning function of a terminal cannot be used, the terminal sends an assignment positioning request to its SIM/eSIM, the SIM card/eSIM generates corresponding auxiliary positioning information including, but not limited to, contents such as a terminal ID, an SIM/eSIM IMSI, a network affiliation, and the like according to the assignment positioning request, and the terminal or the SIM card/eSIM sends the positioning information to the management platform, thereby positioning the terminal.
It should be noted that, in addition to performing location tracking on the terminal, data protection may also be performed on the terminal, and the method specifically includes: and the terminal provides a data protection request, responds to a data protection instruction of the management platform and uploads the data in the terminal to the management platform. By carrying out data protection on the terminal, the terminal data can be prevented from being leaked to a certain extent and data loss can be recovered when the terminal data faces leakage danger or the terminal cannot be recovered.
In one embodiment, a user sends a data protection request to a management platform, and the management platform sends a data protection instruction to a lost terminal after receiving the data protection request. The data protection instruction content includes, but is not limited to, the type and order of data requested to be protected. And the lost terminal responds to a data protection instruction of the management platform, encrypts local corresponding data according to the requirement of the data protection instruction, uploads the encrypted data to the management platform according to the sequence of the instruction requirement, and determines whether to erase the local data according to the content of the data protection instruction after uploading is finished.
It should be further noted that, when the terminal is successfully recovered, a valid user of the terminal may apply for recovering the terminal state through the management platform. After the terminal enters an abnormal protection mode due to illegal operation, in order to prevent the PIN code of the user from being acquired by dragging the library and colliding the library to carry out illegal shutdown, the PIN code stored in the terminal is erased. When the terminal is recovered, the user can apply to close an abnormal protection mechanism of the terminal through the management platform, recover the normal use state of the terminal, and reset and store the PIN code of the terminal in the terminal.
In one embodiment, a terminal legal user sends a request for recovering the terminal state to a management platform through a personal account of the management platform, the management platform verifies the user identity after receiving the request, and sends a terminal state recovering instruction and a PIN code generating instruction to the terminal after the verification is passed. And after receiving the instruction, the terminal finishes the abnormal protection mode, sends a PIN code generation request to the built-in isolation security domain of the terminal, prompts a user to input a new PIN code after the built-in isolation security domain receives the PIN code generation request, and stores the input new PIN code in the built-in isolation security domain of the terminal.
It will be understood that the above embodiments are merely exemplary embodiments taken to illustrate the principles of the present invention, which is not limited thereto. It will be apparent to those skilled in the art that various modifications and improvements can be made without departing from the spirit and substance of the invention, and these modifications and improvements are also considered to be within the scope of the invention.
Claims (10)
1. A terminal protection method is characterized by comprising the following steps:
the terminal starts an abnormal protection mechanism and rejects a shutdown request of the terminal;
maintaining the terminal in a network connection state;
erasing the PIN code stored by the terminal;
and acquiring real-time positioning information of the terminal and tracking the terminal.
2. The terminal protection method according to claim 1, wherein before the terminal starts an abnormal protection mechanism and rejects the shutdown request of the terminal, the method further comprises:
prompting a user to input a PIN code;
judging whether the PIN code input by the user is consistent with the PIN code stored by the terminal;
and accumulating the error times of the input PIN code, and starting the abnormal protection mechanism if the error times of the input PIN code exceed the preset times.
3. The terminal protection method according to claim 1, wherein the step of maintaining the network connection state of the terminal comprises:
starting a first network connection;
judging whether the first network is in a connection state;
and if the first network is not in a connection state, starting a second network connection function of the terminal.
4. The terminal protection method according to claim 3, wherein the step of starting the second network connection function of the terminal comprises:
the terminal establishes interaction with the terminal built-in isolation security domain through a terminal internal channel;
and the terminal built-in isolation security domain establishes interaction with a management platform through an air dedicated channel, so that a second network connection is established between the terminal and the management platform.
5. The method according to claim 1, wherein the obtaining the real-time location information of the terminal and tracking the terminal comprises:
and starting a built-in positioning function of the terminal, or acquiring real-time positioning information of the terminal by using a base station serving the terminal.
6. The terminal protection method according to claim 5, wherein after erasing the PIN stored in the terminal, the method further comprises:
and starting a power saving mode of the terminal to prolong the standby time of the terminal.
7. The terminal protection method according to claim 1, further comprising:
a data protection request is put forward;
and responding to a data protection instruction of a management platform, and uploading the data in the terminal to the management platform.
8. The method for protecting a terminal according to claim 7, wherein after the uploading the data in the terminal to the management platform, the method further comprises:
and deleting the data in the terminal.
9. The terminal protection method according to claim 1, wherein after the terminal starts the abnormal protection mechanism, the method further comprises:
acquiring an image within the visible range of the terminal;
and uploading the image to a management platform.
10. A terminal protection device, comprising:
the abnormal protection module is used for starting an abnormal protection mechanism by the terminal and rejecting a shutdown request of the terminal;
the network connection module is used for enabling the terminal to keep a network connection state;
the erasing module is used for erasing the PIN pre-stored in the built-in isolation security domain of the terminal;
and the positioning module is used for acquiring the real-time positioning information of the terminal and tracking the terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910886020.6A CN110619241A (en) | 2019-09-19 | 2019-09-19 | Terminal protection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910886020.6A CN110619241A (en) | 2019-09-19 | 2019-09-19 | Terminal protection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110619241A true CN110619241A (en) | 2019-12-27 |
Family
ID=68923552
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910886020.6A Pending CN110619241A (en) | 2019-09-19 | 2019-09-19 | Terminal protection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110619241A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113407150A (en) * | 2021-06-29 | 2021-09-17 | 青岛海信移动通信技术股份有限公司 | Terminal device, security guarantee method and storage medium |
| CN114157754A (en) * | 2021-12-11 | 2022-03-08 | 天翼电信终端有限公司 | Lost mobile phone retrieving method, system and storage medium based on eSIM card |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663314A (en) * | 2012-03-23 | 2012-09-12 | 邱漫 | Anti-theft and information security protecting method and device for portable terminal |
| CN106470269A (en) * | 2015-08-20 | 2017-03-01 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus of antitheft mobile phone |
| CN107590404A (en) * | 2016-07-08 | 2018-01-16 | 中国电信股份有限公司 | Method for tracing and system and terminal device |
| CN109525980A (en) * | 2017-09-18 | 2019-03-26 | 中国电信股份有限公司 | Realize the anti-lost method and system of mobile phone, anti-loss mobile phone |
| US20190098030A1 (en) * | 2014-12-22 | 2019-03-28 | Christian Aabye | Software tampering detection and reporting process |
-
2019
- 2019-09-19 CN CN201910886020.6A patent/CN110619241A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663314A (en) * | 2012-03-23 | 2012-09-12 | 邱漫 | Anti-theft and information security protecting method and device for portable terminal |
| US20190098030A1 (en) * | 2014-12-22 | 2019-03-28 | Christian Aabye | Software tampering detection and reporting process |
| CN106470269A (en) * | 2015-08-20 | 2017-03-01 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus of antitheft mobile phone |
| CN107590404A (en) * | 2016-07-08 | 2018-01-16 | 中国电信股份有限公司 | Method for tracing and system and terminal device |
| CN109525980A (en) * | 2017-09-18 | 2019-03-26 | 中国电信股份有限公司 | Realize the anti-lost method and system of mobile phone, anti-loss mobile phone |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113407150A (en) * | 2021-06-29 | 2021-09-17 | 青岛海信移动通信技术股份有限公司 | Terminal device, security guarantee method and storage medium |
| CN114157754A (en) * | 2021-12-11 | 2022-03-08 | 天翼电信终端有限公司 | Lost mobile phone retrieving method, system and storage medium based on eSIM card |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9560693B2 (en) | Methods and apparatus for access data recovery from a malfunctioning device | |
| US8583082B2 (en) | System and method for tracking stolen communication terminal, and communication terminal | |
| CN101252703B (en) | Terminal data protecting method, system as well as mobile communication terminal | |
| US8892072B2 (en) | Mobile terminal and method of providing security thereto | |
| CN102693381B (en) | Method, device and system for anti-theft of portable computer equipment | |
| CN102694920B (en) | Mobile phone antitheft method | |
| EP2472926B1 (en) | Method and system for controlling an intelligent card remotely | |
| US20120149331A1 (en) | Method and system for remote control of smart card | |
| CN104376274A (en) | Mobile terminal payment interface protection method and device | |
| CN104539811A (en) | Anti-theft method of terminal and mobile terminal | |
| CN101459721A (en) | Method and device for anti-theft tracking of mobile phone | |
| US20150341485A1 (en) | Version protection method and apparatus for mobile terminal | |
| CN105530356A (en) | Mobile communication terminal and data protection method and apparatus thereof | |
| CN104820805B (en) | A kind of method and device of subscriber identification card information theft-preventing | |
| CN106161476A (en) | A kind of security protection method and system of data in mobile phone | |
| WO2016115760A1 (en) | Terminal system control method, device, and terminal | |
| CN110619241A (en) | Terminal protection method and device | |
| CN102316132A (en) | The network equipment login method and the network equipment | |
| CN104598831A (en) | Data security protection method and terminal | |
| CN110770728A (en) | Unmanned aerial vehicle control method, unmanned aerial vehicle and terminal for controlling unmanned aerial vehicle | |
| CN108347730B (en) | Wireless communication processing method and device | |
| CN102546169B (en) | For controlling by the method and system of the execution of the function of user authentication protection | |
| CN103781053A (en) | Method, device and correlated terminal for locking network and module of multi-module mobile terminal | |
| CN105809045A (en) | Method and device for processing equipment systems during data reset | |
| CN105787400A (en) | Safety protection method and system based on mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191227 |