CN101051938A - Realizing method for protecting mobile network resource - Google Patents

Realizing method for protecting mobile network resource Download PDF

Info

Publication number
CN101051938A
CN101051938A CNA2006100806009A CN200610080600A CN101051938A CN 101051938 A CN101051938 A CN 101051938A CN A2006100806009 A CNA2006100806009 A CN A2006100806009A CN 200610080600 A CN200610080600 A CN 200610080600A CN 101051938 A CN101051938 A CN 101051938A
Authority
CN
China
Prior art keywords
forbidding
information
services
portable terminal
mobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2006100806009A
Other languages
Chinese (zh)
Other versions
CN100574214C (en
Inventor
单长虹
黄迎新
曹淑华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2006100806009A priority Critical patent/CN100574214C/en
Publication of CN101051938A publication Critical patent/CN101051938A/en
Application granted granted Critical
Publication of CN100574214C publication Critical patent/CN100574214C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention includes following contents: determining information of prohibited operations for mobile terminal; saving device information of mobile terminal, user information, and corresponding information of prohibited operations; then, in mobile network, restricting operations in services carried out in mobile terminals based on the saved information of prohibited operations. Thus, the invention restricts malicious or unintentional users to cause threat on network effectively, and plays good protection effect on mobile network so as to implement purpose of saving and protecting network resources.

Description

The implementation method of protection mobile network resource
Technical field
The present invention relates to network communications technology field, relate in particular to a kind of implementation method of protecting mobile network resource.
Background technology
Along with 3-G (Generation Three mobile communication system) constantly develops, the data service of mobile communication also is widely used, and meanwhile, maintain secrecy and the professional security problems of using of data more and more attract much attention, and influence also increasing.Mobile data services relate to whole mobile communication system such as mobile communication terminal, Radio Resource, therefore, at mobile data services provide the corresponding protection measure comparatively the difficulty, this be because:
At first, based on the finiteness of mobile communication terminal for disposal abilities such as data and vocational works.Mobile communication terminal can not have very strong ability of data processing as computer, in real time terminal is detected and kills virus, and comes the stability of the fail safe and the work of maintenance system.
Secondly; Radio Resource in the mobile network system is very limited, and at present to the demand of Radio Resource very strong again, so effectively protect at limited Radio Resource; and Radio Resource is not wasted, also become the previous problem that presses for solution of order.
The 3rd, above-mentioned problem is the problem of network based on characteristics existence own, does not also comprise to come the outer safety problem of automatic network.Internet worm technical development at present is very rapid, and kind is numerous and diverse, and the influence of generation is not only to cable network, and present mobile network has been runed generation harm to a certain degree, and with the trend of its development, the degree of its harm will be increasing.Therefore, aspect operator, increased the weight of work such as plant maintenance, operating cost of operator is increased,, then brought the inconvenience of many uses for the user.If mobile network's virus can not be solved timely and effectively, not only had a strong impact on the efficient of operator, also might make the user no longer trust the mobile network.
In addition, also have some users to utilize mobile communication terminal, malice is invaded and harassed network or other normal users, even to the destruction of whole system.These users' behavior has also proposed new test to present mobile network's fail safe.
For these reasons, present solution is the fail safe that guarantees the mobile network by some function of limiting terminal, and existing technical scheme is as follows:
This scheme is by add a network entity IMEI (international mobile equipment identification number) database in the mobile network, and, specifically comprise in the fail safe that the storage of this lane database exists the IMEI that threatens and the pairing forbidding service list of IMSI to guarantee the mobile network:
When IS (recognition system) detects the terminal of an existence threat, HPLMN (Home Public Land Mobile Network network) deposits the forbidding service list of this terminal IMEI and IMSI in the IMEI database in, by OTA server (aerial Download Server) the forbidding service list is sent to portable terminal, forbid that portable terminal uses the service function in the tabulation.
For example, when (U) SIM ((general) user identification module) was inserted into a new ME (mobile device) situation, its concrete process was as described below:
At first, this ME and (U) the SIM corresponding relation will be stored among the HLR (Home Location Register) by ADD (increase) function that in 3GPP 22.101, defines.
Then, HLR sends query requests to the IMEI database, comprises IMEI in this request, searches the corresponding forbidding service list with IMEI in the IMEI database.
If there is corresponding forbidding service list, then OTA server sends the forbidding service list to ME, and this travelling carriage is just forbidden the initiation of some business according to the forbidding service list that receives.
If there is not this forbidding service list in the IMEI database, then OTA serve sends one and enables the ME that tabulates fully, does not promptly limit the business that this ME initiates.
From above-mentioned process prescription as can be seen, above-mentioned implementation still comes with some shortcomings to the processing of the problems referred to above, and is specific as follows described:
At first, this scheme just limits the condition that equipment uses, and the condition of user's (being SIM card) not being used limits.If when having user's malice to use different equipment that network is invaded and harassed, this user still can use the mobile network, and same operable alternate manner, send to the mobile network such as insert Virus in the equipment the inside, waste the resource of network, for this situation, such scheme just can not well guarantee the safety of network.
Secondly, because ME equipment is even without inserting (U) SIM card, ME equipment still can be initiated emergence call service, and in the existing technical scheme when ME shuts down, the forbidding service list among the ME can be lost automatically, no longer stores this forbidding service list.Therefore, disabled service meeting is opened automatically once more and is had influence on the fail safe of system among the ME, and for example, there is the threat of malice emergency call business in terminal, and the behavior may be that the virus of mobile phone the inside causes, also might be that the user deliberately dials.
Therefore, existing technology can't be taked the corresponding protection measure to the user mode of complex network situation and terminal, has brought bigger hidden danger for the safety of network operation.
Summary of the invention
The purpose of this invention is to provide a kind of implementation method of protecting the mobile network resource; by terminal and user are carried out service management simultaneously; with the protection mobile network resource; thereby can guarantee the safety of network and the reasonable use of mobile resources to the user of malice or because the business function of the terminal of contamination attacking network limits.
The objective of the invention is to be achieved through the following technical solutions:
The invention provides a kind of implementation method of protecting mobile network resource, comprising:
A, determine forbidding business information, and preserve the forbidding information on services of the facility information of this portable terminal and user profile and corresponding expression forbidding business information at portable terminal;
B, in the mobile network, according to the forbidding information on services of preserving, the business of carrying out of portable terminal is limited operation.
Described forbidding information on services is preserved in the tabulation mode, and described tabulation comprises:
With international mobile subscriber identity IMSI or IMPI is the forbidding service list of index and what be used in combination with international mobile subscriber identity is the forbidding service list of index with international mobile equipment identification number IMEI.
Described forbidding information on services is kept in the equipment and user identification module of portable terminal, also is stored in the mobile station data storehouse of network side.
In described mobile station data storehouse, the forbidding service list of international mobile subscriber identity is related with the forbidding service list of at least one international mobile equipment identification number.
Described forbidding service list directly is stored in the equipment of portable terminal, and perhaps, the management object by Open Mobile Alliance is stored in the equipment of portable terminal.
Described method also comprises:
At network side safety is set and generates the tabulation strategy, and generate the forbidding service list that the tabulation strategy generates corresponding international mobile subscriber identity according to the forbidding service list and the described safety of the international mobile equipment identification number related with international mobile subscriber identity.
In the described steps A, determine to comprise at the forbidding business information of portable terminal:
When detection system detects business that portable terminal carries out network is constituted a threat to, determine that then this business is the forbidding business of portable terminal;
And/or,
Network side preestablishes the business of forbidding that portable terminal is carried out, and should business as the forbidding business information of portable terminal.
Described steps A comprises:
When A1, detection system detect portable terminal and have threaten network security, transmission carries the forbidding service request of the information on services of mobile terminal user identifying information and forbidding, after the mobile station data storehouse of network side receives this request, to the device identifying information of the customer identification information corresponding mobile terminal of Home Location Register enquiry mobile terminal;
A2, mobile station data library inquiry generate or upgrade the forbidding information on services of mobile terminal user identifying information and device identifying information correspondence according to the information on services of the forbidding in the request behind the device identifying information of described portable terminal;
A3, mobile station data storehouse initiate forbidding information on services with described mobile terminal user identifying information and device identifying information correspondence and are updated to processing in the portable terminal, and finish this processing.
In described steps A 1, comprising:
Detection system will be forbidden information on services by the management interface of Home Public Land Mobile Network network and send to the mobile station data storehouse, perhaps, when detection system is arranged in the visit public land mobile network, then will forbids information on services and send to the mobile station data storehouse automatically by mail or fax mode.
Described steps A 2 comprises:
A21, on the mobile station data storehouse, upgrade according to the forbidding information on services of at least one device identifying information correspondence of the mobile terminal user identifying information association of preserving forbidding information on services this customer identification information correspondence;
And/or,
A22, on the mobile station data storehouse, upgrade according to the forbidding information on services of the forbidding business information of storing in the network entity this customer identification information correspondence
Described steps A 21 comprises:
When the mobile station data storehouse judges whether the information on services of the forbidding in the request is present in the forbidding information on services of device identifying information correspondence of this customer identification information association, if exist, then the information on services with the forbidding in this request adds in the forbidding information on services of this customer identification information correspondence, otherwise, do not upgrade the forbidding information on services of this customer identification information correspondence.
Network entity in the described steps A 22 comprises:
Attaching position register HLR, home subscriber server HSS, VLR Visitor Location Register VLR and/or Serving GPRS Support Node SGSN.
Described steps A 3 comprises:
The request of forbidding service list is initiated to upgrade to aerial Download Server in A31, mobile station data storehouse, and aerial Download Server receives request, and the forbidding information on services in will asking is updated in the portable terminal;
Perhaps,
A32, according to the forbidding information on services in the mobile station data storehouse management object in the portable terminal initiate is upgraded the request of forbidding information on services by open mobile alliance device management server; After management object in the portable terminal receives solicited message, upgrade and store described forbidding information on services.
Described steps A 31 comprises:
Aerial Download Server initiates to upgrade the request of forbidding service list to mobile terminal user; After mobile terminal user receives solicited message, store this forbidding information on services, and send the equipment of update request, after described equipment is received request, read and preserve this forbidding information on services to portable terminal.
Described steps A comprises:
After aerial Download Server receives the request of sending in the mobile station data storehouse, in real time or the forbidding information on services in the corresponding portable terminal of regular update;
Perhaps,
When the forbidding information on services of open mobile alliance device management server in the mobile station data storehouse changes or regularly the forbidding information on services in the management object in the portable terminal is upgraded according to the forbidding information on services in the mobile station data storehouse.
Described method also comprises:
Service restriction sign position is set in portable terminal, and described service restriction sign position is used for identifying in real time portable terminal and whether has available forbidding information on services.
Described method also comprises:
C, behind mobile terminal-opening, check the service restriction sign position in the portable terminal, when in determining portable terminal, not preserving available forbidding information on services, forbid that then portable terminal initiates professional.
Described step C also comprises:
The equipment of portable terminal sends the message that information on services is forbidden in request from the trend network side, and request is obtained corresponding forbidding information on services from network side.
The equipment of described portable terminal sends the message of request forbidding information on services for the mode of the message of user transparent by automatic transmission.
Also comprise among the present invention,, then return the forbidding service list of a sky if certain terminal use does not exist forbidding professional.
Described forbidding information on services is the union generation according to the disabled list of the disabled list of the international mobile subscriber identity in the MS database and international mobile equipment identification number.
Described method also comprises:
Behind the definite forbidding information on services of network side, send a notification message to portable terminal at portable terminal, the disabled information on services of notice portable terminal, and comprise disabled cause information alternatively.
Described method also comprises:
The equipment of portable terminal when confirm no longer to initiate to network constitute a threat to professional the time, then consult the disabled service of unlatching with network side automatically.
Described method also comprises:
At network side the security control subscriber policy is set, open the terminal use that same service surpasses pre-determined number for continuous request, then this user is set to malicious user, and will forever limit or transfer to higher network management center to the business that threatens to network and handle.
As seen from the above technical solution provided by the invention; the present invention can effectively solve the deficiency of prior art to network security protection; not only can handle to exist and threaten mobile device; but also can threaten the mobile network to take appropriate measures at the user; for example; when certain user uses (U) SIM card repeatedly to threaten network safe; then this user will be under an embargo; and; when its replacing uses other mobile device still to utilize this (U) SIM card to initiate to threaten business; also will be banned use of by system, promptly so long as the business of threaten network security all can not initiate, thereby effectively protected Internet resources.
Simultaneously, among the present invention, if system disables the business of terminal, the information that can send in time notifies the user to forbid this professional concrete reason, to improve the satisfaction of network operation.
In addition, the present invention can also utilize the forbidding service list in the terminal directly to finish restriction at some service functions in terminal, thus conserve network resources.
Description of drawings
Fig. 1 is for detecting and forbid some function treatment flow chart of portable terminal;
Fig. 2 is inserted into a process chart behind the new ME for (U) SIM;
Fig. 3 is that IMEI concerns schematic diagram with the forbidding service list;
Fig. 4 is the installation drawing of DMA management MO;
Fig. 5 is a forbidding service processing flow chart of taking OMA DM management MO mode.
Embodiment
Core concept of the present invention is to terminal and user, and when wherein any one was menace to network, system limited this menace's business, protects the method for mobile network resource.
Be specially: the present invention utilizes the MS database to replace IMEI database of the prior art, in the MS database, not only store the forbidding service list of an IMEI and an IMEI correspondence, but also the corresponding forbidding service list of a storage IMSI (or IMPI) (international mobile subscriber identity) and an IMSI (or IMPI), the forbidding service list of IMSI (or IMPI) for example generates according to the forbidding service list of IMEI, can safety be set at network side and generate the tabulation strategy, generating with IMSI (or IMPI) is in the forbidding service list process of index, just can generate the forbidding service list that the tabulation strategy generates IMSI (or IMPI) according to the disabled list of the IMEI related with it and the safety of described setting.By can the business that portable terminal is initiated being limited well, to realize the purpose of protecting network resource according to the MS database.
For example; when the user of a threat is inserted into (U) SIM among the ME who does not have a threat; some function of the new terminal of forming of this (U) SIM and ME will still be restricted; because the forbidding service list that this IMSI (or IMPI) is corresponding in the MS database has been sent to this terminal with the threat user profile of its correspondence and has forbidden some service of this user, so just network is played a very good protection.If this user is not a malicious user, can dial customer service call or send note and open these the disabled services of this terminal to Customer Service Center, but when network based this user's behavioural characteristic is judged this user when the malicious user, service centre will be sent to more senior network management center with this user's unlatching request and behavioural characteristic and handle.
In addition, among the present invention, behind terminal closedown, the forbidding service list that is kept in the equipment is still effective.If the emergency call function of this equipment uses the back and is restricted owing to malice, after user's start, even do not insert (U) SIM card, because be kept at also continuously effective of forbidding service list in the equipment, so the urgent call that still can't initiate malice of this equipment.
The present invention can also realize some function among the ODB (subscriber's meter is under an embargo) by forbidding service list in the MS database, with conserve network resources in the specific implementation process.In this case, initiation business for the user, Virtual network operator and service provider need not to judge whether that this business is restricted in network entity, as long as this business is joined the forbidding service list, just can finish this function automatically in terminal, not need to finish by the server of network side.
In order further understanding to be arranged, be described in detail below in conjunction with the specific implementation of accompanying drawing to the method for the invention to the present invention.
The present invention includes two kinds of concrete realization processing procedures in specific implementation process, described two kinds of specific implementation processing procedures are respectively: first kind is to have the processing method that threatens to detecting certain terminal, second kind is detection and the processing method of user (i.e. (U) SIM) when using a new equipment, will be described respectively at two kinds of concrete implementations below.
At first, first kind of implementation procedure is described:
When system detects when inserting mobile device and user and may become threat in the network, then corresponding specific implementation process may further comprise the steps as shown in Figure 1:
Step 11:IS (recognition system) detects the terminal that system exist to threaten (comprise mobile device and (U) SIM card);
Step 12: according to detecting the threat terminal information, IS sends the request of forbidding service to the HPLMN management interface; The IMSI (or IMPI) that is comprising disabled service-user in this request is forbidden service entry accordingly and then is placed in the forbidding service list in the request;
In addition; If the IS system is in VPLMN (visit public land mobile network) time, this request message should send to HPLMN in the mode of mail or fax, and in a word, HPLMN need obtain the terminal information that described existence threatens.
After step 13:HPLMN received described request, then the forbidding service request order that will receive by management interface sent to the MS database;
Need to prove, if the IS system can specifically confirm this IMSI (or IMPI) information and corresponding IMEI information, and can inquire the forbidding service list corresponding with the two time, then execution in step 16, if the IS system can not specifically confirm these information, then execution in step 14;
After step 14:MS database receives the order of forbidding service request, HLR (being HSS) after attaching position register HLR or upgrading, send this request command, include IMSI (or IMPI) information in the request command message, purpose be for obtain to preserve among the HLR (being HSS) after HLR or the upgrading with the corresponding IMEI of this IMSI (or IMPI);
After HLR (being HSS) after step 15:HLR or the upgrading receives the request command that includes IMSI (or IMPI) information, according to the IMSI (or IMPI) in this request command information, inquire about in its corresponding IMEI information, and IMEI information is sent back to the MS database with IMSI (or IMPI) information;
Step 16:MS database carries out record to the forbidding information on services in the forbidding service request order of receiving after receiving the IMEI information of described IMSI (or IMPI) and correspondence;
Be specially: if do not forbid service lists in the MS database in IMEI information and corresponding two of IMSI (or IMPI) information, then MS should create two the forbidding service lists corresponding with the IMEI information of request command and IMSI (or IMPI) information, if there has been corresponding forbidding service list, then the content of its forbidding service list is upgraded; Information in the forbidding service list that the IS system that is that stores in described two forbidding service lists sends over;
Described two forbidding service lists comprise: be used for the corresponding forbidding service list of IMSI (or IMPI) that limiting mobile device is initiated the forbidding service list of professional IMEI correspondence and is used for the business that restriction (U) SIM card initiates;
Owing to (U) preserve corresponding forbidding service list in the SIM card, make to exist (U) SIM card that threatens to be placed on when using on the mobile device that does not have threat that (U) the forbidding service list in the SIM card still can limit it and realize illegal business function;
For disabled service, if looking on the bright side of things, this user opens a certain forbidding service, then can be by getting in touch the disabled service of opening with Customer Service Center;
Step 17:MS database will send one to OTA server according to the forbidding service list information after upgrading and upgrade list request, and this list request comprises the forbidding service list of IMSI (or IMPI) forbidding service list and corresponding device IMEI;
After step 18:OTA server receives this request, upgrade forbidding service list solicited message to corresponding (U) SIM of terminal, upgrade the last corresponding forbidding service list of (U) SIM by sending SMS (Short Message Service);
Step 19:(U) after SIM updates stored in forbidding service list on (U) SIM according to this solicited message, store the forbidding service list after the described renewal, the new business of initiating at (U) SIM will limit according to the forbidding service list after this renewal;
Step 110:(U) SIM sends refresh command to ME (mobile device) according to the information of forbidding service list, and purpose is in order to refresh the forbidding service list on the ME.
Step 111:ME receives this order and reads in forbidding service list on (U) SIM.
The forbidding service list that step 112:ME storage obtains from (U) SIM.
Because ME has stored the forbidding service list that obtains from (U) SIM, and under the situation of ME shutdown, still preserve the forbidding service list that this ME preserves, and, only when this ME start next time or insert under new (U) SIM card situation, the forbidding service list just can upgrade, therefore, after this forbidding service list generates and is kept in the mobile device, when mobile device is initiated service request, all need to handle, and only allow to initiate not disabled business by the restriction of this forbidding service list.
By above-mentioned processing procedure; just can limit the malice of mobile device initiation or the service of other attacking networks by corresponding forbidding service list; for example; operator detects certain user's abuse of emergency calling or there is the professional Virus of emergency call always in the ME the inside; then can in certain time period, forbid, with the fail safe of protecting network resource the equipment business.
How to be kept at the problem of ME all the time about this forbidding service list, specifically can in ME, to design the module of a permanent storage function, store above-mentioned forbidding service list.Simultaneously, network side can determine whether the emergency call function by this forbidding service list restriction ME according to whether providing the permanent storage functional module to preserve corresponding forbidding service list among the ME.
After step 113:ME finished storage operation, system side was to having some function forbidding that threatens terminal, just can notify some service function of user be under an embargo uses and the reason of forbidding by OTA server transmission information;
OTA server can send the details that message is notified the disabled service of user, allows the user can see very intuitively which business can not use, and what out of use reason is, or the like.
As can be seen, adopt above step not only can guarantee the use of normal users, and limited for the attack mobile network's of malice behavior, no matter this destruction is equipment reason or artificial origin, can prevent timely, guarantee the safety of network, save Internet resources.
Secondly, more corresponding second kind of implementation procedure is described:
(U) SIM is inserted into the situation of a ME, may exist (U) SIM card of threat to be inserted among the new ME such as one, perhaps, may exist when having inserted new (U) SIM card in the mobile device of threat, then corresponding specific implementation process may further comprise the steps as shown in Figure 2:
Step 21: (U) SIM is inserted into a new ME;
Step 22: utilize the ADD function that its IMEI information and the new corresponding relation of IMSI (or IMPI) information are joined among the HLR (being HSS) after HLR or the upgrading to new UE;
HLR (being HSS) after step 23:HLR or the upgrading is according to new IMEI that adds and the information among the IMSI (or IMPI), whether send query requests in the MS database, checking has in the MS database and IMEI or the corresponding forbidding service list of IMSI (or IMPI);
This query requests of step 24:MS database response, at first, search the forbidding service list of IMSI (or IMPI) or IMEI correspondence respectively, if when not existing a certain correspondence to forbid serving in the forbidding service list that finds, just looking it is empty set at the forbidding service list; Then, obtain, promptly form a new forbidding service list by these two unions that service list is formed; At last, set up new forbidding service list, and refresh the forbidding service list of already present IMEI correspondence;
After step 25:MS database is finished inquiry, the forbidding service list information that inquires is sent to OTA server, if when not having the forbidding service list information relevant in the MS database with IMSI (or IMPI) or IMEI, the MS database will send one and all enable the OTA server that tabulates, promptly this all enables to tabulate and does not comprise the forbidding service, will not limit the business that UE initiates;
Step 26:OTA server sends a forbidding service list to (U) SIM after receiving MS database transmission forbidding service list information, and the forbidding service list that this UE service is limited is provided;
Step 27:(U) after SIM receives this forbidding service list, and stores this forbidding service list information;
Step 28:(U) after SIM storage forbidding service list is finished, send a refresh requests to ME, purpose is in order to refresh the forbidding service list on the ME;
After step 29:ME receives the refresh requests of (U) SIM, read new forbidding service list from (U) SIM;
The forbidding service list information that step 210:ME storage is read from (U) SIM;
Step 211: after system side has been forbidden some function to the terminal with threat, send message by OTA server and notify some service of user not use.
After a certain service is disabled in said process, open this service if look on the bright side of things, can dial the customer service number or open this service by Customer Service Center by the mode of short message notification.If this service has been confirmed to be the service that allows use, perhaps finished process to the ME virus killing, then information desk will be initiatively for opening this service.
Need to prove, among the present invention, can also the security control subscriber policy be set at network side, open the terminal use that same service surpasses pre-determined number for continuous request, then this user is set to malicious user, and will forever limit or transfer to higher network management center to the business that threatens to network and handle.For example, if certain user open repeatedly (as three times or more than) same being under an embargo service, and after each unlatching, all network has been caused same threat.In this case, the user just has the possibility that has the active attack network, can look this user and be malicious user, and this service authority of this user be submitted to higher level network management center handle, also can solve this forbidding service by measures such as network management center and user consult.
Among the present invention, above-mentioned MS database not only can be used for limiting service, can also be by auxiliary some function finished among the ODB of this MS database.ODB is that operator and service provider utilize network entity some a kind of mechanism that initiation is professional and incoming call business limits to the user, and the reason of restriction is user's malicious owing fee or some other reason.In the ODB function system, the forbidding service lists that is limited the user only is stored in the HLR (being HSS) after HLR or the upgrading, VLR (Visited Location Registor), among the SGSN (Serving GPRS Support Node), if the user makes a call after the business, also need to judge through the HLR (being HSS) after network entity HLR or the upgrading whether this business is restricted service, if restricted service, will produce an error message loopback and give terminal, be to finish among the HLR (being HSS) of this refusal service needed after HLR or upgrading, this has wasted the resource of network to a certain extent.
Realization of the present invention can also be simplified the ODB process of managing business of above-mentioned complexity.Handle in the method that auxiliary ODB manages business the invention provides, can some of being stored own be forbidden that business sends to the MS database by the HLR (being HSS) after HLR or the upgrading, VLR, SGSN, the MS database is stored in these blocking information in the forbidding service list, and will to forbid service list information be to send and be saved in terminal, for some business of Client-initiated, can be directly by the mobile device or (U) the forbidding service list of this restricted service of preserving of SIM, forbid that immediately the user initiates business.Therefore, the auxiliary further conserve network resources of ODB function that realizes of the present invention.
The present invention is in the specific implementation process, and also the situation that may occur is, when mobile terminal-opening, forbidding service list information does not download to this locality as yet, and then can unrestrictedly commence business if portable terminal is not limited this moment, therefore, may constitute a threat to network.For this reason, the invention provides the treatment mechanism of using network to limit at the portable terminal that does not have tabulation, promptly behind mobile terminal-opening, detect in the portable terminal and do not have the forbidding service list, perhaps the forbidding service list of Cun Zaiing is unavailable, forbids that then this portable terminal uses network to carry out any business.
To provide a concrete application implementation at above-mentioned restriction treatment mechanism below:
A sign position is set in the mobile device the inside, whether identify disabled list exists, the assumed by default value is 0, expression is tabulation not, when the sign position was 1, the expression disabled list existed and is not empty tabulation, when the sign position is 2, there is an empty tabulation in expression, and the value of described sign position is according to the state real-time update of the forbidding service list in the mobile device;
When mobile device is started shooting, at first detect the value of sign position, if 0, forbid that then the user initiates any business, perhaps allow the user to initiate simple speech business, at this moment, if inserted new (U) SIM card, after waiting until that then new tabulation is sent by the OTA server, could initiate business according to tabulation,, not change (U) SIM card if mobile device is user's start, then need send a request to the OTA server, the OTA server can be to this user's of MS database request disabled list, after portable terminal is waited until and sent disabled list then, could initiate professional according to tabulation, described request is that mobile device sends automatically, promptly can send by need not artificial secondary note or other modes for user transparent that participates in;
When mobile device is started shooting, if detecting the sign position is 1, then need further detection list whether really to exist, if just exist and to initiate business according to disabled list, if finding tabulation has not existed, then need send a request to the disabled list of this mobile device of OTA server requests equally, receive disabled list after, could initiate professional.
When mobile device is started shooting, be 2 if inquire the sign position, show that then the user is not subjected to any restriction, promptly the user can initiate any business.
In the above-mentioned treatment mechanism process of specific implementation, various signs position can be provided with as required flexibly, is not limited to be provided with three sign positions, also is not limited to the implication of above-mentioned each sign position definition.
Below will be again in conjunction with Fig. 1 to the present invention discern that terminal that mobile device and user form initiates at network produce the business that threatens whether artificial origin's processing procedure describe, can determine that by this process network side the threat business of initiating is initiatively to be initiated or caused because of mobile device infective virus program by the user.
This embodiment reports and submits MS database to network side with it, thereby can judge whether this threat is artificial reason according to the historical information of preserving by the MS database mainly after the IS system detects the terminal that network produce is threatened.In the MS database, only generate the forbidding service list of IMEI according to the report of IS system, then be to generate for the forbidding service list of IMSI (or IMPI) according to the history information analysis and judgement of preserving in the MS database.Thereby can avoid direct a certain service of directly forbidding IMSI (or IMPI), cause the user that the satisfaction of service is descended according to the report of IS system.
In this embodiment, stored (the HLR after perhaps upgrading of HLR in the ODB system among the MS DB (MS database) in advance, be HSS), VLR and SGSN some user profile of preserving, as the HLR (HLR after perhaps upgrading, be HSS), when the forbidding service list of the storage of VLR and SGSN upgrades, HLR (the perhaps HLR after the upgrading, i.e. HSS), VLR and SGSN also will upgrade the related content among the MS DB.
The specific implementation of this embodiment may further comprise the steps still as shown in Figure 1:
Step 11:IS system detects and has the end message that threatens, and the terminating packet including IMS I (or IMPI) of this detection threatens if terminal exists, and then execution in step 12, otherwise, will allow this terminal to initiate normal professional ' '
Step 12: have the end message that threatens according to detecting, the IS system sends the request of forbidding service to the HPLMN management interface, the request of this forbidding service should comprise the IMSI (or IMPI) at disabled family, and disabled service is stored in the forbidding service list with the form of tabulation in this request;
Step 13:HPLMN management interface receives this request command, and this forbidding service request order is sent to the MS database;
Step 14:MS database is responded this request command, sends the request command that comprises IMSI (or IMPI) information to HLR (the perhaps HLR after the upgrading, i.e. HSS), and purpose is in order to obtain the corresponding IMEI of this IMSI (or IMPI);
After step 15:HLR (the perhaps HLR after the upgrading, i.e. HSS) receives the order of MS database request, inquire about and the corresponding IMEI of IMSI (or IMPI), and the IMEI information that inquiry obtains is sent it back in the MS database with IMSI (or IMPI) information.
Step 16:MS database receives the HLR (HLR after perhaps upgrading, be HSS) the IMEI information and IMSI (or IMPI) information that send, if the MS database is this IMEI information not, create this IMEI and the corresponding relation of IMSI (or IMPI) and forbidding service list separately so, if exist, then the content of its tabulation is upgraded;
In the MS database, the relation of IMSI (or IMPI) and IMEI and forbidding service list as shown in Figure 3, the forbidding service list that in the forbidding service list, has comprised IMSI (or IMPI), also comprised a series of IMEI forbidding service list, this IMEI forbidding service list can be whole or the corresponding IMEI forbidding service list that was used in combination with IMSI (or IMPI) of part, promptly combine the IMEI that used with IMSI (or IMPI) a forbidding service list is all arranged at each, as the IMSI among Fig. 3 (or IMPI) corresponding comprise in conjunction with the IMEI that used: IMEI1, IMEI2...IMEIx (C) etc., wherein, IMEIx (C) is the current IMEI that uses that combines with IMSI (or IMPI).
As can be seen, in actual application, having only the forbidding service list of an IMEIx (C) in the above-mentioned IMEI forbidding service list is the forbidding service list of current use.As IMEIx (C) and IMSI (or IMPI) when combining, in the forbidding service list information that the IS system reports,, do not influence the forbidding service list of IMSI (or IMPI) correspondence itself just at current IMEIx (C) preservation information or lastest imformation yet.
Other IMEIx that preserve in IMEI forbidding service list once combined the historical IMEI that used with IMSI (or IMPI) for what the MS database was preserved, for example, when (U) SIM card is inserted a new mobile phone ME, in Fig. 3, the new IMEI that ME had that inserts subscriber card will become current IMEI x (C), and original IMEIx (C) becomes historical IMEI.In the MS database, specifically can preserve the forbidding service list information of some historical IMEI according to condition, for example, preserve 5,6 or the forbidding service list information of more IMEI being used in combination with IMSI (or IMPI) recently, there is no need to preserve the historical IMEI that all once combined with IMSI (or IMPI) usually.
In the information of above-mentioned IMEI, after the forbidding service list of current relevant IMEIx (C) was updated, the MS database need carry out a series of inspections, just can upgrade the corresponding contents in IMSI (or IMPI) the forbidding service list.The content of required inspection can be provided with according to self needs by operator, can include but not limited to the following content checked of needing in application process:
(1) at the HLR (HLR after perhaps upgrading, be HSS), the user that stored among VLR and the SGSN forbids service lists, whether some business of checking this user are restricted, if some business of user is restricted, then the service identifiers of forbidding to be forbidden in the service list to IMSI (or IMPI);
The forbidding service list of the IMEI of (2) inspection history, determine whether corresponding service is repeatedly disabled, if identical service is repeatedly disabled or be present in the forbidding service list of most of IMEI, think that then this IMSI (or IMPI) user exists malice to use or the tendency of active attack for this service, need the related service to this user be designated forbidding in IMSI (or IMPI) forbidding service list;
Step 17:MS database will send one to OTA server and upgrade list request according to the forbidding service list information after upgrading, and is carrying the tabulation that requires renewal in this request message;
This tabulation is to forbid separately that service list is got intersection and the tabulation that obtains by IMSI (or IMPI) and IMEI;
This tabulation can indicate simultaneously, service in the tabulation is forbidden because of IMEI or by IMSI (or IMPI), if the service of being somebody's turn to do is all disabled, then get intersection forbidding service identifiers afterwards for being forbidden by IMSI (or IMPI) in two tabulations of IMEI and IMSI (or IMPI);
Step 18: after OTA server receive to upgrade list request, send SMS and update the equipment forbidding service list request command, update stored in forbidding service list on (U) SIM by this request command to (U) SIM;
Step 19:(U) after SIM receives described request, responds this request command, and upgrade the forbidding service list among (U) SIM;
Step 110:(U) after the information of SIM storage forbidding service list is finished, send refresh command to ME, purpose is in order to refresh the forbidding service list on the ME;
After step 111:ME receives this refresh command, read in the forbidding service list on (U) SIM;
The forbidding service list that step 112:ME storage obtains from (U) SIM.
After step 113:ME finished storage operation, system side sent detail message by OTA server and notifies some service of user not use having some the service forbidding that threatens terminal.
In above-mentioned processing procedure, if disabled service is the disabled service because of the forbidding information on services in IMSI (or IMPI) the forbidding service list, then point out the detailed reason of disabled this service of this user, if looking on the bright side of things, the user opens this service, then must get in touch by higher level administrative center, determine no longer no longer to threaten or, can open again according to the corresponding management strategy that sets in advance for network.If disabled service is the disabled service because of the forbidding information on services in the IMEI forbidding service list, then can kill virus or download some update software after terminal, just can open this disabled service automatically by the virus killing instrument that network provides.
In above-mentioned processing procedure, the OTA server more processing procedure of the forbidding service list in the new terminal specifically has two kinds of implementations can be for choosing then, and is specific as follows:
First kind of mode is: upgrade forbidding service list in the portable terminal periodically by aerial Download Server.
The second way is: when the forbidding service list of the forbidding service list of the IMEI of the portable terminal correspondence in the mobile station data storehouse and IMSI (or IMPI) changed, aerial Download Server just upgraded the forbidding service list in the portable terminal.
In concrete application process, can use above-mentioned two kinds of implementations that the forbidding service list in the portable terminal is upgraded operation according to the selection of reality.
The present invention can also adopt other modes to the renewal of making amendment of the forbidding service list in the portable terminal in the specific implementation process.To the processing procedure that corresponding forbidding service list in the portable terminal upgrades be described in the mode that adopts OMA DM (open mobile alliance device management) below.
OMA DM is one group of mechanism that is used for management terminal device and the agreement that OMA (Open Mobile Alliance) formulates.Operator utilizes these mechanism and agreement, comes some device parameter in the terminal, and aspects such as software version, installation and upgrading manage in the terminal.
Utilize specific implementation that described DM mechanism upgrades the forbidding service list in the portable terminal as shown in Figure 4, comprise: in mobile terminal device, create a MO (management object), be specially the form that adopts the forbidding service list, be used for the forbidding information on services of memory mobile terminal.At network side, create a logic entity DMS (management equipment server), it can be according to the forbidding information on services in the MS database, and the forbidding information on services that the MO in the portable terminal is preserved manages and is provided with.
Among the present invention, the concrete implementing procedure that DMS handles the renewal of the forbidding information on services preserved among the ME comprises as shown in Figure 5:
Step 51: detect the portable terminal that has threat in the network, then generate the forbidding information on services in the corresponding M S database;
The mode front of the forbidding information on services in the concrete generation MS database is described, and no longer describes in detail herein;
Step 52:DMS sends the notice of the forbidding information on services that the MO that upgrades wherein preserves according to the forbidding information on services of MS database to ME, with the setting or the renewal of the forbidding information on services realizing preserving at MO among the ME;
Step 53:MO receives the forbidding information on services according to update notifications self storage of DMS;
Simultaneously, portable terminal also can initiatively be initiated the update request of forbidding information on services that MO is preserved to realize that MO is upgraded operation;
Wherein, DMS can adopt following at least a implementation to the implementation of the renewal of the forbidding information on services of MO preservation:
(1) DMS regularly upgrades the MO information on services among the ME;
When (2) disabled list of ME correspondence changed in the MS database, DMS just upgraded the MO information on services among the ME;
The business that step 54:ME carries out according to the forbidding information on services limited subscriber among the MO;
Be specially: when portable terminal is initiated business, ME at first judges according to the forbidding information on services among the MO whether be restricted, if be restricted, then terminal will ban use of this service if detecting this business service, if not being restricted, then terminal allows the user to initiate service request.
In this way, can effectively limit ME and initiate the service that some threaten to network, wherein DMS can be provided with operations such as renewal to the forbidding information on services that MO in the mobile device preserves.
In sum, three concrete case study on implementation that the present invention enumerates all can utilize the information in the mobile station data storehouse, produce the behavior that threatens security of system at user or equipment, forbid the processing of this business conduct, to guarantee the safety of system resource, improved the utilization of system resource.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.

Claims (24)

1, a kind of implementation method of protecting mobile network resource is characterized in that, comprising:
A, determine forbidding business information, and preserve the forbidding information on services of the facility information of this portable terminal and user profile and corresponding expression forbidding business information at portable terminal;
B, in the mobile network, according to the forbidding information on services of preserving, the business of carrying out of portable terminal is limited operation.
2, the implementation method of protection mobile network resource according to claim 1 is characterized in that, described forbidding information on services is preserved in the tabulation mode, and described tabulation comprises:
With international mobile subscriber identity IMSI or IMPI is the forbidding service list of index and what be used in combination with international mobile subscriber identity is the forbidding service list of index with international mobile equipment identification number IMEI.
3, the implementation method of protection mobile network resource according to claim 2 is characterized in that, described forbidding information on services is kept in the equipment and user identification module of portable terminal, also is stored in the mobile station data storehouse of network side.
4, the implementation method of protection mobile network resource according to claim 3; it is characterized in that; in described mobile station data storehouse, the forbidding service list of international mobile subscriber identity is related with the forbidding service list of at least one international mobile equipment identification number.
5, the implementation method of protection mobile network resource according to claim 3; it is characterized in that; described forbidding service list directly is stored in the equipment of portable terminal, and perhaps, the management object by Open Mobile Alliance is stored in the equipment of portable terminal.
6, the implementation method of protection mobile network resource according to claim 2 is characterized in that, described method also comprises:
At network side safety is set and generates the tabulation strategy, and generate the forbidding service list that the tabulation strategy generates corresponding international mobile subscriber identity according to the forbidding service list and the described safety of the international mobile equipment identification number related with international mobile subscriber identity.
7, the implementation method of protection mobile network resource according to claim 1 is characterized in that, in the described steps A, determines to comprise at the forbidding business information of portable terminal:
When detection system detects business that portable terminal carries out network is constituted a threat to, determine that then this business is the forbidding business of portable terminal;
And/or,
Network side preestablishes the business of forbidding that portable terminal is carried out, and should business as the forbidding business information of portable terminal.
According to the implementation method of each described protection mobile network resource in the claim 1 to 7, it is characterized in that 8, described steps A comprises:
When A1, detection system detect portable terminal and have threaten network security, transmission carries the forbidding service request of the information on services of mobile terminal user identifying information and forbidding, after the mobile station data storehouse of network side receives this request, to the device identifying information of the customer identification information corresponding mobile terminal of Home Location Register enquiry mobile terminal;
A2, mobile station data library inquiry generate or upgrade the forbidding information on services of mobile terminal user identifying information and device identifying information correspondence according to the information on services of the forbidding in the request behind the device identifying information of described portable terminal;
A3, mobile station data storehouse initiate forbidding information on services with described mobile terminal user identifying information and device identifying information correspondence and are updated to processing in the portable terminal, and finish this processing.
9, the implementation method of protection mobile network resource according to claim 8 is characterized in that, in described steps A 1, comprising:
Detection system will be forbidden information on services by the management interface of Home Public Land Mobile Network network and send to the mobile station data storehouse, perhaps, when detection system is arranged in the visit public land mobile network, then will forbids information on services and send to the mobile station data storehouse automatically by mail or fax mode.
10, the implementation method of protection mobile network resource according to claim 8 is characterized in that, described steps A 2 comprises:
A21, on the mobile station data storehouse, upgrade according to the forbidding information on services of at least one device identifying information correspondence of the mobile terminal user identifying information association of preserving forbidding information on services this customer identification information correspondence;
And/or,
A22, on the mobile station data storehouse, upgrade according to the forbidding information on services of the forbidding business information of storing in the network entity this customer identification information correspondence.
11, the implementation method of protection mobile network resource according to claim 10 is characterized in that, described steps A 21 comprises:
When the mobile station data storehouse judges whether the information on services of the forbidding in the request is present in the forbidding information on services of device identifying information correspondence of this customer identification information association, if exist, then the information on services with the forbidding in this request adds in the forbidding information on services of this customer identification information correspondence, otherwise, do not upgrade the forbidding information on services of this customer identification information correspondence.
12, the implementation method of protection mobile network resource according to claim 10 is characterized in that, the network entity in the described steps A 22 comprises:
Attaching position register HLR, home subscriber server HSS, VLR Visitor Location Register VLR and/or Serving GPRS Support Node SGSN.
13, the implementation method of protection mobile network resource according to claim 8 is characterized in that, described steps A 3 comprises:
The request of forbidding service list is initiated to upgrade to aerial Download Server in A31, mobile station data storehouse, and aerial Download Server receives request, and the forbidding information on services in will asking is updated in the portable terminal;
Perhaps,
A32, according to the forbidding information on services in the mobile station data storehouse management object in the portable terminal initiate is upgraded the request of forbidding information on services by open mobile alliance device management server; After management object in the portable terminal receives solicited message, upgrade and store described forbidding information on services.
14, the implementation method of protection mobile network resource according to claim 13 is characterized in that, described steps A 31 comprises:
Aerial Download Server initiates to upgrade the request of forbidding service list to mobile terminal user; After mobile terminal user receives solicited message, store this forbidding information on services, and send the equipment of update request, after described equipment is received request, read and preserve this forbidding information on services to portable terminal.
15, the implementation method of protection mobile network resource according to claim 13 is characterized in that, described steps A comprises:
After aerial Download Server receives the request of sending in the mobile station data storehouse, in real time or the forbidding information on services in the corresponding portable terminal of regular update;
Perhaps,
When the forbidding information on services of open mobile alliance device management server in the mobile station data storehouse changes or regularly the forbidding information on services in the management object in the portable terminal is upgraded according to the forbidding information on services in the mobile station data storehouse.
According to the implementation method of each described protection mobile network resource in the claim 1 to 7, it is characterized in that 16, described method also comprises:
Service restriction sign position is set in portable terminal, and described service restriction sign position is used for identifying in real time portable terminal and whether has available forbidding information on services.
17, the implementation method of protection mobile network resource according to claim 16 is characterized in that, described method also comprises:
C, behind mobile terminal-opening, check the service restriction sign position in the portable terminal, when in determining portable terminal, not preserving available forbidding information on services, forbid that then portable terminal initiates professional.
18, the implementation method of protection mobile network resource according to claim 17 is characterized in that, described step C also comprises:
The equipment of portable terminal sends the message that information on services is forbidden in request from the trend network side, and request is obtained corresponding forbidding information on services from network side.
19, the implementation method of protection mobile network resource according to claim 18 is characterized in that, the equipment of described portable terminal sends the message of request forbidding information on services for the mode of the message of user transparent by automatic transmission.
20, the implementation method of protection mobile network resource according to claim 19 is characterized in that, if certain terminal use does not exist forbidding professional, then returns the forbidding service list of a sky.
21, the implementation method of protection mobile network resource according to claim 18; it is characterized in that described forbidding information on services is the union generation according to the disabled list of the disabled list of the international mobile subscriber identity in the MS database and international mobile equipment identification number.
According to the implementation method of each described protection mobile network resource in the claim 1 to 7, it is characterized in that 22, described method also comprises:
Behind the definite forbidding information on services of network side, send a notification message to portable terminal at portable terminal, the disabled information on services of notice portable terminal, and comprise disabled cause information alternatively.
According to the implementation method of each described protection mobile network resource in the claim 1 to 7, it is characterized in that 23, described method also comprises:
The equipment of portable terminal when confirm no longer to initiate to network constitute a threat to professional the time, then consult the disabled service of unlatching with network side automatically.
According to the implementation method of the protection mobile network resource described in the claim 23, it is characterized in that 24, described method also comprises:
At network side the security control subscriber policy is set, open the terminal use that same service surpasses pre-determined number for continuous request, then this user is set to malicious user, and will forever limit or transfer to higher network management center to the business that threatens to network and handle.
CNB2006100806009A 2006-05-19 2006-05-19 The implementation method of protection mobile network resource Active CN100574214C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2006100806009A CN100574214C (en) 2006-05-19 2006-05-19 The implementation method of protection mobile network resource

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006100806009A CN100574214C (en) 2006-05-19 2006-05-19 The implementation method of protection mobile network resource

Publications (2)

Publication Number Publication Date
CN101051938A true CN101051938A (en) 2007-10-10
CN100574214C CN100574214C (en) 2009-12-23

Family

ID=38783148

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006100806009A Active CN100574214C (en) 2006-05-19 2006-05-19 The implementation method of protection mobile network resource

Country Status (1)

Country Link
CN (1) CN100574214C (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102231179A (en) * 2011-06-20 2011-11-02 北京思创银联科技股份有限公司 Portable personal service terminal
CN102271382A (en) * 2010-06-07 2011-12-07 电信科学技术研究院 Access control method and equipment for machine type communication (MTC) equipment
WO2015131559A1 (en) * 2014-09-17 2015-09-11 中兴通讯股份有限公司 Terminal, method and device for controlling functions thereof, and communication system
CN111149338A (en) * 2017-08-02 2020-05-12 西门子股份公司 Reinforcement of communication equipment

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11991525B2 (en) 2021-12-02 2024-05-21 T-Mobile Usa, Inc. Wireless device access and subsidy control

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102271382A (en) * 2010-06-07 2011-12-07 电信科学技术研究院 Access control method and equipment for machine type communication (MTC) equipment
CN102271382B (en) * 2010-06-07 2014-08-20 电信科学技术研究院 Access control method and equipment for machine type communication (MTC) equipment
CN102231179A (en) * 2011-06-20 2011-11-02 北京思创银联科技股份有限公司 Portable personal service terminal
WO2015131559A1 (en) * 2014-09-17 2015-09-11 中兴通讯股份有限公司 Terminal, method and device for controlling functions thereof, and communication system
CN111149338A (en) * 2017-08-02 2020-05-12 西门子股份公司 Reinforcement of communication equipment
US11962569B2 (en) 2017-08-02 2024-04-16 Siemens Aktiengesellschaft Hardening a communication device

Also Published As

Publication number Publication date
CN100574214C (en) 2009-12-23

Similar Documents

Publication Publication Date Title
CN1306785C (en) Telephone directory assistance method and telephone directory assistance system
CN1210655C (en) Servicer equipment and information processing method
CN1685755A (en) Method and system for cellular network traffic redirection
CN1809097A (en) Security system
CN1852094A (en) Method and system for protecting account of network business user
CN1889730A (en) Wireless user identification module, communication terminal equipment and communication control method
CN101047506A (en) Management method for terminal equipment starting service in radio communication network
CN1475924A (en) Positioning system
CN1794676A (en) Method of user access radio communication network and radio network cut in control device
CN1794657A (en) Method and system for managing terminal equipment
CN101052167A (en) Automatic renewing system for communication number and its realizing method
CN101064878A (en) Mobile terminal for realizing content filtering, system, network entity and method
CN1819705A (en) Method for realizing mobile terminal data protection
CN101068383A (en) Student terminal configuration method and system based on terminal management business
CN1512814A (en) Positioning system and method for providing customer machine terminal based on position service to mobile terminal
CN1801743A (en) Terminal equipment managing method
CN1744764A (en) Call processing method in the personal communication system and equipment
CN101051938A (en) Realizing method for protecting mobile network resource
CN1684048A (en) Method and system for secure erasure of information in non-volatile memory in an electronic device
CN1801231A (en) Emergency call system and emergency call method
CN1691578A (en) A method of self validity verification for an equipment
CN1852138A (en) Terminal management method and system
CN1913701A (en) Method for providing different safety class service to different user in mobile communication system
CN101068408A (en) Self log-on method, terminal and server for multi-standby terminal
CN1805576A (en) Mobile communication terminal, mobile communication system, and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant