CN100407867C - Security verification among multiple mobile telephone users - Google Patents
Security verification among multiple mobile telephone users Download PDFInfo
- Publication number
- CN100407867C CN100407867C CN2005100753007A CN200510075300A CN100407867C CN 100407867 C CN100407867 C CN 100407867C CN 2005100753007 A CN2005100753007 A CN 2005100753007A CN 200510075300 A CN200510075300 A CN 200510075300A CN 100407867 C CN100407867 C CN 100407867C
- Authority
- CN
- China
- Prior art keywords
- authentication
- mentioned
- password
- terminal
- base station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention discloses a security authentication method among multiple mobile telephone users, comprising steps: registering ESNs and phone numbers of a plurality of terminals in an HLR of an exchange connected to a base station, and at the same time, registering the ESNs and secret numbers in a door locking system; transmitting an opening message while inputting the secret numbers from one authentication request terminal among the plural registered terminals; the base station receiving the message, checking the authentication allowance terminal corresponding to a corresponding phone number and an ESN, and determining whether the authentication is permitted; if the authentication allowance terminal allows the authentication, the base station transmitting the opening message and the secret numbers, to the door locking system; the door lock system searching for a secret number registered corresponding to the ESN, and checking whether the searched secret number is the same as the transmitted secret number; if the two secret numbers are the same, the door locking system opens the door and allows a user to pass the door. The invention has high security reliability, better security, and having a very high security capable of preventing other peoples from embezzling the mobile telephone even if the mobile telephone is lost.
Description
Technical field
The present invention relates to the safety certifying method between a kind of multi-user who uses mobile phone.Particularly relate to and a kind ofly provide the safety guarantee of height, thereby make numerous users can use safety certifying method between the multi-user of use mobile phone safer, security certification system more easily by the mode that the intrinsic equipment number of mobile phone terminal is authenticated.
Background technology
As very understand, security certification system is the protection for discrepancy that limits the specific region or system, only allows the device for limiting of user's using system of access authentication.
For example, have in the public place of safety requirements, door lock (Door Lock) system that is used to manage external staff's discrepancy is installed in research institute, enterprise or government bodies etc.By this system when access door is come in and gone out, to confirm the personnel's that come in and go out identity, could come in and go out in order to ensure only being allowed to personnel, desirable way is to use the safety card that stores authentication key, for example with the smart card that is built-in with the storage chip that comprises user's information and safety certification License Info.
But this safety card is inconvenient to carry, and the danger of losing is also very high, and user's identity also will hyperphoric again new safety card when change, and is therefore also cumbersome.
Recently, along with the exploitation and the application of the simplicity and the plurality of kinds of contents of mobile phone, its performance not only improves greatly, uses this mobile phone that almost becomes necessity to replace the effort of safety card function also just competitively to begin.
For example, by using the communication mode of Bluetooth technology,, also can set up security certification system even without safety card.Have again, also can pass through to use the telephone number of mobile phone, or the password that is provided is set up security certification system.
But said method just realizes by the authentication to single terminal end, and in a certain lost terminal, or password reveals when causing mobile phone to usurp, and because of there not being corresponding countermeasure, existence always can't provide the shortcoming of high reliability.
Summary of the invention
Consider the variety of issue of aforesaid prior art, technical problem to be solved by this invention is to provide the safety certifying method between the multi-user who uses mobile phone, promptly set up dual safety guarantee by the authentication between intrinsic number, password and multi-user on the mobile phone, and guarantee the safety of door lock (Door Lock) system with this, thereby lose or password when revealing at mobile phone, the safety guarantee of height also can be arranged.
The present invention for achieving the above object, its technical characterictic is to provide the authentication method between the multi-user who uses mobile phone, it comprises following step: the ESN that a plurality of terminal had that can connect (Electronic Serial Number electronic serial number, ESN) is registered on the HLR (Home Location Register attaching position register) of the switch that is connected with the base station with telephone number, meanwhile with ESN and the identification number register registration step to door lock (Door Lock) system; When a certain authentication requesting terminal from registered terminals imported password, send the forwarding step of opening (Open) message; The base station receive to send open (Open) message in, confirm the authentication permission terminal corresponding, and inquiry inquiry step whether by authenticating with telephone number, the ESN of a certain authentication requesting terminal; If permit access authentication on the terminal from authentication, the base station together sends the forwarding step of opening (Open) message and password to door lock (Door Lock) system; Receive open (Open) message and password door lock (Door Lock) system for can be corresponding with corresponding ESN, by searching the password of registration, confirm whether consistent step; If the password unanimity is then opened the permission step that access door allows discrepancy.
Adopt the present invention to confirm whether open access door, therefore have very high confidence in security, by the dual safety guarantee of intrinsic number of mobile phone and password, make it safer simultaneously by the authentication between the multi-user.Even when mobile phone is lost, also can prevent other people usurping, therefore the invention provides to the high safety guarantee of mobile phone.
Description of drawings
Fig. 1 is based on authentication method implementation structure figure of the present invention.
Fig. 2 is based on the authentication method realization flow figure among the present invention.
Wherein, Reference numeral:
10: authentication requesting terminal 20: authentication permission terminal
30: base station 40: door lock (Door Lock) system
Embodiment
With reference to the accompanying drawings, the present invention will be described in more detail.
Fig. 1 is based on authentication method implementation structure figure of the present invention, and Fig. 2 is based on authentication method realization flow figure of the present invention.
On the mobile communication terminal of the present invention preferably is applied to have code division multiple access (CDMA:Code Division Multiple Access) communication mode.
Just as we all know, CDMA is a kind of of present mobile communication, and it is the communication mode that adopts the spread spectrum technology.
This communication mode can make a plurality of users share same frequency band, in order to distinguish the user, uses the intrinsic pseudo noise code (PN code) of telex network passage.Promptly a side who sends, be that the PN code of tens of times of voice data frequency bandwidths is taken and come the extending bandwidth signal in the voice data with clock frequency; Receiving a side, be multiplied by the PN code identical with sending signal, bandwidth will return to original bandwidth, carries out demodulation with this.
This CDMA mode is compared with time division multiple access (TDMA) mode or frequency division multiple access (FDMA) mode, on each bandwidth, can increase by 10~20 times subscriber channel, transmission frequency is owing to be wide bandwidth, has stronger frequency selective attenuation (Fading) based on multiple path signal, if do not use and send identical PN code, then can not carry out demodulation, therefore have the advantage that prevents harmony.
The present invention is by this CDMA mode, when between terminal and base station, communicating, by the switch that is connected with the base station, promptly, utilize the electronic serial number, ESN (ESN:Electronic SerialNumber) of mobile phone to design safety method based on multiple user authentications by attaching position register (HLR:Home Location Register) and mobile switching centre (MSC:Mobile Switching Center) handles the information on the terminal by base band (Base Band) principle.
For this reason, at least need 2 terminals, as shown in Figure 1, be equipped with 2 the required terminal (MO1 of authentication that realize between the multi-user among the figure, MO2), authentication authorization and accounting requesting terminal 10 and authentication permission terminal 20 also are equipped with and above-mentioned terminal 10, the base station 30 of 20 communications, and door lock (Door Lock) system 40 that carries out safe task by communicating by letter with above-mentioned base station 30.
At this moment, above-mentioned base station 30 is connected with switch, and using in a plurality of component parts of this switch has HLR and MSC.
Therefore, when if access door is opened in authentication requesting terminal 10 requests, after corresponding ESN and telephone number are confirmed by communicating by letter with HLR in base station 30, authentication etc. permission terminal 20 to be certified, if the authentication by communicate with door lock (Door Lock) system 40, behind the password of door lock (Door Lock) system 40 affirmations, access door can be opened by the telephone number of authentication.
Though only illustrated among the figure here 2 terminals to be not limited only to these quantity, permitted that according to above-mentioned authentication the registration number of terminal 20 can be a lot of terminals, and preferably can promptly realize the authentication between the multi-user by arbitrary terminal access authentication wherein.
For this reason, with reference to Fig. 2 implementation method of the present invention is described in detail below.
At first, for utilizing mobile phone to use the user of door lock (Door Lock) system 40, carry out the ESN of connectable terminal and the registration step S100 of subscriber directory number.
At this moment, ESN and telephone number are registered on the switch, and ESN also is registered to door lock (DoorLock) system 40 simultaneously, and registration has the password that is assigned on each ESN in particularly above-mentioned door lock (Door Lock) system 40.
Have, above-mentioned switch is provided with the telephone number (in the registered number) of the authentication usefulness corresponding with each ESN again, therefore when having a plurality of authentications to permit terminal 20, can determine its priority.
So, if when on the authentication of first priority bit permission terminal 20, not obtaining replying, can confirm whether access authentication permission from the authentication permission terminal of second priority bit, prevented thus can't access authentication problem.
Therefore, attachable multi-section terminal just can realize the authentication between the multi-user after registration.
That is, authentication requesting terminal 10 sends and opens (Open) message S110.
At this moment, the password of (Open) message and registration is opened in above-mentioned authentication requesting terminal 10 inputs and transmission.
(Open) message is opened in transmission, after base station 30 receives this message, at first confirm the ESN and the telephone number of authentication requesting terminal 10 by HLR, confirm to offer the registered terminals of above-mentioned authentication requesting terminal 10 authentication permissions simultaneously, authentication authorization and accounting permission terminal 20S120.
Then, after authentication permission terminal 20 had been confirmed, base station 30 sent to the request item that relevant terminal is opened (Open) message, and receives this answer signal S130.
In this step, if authentication permission terminal 20 does not authenticate permission, finish after the message of authentication requesting terminal 10 transmission authentification failures 30 of base stations; If authentication permission terminal 20 authenticate permission, (Open) message S140, S200, S150 are opened to 40 transmissions of door lock (Door Lock) system in 30 of base stations.
At this moment, when (Open) message was opened in above-mentioned base station 30 in transmission, the password of inputing during with the ESN of authentication requesting terminal 10 and authentication request together sent.
Door lock (Door Lock) system 40 opens in reception in (Open) message, and the relatively password and the registered password of authentication requesting terminal 10 inputs are confirmed whether consistent S160 of password.
By above-mentioned step S130, S140, authentication requesting terminal 10 has obtained authentication by authentication permission terminal 20, thus executed the once safety protection, also to carry out secondary safeguard protection for fear of usurping based on password.
If consistent by the password that S160 receives, door lock (Door Lock) system 40 will open corresponding access door, allow user's discrepancy S170, S180.
But if password is inconsistent, door lock (Door Lock) system 40 can ask base station 30 to send password once more again, and 30 of base stations that receive this message require authentication requesting terminal 10 to input password S300 once more.
So, use the user of authentication requesting terminal 10 to input password once more, after Shu Ru password sends to base station 30 once more, can directly send to door lock (Door Lock) system 40 and reaffirm whether consistent S310 of password, S320.
At this moment, for more reliable safety guarantee,, will send the message of authentification failure if mistake more than 3 times appears in the password input.
If Shu Ru password still is inconsistent once more, by repeated execution of steps S300, allow to input once more password, if Shu Ru password unanimity once more then turns back to S180, and opens corresponding access door, allow user's discrepancy.
By these steps, the user just can come in and go out by mobile phone and be equipped with the access door of door lock (Door Lock) system 40 safety measures.
As above-mentioned detailed description, the present invention confirms whether open access door by the authentication between the multi-user, therefore has very high confidence in security, by the dual safety guarantee of intrinsic number of mobile phone and password, makes it safer simultaneously.Even when mobile phone is lost, also can prevent other people usurping, therefore the invention provides to the high safety guarantee of mobile phone.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (5)
1. the safety certifying method between a multi-user who uses mobile phone is characterized in that, comprises following step:
The electronic serial number, ESN that a plurality of terminal had that can connect is registered on the attaching position register of the switch that is connected with the base station with telephone number, meanwhile with above-mentioned electronic serial number, ESN and the identification number register registration step to door-locking system;
When a certain authentication requesting terminal from registered terminals imported password, send the forwarding step of opening message;
Above-mentioned base station receive to send above-mentioned open message in, confirm the authentication permission terminal corresponding, and inquiry inquiry step whether by authenticating with telephone number, the electronic serial number, ESN of above-mentioned a certain authentication requesting terminal;
If permit access authentication on the terminal from above-mentioned authentication, above-mentioned base station together sends the forwarding step of opening message and password to above-mentioned door-locking system;
Receive the above-mentioned door-locking system of opening message and password for can be corresponding,, confirm whether consistent step by searching the password of registration with corresponding electronic serial number, ESN;
If the password unanimity is then opened the permission step that access door allows discrepancy.
2. the safety certifying method between the multi-user of use mobile phone according to claim 1, it is characterized in that, in the above-mentioned registration step, improve safe class by the authentication between a plurality of parties in the registered terminals, or for fear of the generation that causes the authentification failure situation because of refusal communication, terminal and the corresponding in order authentication success that guarantees of a plurality of terminals.
3. the safety certifying method between the multi-user of use mobile phone according to claim 1, it is characterized in that, in the inquiry step of above-mentioned authentication permission, when above-mentioned authentication permission terminal authenticate permission, the above-mentioned base station that receives this message sent to this step of end behind the above-mentioned authentication requesting terminal with the message of authentification failure.
4. the safety certifying method between the multi-user of use mobile phone according to claim 1, it is characterized in that, in the above-mentioned cryptogram validation process, if password is inconsistent, allow above-mentioned authentication requesting terminal to input password once more by above-mentioned base station, behind the password that receives input once more, reaffirm that whether password is consistent, determines whether to open access door afterwards.
5. the safety certifying method between the multi-user of use mobile phone according to claim 4 is characterized in that, allow to re-enter above-mentioned password after, if the step of confirming has surpassed 3 times, then send the message of authentification failure, and finish authenticating step.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR20040096186A KR100639373B1 (en) | 2004-11-23 | 2004-11-23 | Security authentication method among multi user using mobile phone |
| KR1020040096186 | 2004-11-23 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1780486A CN1780486A (en) | 2006-05-31 |
| CN100407867C true CN100407867C (en) | 2008-07-30 |
Family
ID=36770555
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2005100753007A Expired - Fee Related CN100407867C (en) | 2004-11-23 | 2005-06-10 | Security verification among multiple mobile telephone users |
Country Status (2)
| Country | Link |
|---|---|
| KR (1) | KR100639373B1 (en) |
| CN (1) | CN100407867C (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010003464A1 (en) | 2008-07-11 | 2010-01-14 | Infineon Technologies Ag | Mobile radio communication devices having a trusted processing environment and method for processing a computer program therein |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2001193324A (en) * | 2000-01-14 | 2001-07-17 | Denso Corp | Locking-unlocking control system and portable telephone device |
| CN1391777A (en) * | 1999-09-17 | 2003-01-15 | 诺基亚有限公司 | Control system comprising means for setting up short distance second data transmitting connection to wireless communication device in order to send identification message |
| WO2003015313A1 (en) * | 2001-08-07 | 2003-02-20 | Omron Corporation | Cellular telephone, control system for controlling device mounted on vehicle, cellular telephone control method, control method for controlling device mounted on vehicle, cellular telephone control program, control program for controlling device mounted on vehicle, and recording medium co |
-
2004
- 2004-11-23 KR KR20040096186A patent/KR100639373B1/en not_active IP Right Cessation
-
2005
- 2005-06-10 CN CN2005100753007A patent/CN100407867C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1391777A (en) * | 1999-09-17 | 2003-01-15 | 诺基亚有限公司 | Control system comprising means for setting up short distance second data transmitting connection to wireless communication device in order to send identification message |
| JP2001193324A (en) * | 2000-01-14 | 2001-07-17 | Denso Corp | Locking-unlocking control system and portable telephone device |
| WO2003015313A1 (en) * | 2001-08-07 | 2003-02-20 | Omron Corporation | Cellular telephone, control system for controlling device mounted on vehicle, cellular telephone control method, control method for controlling device mounted on vehicle, cellular telephone control program, control program for controlling device mounted on vehicle, and recording medium co |
Also Published As
| Publication number | Publication date |
|---|---|
| KR100639373B1 (en) | 2006-10-26 |
| CN1780486A (en) | 2006-05-31 |
| KR20060057122A (en) | 2006-05-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2141318C (en) | Method and apparatus for efficient real-time authentication and encryption in a communication system | |
| US8466773B2 (en) | Method of authorization | |
| FI101584B (en) | Check your mobile subscriber ID | |
| US6058301A (en) | Cellular fraud prevention using selective roaming | |
| EP1562394B1 (en) | Apparatus and method for setting use restriction of mobile communication terminal | |
| EP0708547B1 (en) | Cellular telephone as an authenticated transaction controller | |
| EP1787486B1 (en) | Bootstrapping authentication using distinguished random challenges | |
| JP3105806B2 (en) | Method for securing use of a terminal in a cellular radio communication system and corresponding terminal and user card | |
| US20030120920A1 (en) | Remote device authentication | |
| US8526912B2 (en) | Method and system for user authentication by means of a cellular mobile radio network | |
| US8320883B2 (en) | Method to dynamically authenticate and control mobile devices | |
| US9088565B2 (en) | Use of a public key key pair in the terminal for authentication and authorization of the telecommunication user with the network operator and business partners | |
| CN102150446A (en) | Authentication in a communication network | |
| CN102111766A (en) | Network accessing method, device and system | |
| CN103886661A (en) | Entrance guard management method and system | |
| CN106228654A (en) | A kind of method of user account binding smart lock | |
| CN100591155C (en) | Method for locking the mobile station device, mobile station device and network device | |
| CN100407867C (en) | Security verification among multiple mobile telephone users | |
| US8121580B2 (en) | Method of securing a mobile telephone identifier and corresponding mobile telephone | |
| EP1311136A1 (en) | Authentication in telecommunications networks | |
| CN107454557A (en) | A kind of router connection method and system | |
| EP1580936B1 (en) | Subscriber authentication | |
| KR100872391B1 (en) | Method of authorization | |
| CN102014384A (en) | Method for verifying WAPI (Wireless Authentication and Privacy Infrastructure) wireless network terminal identity by mobile phone network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080730 |