CN100353787C - Security guarantee for memory data information of mobile terminal - Google Patents

Security guarantee for memory data information of mobile terminal Download PDF

Info

Publication number
CN100353787C
CN100353787C CNB2004100582140A CN200410058214A CN100353787C CN 100353787 C CN100353787 C CN 100353787C CN B2004100582140 A CNB2004100582140 A CN B2004100582140A CN 200410058214 A CN200410058214 A CN 200410058214A CN 100353787 C CN100353787 C CN 100353787C
Authority
CN
China
Prior art keywords
portable terminal
information
data information
authentication
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CNB2004100582140A
Other languages
Chinese (zh)
Other versions
CN1713756A (en
Inventor
王正伟
吴古政
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Device Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2004100582140A priority Critical patent/CN100353787C/en
Publication of CN1713756A publication Critical patent/CN1713756A/en
Application granted granted Critical
Publication of CN100353787C publication Critical patent/CN100353787C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention discloses a security guarantee method for data information stored in a mobile terminal. In the method, firstly, an encryption key and a corresponding decryption key are set in a mobile terminal, and an encryption algorithm and a corresponding decryption algorithm are set in the mobile terminal; after the mobile terminal receives data information input by a user, the mobile terminal encrypts the data information input by the user by the encryption key and the encryption algorithm, and then, the encrypted information cryptograph is stored in the mobile terminal; when the user hopes to view the data information stored in the mobile terminal, firstly, validity verification is carried out to the user identity of the mobile terminal; if the validity verification is passed, the information cryptograph is allowed to be decrypted by the decryption key and the decryption algorithm to obtain the plaintext of the data information, else, the information cryptograph is not allowed to be decrypted. Through the present invention, the situation that the data information stored in the mobile terminal is only provided for validated users to view can be guaranteed, so that the security of the data information can be ensured.

Description

A kind of method for protecting of data information of portable terminal stored
Technical field
The present invention relates to the information security technology of radio communication, be specifically related to a kind of method for protecting of data information of portable terminal stored.
Background technology
Along with using more and more widely such as portable terminals such as mobile phones, the information of preserving on portable terminal is also more and more rich and varied, convenience for example in order to call, the user preserves phone book information on the mobile phone of being everlasting, stored telephone number and other contact methods with user-dependent household, relatives, friend etc. in this telephone directory.Except telephone number information, also may store common short message (SMS) or multimedia short message (MMS) on the mobile phone, and, also may preserve user's picture shot or video having on the mobile phone of camera, also preserve some other data informations of user on the mobile phone with personal assistant function, the storage of these information has brought work and convenience in life to the user.Above these information of preserving in the portable terminal generally all are some privacy informations of user, and the user does not wish that generally these leakage of information are to other people.But these all information all are directly to be kept on the portable terminal at present, do not pass through any encryption measures.
And we know, the situation that present mobile phone is lost because of carelessness or stolen robbing can be found everywhere, in case other people has obtained user's mobile phone, for example telephone number, SMS, MMS, picture or video that can obtain easily storing in the mobile phone or the like information so.Because these information overwhelming majority is user's a privacy, in a single day these information are exposed, therefore the user may suffer massive losses and the spiritual huge injury on the material, so the user do not wish that these information are known by others, and particularly unfamiliar people knows.But, at present owing to, therefore the situation that the user impacts is still happened occasionally owing to the leakage of privacy of user without any encryption measures or safety precautions at the portable terminal internal information.This has not only brought negative influence to mobile terminal user, has also hindered the function development that need to obtain security assurance information in the portable terminal more.Therefore, how to ensure the fail safe of the information of portable terminal storage inside, become the previous problem that presses for solution of order.
Summary of the invention
In view of this, main purpose of the present invention provides a kind of method for protecting of data information of portable terminal stored, with the safety of effective guarantee portable terminal internal information, loss and spiritual injury on the material that the leakage of avoiding the portable terminal internal information causes to the user.
Above-mentioned purpose of the present invention is achieved by the following technical solutions:
A kind of method for protecting of data information of portable terminal stored is provided for the mobile terminal user identity is carried out the Authentication devices of legitimate verification, and comprises the steps: at least
A., the decruption key of an encryption key and a correspondence is set in portable terminal, and the decipherment algorithm of a cryptographic algorithm and a correspondence is set;
B. behind the data information that receives user's input, by encryption key and cryptographic algorithm data information is encrypted, the information ciphertext after will encrypting then is stored in the portable terminal;
C. before the decryption information ciphertext, portable terminal carries out legitimate verification according to described authentication information to the mobile terminal user identity to described Authentication devices request authentication information; If by legitimate verification, allow the information ciphertext to be decrypted obtaining the plaintext of data information by decruption key and decipherment algorithm, otherwise process ends.
Said method may further include preserves one corresponding to the authentication secret of this portable terminal and the corresponding relation between the information of mobile terminal in described Authentication devices, and in this portable terminal, preserve described authentication secret, portable terminal carries out legitimate verification according to described authentication information to the mobile terminal user identity and comprises to described Authentication devices request authentication information among the step c:
Portable terminal sends a checking request message that is used for obtaining the authentication secret that Authentication devices preserves to Authentication devices, and described request message comprises information of mobile terminal;
Authentication devices obtains the authentication secret corresponding to this portable terminal of preservation according to information of mobile terminal, and described authentication secret is returned to portable terminal;
Portable terminal judges whether the authentication secret that is received from Authentication devices is consistent with the authentication secret of self preserving.
Perhaps, portable terminal described in the step c carries out legitimate verification according to described authentication information to the mobile terminal user identity and comprises to described Authentication devices request authentication information:
Portable terminal sends a checking request message that is used for obtaining the authentication secret that Authentication devices preserves to Authentication devices, and described request message comprises information of mobile terminal and a random number;
Authentication devices obtains the authentication secret corresponding to this portable terminal of preservation according to information of mobile terminal, and authentication secret of obtaining and the random number that obtains are calculated, and result of calculation is sent to portable terminal;
Portable terminal carries out identical or corresponding calculating to the random number that self generates with the authentication secret of self preserving, and obtains a result of calculation;
Portable terminal is judged whether identical or satisfied predetermined corresponding relation of result of calculation that the result of calculation be received from Authentication devices obtains with self.
Above-mentioned Authentication devices can be an attaching position register, can be AUC, also can be equipment identity register.
Above-mentioned Authentication devices can also be an electron key, and this method further was included in a radio receiving transmitting module was set respectively in portable terminal and the electron key this moment, and portable terminal is set up radio communication with electron key by this radio receiving transmitting module and is connected; Perhaps this method further is included in a data order wire interface is set respectively in portable terminal and the electron key, and portable terminal and electron key are set up wired communicating to connect by the data telecommunication line that is connected between described two interfaces.
Above-mentioned Authentication devices can also be a subscriber card, further comprised before the portable terminal return information at Authentication devices this moment: the legitimacy of checking subscriber card self, if the verification passes, then carry out step to the portable terminal return information, otherwise, directly process ends is perhaps returned failure information, a process ends then.Here the legitimacy of verifying subscriber card self comprises:
Subscriber card produces a random number, sends to the network side relevant device then;
The network side relevant device calculates according to the business cipher key of random number and oneself preservation, obtains a result of calculation, then this result of calculation is returned to subscriber card;
Subscriber card carries out corresponding calculated according to random number and the own business cipher key of preserving, and obtains a result of calculation, and whether the result that oneself calculates of comparison is consistent with result of calculation from the network side relevant device.
Above-mentioned business cipher key is preferably the root key of subscriber card, just AK or AKEY information.
The information of mobile terminal here is such as the User Recognition card information of the portable terminal inside of international mobile subscriber identification (IMSI) information or such as the mobile terminal features information of international mobile device identification (IMEI) information.Under latter event, this ten thousand method further comprise Authentication devices receive one stop the portable terminal Service Notification after, deletion is corresponding to the authentication secret of this portable terminal and the corresponding relation between the information of mobile terminal or the locking accessing operation to described corresponding relation.
Under the situation of using Authentication devices judgement user identity legitimacy, may further include the step that an access control password is set in portable terminal, before step c, further comprise and judge whether portable terminal can be connected to network, if can be connected to network, direct execution in step c, otherwise carry out following step:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, determine by the access control password that the access control password and the portable terminal of relatively user's input are preserved in advance whether the user imports correct, if it is correct, permission is decrypted obtaining the plaintext of data information the information ciphertext by described decruption key and decipherment algorithm, otherwise process ends.
In addition, portable terminal is receiving after from mobile communications network one stops Service Notification, no thoroughfare described decruption key and decipherment algorithm is decrypted obtaining the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.If mobile communications network learns when notice is not moved terminal and receives that mobile communications network is preserved notice and also send this notice after portable terminal is landed network again.
Also an access control password can be set in portable terminal in addition, and further comprise portable terminal receive the expression this short message be one be used to forbid being decrypted and carrying the order short message of access control password after, judge whether described access control password is identical with the access control password of oneself preserving, if, no thoroughfare, and described decruption key and decipherment algorithm are decrypted to obtain the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory, otherwise do not carry out any processing.
At portable terminal after disconnecting the scheduled time with being connected of network, portable terminal no thoroughfare described decruption key and decipherment algorithm are decrypted obtaining the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory; Portable terminal allows by described decruption key and decipherment algorithm the information ciphertext to be decrypted obtaining the plaintext of data information after landing network again, and release is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.
In this case, this method further is included in an access control password is set in the portable terminal, further comprises before or after no thoroughfare described decruption key and decipherment algorithm is decrypted with the plaintext that obtains data information to the information ciphertext:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, determine by the access control password that the access control password and the portable terminal of relatively user's input are preserved in advance whether the user imports correct, if it is correct, permission is decrypted obtaining the plaintext of data information the information ciphertext by described decruption key and decipherment algorithm, otherwise the described decruption key of carrying out that no thoroughfare and decipherment algorithm are decrypted with the plaintext that obtains data information or the direct step of turning-off mobile terminal the information ciphertext.
Except coming the identifying user identity by Authentication devices, can verify by the access control password, further be included in the step that an access control password is set in the portable terminal this moment, among the step c mobile terminal user identity carried out legitimate verification and comprise:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, relatively whether the access control password preserved in advance of the access control password of user's input and portable terminal is identical.
Step c carries out after mobile terminal-opening among the present invention, or carries out after portable terminal is connected to network, or carries out after the user reads the instruction of the data information that is stored in portable terminal receiving.
Preferably, encryption key and decruption key are kept at an integrated circuit (IC) chip that is arranged in portable terminal that is provided with separately.Cryptographic algorithm and decipherment algorithm are also realized by this IC chip, are perhaps realized by the portable terminal program.
From technical scheme of the present invention as can be seen, the present invention at first is provided with the decruption key of an encryption key and a correspondence in portable terminal, and the decipherment algorithm of a cryptographic algorithm and a correspondence is set; Behind the data information that receives user's input, by encryption key and cryptographic algorithm data information is encrypted then, the information ciphertext after will encrypting then is stored in the portable terminal.When the user need check the data information of portable terminal inside, at first need user's identity is carried out legitimate verification, and only use decruption key and decipherment algorithm that the information ciphertext is decrypted to user by legitimate verification, obtain the plaintext of data information, then be not decrypted for the user by legitimate verification not, this user also just can not see the data information of portable terminal storage inside like this.
As can be seen, the present invention can guarantee effectively that by the checking to user validation legal users just can see portable terminal inside information information, improved the fail safe of the data information of portable terminal storage inside effectively, loss and spiritual injury on the material that the leakage of greatly having avoided the portable terminal internal information causes to the user.And the present invention is provided with the step of key and algorithm, and it is all very simple to carry out the step of user validation checking, can not bring any inconvenience to the user, also can not reduce system effectiveness.
Description of drawings
Fig. 1 is an overview flow chart of the present invention.
Fig. 2 is the flow chart of the first embodiment of the present invention.
Fig. 3 is the flow chart of the second embodiment of the present invention.
Fig. 4 is the flow chart of the third embodiment of the present invention.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
The present invention is by being provided with an encryption key and corresponding decruption key in portable terminal, and a cryptographic algorithm and corresponding decipherment algorithm be set, before preserving, carry out computations for all data informations that are kept at portable terminal inside and obtain the information ciphertext, the data information of preserving is to preserve with the form of ciphertext, before reading data information, at first user identity is verified then, if the verification passes, the information ciphertext is carried out corresponding deciphering to be calculated, obtain information expressly, thereby allow the user can as at present, check data information easily, if checking is not passed through, then not to user's information of giving information, thereby strengthened the fail safe of portable terminal inside information information.
Fig. 1 is an overview flow chart of the present invention.As shown in Figure 1, the present invention comprises the steps: at least
In step 101, in portable terminal, set in advance the decruption key of an encryption key and a correspondence, and cryptographic algorithm and corresponding decipherment algorithm are set in portable terminal.
In step 105, portable terminal is when storing such as data informations such as telephone number, SMS, MMS, picture or videos, use the encryption key and the cryptographic algorithm of preserving in advance that this data information is encrypted, obtain the information ciphertext, accordingly the information ciphertext is kept at portable terminal then, for example telephone number is kept at the telephone directory storage area, and SMS and MMS are kept at short message storage area or the like.
In step 110, portable terminal is before the data information ciphertext that deciphering is preserved, and portable terminal is verified the legitimacy of user identity.
In step 115, portable terminal judges whether the checking result shows that user identity is legal.If user identity is legal, execution in step 120 just allows to use decruption key and decipherment algorithm that the data information ciphertext is decrypted, and checks or the like so that obtain the plaintext of data information and data information is expressly offered the user.If user identity is illegal, process ends does not just allow the data information ciphertext is decrypted, certainly plaintext that yet just can be after the user does not provide deciphering.
In the present invention, key and algorithm can be preserved by the program of portable terminal, but preferably, encryption key and decruption key are preserved by an IC chip that is arranged on portable terminal inside separately.This is can provide the fail safe of higher level to the data that are stored in wherein because of the IC chip as hardware, thereby improves the safe effect that the present invention can realize.Using an independent IC chip to come storage encryption key and decruption key, for example use mobile terminal user identification card safe practice etc., is a common practise to those skilled in the art, therefore repeats no more here.
Under encryption key and the decruption key situation that independent IC chip is preserved by, cryptographic algorithm and decipherment algorithm can realize that still carrying out computations this moment or deciphering calculating is that the portable terminal program is obtained corresponding encryption key or decruption key from the IC chip by the portable terminal program.Cryptographic algorithm and decipherment algorithm can be realized in this IC chip too, are appreciated that such fail safe will be higher but preferably.In this case, all computations and deciphering calculating also can be carried out in this IC chip.
In order further to improve execution efficient of the present invention, in step 110 can be to carry out proof procedure after portable terminal is connected to network immediately, can in advance all data information deciphering be obtained expressly like this, mobile phone users is directly checked when checking and is got final product, and can not influence user's the efficient of checking.Certainly, also can be that the user is decrypted the data information of user's appointment when wishing to check some physical resource information and shows.
In the first embodiment of the present invention, verification operation is to send a checking request to Authentication devices, and Authentication devices sends checking request response message to portable terminal then, and portable terminal is carried out the checking of user identity legitimacy and handled.Specifically, first embodiment comprises following steps as shown in Figure 2.
In step 200, an authentication secret that is used for the identifying user identity legitimacy is set in portable terminal, and an Authentication devices is set separately, and in this Authentication devices, preserve corresponding to the authentication secret of this portable terminal with corresponding to the corresponding relation between user's the user profile.The user profile here can be the card number of Subscriber Identity Module, just IMSI information.In the middle of the reality, authentication secret can be an encryption key, also can be decruption key, also can be an independent key.
In step 201, on the IC chip that portable terminal is provided with separately, preserve authentication secret, encryption key, decruption key, and realize cryptographic algorithm and decipherment algorithm by this IC chip.
In step 205, portable terminal is when data on file information, call cryptographic algorithm by the IC chip, utilize the encryption key of preserving that data information is encrypted, to be kept at corresponding position through encrypting the data information ciphertext that obtains then, for example a telephone number record ciphertext will be kept at the telephone directory storage area.
In step 210, before the data information of portable terminal in deciphering is stored in self, portable terminal sends a checking request message to Authentication devices, the authentication secret of requests verification device storage just, this checking request message carries the user profile of mobile phone users, for example Subscriber Identity Module card number of user or the like.
In step 211, Authentication devices is after the checking request that receives from portable terminal, according to user profile definite authentication secret corresponding to this portable terminal from the corresponding relation that step 200 is set up of mobile phone users.
In step 212, Authentication devices sends to determined authentication secret the IC chip of this portable terminal as authentication response information.
In step 215, whether the authentication secret that the IC chip relatively is received from Authentication devices is consistent with the authentication secret of oneself preserving, if, allow to use decruption key and decipherment algorithm that the data information ciphertext is decrypted in step 220, check so that obtain the plaintext of data information and data information is expressly offered the user.If it is incorrect to be received from the authentication secret of Authentication devices, directly process ends does not just allow to be decrypted, certainly plaintext that yet just can be after the user does not provide deciphering.
An expression can be set in portable terminal in this embodiment in advance whether allow the sign that is decrypted, if judge two authentication secret unanimities in step 215, the value that this sign is set in step 220 allows to use decruption key and decipherment algorithm that the data information ciphertext is decrypted for expression allows to be decrypted in this way.If judge that in step 215 two authentication secrets are inconsistent, the value that this sign then is set forbids being decrypted for expression, thereby does not allow to be decrypted.After being provided with the value of sign, when needs were decrypted the data information ciphertext, portable terminal can at first read the value of this sign, if the value representation of this sign allows to be decrypted, then is decrypted; Otherwise be not decrypted.
In this embodiment, because cryptographic algorithm and decipherment algorithm all realized by the IC chip, therefore by IC chip execution in step 205 and 215.Be appreciated that if cryptographic algorithm and decipherment algorithm have the portable terminal program to realize, then come execution in step 205 and 215 by the portable terminal program.
Certainly, after the step 212,, can judge directly that then checking do not pass through if the IC chip does not receive the response message that Authentication devices returns in the given time.
In this embodiment, Authentication devices directly sends authentication secret to portable terminal, authentication secret is easy to reveal in the process of this transmission, therefore, in order to improve the fail safe of authentication secret, in step 210, portable terminal can carry a random number that oneself produces simultaneously when sending the checking request message to Authentication devices; In step 212, Authentication devices does not directly send to this portable terminal with determined authentication secret as authentication response information, but utilize this authentication secret and the random number that is received from portable terminal to calculate a result of calculation, this result of calculation is sent to this portable terminal as authentication response information; In step 215, portable terminal is not whether the authentication secret that relatively is received from Authentication devices is consistent with the authentication secret of oneself preserving, but utilize random number that oneself produces and the authentication secret of oneself preserving to carry out corresponding calculated, obtain a result of calculation, whether portable terminal mates with the result of calculation that oneself calculates by the authentication response information that relatively is received from Authentication devices is judged user validation.Here the corresponding calculating that portable terminal carried out can be identical with the calculating that Authentication devices is carried out or be had a corresponding relation, and whether two result of calculations of portable terminal comparison mate just relatively whether identical or satisfied predetermined corresponding relation of two result of calculations like this.
In first embodiment, preserve in the Authentication devices corresponding to the authentication secret of this portable terminal with corresponding to the corresponding relation between user's the user profile, like this, after if the portable terminal that has subscriber card of validated user is lost, validated user only needs informing network operator to stop the subscriber card of oneself, the people who obtains this portable terminal like this can not carry out any operation to portable terminal because using original subscriber card, also just can not decipher the data information that is kept in the portable terminal certainly.If obtaining the people of this portable terminal changes a subscriber card and inserts this portable terminal; do not preserve the corresponding relation of the user profile and the authentication secret of this subscriber card so in the Authentication devices; portable terminal just can not obtain correct authentication response information from Authentication devices like this; thereby in the step of checking user validation, will determine that the user is an illegal user; so can be not expressly to the information after this user provides deciphering, thus realized that the present invention protects the purpose of portable terminal inside information information.
In first embodiment, also can preserve in the Authentication devices corresponding to the authentication secret of this portable terminal with corresponding to the corresponding relation between the mobile terminal features information of portable terminal, like this, in step 210, portable terminal will carry the mobile terminal features information of portable terminal in the checking request message that Authentication devices sends; Correspondingly, in step 211, Authentication devices is after the checking request that receives from portable terminal, according to mobile terminal features information definite authentication secret corresponding to this portable terminal from the corresponding relation that step 200 is set up of portable terminal.The mobile terminal features information here for example can be the IMEI information of portable terminal.
In Authentication devices, preserve corresponding to the authentication secret of this portable terminal with corresponding under the corresponding relation situation between the mobile terminal features information of portable terminal, validated user is after losing portable terminal, the portable terminal of reporting system operator oneself is lost, and mobile terminal features information is provided.System operator can be deleted the corresponding relation of this portable terminal and authentication secret in Authentication devices, also can the mark that this portable terminal of expression has been lost be set to it, the refusal portable terminal obtains the relevant authorization information of authentication secret of this portable terminal.When the disabled user who obtains this portable terminal like this wishes to use this portable terminal to check data information, will can not carry out corresponding operating owing to can not get correct authentication response information, thereby guarantee the fail safe of the data information of portable terminal storage inside.
Certainly, the authentication secret here also can be a simple access control password, because the access control password should be convenient to people's memory and input, therefore often be restricted to 4 characters or 6 characters, be to be restricted to 4 numerals or 6 numerals more frequently.
In first embodiment, need to be undertaken the inspection of user identity legitimacy, under actual conditions, also can whether correctly carry out the inspection of user identity legitimacy by the access control password of checking user input by Authentication devices.The present invention proposes second embodiment as shown in Figure 3 for this reason.
In step 301, on the IC chip that portable terminal is provided with separately, preserve access control password, encryption key, decruption key, and realize cryptographic algorithm and decipherment algorithm by this IC chip.
In step 305, portable terminal is when data on file information, call cryptographic algorithm by the IC chip, utilize the encryption key of preserving that data information is encrypted, to be kept at corresponding position through encrypting the data information ciphertext that obtains then, for example a telephone number record ciphertext will be kept at the telephone directory storage area.
In step 310, before the data information of portable terminal in deciphering is stored in self, portable terminal sends the prompting message of input reference control password to the user by output unit.The prompting here can be by display screen or by modes such as sound.
In step 311, portable terminal sends this access control password to the IC chip behind the access control password that receives user's input.
In step 315, whether the access control password of IC chip comparison user input is consistent with the access control password of oneself preserving, if, allow to use decruption key and decipherment algorithm that the data information ciphertext is decrypted in step 320, check so that obtain the plaintext of data information and data information is expressly offered the user; Otherwise directly process ends does not just allow to be decrypted, certainly plaintext that yet just can be after the user does not provide deciphering.
Under actual conditions, might occur that the user wishes to check the data information of portable terminal inside and portable terminal can not be connected to the situation of network, for example the user is positioned at the mountain area that movable signal can not cover, in order not influence the normal use of validated user, the present invention has proposed the 3rd embodiment as shown in Figure 4 in conjunction with the convenience of first embodiment and the reliability of second embodiment.
In step 400, an Authentication devices is set, and in this Authentication devices, preserves corresponding to the authentication secret of this portable terminal with corresponding to the corresponding relation between user's the user profile.Certainly, the authentication secret here can be an encryption key, can be decruption key, can be the access control password, also can be an independent key.
In step 401, on the IC chip that portable terminal is provided with separately, preserve encryption key, decruption key, authentication secret, access control password, and realize cryptographic algorithm and decipherment algorithm by this IC chip.
In step 405, portable terminal calls cryptographic algorithm by the IC chip when data on file information, utilizes the encryption key of preserving that data information is encrypted, and will be kept at corresponding position through encrypting the data information ciphertext that obtains then.
In step 410, before the data information of portable terminal in deciphering is stored in portable terminal, whether portable terminal is judged can be connected to mobile communications network this moment, if, send a checking request message in step 411 to Authentication devices, just ask the authorization information corresponding to the authentication secret of Authentication devices preservation, this checking request message carries the user profile of mobile phone users, for example card number of Subscriber Identity Module or the like also carries a random number simultaneously; Otherwise execution in step 450 and subsequent step thereof.
In step 412, Authentication devices is after the checking request message that receives from portable terminal, according to user profile definite authentication secret corresponding to this portable terminal from the corresponding relation that step 400 is set up of mobile phone users.
In step 413, Authentication devices uses authentication secret that obtains and the random number that is received from portable terminal to calculate, and obtains a result of calculation, and result of calculation is sent to portable terminal as authentication response information.
In step 414, portable terminal carries out corresponding calculated to authentication secret of self preserving and the random number that self generates after receiving result of calculation, obtain a result of calculation.
In step 415, portable terminal relatively is received from the result of calculation of Authentication devices and whether the result of calculation that oneself calculates mates, if, allow to use decruption key and decipherment algorithm that the data information ciphertext is decrypted in step 420, check so that obtain the plaintext of data information and data information is expressly offered the user.If it is incorrect to be received from the result of calculation of Authentication devices, directly process ends does not just allow to be decrypted, certainly plaintext that yet just can be after the user does not provide deciphering.
In step 450, portable terminal is by I/O unit prompting user input reference control password.
In step 455, portable terminal judges whether the access control password that access control password that the user imports and portable terminal preserve in advance is identical after obtaining the access control password of user input.If identical, execution in step 420 just allows to use decruption key and decipherment algorithm that the data information ciphertext is decrypted, and checks so that obtain the plaintext of data information and data information is expressly offered the user; Otherwise directly process ends does not just allow deciphering, certainly plaintext that yet just can be after the user does not provide deciphering.The judgement of the access control password correctness of respective user input is here carried out at the IC chip internal.
Certainly can understand, in the 3rd embodiment, also can not use random number but directly send authentication secret.
In the 3rd embodiment, when being connected to network, portable terminal judges the legitimacy of user identity by Authentication devices, when portable terminal can not be connected to network, judge the legitimacy of user identity, so this embodiment have convenience and reliability simultaneously by the access control password of user's input.
In the first and the 3rd embodiment,, the portable terminal connection do not pass through if, then can directly judging checking less than Authentication devices.If portable terminal does not receive the corresponding response message of Authentication devices in the setting-up time after request message is verified in one of Authentication devices transmission, then portable terminal repeats to send a checking request message to Authentication devices, or direct judgement checking is not passed through.After portable terminal judges that checking is obstructed, also can directly not forbid deciphering, but further execution in step 350 and subsequent step thereof just provide a chance of obtaining data information by input reference control password to the user to data information.
In the above-described embodiments, if user's portable terminal is lost, the user can require to stop the subscriber card business to system operator, this moment, system operator can stop Service Notification to one of portable terminal transmission by mobile communications network, after receiving this notice, portable terminal can be closed decipher function, promptly forbids the operation of the data information that decrypting mobile terminal is preserved, and lock the plaintext that is kept at the data information of having deciphered in the portable terminal internal memory, perhaps portable terminal directly shuts down.Even the disabled user had checked subscriber data before validated user requires to stop the subscriber card business like this, can prevent also that by plaintext that locks the data information of having deciphered or the mode of directly shutting down the disabled user from further checking, thereby the loss of validated user is reduced to minimum.Similar with first embodiment, the sign whether an expression checking is passed through also can be set in portable terminal here in advance, close the value that decipher function just should indicate and be set to represent to forbid being decrypted.
The short message order of closing decipher function can also be set, by sending a short message of closing decipher function and portable terminal is carried out close decipher function to losing portable terminal.Distinguishing this short message with a special sign in this short message is an order short message of closing decipher function, and after described special identifier, deposits authentication password information, and generally speaking, this authentication password should adopt the access control password.Like this, after stolen terminal receives this short message, according to described special identifier judge this short message be close the order of decipher function after, send the authentication secret of carrying to the IC chip, the IC chip judges whether the authentication password that short message carries is correct, if correct, then directly carry out and closes the decipher function operation, otherwise, do not do any processing.Like this, after the user loses portable terminal, can send an order short message of closing decipher function to lost mobile terminal rapidly, so that can in time close the decipher function that this loses portable terminal, then report lost property to the authorities to operator again, so that carry out the decipher function of closing lost mobile terminal once more from network side by operator, thereby, by dual secured fashion, guarantee the fail safe of subscriber data to greatest extent.
In addition, if portable terminal is connected with network after the disconnection, for example portable terminal enters the zone that a signal does not cover, the user is after system operator requires to stop the subscriber card business, portable terminal possibly can't receive network side by the stop Service Notification of mobile communications network to the portable terminal transmission, can detect automatically by portable terminal this moment and whether disconnect with being connected of network, and detect disconnect and through a scheduled time after, portable terminal is closed decipher function, locking simultaneously is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory, and the people who prevents to have this portable terminal continues to check the data information of portable terminal.If at this moment the user need check the data information of portable terminal inside, portable terminal will be pointed out user's input reference control password, only after the access control password is correct, just open decipher function, and allow mobile phone users to check data information, and after the time of a setting, continuing to close decipher function, locking simultaneously is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.Even like this portable terminal and network be connected disconnection, can prevent effectively that also the disabled user from continuing to check the data information of portable terminal storage inside, further improved fail safe of the present invention.
What need explanation once more is, the situation that portable terminal is opened decipher function has two kinds, a kind of is to drive portable terminal and open decipher function by obtain authentication response information from network as first embodiment, and another kind is to input corresponding access control password by the user from terminal as second embodiment to drive portable terminal and open decipher function.For the previous case, portable terminal enter a signal can't the overlay area after, the short time should be set just carry out and close decipher function, locking simultaneously is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.And for latter event, portable terminal enter a signal can't the overlay area after, the relatively long time should be set just carries out and closes decipher function or the like operation, can not make portable terminal requirement user input reference control password continually like this, thereby can not make troubles to the user.
The present invention also further comprises, network side judge to portable terminal send stop Service Notification and do not arrive portable terminal the time, for example do not receive the response message that stops Service Notification that receives that portable terminal returns, then preserve this notice; After portable terminal re-executes the operation of connection and logging in network, for example portable terminal enters one after can't the overlay area when signal coverage areas is arranged again entering a signal, network is after judging that portable terminal reconnects to network, if finding to have stops Service Notification accordingly and do not notify this portable terminal, attempt again that then this is stopped Service Notification and send to this portable terminal.For portable terminal, reconnecting network and after the time through a setting, automatically open decipher function, and release is kept at the data information of having deciphered in the internal memory, and receiving when stopping Service Notification, close decipher function, locking simultaneously is kept at the operation of the plaintext of the data information of having deciphered in the portable terminal internal memory.
In the present invention, in order to simplify the design of IC chip, preserve the situation of encryption key, decruption key, authentication secret or access control password for using the IC chip, cryptographic algorithm and decipherment algorithm can not realized in the IC chip yet, but realize by the portable terminal program, like this, the mobile terminal user identity is being carried out legitimate verification when passing through, encryption key and decryption key information that the IC chip allows visit to preserve, otherwise, if during not by checking, encryption key and decryption key information that disable access is preserved.Like this, owing to the encryption and decryption key is kept in the IC chip, and enciphering and deciphering algorithm is to be realized by the portable terminal program, like this, when the portable terminal program obtains the encryption and decryption key of IC chip-stored, can carry out corresponding encryption and decryption operation.Correspondingly, when the portable terminal program can not get the encryption and decryption key of IC chip-stored, just can't carry out corresponding encryption and decryption operation.
In the present invention, Authentication devices can be to have increased attaching position register (HLR) or AUC (AC) or the equipment identity register (EIR) of supporting portable terminal authentication function of the present invention.
Authentication devices also can be an electron key, in this case, a radio receiving transmitting module is set respectively in portable terminal and electron key, and portable terminal and electron key are set up radio communication by this radio receiving transmitting module.Perhaps, a data order wire interface is set respectively in portable terminal and electron key, when needs authenticate portable terminal, use a single data order wire to connect two interfaces, portable terminal and electron key are set up wired communicating to connect by this data telecommunication line.
Authentication devices also can be the subscriber card of portable terminal inside, for example SIM card in the GSM network or the UIM card in the cdma network.In this case, subscriber card further comprised the legitimacy of verifying subscriber card self before the legitimacy of checking mobile terminal user identity, if the verification passes, then authentication secret or result of calculation are returned to portable terminal, otherwise, do not return authentication secret or result of calculation, perhaps return a failure information and give portable terminal.
Above-mentioned subscriber card is verified specifically self legitimacy and is comprised: set in advance a business cipher key in subscriber card, and this business cipher key is kept in the network side relevant device, for example in AUC or the electron key, when subscriber card is verified self legitimacy, at first produce a random number, send to the network side relevant device then; The network side relevant device calculates according to the business cipher key of random number and oneself preservation, obtains a result of calculation, then this result of calculation is returned to subscriber card; Subscriber card also carries out corresponding calculated according to random number and the own business cipher key of preserving, and obtains a result of calculation, and whether the result that oneself calculates of comparison is consistent with result of calculation from described network side relevant device, if it is consistent, authentication success then, otherwise, authentification failure.The business cipher key here can directly be the root key in the subscriber card, specifically, for the SIM card of GSM, is exactly AK; For the UIM card of CDMA, be exactly AKEY.
The data information of the portable terminal stored of mentioning among the present invention comprises the data information of portable terminal storage itself, also comprises the data information of storing on the subscriber card in the portable terminal.
Therefore be appreciated that the above only is preferred embodiment of the present invention, or not within the spirit and principles in the present invention not all in order to restriction the present invention, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (22)

1. the method for protecting of the data information of a portable terminal stored is characterized in that, is provided for the mobile terminal user identity is carried out the Authentication devices of legitimate verification, and this method comprises the steps: at least
A., the decruption key of an encryption key and a correspondence is set in portable terminal, and the decipherment algorithm of a cryptographic algorithm and a correspondence is set;
B. behind the data information that receives user's input, by described encryption key and cryptographic algorithm described data information is encrypted, the information ciphertext after will encrypting then is stored in the portable terminal;
C. before the decryption information ciphertext, portable terminal carries out legitimate verification according to described authentication information to the mobile terminal user identity to described Authentication devices request authentication information; If by legitimate verification, allow the information ciphertext to be decrypted obtaining the plaintext of data information by described decruption key and decipherment algorithm, otherwise process ends.
2. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, this method further is included in preserves one corresponding to the authentication secret of this portable terminal and the corresponding relation between the information of mobile terminal in the described Authentication devices, and in this portable terminal, preserve described authentication secret, the described portable terminal of step c carries out legitimate verification according to described authentication information to the mobile terminal user identity and comprises to described Authentication devices request authentication information:
Portable terminal sends a checking request message that is used for obtaining the authentication secret that Authentication devices preserves to Authentication devices, and described request message comprises information of mobile terminal;
Authentication devices obtains the authentication secret corresponding to this portable terminal of preservation according to information of mobile terminal, and described authentication secret is returned to portable terminal;
Portable terminal judges whether the authentication secret that is received from Authentication devices is consistent with the authentication secret of self preserving.
3. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, this method further is included in preserves one corresponding to the authentication secret of this portable terminal and the corresponding relation between the information of mobile terminal in the described Authentication devices, and in this portable terminal, preserve described authentication secret, the described portable terminal of step c carries out legitimate verification according to described authentication information to the mobile terminal user identity and comprises to described Authentication devices request authentication information:
Portable terminal sends a checking request message that is used for obtaining the authentication secret that Authentication devices preserves to Authentication devices, and described request message comprises information of mobile terminal and a random number;
Authentication devices obtains the authentication secret corresponding to this portable terminal of preservation according to information of mobile terminal, and authentication secret of obtaining and the random number that obtains are calculated, and result of calculation is sent to portable terminal;
Portable terminal carries out identical or corresponding calculating to the random number that self generates with the authentication secret of self preserving, and obtains a result of calculation;
Portable terminal is judged whether identical or satisfied predetermined corresponding relation of result of calculation that the result of calculation be received from Authentication devices obtains with self.
4. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that described information of mobile terminal is the User Recognition card information of portable terminal inside.
5. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that described information of mobile terminal is a mobile terminal features information.
6. the method for protecting of the data information of portable terminal stored according to claim 5, it is characterized in that, further comprise Authentication devices receive one stop the portable terminal Service Notification after, deletion is corresponding to the authentication secret of this portable terminal and the corresponding relation between the information of mobile terminal or the locking accessing operation to described corresponding relation.
7. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that, further be included in the step that an access control password is set in the portable terminal, before step c, further comprise and judge whether portable terminal can be connected to network, if can be connected to network, direct execution in step c, otherwise carry out following step:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, determine by the access control password that the access control password and the portable terminal of relatively user's input are preserved in advance whether the user imports correct, if it is correct, permission is decrypted obtaining the plaintext of data information the information ciphertext by described decruption key and decipherment algorithm, otherwise process ends.
8. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that described Authentication devices is a kind of among attaching position register HLR, the AC of AUC and the equipment identity register EIR.
9. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that, described Authentication devices is an electron key, this method further is included in a radio receiving transmitting module is set respectively in portable terminal and the electron key, and portable terminal is set up radio communication with electron key by this radio receiving transmitting module and is connected.
10. according to the method for protecting of the data information of claim 2 or 3 described portable terminal stored, it is characterized in that, described Authentication devices is an electron key, this method further is included in a data order wire interface is set respectively in portable terminal and the electron key, and portable terminal and electron key are set up wired communicating to connect by the data telecommunication line that is connected between described two interfaces.
11. method for protecting according to the data information of claim 2 or 3 described portable terminal stored, it is characterized in that, described Authentication devices is a subscriber card, further comprised before the portable terminal return information at Authentication devices: the legitimacy of checking subscriber card self, if the verification passes, then carry out step to the portable terminal return information, otherwise, directly process ends is perhaps returned failure information, a process ends then.
12. the method for protecting of the data information of portable terminal stored according to claim 11 is characterized in that, further is included in to preserve a business cipher key in subscriber card and the network side relevant device, the legitimacy of described checking subscriber card self comprises:
Subscriber card produces a random number, sends to the network side relevant device then;
The network side relevant device calculates according to the business cipher key of random number and oneself preservation, obtains a result of calculation, then this result of calculation is returned to subscriber card;
Subscriber card carries out corresponding calculated according to random number and the own business cipher key of preserving, and obtains a result of calculation, and whether the result that oneself calculates of comparison is consistent with result of calculation from the network side relevant device.
13. the method for protecting of the data information of portable terminal stored according to claim 12 is characterized in that, described business cipher key is the root key of subscriber card.
14. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, comprise that further portable terminal is receiving after from mobile communications network one stops Service Notification, no thoroughfare described decruption key and decipherment algorithm is decrypted obtaining the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.
15. the method for protecting of the data information of portable terminal stored according to claim 14, it is characterized in that, mobile communications network further comprises after stopping Service Notification sending one to portable terminal: when judging described notice and be not moved terminal and receive, mobile communications network is preserved described notice and the described notice of transmission after portable terminal lands network again.
16. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, this method further is included in an access control password is set in the portable terminal, and further comprise portable terminal receive the expression this short message be one be used to forbid being decrypted and carrying the order short message of access control password after, judge whether described access control password is identical with the access control password of oneself preserving, if, no thoroughfare, and described decruption key and decipherment algorithm are decrypted to obtain the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory, otherwise do not carry out any processing.
17. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, comprise that further portable terminal is after disconnecting the scheduled time with being connected of network, no thoroughfare described decruption key and decipherment algorithm is decrypted obtaining the plaintext of data information the information ciphertext, and locking is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory; Portable terminal allows by described decruption key and decipherment algorithm the information ciphertext to be decrypted obtaining the plaintext of data information after landing network again, and release is kept at the plaintext of the data information of having deciphered in the portable terminal internal memory.
18. method for protecting according to the data information of claim 1 or 17 described portable terminal stored, it is characterized in that, this method further is included in an access control password is set in the portable terminal, further comprises before or after no thoroughfare described decruption key and decipherment algorithm is decrypted with the plaintext that obtains data information to the information ciphertext:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, determine by the access control password that the access control password and the portable terminal of relatively user's input are preserved in advance whether the user imports correct, if it is correct, permission is decrypted obtaining the plaintext of data information the information ciphertext by described decruption key and decipherment algorithm, otherwise the described decruption key of carrying out that no thoroughfare and decipherment algorithm are decrypted with the plaintext that obtains data information or the direct step of turning-off mobile terminal the information ciphertext.
19. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, further be included in the step that an access control password is set in the portable terminal, step c is described to carry out legitimate verification to the mobile terminal user identity and comprises:
Portable terminal prompting user input reference control password, and behind the access control password that receives user's input, relatively whether the access control password preserved in advance of the access control password of user's input and portable terminal is identical.
20. the method for protecting of the data information of portable terminal stored according to claim 1, it is characterized in that, described step c carries out after mobile terminal-opening, or after portable terminal is connected to network, carry out, or after reading the instruction of the data information that is stored in portable terminal, the user carries out receiving.
21. the method for protecting of the data information of portable terminal stored according to claim 1 is characterized in that, described encryption key and decruption key are kept at an integrated circuit (IC) chip that is arranged in portable terminal that is provided with separately.
22. the method for protecting of the data information of portable terminal stored according to claim 1 is characterized in that, described cryptographic algorithm and decipherment algorithm are realized by an IC chip that is positioned at portable terminal that is provided with separately, are perhaps realized by the portable terminal program.
CNB2004100582140A 2004-06-23 2004-08-17 Security guarantee for memory data information of mobile terminal Active CN100353787C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004100582140A CN100353787C (en) 2004-06-23 2004-08-17 Security guarantee for memory data information of mobile terminal

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN200410049696 2004-06-23
CN200410049696.3 2004-06-23
CNB2004100582140A CN100353787C (en) 2004-06-23 2004-08-17 Security guarantee for memory data information of mobile terminal

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN2007101943116A Division CN101262669B (en) 2004-06-23 2004-08-17 A secure guarantee method for information stored in a mobile terminal

Publications (2)

Publication Number Publication Date
CN1713756A CN1713756A (en) 2005-12-28
CN100353787C true CN100353787C (en) 2007-12-05

Family

ID=35719144

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100582140A Active CN100353787C (en) 2004-06-23 2004-08-17 Security guarantee for memory data information of mobile terminal

Country Status (1)

Country Link
CN (1) CN100353787C (en)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101083524A (en) * 2007-06-14 2007-12-05 腾讯科技(深圳)有限公司 Method and system for encrypting and deciphering E-mail
CN101799789B (en) * 2009-02-05 2012-07-25 新唐科技股份有限公司 Chip, memory data protecting device thereof and memory data protecting method thereof
CN101674575B (en) * 2009-09-17 2012-07-04 中兴通讯股份有限公司 Method for protecting security of mobile communication terminal data and device thereof
CN101815292B (en) * 2010-04-22 2014-04-30 中兴通讯股份有限公司 Device and method for protecting data of mobile terminal
US8874935B2 (en) 2011-08-30 2014-10-28 Microsoft Corporation Sector map-based rapid data encryption policy compliance
CN102750497B (en) 2012-07-20 2014-04-16 腾讯科技(深圳)有限公司 Method and device for deciphering private information
CN103853672A (en) * 2012-11-30 2014-06-11 上海中移通信技术工程有限公司 Mobile secure storage equipment with multiple data protection functions
CN104144412B (en) * 2013-05-09 2018-05-11 腾讯科技(北京)有限公司 Information manager and approaches to IM
US20140344570A1 (en) * 2013-05-20 2014-11-20 Microsoft Corporation Data Protection For Organizations On Computing Devices
CN104239809A (en) * 2013-06-17 2014-12-24 中兴通讯股份有限公司 File protecting method, file protecting device, file decryption method, file decryption device and terminal
US10615967B2 (en) 2014-03-20 2020-04-07 Microsoft Technology Licensing, Llc Rapid data protection for storage devices
CN103985042A (en) * 2014-06-04 2014-08-13 孙国华 Digital information encryption and decryption method based on NFC mobile phone and IC card
US9825945B2 (en) 2014-09-09 2017-11-21 Microsoft Technology Licensing, Llc Preserving data protection with policy
CN105391677A (en) * 2014-09-09 2016-03-09 宇龙计算机通信科技(深圳)有限公司 Information transmission method and mobile terminal
US9853812B2 (en) 2014-09-17 2017-12-26 Microsoft Technology Licensing, Llc Secure key management for roaming protected content
US9900295B2 (en) 2014-11-05 2018-02-20 Microsoft Technology Licensing, Llc Roaming content wipe actions across devices
CN104834867B (en) * 2015-04-01 2019-01-18 惠州Tcl移动通信有限公司 The method and system of electronic equipment privacy protection are realized based on bluetooth
CN106274805B (en) * 2015-05-29 2019-04-19 比亚迪股份有限公司 Automotive electronic key and its method, automobile controller and its method and system
US9853820B2 (en) 2015-06-30 2017-12-26 Microsoft Technology Licensing, Llc Intelligent deletion of revoked data
US9900325B2 (en) 2015-10-09 2018-02-20 Microsoft Technology Licensing, Llc Passive encryption of organization data
TWI673667B (en) * 2017-01-25 2019-10-01 楊建綱 Built-in smart security mobile device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999008230A2 (en) * 1997-08-08 1999-02-18 Infineon Technologies Ag Method for verifying the authenticity of a data medium
CN1211776A (en) * 1996-02-29 1999-03-24 冲电气工业株式会社 Communication system and communication method
WO2002067256A1 (en) * 2001-02-20 2002-08-29 Sony Computer Entertainment Inc. Computer program copy management system
CN1543234A (en) * 2003-11-05 2004-11-03 大唐微电子技术有限公司 Short message security method and SIM card for implementing short message security

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1211776A (en) * 1996-02-29 1999-03-24 冲电气工业株式会社 Communication system and communication method
WO1999008230A2 (en) * 1997-08-08 1999-02-18 Infineon Technologies Ag Method for verifying the authenticity of a data medium
WO2002067256A1 (en) * 2001-02-20 2002-08-29 Sony Computer Entertainment Inc. Computer program copy management system
CN1543234A (en) * 2003-11-05 2004-11-03 大唐微电子技术有限公司 Short message security method and SIM card for implementing short message security

Also Published As

Publication number Publication date
CN1713756A (en) 2005-12-28

Similar Documents

Publication Publication Date Title
CN100353787C (en) Security guarantee for memory data information of mobile terminal
CN105354507B (en) A kind of data safety time slot scrambling under cloud environment
Niemi et al. UMTS security
US11882442B2 (en) Handset identifier verification
US8423768B2 (en) Method for controlling the location information for authentication of a mobile station
JP4263384B2 (en) Improved method for authentication of user subscription identification module
CN101583124B (en) Authentication method and system of subscriber identity module and terminal
US9807065B2 (en) Wireless device and computer readable medium for storing a message in a wireless device
CN105847305A (en) Safe processing and accessing method of cloud resource
CN101262669B (en) A secure guarantee method for information stored in a mobile terminal
CN108418691A (en) Dynamic network identity identifying method based on SGX
CN105956496A (en) Security and secrecy method for sharing storage files
CN1879445B (en) Authentication of a wireless communication using expiration marker
US7913096B2 (en) Method and system for the cipher key controlled exploitation of data resources, related network and computer program products
CN109272609A (en) A kind of CPU safety door inhibition control method and system
KR101281099B1 (en) An Authentication method for preventing damages from lost and stolen smart phones
CN104955029A (en) Address book protection method, address book protection device and communication system
CN107835172A (en) Billing information verification method and system, server and computer-readable recording medium
US8121580B2 (en) Method of securing a mobile telephone identifier and corresponding mobile telephone
CN102170638A (en) Air loss reporting method and equipment
US9648495B2 (en) Method and device for transmitting a verification request to an identification module
CN104901967A (en) Registration method for trusted device
CN108270601B (en) Mobile terminal, alarm information acquisition method and device and alarm information sending method and device
JP2004206258A (en) Multiple authentication system, computer program, and multiple authentication method
CN108737087A (en) The guard method of Email Accounts password and computer readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: SHENZHEN HUAWEI TECHNOLOGY CO.

Free format text: FORMER OWNER: HUAWEI TECHNOLOGY CO., LTD.

Effective date: 20081010

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20081010

Address after: Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong

Patentee after: Shenzhen Huawei Communication Technology Co., Ltd.

Address before: Bantian HUAWEI headquarters office building, Longgang District, Shenzhen, Guangdong

Patentee before: Huawei Technologies Co., Ltd.

C56 Change in the name or address of the patentee

Owner name: HUAWEI DEVICE CO., LTD.

Free format text: FORMER NAME: SHENZHEN HUAWEI TECHNOLOGY CO.

CP01 Change in the name or title of a patent holder

Address after: 518129 Longgang District, Guangdong, Bantian HUAWEI base B District, building 2, building No.

Patentee after: Huawei Device Co., Ltd.

Address before: 518129 Longgang District, Guangdong, Bantian HUAWEI base B District, building 2, building No.

Patentee before: Shenzhen Huawei Communication Technology Co., Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20171031

Address after: Metro Songshan Lake high tech Industrial Development Zone, Guangdong Province, Dongguan City Road 523808 No. 2 South Factory (1) project B2 -5 production workshop

Patentee after: HUAWEI terminal (Dongguan) Co., Ltd.

Address before: 518129 Longgang District, Guangdong, Bantian HUAWEI base B District, building 2, building No.

Patentee before: Huawei Device Co., Ltd.

CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province

Patentee after: Huawei Device Co., Ltd.

Address before: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province

Patentee before: HUAWEI terminal (Dongguan) Co., Ltd.