Summary of the invention
The invention provides a kind of portable terminal using method and mobile terminal system, the problem of the uncontrollable and inconvenient operation of the safety that causes when solving the shared portable terminal of user that exists in the prior art.
The present invention program comprises:
A kind of portable terminal using method, comprising: portable terminal is provided with user list, at described user list user and user identification code corresponding relation thereof is set, and stores the user name and password on subscriber card;
When the mobile subscriber uses this portable terminal, described portable terminal obtains the user identification code on the subscriber card, portable terminal mates according to user identification code that gets access to and the information in the user list, search first user of described user identification code correspondence, after matching first user, the user name and password information that use reads from subscriber card and the user name and password of described mobile terminal stores mate checking, if resulting result passes through for checking, then start user model for described first user; Otherwise, for described first user starts client's pattern.
Do not match first user, then enter step:
D, portable terminal are that first user starts client's pattern.
Described method if do not match first user, then enters step:
D1, add described first user profile to described user list,, and upgrade user identification code information in the user list for described first user creates user name.
In the described user list, a user name can corresponding a plurality of user identification code.
When the user name and password that described portable terminal use reads and the user name and password of described mobile terminal stores mate checking, if, then further comprise step by checking:
D12, create new the user name and password for described user.
Among the described step D12, also comprise new the user name and password is added in the subscriber card.
Described the user name and password information is kept in the subscriber card by cipher mode.
Described the user name and password is kept in the PIN2 zone of subscriber card.
When the user name and password that described portable terminal use reads and the user name and password of described mobile terminal stores mate checking, further comprise:
B11, be inserted into described portable terminal when subscriber card, portable terminal produces random number R 1, and described random number R 1 and authentication request are sent to subscriber card;
B12, subscriber card receive described random number R 1, and produce random number R 2;
B13, subscriber card carry out first computing with described random number R 1, R2 and first password, and described first operation result is sent to portable terminal with R2 in response;
B14, portable terminal carry out second computing according to the password of storing on described R1, R2 and the portable terminal, and make comparisons with first operation result, are that described user starts the use pattern according to comparative result.
Described the user name and password is stored in the tabulation of first in the subscriber card.
Also be provided with the terminal iidentification item in described first tabulation, identify different portable terminals, in described first tabulation different terminal iidentifications is set, and the user name and password that on the portable terminal that this terminal iidentification identified, uses.
If described terminal iidentification is not present in described first tabulation, then enter step:
C21, in first tabulation, create described terminal iidentification and corresponding the user name and password.
Described first list storage is in the zone of PIN2 sign indicating number protection.
A kind of mobile terminal system comprises terminal body and the subscriber card that is used with it,
Described subscriber card is provided with:
The first the user name and password memory cell is used to store the user name and password;
Described terminal body is provided with:
The user name and password memory cell is used to store the user name and password;
The user name and password reading unit is used to read the user name and password of storing on the subscriber card;
The user name and password authentication unit is used to the user name and password that uses described the user name and password reading unit to read, verifies with the user name and password that this terminal body is stored;
Client's pattern start unit, the result starts client's pattern for the user according to checking;
The user model start unit, the result starts user model for the user according to checking;
This is provided with first randomizer described portable terminal, is used to produce first random number;
Described subscriber card is provided with second randomizer, is used to produce second random number.
Described subscriber card is provided with first arithmetic element, carries out first computing according to first password of storing on first random number, second random number and the subscriber card, and produces first operation result;
Described terminal body is provided with second arithmetic element, carries out second computing according to second password of storing on first random number, second random number and the portable terminal, and produces second operation result;
Described terminal body is provided with comparing unit as a result, is used for comparison first operation result and second operation result.
The described first the user name and password memory cell is stored in the PIN2 protection zone of subscriber card.
Beneficial effect of the present invention is as follows:
The present invention controls its access rights on multi-user's portable terminal by checking user's identity, and the fail safe of protection information of mobile terminal prevents privacy of user and secret exposure, increases the trust of user to security of mobile terminal.
Embodiment
Below in conjunction with Figure of description the specific embodiment of the present invention is described.
This notion of interpreting user pattern at first.User model is meant that mainly the user enters normally service routine of portable terminal, but is bound to this user name for sensitive datas such as addressable phone directory, note, email, documents.Distinguish for the ease of each user, portable terminal needs the situation of a plurality of cards of user of management processing, guarantees that each card can effectively start this user account number.
Scheme one:
Generally, no matter be gsm system or cdma system, mobile phone users can obtain a subscriber card (as the SIM card of gsm system or the UIM card of cdma system) when " networking ", this card can insert in any portable terminal that meets GSM standard or CDMA standard.International mobile subscriber identification code (IMSI) is the user identification code that is stored in the subscriber card, is convenient to communication system the identity of mobile phone users is verified, each opens all corresponding unique IMSI of subscriber card.
This programme can be created a user list according to this uniqueness of IMSI at portable terminal, according to different IMSI, creates different users.To this user list, portable terminal is kept in the memory block by the mode of encrypting, and to guarantee enough fail safes, prevents the hacker or illegally reads.
Like this, when inserting different subscriber cards in portable terminal, portable terminal can read the IMSI on this card automatically, and according to tabulation, judges whether to exist this user.
As shown in Figure 1, be the schematic flow sheet of this scheme, as seen from the figure, mainly may further comprise the steps:
S11, portable terminal read the first subscriber card information, obtain first user identification code.
S12, portable terminal mate information in described first user identification code and the user list, search first user of the described first user identification code correspondence, after matching first user, enter step S13; Otherwise, progressive step S14.
S13, portable terminal are that first user starts user model.
S14, portable terminal are that first user starts client's pattern.
In step S12, if there is first user profile, then verify described first user's the user name and password, after described first user's the user name and password passes through checking, then portable terminal is enabled this user model, all information and the data that allow this first user of visit to store in portable terminal.If there is not this first user profile, portable terminal is enabled client's pattern, and IMSI number of this card joined in the predefined guest user name.
In this programme, if there is no this first user profile, portable terminal can also be created new user name, and upgrades the IMSI tabulation of respective user.Under this pattern, any sensitive information that first user stores on must not the unauthorized access portable terminal.
In the described user list of this programme, a user name can corresponding a plurality of user identification code.
Scheme two:
Existing subscriber card reproducer can often make things convenient for and go on business, often the people of the number of changing several phone card number compatibilities on a card like this.But this reproducer has brought hidden danger to user security again, because it can read and write international mobile subscriber identity (IMSI).In order to prevent to be replicated owing to IMSI number; and cause the phenomenon that subscriber data is stolen in the scheme one; in this programme; still with the sign of the user name and password as identifying user identity; just the user name and password is stored in the subscriber card by the mode of encrypting, in the zone as the protection of PIN2 sign indicating number.When inserting different subscriber cards like this, portable terminal reads the user name and password on the card automatically, and verifies that with the user name and password of the local storage of portable terminal after identity validation was errorless, portable terminal was enabled this user model.If do not have the user name and password in the subscriber card, portable terminal is enabled the guest user model, and this card is joined in some predefined user names, adds fashionablely, is protected by entering password; Perhaps create new user name, the corresponding password of initialization, and they are written in the subscriber card.
As shown in the figure, be the schematic flow sheet of this scheme, as seen from the figure, mainly may further comprise the steps:
S21, portable terminal read the user name and password information on the described subscriber card.
S22, portable terminal use described the user name and password to verify, after checking is passed through, enter step S23, otherwise enter step S24.
S23, portable terminal are that described user starts user model.
S24, portable terminal are that described user starts client's pattern.
In step S22, if, can also enter step not by checking:
For described user creates new the user name and password, new the user name and password is added in the subscriber card.
Scheme three:
On the basis of scheme two, in order to allow subscriber card can on different portable terminals, use different the user name and passwords, in subscriber card, can create a tabulation,, preserve its user name and password on different mobile terminal according to the unique identification such as the IMEI of portable terminal.Like this, when subscriber card is inserted into certain portable terminal, at first read the IMEI of this portable terminal, then according to the tabulation of storing in the subscriber card, the user name and password of this IMEI correspondence is returned to portable terminal,, thereby determine its access rights by the portable terminal identifying user identity.Subscriber card can be created by the zone of PIN2 sign indicating number protection and preserve this tabulation, and preserves the user name and password on the different mobile terminal.Portable terminal need be remembered the PIN2 sign indicating number of this card and encrypt properly and preserve, and like this, when inserting and creating this tabulation for the first time, need enter corresponding protection zone by input PIN2 sign indicating number.
As shown in Figure 3, be the schematic flow sheet of scheme three, as seen from the figure, mainly may further comprise the steps:
S31, subscriber card read terminal identifications of mobile terminals.
If the described terminal iidentification of S32 is present in the tabulation of storing in the subscriber card, then the user name and password with described terminal iidentification correspondence returns to portable terminal, otherwise enters step S36.
S33, portable terminal use described the user name and password to carry out login authentication, after checking is passed through, enter step S34, otherwise enter step S35.
S34, portable terminal are that described user starts user model.
S35, start client's pattern for described user.
Create described terminal iidentification and corresponding the user name and password in S36, the tabulation of in subscriber card, storing.
Scheme four:
In the process that prevents portable terminal user password in obtaining subscriber card, there is Virus to intercept, cause the leakage of user password, at scheme two and scheme three, adopt the mode of authentication, all produce a random number at portable terminal and subscriber card, mutual authentication by after enter corresponding user model.Its concrete steps are as follows:
S41, be inserted into described portable terminal when subscriber card, portable terminal produces random number R 1, and described random number R 1 and authentication request are sent to subscriber card.
S42, subscriber card receive described random number R 1, and produce random number R 2.
S43, subscriber card carry out the first computing Res with the pairing first password P1 of described random number R 1, R2 and this terminal iidentification
1(R1, R2 P1), and are sent to portable terminal with R2 with described first operation result to=f in response.
S44, portable terminal are according to described R1, R2, and the local second password P2 corresponding to this subscriber card that preserves of portable terminal, carry out the second computing Res
2(R1, R2 P2), obtain second operation result to=f.
S45, first operation result and second operation result being compared, is that described user starts the use pattern according to comparative result, if identical, then enters step S46, otherwise enters step S47.
S46, start user model for described user.
S47, start client's pattern for described user.
In the such scheme of the present invention, when same user had a plurality of subscriber card, it is as follows that the protection mechanism of multi-user's mobile terminal device is replenished: for scheme one, when setting up user list, user name can corresponding a plurality of IMSI numbers.No matter insert his which like this as certain user, portable terminal all can start this user model, all information and the data that allow this user of visit to store in portable terminal in when card; For scheme two, three, four,, with password identical getting final product is set at this mobile terminal user name with what store in all cards if require a plurality of subscriber cards of certain user can visit certain portable terminal.
After all subscriber cards of user are all lost, for guaranteeing that the user still can enter portable terminal, can increase user's handoff functionality, promptly under present mode, the user imports other legal users name and passwords to portable terminal, then can enter into corresponding user model.Its concrete measure is as follows: for scheme one, the user is inserted into portable terminal behind the subscriber card of having mended Zhang Xin.This moment is not owing to have new IMSI number in the user list, so the user enters is the guest pattern.But the user remembers his the user name and password, therefore he can start user's handoff functionality under the guest pattern, input its user name, password to portable terminal, thereby enter into this user model, and be written in the user list one mobile terminal accessing mode for IMSI number with neocaine so that directly carry into execution a plan next time.For scheme two, three, four, as long as identical in the user name and password of storing and the card of losing in the new subscriber card of mending, then can enter its user model, visit all information and data that it is stored in portable terminal.
As shown in Figure 5, be the structural representation of portable terminal of the present invention, as seen from the figure, this portable terminal mainly comprises terminal body, also comprises:
The user list memory cell is used for the store storage user list, is provided with user and user identification code corresponding relation thereof in the described user list;
The first user identification code reading unit is used to read first user identification code;
The first user identification code matching unit is used for mating described user list according to first user identification code, and is described user's distributing user pattern according to matching result.
Described portable terminal also comprises:
Client's pattern start unit is for the user starts client's pattern;
The user model start unit is for the user starts user model;
First user identification code matching unit output matching result is given client's pattern start unit or user model start unit, starts corresponding use pattern.
As shown in Figure 6, be the structural representation of mobile terminal system of the present invention, this system comprises terminal body and the subscriber card that is used with it.
The present invention is provided with the first the user name and password memory cell at subscriber card, is used to store first username and password.
Described portable terminal is provided with the second the user name and password memory cell, is used to store second the user name and password;
Described portable terminal also comprises:
The user name and password memory cell is used to store the user name and password;
The user name and password reading unit is used to read first the user name and password of subscriber card storage;
Client's pattern start unit is for the user starts client's pattern;
The user model start unit is for the user starts user model;
The user name and password authentication unit output checking is the result give client's pattern start unit or user model start unit, starts corresponding use pattern;
First randomizer is used to produce first random number;
Described subscriber card is provided with second randomizer, owing to produce second random number.
Described subscriber card can also be provided with first arithmetic element, carries out first computing according to first password of storing on first random number, second random number and the subscriber card, and produces first operation result;
Described portable terminal is provided with second arithmetic element, carries out second computing according to second password of storing on first random number, second random number and the portable terminal, and produces second operation result;
Described portable terminal is provided with comparing unit as a result, is used for comparison first operation result and second operation result.
Described the user name and password memory cell is stored in the PIN2 protection zone of subscriber card.
The present invention controls its access rights on multi-user's portable terminal by checking user's identity, and the fail safe of protection information of mobile terminal prevents privacy of user and secret exposure, increases the trust of user to security of mobile terminal.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.