CN101656958A - Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof - Google Patents
Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof Download PDFInfo
- Publication number
- CN101656958A CN101656958A CN200910090495A CN200910090495A CN101656958A CN 101656958 A CN101656958 A CN 101656958A CN 200910090495 A CN200910090495 A CN 200910090495A CN 200910090495 A CN200910090495 A CN 200910090495A CN 101656958 A CN101656958 A CN 101656958A
- Authority
- CN
- China
- Prior art keywords
- information
- user authentication
- intelligent card
- telecom intelligent
- authentication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000011084 recovery Methods 0.000 claims description 13
- 238000004321 preservation Methods 0.000 claims description 5
- 238000011156 evaluation Methods 0.000 claims description 4
- 238000013478 data encryption standard Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a telecommunication intelligent card in a Code Division Multiple Access (CDMA) network and an authentication method thereof, relating to the field of data security, and being capable of preventing from telephone charge lose caused by card stealing and card merging, and guaranteeing an authenticated terminal to successfully login the network and enjoy normal service. The telecommunication intelligent card comprises: an indexing information obtaining unit for obtaining indexing information of user authentication information of the telecommunication intelligent card; an information hiding unit for setting the user authentication information of the telecommunication intelligent card to be false information and memorizing true information of the user authentication information; an information resuming unit for reading the memorized true information of the user authentication information and resuming the user authentication information according to the true information with the obtained indexing information of the user authentication information, when the telecommunication intelligent card and the terminal are successfully authenticated; and a network authentication unit for executing network authentication according to the resumed user authentication information.
Description
Technical field
The present invention relates to the data security field, relate in particular to telecom intelligent card and authentication method thereof in a kind of cdma network.
Background technology
In order to cooperate project of "Communication with Every Village", the client of development rural area, each Virtual network operator has been promoted wireless business phone, Public CDMA WLL in the whole country, charge according to the landline telephone expenses standard, because this expenses standard is more cheap than common mobile phone, and wireless network can only authenticate telecom intelligent card, authentication, cause some people to adopt the form of stealing card or also blocking, the telecom intelligent card of wireless business phone, Public CDMA WLL is placed in the portable terminal as mobile phone one class uses, caused a large amount of telephone expenses to run off, disturbed normal price policy.
Block and block phenomenon at above-mentioned robber, use the telecom intelligent card of wireless business phone, Public CDMA WLL, before telecom intelligent card lands network, need between telecom intelligent card and terminal, carry out the authentication of machine card for guaranteeing unwarranted terminal such as regular handset.Under global system for mobile communications (GSM), machine-card authentication method between subscriber identification module (SIM) card and the terminal comprises: after SIM card resets, carry out network authentication and cross the Cheng Qian, SIM card is with subscriber authentication key (Key Information, KI) the true information that is modified as false information and preserves KI of storage; Carry out the authentication of machine card between SIM card and the terminal; If authentification failure, then SIM card keeps the current false information of KI, if authentication is passed through, SIM card reverts to true information with KI, carries out network authentication.Because the KI in the SIM card stores with the form of file, SIM card can read the true information of the KI that is preserved by file interface, thereby guarantees the success of SIM card network authentication, allows to land network.
Under code division multiple access (CDMA) network, the telecom intelligent card that uses blocks as subscriber identification module (UIM).The UIM card is with key form storage shared secret data (Shared Secret Data, information and utilize this information that the user is carried out identification and communication encryption such as SSD).SSD is the key that guarantees network security.Cdma network operator is for guaranteeing the fail safe of SSD, in network side and UIM card, write cipher key shared information in advance, as key A-Key, thereby network side can periodically upgrade the SSD in the UIM card, for example, network authentication center (AC) periodically upgrades SSD by key A-Key.
Yet, also there are many problems in the prior art, for example,, need authenticate carrying out the machine card between UIM card and the terminal for preventing to steal card, at this moment, the true information that the UIM calorie requirement is modified as SSD false information and preserves SSD.Yet because the UIM card is different to the storage mode of data with SIM card, the UIM card is with key form storage SSD, even after UIM card and the terminal authentication success, because the UIM card does not have the corresponding key information with SSD, the UIM card can't get access to the true information of the SSD of preservation, thereby this UIM card can't land network, can't make the terminal of mandate enjoy normal service.
Summary of the invention
For solving problems of the prior art, embodiments of the invention provide telecom intelligent card and the authentication method thereof in a kind of cdma network.
For achieving the above object, embodiments of the invention adopt following technical scheme:
Enforcement of the present invention provides the telecom intelligent card in a kind of Code Division Multiple Access (CDMA) network, and described telecom intelligent card comprises:
The index information acquiring unit is used to obtain the user authentication information index information of described telecom intelligent card;
The Information hiding unit is used for the user authentication information of described telecom intelligent card is changed to false information, and preserves the true information of this user authentication information;
The information recovery unit, be used for when described telecom intelligent card and terminal authentication success, the user authentication information index information that utilizes described index information acquiring unit to get access to reads the true information of the user authentication information of being preserved described Information hiding unit and recovers described user authentication information according to this true information;
The network authentication unit is used for carrying out network authentication according to the user authentication information after the described information recovery unit recovery.
Enforcement of the present invention also provides the authentication method of the telecom intelligent card in a kind of cdma network, and this method comprises:
Obtain the user authentication information index information of described telecom intelligent card;
The user authentication information of described telecom intelligent card is changed to false information, and preserves the true information of this user authentication information;
When described telecom intelligent card and terminal authentication success, utilize described user authentication information index information, read the true information of described user authentication information and recover described user authentication information according to this true information;
According to the user authentication information after the described recovery, carry out network authentication.
From the above mentioned, the technical scheme that the embodiment of the invention provides, to the telecom intelligent card of cdma service can be provided, can obtain the user authentication information index information of described telecom intelligent card, and when machine card authentication success, utilize this user authentication information index information to read the true information of the user authentication information of being preserved, the user authentication information in the telecom intelligent card is reverted to true information, thereby after having guaranteed that the authentication of machine card is passed through, telecom intelligent card can successfully land network.The technical scheme of the embodiment of the invention can be avoided stealing the telephone expenses that card and cassette tape come and run off, and guarantees that the terminal of authorizing successfully lands network, enjoys service normally.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do to introduce simply to the accompanying drawing of required use in embodiment or the description of the Prior Art below, apparently, accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
A kind of authentication method flow chart of the telecom intelligent card in the cdma network that Fig. 1 provides for the embodiment of the invention one;
The another kind of authentication method flow chart of the telecom intelligent card in the cdma network that Fig. 2 provides for the embodiment of the invention two;
A kind of structural representation of the telecom intelligent card in the cdma network that Fig. 3 provides for the embodiment of the invention three;
Another structural representation of telecom intelligent card in the cdma network that Fig. 4 provides for the embodiment of the invention three.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
The embodiment of the invention one provides the authentication method of the telecom intelligent card in a kind of cdma network, and as shown in Figure 1, described method comprises:
Step 11: the user authentication information index information that obtains described telecom intelligent card.
In order to get access to the user authentication information of storing with the key form in the telecom intelligent card in the cdma network, must at first get access to the user authentication information index information.This user authentication information index information is corresponding to described user authentication information, comprises necessary information required when reading described user authentication information, also can comprise necessary information required when writing, wipe, upgrading described user authentication information.
The embodiment of the invention does not limit the concrete mode of obtaining above-mentioned user authentication information index information, as above-mentioned user authentication information index information being preset in the telecom intelligent card with suitable manner, or can predetermined algorithm be set in telecom intelligent card, utilize this algorithm computation to obtain corresponding user authentication information index information.
Step 12: the user authentication information of described telecom intelligent card is changed to false information, and preserves the true information of this user authentication information.
Before carrying out network authentication, the telecom intelligent card in the cdma network is carried out the authentication of machine card, need execution in step 12.User authentication information in the telecom intelligent card is changed to false information, and preserves the true information of this user authentication information, described telecom intelligent card is supported code division multiple access (CDMA) business.
Above-mentioned telecom intelligent card can be that UIM card or other support the telecom intelligent card of cdma services, presets the identical cryptographic algorithm authenticate key identical with assurance in telecom intelligent card and authorization terminal.In embodiments of the present invention, be that the UIM card is that example describes with above-mentioned telecom intelligent card.
Exemplary, above-mentioned cryptographic algorithm can be DEA (Data Encryption Standard, DES), triple DEA (Triple DES, 3DES), RSA Algorithm and error checking and correction (Error Checking and Correcting, ECC) algorithm scheduling algorithm.
Initial user authentication information can be kept in the normative document in the UIM card, and the initial user authentication information in this normative document is can be by the true information of network authentication.To the UIM card, above-mentioned user authentication information mainly refers to SSD, and at this moment, step 12 is changed to false information with the SSD in the UIM card, and preserves the true information of this SSD before can being specially and carrying out network authentication.At this moment, above-mentioned user authentication information index information is the SSD index information.
But be not limited thereto, this user authentication information can also comprise international mobile subscriber identity (IMSI), telecom intelligent card sign, required information when the sign (UIMID) that the UIM card is the UIM card waits other identifying user identities.At this moment, above-mentioned user authentication information index information is the index information of described IMSI, UIMID and SSD.
For guaranteeing to use the terminal of terminal for authorizing of telecom intelligent card, before carrying out network authentication, need carry out machine card verification process, at this moment, at first user authentication information is revised as false information, as user authentication information being changed to false information by directly wiping this initial user authentication information; Perhaps, the data by write error are changed to false information with user authentication information.
In embodiments of the present invention, when user authentication information is changed to false information, initial user authentication information is preserved, as be kept in the backup file, thereby ensured, can get access to the true information of user authentication information if during machine card authentication success.
Step 13: when between telecom intelligent card and the terminal during authentication success, utilize described user authentication information index information, read the true information of described user authentication information and recover described user authentication information according to this true information;
Utilize above-mentioned cryptographic algorithm and authenticate key, between telecom intelligent card and terminal, authenticate, when this terminal is authorization terminal, can authenticate by the machine card.
At this moment, utilize the user authentication information index information that gets access to, from backup file, read the true information of the user authentication information of being preserved, utilize this true information that the user authentication information in the normative document is reverted to true information.
Step 14:, carry out network authentication according to the user authentication information after the described recovery.
Because the user authentication information after recovering is true information, so this UIM card can pass through network authentication, successfully lands network.
The technical scheme that the embodiment of the invention provides, to the telecom intelligent card of cdma service can be provided, can obtain the user authentication information index information of described telecom intelligent card, and when machine card authentication success, utilize this user authentication information index information to read the true information of the user authentication information of being preserved, user authentication information in the telecom intelligent card is reverted to true information, thereby after having guaranteed that the authentication of machine card is passed through, telecom intelligent card can successfully land network.The technical scheme of the embodiment of the invention can be avoided stealing the telephone expenses that card and cassette tape come and run off, and guarantees that the terminal of authorizing successfully lands network, enjoys service normally.
Referring to Fig. 2, the authentication method of the telecom intelligent card that the embodiment of the invention two is provided is described below.
In the embodiment of the invention two, at first, in telecom intelligent card and authorization terminal, preset identical cryptographic algorithm and guarantee identical authenticate key, this telecom intelligent card is that UIM card or other are supported the telecom intelligent card of cdma services.Above-mentioned cryptographic algorithm can be DES, 3DES, ECC scheduling algorithm.Carry out concrete description with the application scenarios that uses the UIM card as example below, those of ordinary skills can know the processing method of knowing other application scenarios by following description.
Use for guaranteeing that UIM is stuck on the terminal of mandate, before carrying out network authentication, carry out machine card verification process earlier, comprise following processing:
Step 21: after the UIM card resets, carry out network authentication and cross the Cheng Qian, the UIM card is changed to false information with the user authentication information of storage, and the UIM card is preserved the true information of user authentication information;
Above-mentioned user authentication information comprises SSD, and at this moment, step 21 can be specially after the UIM card resets, and carries out network authentication and crosses the Cheng Qian, the SSD in the UIM card is changed to false information, and preserves the true information of this SSD. Required information when perhaps, this user authentication information can also comprise other identifying user identities such as SSD, IMSI and UIMID.
The UIM card can be kept at initial user authentication information in the normative document, and this initial user authentication information is can be by the true information of network authentication, and the user authentication information in this normative document is used to carry out network authentication.In step 21, the UIM card is changed to false information with the user authentication information in the normative document, and initial user authentication information is stored in the backup file, exemplary, this backup file is that identifier is in the file of 6F22, and the UIM cartoon is crossed to wipe the 6F22 file or rewrite the 6F22 file with error code user authentication information is revised as false information.
In the embodiment of the invention two, when user authentication information is changed to false information, initial user authentication information is preserved, as be kept in the file that identifier is 6FD2, thereby when having ensured, can get access to the true information of user authentication information as if machine card authentication success.
The embodiment of the invention two provides a kind of concrete form of the 6FD2 file as backup file, user authentication information is stored in the second record of 6FD2 file, and is as shown in the table:
Table 1
Step 22: machine card verification process.
The UIM card sends verify data to terminal, and terminal utilizes the cryptographic algorithm and the authenticate key that preset on it that verify data is calculated, and obtains feedback result and this feedback result is sent to the UIM card; When terminal was calculated feedback result, the UIM card also utilized the cryptographic algorithm and the authenticate key that preset in the card that verify data is calculated, and draws result of calculation.Then, the UIM Cali authenticates the feedback result of coming self terminal with result of calculation.
Step 23: judge that whether the authentication of machine card is passed through, and when machine card authentification failure, does not allow to use this UIM card, end operation; When machine card authentication success, execution in step 24;
Step 24:,, recover the information that comes true as SSD, IMSI and UIMID with user authentication information.
At first obtain the user authentication information index information, can obtain this user authentication information index information before step 24 or among step 24, the concrete execution sequence of each step can be adjusted as required in the embodiment of the invention.
Above-mentioned user authentication information index information can be preset in the telecom intelligent card with suitable manner, or can predetermined algorithm be set in telecom intelligent card, utilize this algorithm computation to obtain corresponding user authentication information index information.
The user authentication information index information that utilization gets access to reads the true information of the user authentication information of above-mentioned preservation, as utilize the user authentication information index information, from second record, read the true information of this user authentication information as the 6FD2 file of backup file; Then, utilize the true information of the user authentication information that gets access to that the user authentication information in the telecom intelligent card normative document is reverted to true information, as IMSI and UIMID being reverted to initial value by recovering (Refresh) instruction.
Step 25: carry out network authentication.
Owing to the user authentication information in the UIM card normative document is reverted to true information, therefore can pass through network authentication, successfully land network.
After step 26:UIM card lands network, judge whether the geographical position of this UIM card crosses the border.
In order to guarantee that further telecom intelligent card is not used on the undelegated terminal, in the embodiment of the invention two, utilize the positional information of UIM card to judge whether the geographical position of this UIM card crosses the border, when cross the border in the geographical position of judging the UIM card, carry out the lock base station functions, be that the UIM card locks voluntarily, can't continue to use.The latitude and longitude information of the access network element (as the base station) when optionally, this positional information is chosen for the UIM card and lands network in the network.
Pass through in the machine card authentication first of UIM card, and when logging on network, the UIM card reads the initial position message of this initial access network element, as before the latitude and longitude information at primordium station, and with this information stores hereof, as shown in table 1 as article one record in the 6FD2 file of backup file.The UIM card is noted the latitude and longitude information of initial base station.
Cross the authentication of machine card in each UIM cartoon after this, when landing network, the UIM card reads the current location information of current access network element, as the latitude and longitude information of current base station.
The UIM card compares the initial position message of current location information and record, judge whether both are consistent, when inconsistent, the longitude and latitude scope (crossing the border) that exceeds initial base station as the longitude and latitude of current base station, illustrating that the UIM card moves on the network that other base station covers uses, can judge that this UIM card is used by illegal being placed on the portable terminal, then the UIM card locks voluntarily, can't continue to use; When unanimity, in the longitude and latitude scope of initial base station, allow the UIM card normally to use as the longitude and latitude of current base station.
After step 27:UIM card landed network, when the user authentication information of network side upgraded, the UIM card obtained the user authentication information after the renewal, and the true information of the user authentication information of described preservation is changed to user authentication information after this renewal.
After the UIM card successfully lands network, can normally use cdma service.When network side is initiated the renewal of user authentication information, as the webserver SSD is upgraded, the UIM card can obtain the SSD after network side upgrades, SSD after will upgrading as the webserver writes in the normative document of UIM card, the UIM card is changed to user authentication information after this renewal with the true information of the user authentication information preserved in the backup file, will be the new SSD after network side upgrades and preserve as second record modification in the 6FD2 file of backup file as the UIM card.
Handle by above-mentioned renewal to SSD, guaranteed that UIM is stuck in next time by after the authentication of machine card, can use up-to-date SSD to carry out network authentication, successfully land network.
Be appreciated that above-mentioned normative document and backup file can be realized by two memory blocks in the same storage file, also can be two storage files independently.
The technical scheme that the embodiment of the invention provides, to supporting the UIM card of cdma service, can be on the terminal of authorizing by the many-sided UIM of assurance card uses the such as whether authentication of machine card, network side renewal SSD and latitude and longitude of base station cross the border, and the terminal that guarantees mandate can successfully be landed network, is served accordingly.
The embodiment of the invention three also provides the telecom intelligent card in a kind of Code Division Multiple Access (CDMA) network, and as shown in Figure 3, this device comprises:
Index information acquiring unit 31 is used to obtain the user authentication information index information of described telecom intelligent card;
Wherein, according to the different modes that obtains the user authentication information index information, above-mentioned index information acquiring unit 31 can comprise read module, is used to read the described user authentication information index information that presets; Perhaps, computing module is used to utilize pre-defined algorithm to calculate described user authentication information index information.
Wherein, the true information of above-mentioned user authentication information can be preserved in Information hiding unit 32 in backup file, preserve the user authentication information that is used to carry out network authentication in normative document, initial user authentication information is kept in the normative document, and initial authentication information is true information.
Normative document can comprise that a logic interfacing or other can realize the module of identical function (following is that example describes with the interface), the user authentication information index information that Information hiding unit 32 utilizes index information acquiring unit 31 to get access to, interface by normative document is changed to false information with the user authentication information in the normative document, as wipe this user authentication information, and Information hiding unit 32 writes backup file with the true information of the user authentication information interface by backup file and preserves.This backup file also comprises a logic interfacing, is used to carry out the associative operations such as reading, wipe and write of data.
When described telecom intelligent card and terminal authentication success, the user authentication information index information that information recovery unit 33 utilizes described index information acquiring unit 31 to get access to reads the true information of the user authentication information of being preserved described Information hiding unit 32 and recovers described user authentication information according to this true information.
Further, after network side upgrades user authentication information, the user authentication information that above-mentioned telecom intelligent card can get access to after the renewal writes in the normative document, and the true information of the user authentication information preserved in the backup file upgraded, at this moment, as shown in Figure 4, described telecom intelligent card also comprises:
For example, when the webserver upgrades user authentication information, information updating unit 35 obtains the user authentication information after upgrading in the webserver, and the user authentication information of the interface by normative document after will upgrading writes in the normative document.Then, the user authentication information index information that information updating unit 35 utilizes index information acquiring unit 31 to get access to, read the user authentication information after the renewal in the current normative document, the true information of the user authentication information preserved in the backup file is changed to the user authentication information after this renewal and preserves.
In order to guarantee that further telecom intelligent card is used on the terminal of mandate, as shown in Figure 4, said apparatus also comprises evaluation unit 36, position, be used for realizing the lock base station functions, when cross the border in the geographical position of judging telecom intelligent card, telecom intelligent card locks voluntarily, can't continue to use.Described position identifies that unit 36 comprises:
The initial module of identifying is used for obtaining the initial position message of initial access network element after telecom intelligent card lands network first;
Current evaluation module is used for obtaining the current location information of current access network element when telecom intelligent card lands network at every turn, when this telecom intelligent card judgement current location information and initial position message are inconsistent, carries out locking voluntarily.
Wherein, describedly identify that initially the initial position message of the initial access network element that module gets access to is the latitude and longitude information of initial base station, describedly currently identify that the current location information of the current access network element that module gets access to is the latitude and longitude information of current base station.
Above-mentioned telecom intelligent card can be the UIM card, and above-mentioned user authentication information can comprise SSD, and at this moment, described user authentication information index information is the SSD index information; Perhaps, required information when this user authentication information can comprise other identifying user identities such as SSD, IMSI and UIMID, required information index information when at this moment described user authentication information index information is other identifying user identities such as SSD, IMSI and UIMID.
Be appreciated that above-mentioned normative document and backup file can be achieved by independent module respectively, or be integrated on above-mentioned one or more functional modules.
The concrete working method of each functional module is referring to the inventive method embodiment in the embodiment of the invention three.
From the above mentioned, the technical scheme that the embodiment of the invention provides, to the telecom intelligent card of cdma service can be provided, can obtain the user authentication information index information of described telecom intelligent card, and when machine card authentication success, utilize this user authentication information index information to read the true information of the user authentication information of being preserved, the user authentication information in the telecom intelligent card is reverted to true information, thereby after having guaranteed that the authentication of machine card is passed through, telecom intelligent card can successfully land network.The technical scheme of the embodiment of the invention can be avoided stealing the telephone expenses that card and cassette tape come and run off, and guarantees that the terminal of authorizing successfully lands network, enjoys service normally.
Those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can software product form embody, this computer software product can be stored in the storage medium, as ROM/RAM, magnetic disc, CD etc., comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out the described method of some part of each embodiment of the present invention or embodiment.
The above; only be the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (13)
1, the telecom intelligent card in a kind of Code Division Multiple Access (CDMA) network is characterized in that, described telecom intelligent card comprises:
The index information acquiring unit is used to obtain the user authentication information index information of described telecom intelligent card;
The Information hiding unit is used for the user authentication information of described telecom intelligent card is changed to false information, and preserves the true information of this user authentication information;
The information recovery unit, be used for when described telecom intelligent card and terminal authentication success, the user authentication information index information that utilizes described index information acquiring unit to get access to reads the true information of the user authentication information of being preserved described Information hiding unit and recovers described user authentication information according to this true information;
The network authentication unit is used for carrying out network authentication according to the user authentication information after the described information recovery unit recovery.
2, the telecom intelligent card in the Code Division Multiple Access (CDMA) network according to claim 1 is characterized in that, described index information acquiring unit comprises:
Read module is used to read the described user authentication information index information that presets; Perhaps,
Computing module is used to utilize pre-defined algorithm to calculate described user authentication information index information.
3, the telecom intelligent card in the Code Division Multiple Access (CDMA) network according to claim 1 is characterized in that, described telecom intelligent card also comprises:
Information updating unit, be used for when network side upgrades the user authentication information of described telecom intelligent card, the user authentication information index information that utilizes described index information acquiring unit to get access to, the true information and the preservation of reading the user authentication information after upgrading in the telecom intelligent card.
4, the telecom intelligent card in the Code Division Multiple Access (CDMA) network according to claim 1 is characterized in that, described device also comprises evaluation unit, position, and described position identifies that the unit comprises:
The initial module of identifying is used for obtaining the initial position message of initial access network element after telecom intelligent card lands network first;
Current evaluation module is used for obtaining the current location information of current access network element when telecom intelligent card lands network at every turn, judges when current location information and initial position message are inconsistent, carries out locking voluntarily.
5, the telecom intelligent card in the Code Division Multiple Access (CDMA) network according to claim 4, it is characterized in that, describedly identify that initially the initial position message of the initial access network element that module gets access to is the latitude and longitude information of initial base station, describedly currently identify that the current location information of the current access network element that module gets access to is the latitude and longitude information of current base station.
6, according to the telecom intelligent card in each described Code Division Multiple Access (CDMA) network of claim 1 to 5, it is characterized in that,
Described user authentication information is shared secret data SSD, and described user authentication information index information is the SSD index information; Perhaps,
Described user authentication information is international mobile subscriber identity IMSI, telecom intelligent card sign and SSD, and described user authentication information index information is the index information of described IMSI, telecom intelligent card sign and SSD.
According to the telecom intelligent card in each described Code Division Multiple Access (CDMA) network of claim 1 to 5, it is characterized in that 7, described telecom intelligent card is a subscriber identification module UIM card.
8, the authentication method of the telecom intelligent card in a kind of cdma network is characterized in that, described method comprises:
Obtain the user authentication information index information of described telecom intelligent card;
The user authentication information of described telecom intelligent card is changed to false information, and preserves the true information of this user authentication information;
When described telecom intelligent card and terminal authentication success, utilize described user authentication information index information, read the true information of described user authentication information and recover described user authentication information according to this true information;
According to the user authentication information after the described recovery, carry out network authentication.
9, the authentication method of the telecom intelligent card in the cdma network according to claim 8 is characterized in that, the described user authentication information index information that obtains described telecom intelligent card comprises:
Read the described user authentication information index information that presets; Perhaps,
Utilize pre-defined algorithm to calculate described user authentication information index information.
10, the authentication method of the telecom intelligent card in the cdma network according to claim 8 is characterized in that, described method also comprises:
To landing the telecom intelligent card of network, when network side upgrades the user authentication information of described telecom intelligent card, utilize described user authentication information index information to read the user authentication information after the renewal and preserve.
11, the authentication method of the telecom intelligent card in the cdma network according to claim 8 is characterized in that, described method also comprises:
After described telecom intelligent card lands network first, obtain the initial position message of initial access network element;
When described telecom intelligent card lands network, obtain the current location information of current access network element at every turn, judge when current location information and initial position message are inconsistent, carry out locking voluntarily.
12, the authentication method of the telecom intelligent card in the cdma network according to claim 11, it is characterized in that, the initial position message of described initial access network element is the latitude and longitude information of initial base station, and the current location information of described current access network element is the latitude and longitude information of current base station.
13, the authentication method of the telecom intelligent card to 12 each described cdma networks according to Claim 8, it is characterized in that, described telecom intelligent card is a subscriber identification module UIM card, described user authentication information is shared secret data SSD, and described user authentication information index information is the SSD index information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910090495.0A CN101656958B (en) | 2009-08-13 | 2009-08-13 | Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910090495.0A CN101656958B (en) | 2009-08-13 | 2009-08-13 | Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101656958A true CN101656958A (en) | 2010-02-24 |
| CN101656958B CN101656958B (en) | 2012-07-25 |
Family
ID=41710987
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910090495.0A Active CN101656958B (en) | 2009-08-13 | 2009-08-13 | Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101656958B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011124051A1 (en) * | 2010-04-06 | 2011-10-13 | 中兴通讯股份有限公司 | Method and system for terminal authentication |
| CN103179567A (en) * | 2013-04-22 | 2013-06-26 | 东信和平科技股份有限公司 | Processing method and device for realizing communication authentication of unified equipment and subscriber identity module (UE-SIM) card |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100372431C (en) * | 2004-07-20 | 2008-02-27 | 华为技术有限公司 | End-to-end encipher communication method of CDMA system |
| CN100429957C (en) * | 2006-03-09 | 2008-10-29 | 北京握奇数据系统有限公司 | Indentifying method for telecommunication smart card and terminal |
| CN101399659B (en) * | 2007-09-30 | 2011-05-25 | 中兴通讯股份有限公司 | Cipher key authentication method and device between user identification module and terminal |
| CN101170823B (en) * | 2007-11-19 | 2010-12-01 | 中兴通讯股份有限公司 | Authentication method between user recognition module and terminal |
-
2009
- 2009-08-13 CN CN200910090495.0A patent/CN101656958B/en active Active
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011124051A1 (en) * | 2010-04-06 | 2011-10-13 | 中兴通讯股份有限公司 | Method and system for terminal authentication |
| CN103179567A (en) * | 2013-04-22 | 2013-06-26 | 东信和平科技股份有限公司 | Processing method and device for realizing communication authentication of unified equipment and subscriber identity module (UE-SIM) card |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101656958B (en) | 2012-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ES2277458T3 (en) | AUTOMATIC LOGIN ON A PC FROM A MOBILE PHONE. | |
| EP2521034B1 (en) | Managing method, device and terminal for application program | |
| EP2741548B1 (en) | Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor | |
| US8880036B2 (en) | Retrieving data wirelessly from a mobile device | |
| US10664257B2 (en) | Secure element activities | |
| US20130283047A1 (en) | System and method for securely using multiple subscriber profiles with a security component and a mobile telecommunications device | |
| CN102149083B (en) | Personalized card writing method, system and device | |
| CN101026834A (en) | Locking method and unlocking method | |
| CN106937274A (en) | A kind of Profile changing methods and device based on EUICC | |
| CN103079203B (en) | A kind of terminal authentication method and smart card | |
| US20140335829A1 (en) | Method and system for providing services to mobile communication subscribers | |
| CN1980459B (en) | Method for realizing information destroying at network side | |
| US20110230166A1 (en) | Authentication method for the mobile terminal and a system thereof | |
| BRPI0708103A2 (en) | automated account mapping in a wireless subscriber billing system | |
| CN101938742A (en) | Method for reversely cloning subscriber identity module, device and system | |
| CN210627203U (en) | UICC device with safe storage function | |
| CN104125223B (en) | A kind of security protection system of mobile device private data | |
| CN102595376B (en) | A kind of activating method, Apparatus and system of User Identity card | |
| CN113269909A (en) | Intelligent lock data management system based on Bluetooth communication | |
| CN101656958B (en) | Telecommunication intelligent card in Code Division Multiple Access (CDMA) network and authentication method thereof | |
| KR20080099117A (en) | Method for removable element authentication in an embedded system | |
| CN1980458B (en) | Method for realizing information back-up at network side | |
| CN105430738B (en) | A kind of method and device for initiating registration | |
| CN1980424A (en) | Device for mobile terminal to realize information back-up | |
| CN102480724A (en) | Software authentication data card, software authentication system and software authentication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Lu Ruyi Inventor after: Jia Zhenbo Inventor after: Wang Youjun Inventor before: Lu Ruyi Inventor before: Jia Zhenbo |
|
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden Patentee after: BEIJING WATCHDATA Co.,Ltd. Address before: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden Patentee before: BEIJING WATCH DATA SYSTEM Co.,Ltd. |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: BEIJING WATCHDATA Co.,Ltd. Person in charge of patents Document name: payment instructions |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: BEIJING WATCHDATA Co.,Ltd. Person in charge of patents Document name: payment instructions |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: BEIJING WATCHDATA Co.,Ltd. Person in charge of patents Document name: Notice of Termination of Patent Rights |