CN101197874B - Mobile terminal equipment - Google Patents
Mobile terminal equipment Download PDFInfo
- Publication number
- CN101197874B CN101197874B CN2008100001634A CN200810000163A CN101197874B CN 101197874 B CN101197874 B CN 101197874B CN 2008100001634 A CN2008100001634 A CN 2008100001634A CN 200810000163 A CN200810000163 A CN 200810000163A CN 101197874 B CN101197874 B CN 101197874B
- Authority
- CN
- China
- Prior art keywords
- user
- mobile terminal
- terminal device
- module
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a mobile terminal device, which comprises: an input/output module, an authorization control module, a subscriber authentication module and an operation control module, wherein the input/output module is used to receive a user name, a user password and an operation control request and is used to output device processing message to the user; the authorization control module is used to manage the operation authorization of the user on the mobile terminal device through the exchange with the device management server at the network side; the subscriber authentication module is used to manage the user access authorization to the network; the operation control module is used to judge whether the operation control request inputted by the user is allowed according to the user operation authorization. On the basis of supporting multi-user, the invention ensures the safety of the mobile terminal device and of the user information of the mobile terminal device. Meanwhile, even if the mobile terminal device is lost, the owner of the mobile terminal device can also control the usage of the device so as to reduce the probability of loosing the device.
Description
Technical field
The present invention relates to the communications field, relate more specifically to a kind of mobile terminal device.
Background technology
The use of mobile terminal device is more and more general, and everyone can both hold a mobile terminal device is becoming a kind of trend.But, under certain specific occasion, have the common situation of using same mobile terminal device of a plurality of user's needs.For example: in some office occasion, from the needs of maintaining secrecy, can only have a mobile terminal device to insert the Internet (Internet) or other networks, like this, all personnel in the place just must use same mobile terminal device to communicate.For another example: possibly be accidental situation, have urgent affairs to need to handle, but do not carry the mobile terminal device of oneself, also need use other people mobile terminal device.At last, also having a kind of people and the unwilling but very possible situation that takes place, is exactly that mobile terminal device is lost, and whether still can manage and control mobile terminal device under this kind situation and just become particularly important.
In the CN1852523A patent documentation of " a kind of portable terminal method for using and portable terminal and mobile terminal system " by name; A kind of multi-user's of support mobile terminal device and method are disclosed; User list promptly is set in mobile terminal device, in subscriber card, stores username and password, when the user uses mobile terminal device; The username and password of mobile terminal device more current input from subscriber card; Confirm user's type,, then be kept at current user name password in the subscriber card if do not find the user name password of having preserved.
In the CN1984402A patent documentation of " a kind of multi-users of mobile terminal management method and device " by name; Another kind of support multi-user's mobile terminal device and method are disclosed; This characteristic feature of an invention is not re-use subscriber card, and username and password directly is stored on the mobile terminal device.In addition, user type has not only been distinguished in this invention, and for every kind of concrete operation, also operation permission is examined.
But, can find out from above description, more than the shortcoming of two patents be, multi-user's management and control is not cooperated at network side, thereby just is difficult to manage most effectively multi-user's using and controlling mobile terminal device.
Summary of the invention
One or more problems in view of the above the invention provides a kind of new mobile terminal device.
Mobile terminal device according to the embodiment of the invention comprises: input/output module is used to receive user name, the user cipher of user's input and control request, and is used for to user's output equipment process information; Authority management module, be used for through and the device management server of network side between come the operating right of leading subscriber alternately to mobile terminal device; The subscription authentication module is used for the access rights of leading subscriber to network; And control module, and be used for operating right according to the user, judge whether the request that controls of permitted user input.
Mobile terminal device according to the embodiment of the invention can also comprise: the Card read/write module is used to store and read and allows public information that all users check and/or the personal information that allows the specific user to check.
Wherein, the Card read/write module is distinguished through information classification sign and ID and is allowed all users public information of checking and the personal information that allows the specific user to check.The subscription authentication module is through cooperating the authentication of accomplishing the user with the authentication device of network side.
Wherein, authority management module obtains device association information through the device management server from network side the operating right of user to mobile terminal device is set; Or through user name being sent to the device management server of network side, the device management server that receives network side return to its, in device association information, find out, come the operating right of leading subscriber corresponding to the operating right of user name to mobile terminal device.
Wherein, device association information comprises one or more in the following information: device activation sign, equipment manager user name, calling party support mode, calling party tabulation and equipment manager and/or calling party use the history log of equipment.
The present invention has guaranteed the fail safe of mobile terminal device and the fail safe of terminal terminal user's information on the basis of supporting the multi-user.And, even under the situation that mobile terminal device is lost, the use that the owner of mobile terminal device also can control appliance, thus can reduce the loss possibility of equipment.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the structural representation according to the mobile terminal device of the embodiment of the invention;
Fig. 2 is the structure and the particular content sketch map of the device association information of on the network equipment management server, storing;
Fig. 3 is a flow chart of confirming the process of user right according to the authority management module of the embodiment of the invention;
Fig. 4 is the sketch map of user's authority value and corresponding concrete power limit content thereof;
Fig. 5 is the flow chart that reads the process of request according to the Card read/write resume module information of the embodiment of the invention; And
Fig. 6 is the flow chart of activation according to the process of the mobile terminal device of the embodiment of the invention.
Embodiment
With reference to accompanying drawing, specify embodiment of the present invention below.
With reference to figure 1, the mobile terminal device according to the embodiment of the invention is described.As shown in Figure 1, this mobile terminal device comprises:
Input/output module is used to receive user's input information and to user's display message (for example, the content of display data, error message etc.).For example, the user will be to use mobile terminal device, and that just must input that user name, user cipher and user obtain just can import after the authority of legal use mobile terminal device controls request (for example, checking information, call peer) etc.Wherein, input/output module sends to authority management module with user name and user cipher after receiving user name and user cipher.
Authority management module is used for the operating right of leading subscriber to mobile terminal device.That is to say that authority management module is responsible for determining mobile terminal device whether can be used and the authority of user-operable control mobile terminal device.Wherein, Authority management module at first obtains device association information from the device management server of network side; Judge then whether the active user is allowed to use equipment,, then obtain its operating right if be allowed to; Otherwise (comprise two kinds of situation: user's input is wrong, user's the request that controls exceeded the authority that the user has) is to user prompt corresponding error information.
The subscription authentication module is used under authority management module allows the situation of active user's operating mobile terminal equipment (that is, user can legal use mobile terminal device), when the user wants legal use network, the user is carried out authentication.Wherein, the subscription authentication module is through cooperate accomplishing user's authentication with network side authentication device (for example, aaa server), and the method for subscription authentication is relevant with the particular network system.For example, in the WiMAX system, use Transport Layer Security (Tunneled Transport Layer Security the is called for short TTLS) method for authenticating in tunnel.After authentication was accomplished, the active user can use network legally.
Control module, be used to accomplish the audit function that Client-initiated is controled the authority of request.That is to say, be used for the operating right according to the active user, whether that judges that the active user sends controls request and can be permitted, if exceed authority, then refusing user's control request, otherwise, then handle and control request.Reading writing information then sends to the Card read/write module controling request if desired.
The Card read/write module is used for the storage of completion information and data and reads.Wherein, all information on the mobile terminal device and data can be divided into two parts simply: public information and personal information.Wherein, all information all have class indication and ID.Public information is the information that everyone can check.But personal information has only the user to check, the authority that other people do not check is even the administrator is no exception.The administrator can delete other users' personal information and data, but can not check other users' personal information.The Card read/write module can increase information classification sign and ID at the head of information when stored information.
Wherein, preserve all users' device association information in the device management server of network side.As shown in Figure 2, device association information comprises: the history log of device activation sign, equipment manager (owner of equipment) user name, visit (Guest) user support mode, Guest user list and the equipment of use.
Wherein, whether the device activation sign is used for marking equipment and is activated.The equipment manager user name is the user name of the owner of equipment through the mobile terminal device access network, i.e. superuser name.Guest user's support mode has three kinds: do not support Guest user, only support package is contained in user in the Guest user list, supports any Guest user.Do not support Guest user to represent that mobile terminal device only allows equipment manager to use; The user who only supports to be contained in the Guest user list representes that mobile terminal device can allow other users to use; But these users must belong among the Guest user list, and the user outside the Guest user list will be rejected the use mobile terminal device; Support any Guest user to represent that mobile terminal device allows anyone use.The Guest user list comprises the Guest user name and corresponding authority that can use mobile terminal device.All used administrator and the Guest user and the use date of mobile terminal device the history log record of use equipment.
Wherein, the owner of mobile terminal device after obtaining mobile terminal device for the first time, needs to activate earlier mobile terminal device as superuser.Activate mobile terminal device and be and between mobile terminal device and the owner, set up unique relatedly, and the statement mobile terminal device can be used.The operation that activates can be accomplished through network entry service supplier's network address or with the device association information that liaison mode notification service supplier modification is stored on the network equipment management server.The mobile terminal device that only is activated just can be used.Equally, the owner of mobile terminal device also can stop to activate mobile terminal device in the same way, just stop related between mobile terminal device and the owner, and the statement mobile terminal device is stopped use.
After mobile terminal device is activated, can be by normal use.When the user uses according to the mobile terminal device of the embodiment of the invention, may further comprise the steps according to the course of work of the mobile terminal device of the embodiment of the invention:
1) user inputs log-on messages such as user name and user cipher.
2) authority management module slave unit management server obtains device association information, if obtain failure, and the prompting login failed for user, otherwise, checking user's rights of using.Do not possess the authority of using mobile terminal device if the checking result is the user, then point out login failed for user; Otherwise, submit to the subscription authentication module to user name and user cipher and begin authentication.By device management server checking user and great rights of using are arranged whether perhaps, authority management module sends to device management server to user name; If in official hour, do not receive response message, then represent authentication failed; If receive message of successful, then submit to the subscription authentication module to user name and user cipher and begin authentication.
3) subscription authentication module and network side authentication device cooperate accomplishes subscription authentication, if login failed for user is then pointed out in the subscription authentication failure; Otherwise, the initialization operation control module, it is the active user that the user is set.
4) user's request of initiating operating equipment or reading information.
5) control module and judge whether to have operating right or access limit according to user's authority; Concrete grammar does, 2) in, the user is through after the checking of authority management module; Can be assigned with an authority credentials; Each operation that the user carried out also has an authority credentials, has only user's authority credentials to be lower than the operating right value, and user's the request that controls just is allowed to.
6) user initiates the request of stored information.
7) Card read/write resume module storage request, the Card read/write module can increase class indication and ID at the head of information.
With reference to figure 3, explain that authority management module confirms the process of user right.As shown in Figure 3, this process may further comprise the steps:
S302, input/output module sends to user name and user cipher after the authority management module, and authority management module at first sends the request of fetch equipment related information to the device management server of network side.
S304 is provided with overtime monitor timer, the response of waiting facilities management server; If overtime, get into step S306, otherwise get into step S308.
S306, wait timeout, the prompting user now can't operating mobile terminal equipment, please operation again once more after a while, and withdraw from.
S308, authority management module receive device association information.
S310 according to the content of device association information, judges whether mobile terminal device is activated, if be activated, then gets into step S314, otherwise gets into step S312.
S312, mobile terminal device is not activated, and prompting customer mobile terminal equipment is not activated, and asks first activated equipment, withdraws from subsequently.
S314 judges whether superuser, and the superuser name that is about in current user name and the device association information compares; If superuser then gets into step S316, otherwise get into step S318.
S316, the active user is a superuser, the authority that the user is set is a highest weight limit 0, notifying operation control module, and beginning subscription authentication.
S318, active user are Guest user, need check Guest user's support mode of mobile terminal device.If Guest user's support mode equals 1, promptly do not support Guest user, then get into step S320, otherwise get into step S322.
S320, prompting customer mobile terminal equipment is not supported Guest user, please get in touch the owner of mobile terminal device, withdraws from subsequently.
S322, mobile terminal device is supported Guest user, but current device is not necessarily supported current Guest user; If the mobile terminal device support mode equals 2, then in the Guest user list, search the active user, if find, mobile terminal device support active user is described, get into step S326, otherwise get into step S324; If the mobile terminal device support mode equals 3, then directly get into step S326.
S324, the user is not among the Guest user that mobile terminal device is supported in prompting, withdraws from subsequently.
S326, Guest user can use mobile terminal device, confirms Guest user's operating right, if the mobile terminal device support mode equals 2, then in the Guest user list, obtains user right; If the mobile terminal device support mode equals 3, it is 3 that user right directly is set; Then, notify the Guest user right that gets access to controling module, and the beginning subscription authentication.
With reference to figure 4, user's authority value and corresponding concrete power limit content thereof is described.Whether control module can be performed according to user's the authority and the operation requests of operating right judges.As shown in Figure 4, the owner of mobile terminal device is that superuser has all authorities that controls, but superuser also can't be checked other users' private information, and this has strictly guaranteed all users' information security; One-level user's authority has been cancelled the authority of deletion public information and other users' information on the basis of franchise authority; The authority of secondary user has been cancelled the authority of change equipment disposition again on the basis of one-level authority; Three grades of user rights are then only to use network, to check and delete its private information, check total information.
With reference to figure 5, descriptive information module for reading and writing process information reads the process of request.As shown in Figure 5, this process may further comprise the steps:
S502, the request of reading that controls the module judges sends to the Card read/write module to request for after the legitimate request, and the Card read/write module is at first obtained information header.
S504 judges whether to be public information according to information header, if then get into step S506, otherwise get into step S508.
S506 reads public information, and is shown to the user through input/output module.
S508 judges according to information header whether the active user is identical with the ID of information, if identical, shows it is same user, gets into step S512, otherwise gets into step S510.
S510, active user are attempting to read non-user's personal information, and request is rejected, and do not accomplish through input/output module prompting user read operation.
S512 reads personal information, and is shown to the user through input/output module.
With reference to figure 6, the process that activates according to the mobile terminal device of the embodiment of the invention is described.As shown in Figure 6, this process may further comprise the steps:
S602; The user takes after mobile terminal device and the selected network service supplier for the first time; The service supplier can offer user's two cover user name and user ciphers simultaneously; One cover is exclusively used in when revising device association information and uses, and another set ofly uses during through the mobile terminal device accesses network.
S604, the network address of user login services supplier's appointment or with the mode of Advise By Wire, notification service supplier activates mobile terminal device.
S606, user are provided for revising the user name and the user cipher of device association information.
S608, if user name that the user provides and user cipher are correct, then the user just can revise the device association information that is stored on the device management server; Activation marker is set to True, and equipment just is activated.
The present invention has guaranteed the fail safe of mobile terminal device and the fail safe of terminal terminal user's information on the basis of supporting the multi-user.And, even under the situation that mobile terminal device is lost, the use that the owner of mobile terminal device also can control appliance, thus can reduce the loss possibility of equipment.
The above is merely embodiments of the invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within the claim scope of the present invention.
Claims (7)
1. a mobile terminal device is characterized in that, comprising:
Input/output module is used to receive user name, the user cipher of user's input and control request, and is used for to said user's output equipment process information;
Authority management module, be used for through and the device management server of network side between manage the operating right of said user alternately to said mobile terminal device;
The subscription authentication module; Be used for allowing under the situation of active user's operating mobile terminal equipment at said authority management module; Manage the access rights of said user to network, wherein said subscription authentication module is through cooperating the authentication of accomplishing the user with the authentication device of network side; And
Control module, be used for, judge whether the request that controls of permitted user input according to user's authority and said user's operating right.
2. mobile terminal device according to claim 1 is characterized in that, also comprises:
The Card read/write module is used to store and read and allows public information that all users check and/or the personal information that allows the specific user to check.
3. mobile terminal device according to claim 2 is characterized in that, said Card read/write module is distinguished through information classification sign and ID and allowed all users public information of checking and the personal information that allows the specific user to check.
4. according to each described mobile terminal device in the claim 1 to 3, it is characterized in that said authority management module obtains device association information through the device management server from network side the operating right of user to said mobile terminal device is set.
5. mobile terminal device according to claim 4; It is characterized in that said device association information comprises one or more in the following information: device activation sign, equipment manager user name, calling party support mode, calling party tabulation and equipment manager and/or calling party use the history log of equipment.
6. according to each described mobile terminal device in the claim 1 to 3; It is characterized in that; Said authority management module is through being sent to said user name the device management server of network side, the device management server that receives said network side return to its, in device association information, find out, come the operating right of leading subscriber corresponding to the operating right of said user name to said mobile terminal device.
7. mobile terminal device according to claim 6; It is characterized in that said device association information comprises one or more in the following information: device activation sign, equipment manager user name, calling party support mode, calling party tabulation and equipment manager and/or calling party use the history log of equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008100001634A CN101197874B (en) | 2008-01-02 | 2008-01-02 | Mobile terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008100001634A CN101197874B (en) | 2008-01-02 | 2008-01-02 | Mobile terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101197874A CN101197874A (en) | 2008-06-11 |
| CN101197874B true CN101197874B (en) | 2012-06-06 |
Family
ID=39548011
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008100001634A Expired - Fee Related CN101197874B (en) | 2008-01-02 | 2008-01-02 | Mobile terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101197874B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101588572B (en) * | 2009-04-28 | 2011-07-13 | 宇龙计算机通信科技(深圳)有限公司 | Mobile terminal and control method thereof |
| US20120159567A1 (en) * | 2010-12-21 | 2012-06-21 | Enterproid Hk Ltd | Contextual role awareness |
| WO2013013367A1 (en) * | 2011-07-22 | 2013-01-31 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for authenticating identity of mobile terminal |
| CN102543233B (en) * | 2011-12-13 | 2015-09-09 | 中广核工程有限公司 | A kind of nuclear plant digital operating standard is relieved the method and system steadily switched |
| CN103905390B (en) * | 2012-12-26 | 2017-05-24 | 联想(北京)有限公司 | Permission acquisition method, device, electronic equipment and system |
| CN103078855B (en) * | 2012-12-29 | 2016-07-06 | 四川长虹电器股份有限公司 | A kind of realize equipment access method, Apparatus and system |
| CN103532982A (en) * | 2013-11-04 | 2014-01-22 | 祝贺 | Wearable device based authorization method, device and system |
| CN109067790A (en) * | 2018-09-25 | 2018-12-21 | 北京京航计算通讯研究所 | Data transmission method and device |
| CN110332569B (en) * | 2019-07-10 | 2021-04-13 | 中山市创尔特智能家居科技有限公司 | Gas stove with separable control part and control method thereof |
| CN115048062B (en) * | 2022-07-25 | 2023-01-06 | 北京珞安科技有限责任公司 | Mobile storage device management system based on hierarchical management and control |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1599492A (en) * | 2003-09-18 | 2005-03-23 | 华为技术有限公司 | Method for sharing mobile terminal by multi-user |
| CN1728646A (en) * | 2004-07-31 | 2006-02-01 | 华为技术有限公司 | Method and equipment of implementation for controlling network access in communication system |
| CN1984402A (en) * | 2006-04-06 | 2007-06-20 | 华为技术有限公司 | Method and device for managing multi-users of mobile terminal |
-
2008
- 2008-01-02 CN CN2008100001634A patent/CN101197874B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1599492A (en) * | 2003-09-18 | 2005-03-23 | 华为技术有限公司 | Method for sharing mobile terminal by multi-user |
| CN1728646A (en) * | 2004-07-31 | 2006-02-01 | 华为技术有限公司 | Method and equipment of implementation for controlling network access in communication system |
| CN1984402A (en) * | 2006-04-06 | 2007-06-20 | 华为技术有限公司 | Method and device for managing multi-users of mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101197874A (en) | 2008-06-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101197874B (en) | Mobile terminal equipment | |
| US10587591B2 (en) | Generating a password | |
| CN109600306B (en) | Method, device and storage medium for creating session | |
| CN108337677B (en) | Network authentication method and device | |
| CN1852094B (en) | Method and system for protecting account of network business user | |
| US8122481B2 (en) | System and method for permission management | |
| CN107925871A (en) | Mobile operator profile managements are entrusted | |
| CN101517557A (en) | Methods and apparatuses for managing resources within a virtual room | |
| WO2008029723A1 (en) | Data use managing system | |
| JPWO2009157493A1 (en) | Information processing system, server device, personal information device, and access management method | |
| US20160028717A1 (en) | Method and device for controlling the access to digital content | |
| CN103778379B (en) | Application in management equipment performs and data access | |
| CN106534102A (en) | Device access method and device and electronic device | |
| JP2008033391A (en) | Digital multifunction machine | |
| JP2006330846A (en) | Access controller, access control method and program | |
| JP2006319432A (en) | Portable terminal and information management system | |
| CN105392112B (en) | Guard method, equipment and the system of MTC device information | |
| WO2009153402A1 (en) | Method, arrangement and computer program for authentication data management | |
| US9232078B1 (en) | Method and system for data usage accounting across multiple communication networks | |
| KR102524673B1 (en) | Method and server for supporting cooperation in construction work project | |
| RU2463726C2 (en) | Method of restricting access to data of group members and group management computer | |
| JP2013130938A (en) | Thin client system | |
| JP5852789B2 (en) | Information management system | |
| JP2021114078A (en) | Information management system and information management method | |
| JP5226636B2 (en) | Security maintenance support system and information terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120606 Termination date: 20180102 |