CN102354360A - Device, terminal and method for preventing illegal updating of terminal - Google Patents
Device, terminal and method for preventing illegal updating of terminal Download PDFInfo
- Publication number
- CN102354360A CN102354360A CN2011102375677A CN201110237567A CN102354360A CN 102354360 A CN102354360 A CN 102354360A CN 2011102375677 A CN2011102375677 A CN 2011102375677A CN 201110237567 A CN201110237567 A CN 201110237567A CN 102354360 A CN102354360 A CN 102354360A
- Authority
- CN
- China
- Prior art keywords
- terminal
- instruction
- equipment
- mode
- protected mode
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a device, terminal and method for preventing illegal updating of the terminal. The method comprises the following steps of: sending an instruction for mode switching to the terminal by the device, and then switching the terminal to a target mode according to the instruction after the instruction for mode switching is received by the terminal, wherein the mode switching comprises an entry edition protection mode and an exit edition protection mode. By adopting the technical scheme of the invention, the terminal can be simply and efficiently prevented from being illegally updated.
Description
Technical field
The present invention relates to the mobile terminal software edition updating technical field, is a kind of method that prevents the terminal illegal update, and this method is the version protected mode through the terminal is set before dispatching from the factory, and forbids terminal response PC side appointment diag instruction, thereby can't upgrade; After withdrawing from the version protected mode, can normally upgrade.The method has high generality and portability, is applicable to the prevention illegal update of various portable terminals.
Background technology
Mobile terminal software edition can through various downloaded software download to the terminal (for example: the QPST of high pass) thus reach the effect of upgrading terminals software version.
The most frequently used a kind of method of terminal software upgrading is: after downloaded software and terminal are carried out alternately, be that the terminal gets into downloading mode, download agent is downloaded to earlier among the RAM of terminal; Get into the pattern of carrying that flows down then, through download agent and PC side alternately with software version update to the terminal correspondence position, thereby the edition upgrading of realization terminal software.
But there is a kind of risk in the terminal software upgrading mode, through downloading some illegal terminal softwares to lane terminal, may destroy the more original functions in terminal, like lock net, the locking and blocking at terminal, thereby terminal market has been formed harm.
In various terminal platforms; Terminal and PC side software carry out generally carrying out the communication of various mechanism through serial ports or network interface etc. alternately; Like the AT of high pass order or diag order etc.; Through these abilitys to communicate; Terminal and PC side software can be expanded the various instructions of customization, and can carry out the mutual of various information as required.
Prior art discloses a kind of method that prevents the application program of illegal update mobile terminal.This method may further comprise the steps: portable terminal and application program updating device are upgraded alternately; Portable terminal application programs update device is verified, if the application program updating device then carries out following steps through checking, otherwise finishes with the upgrading of application program updating device mutual; Portable terminal is verified the application program updating version that is stored in the application program updating device; If the application program updating version is through checking; Then portable terminal is from application program updating device down load application program upgrade version, otherwise finishes with the upgrading of application program updating device mutual.Through this scheme, can control effectively to the mobile terminal downloads link, download thereby can prevent to adopt software mode to carry out illegal application software of mobile terminal.
This technology is based on a kind of method that prevents the application program of illegal update mobile terminal of the ability to communicate invention of encryption technology and mobile phone; Whether the present invention forbids or enables to get into downloading mode instructing after getting into the version protected mode through the terminal is set, protect version to upgrade.Different with above-mentioned existing techniques in realizing method, method of the present invention is simpler, but can reach the same effect that prevents the portable terminal illegal update.
Summary of the invention
In view of above-mentioned one or more problems, the invention provides a kind of equipment, terminal and method that prevents the terminal illegal update, can prevent simply and effectively that the terminal is by illegal update.
The present invention provides a kind of method that prevents the terminal illegal update, comprising:
Equipment sends to the terminal and carries out the instruction of mode switch, and said mode switch comprises entering version protected mode and withdraws from the version protected mode.
Further, said equipment is first transmit status query statement before the instruction that transmit status is switched, and has been in dbjective state and then finishes if inquire said terminal, otherwise sent said status switching instruction.
Further, said equipment also need send certificate message to the terminal before sending said status switching instruction, sends said status switching instruction to said terminal after receiving the checking message of successful.
The present invention also provides a kind of method that prevents the terminal illegal update, comprising:
The terminal switches to target pattern according to said instruction with this terminal after receiving the instruction of carrying out mode switch; Said mode switch comprises entering version protected mode and withdraws from the version protected mode.
Further, before the instruction of receiving mode switch if said terminal receives that status poll instruction then carries out status poll and feed back current state and give equipment.
Further, authentication is carried out after receiving the message of authentication in said terminal, and whether verifies success to the equipment feedback.
The present invention also provides a kind of equipment that prevents the terminal illegal update, and said equipment comprises sending module, is used for to terminal transmission the carrying out instruction of mode switch, and said mode switch comprises entering version protected mode and withdraws from the version protected mode.
Further, said sending module also is used for first transmit status query statement before the instruction that transmit status switches, be in dbjective state and then finished if inquire said terminal, otherwise the transmit status switching command.
Further, said sending module also is used for transmit status switching command forward direction terminal and sends certificate message, receives after the checking message of successful to terminal transmit status switching command.
The present invention also provides a kind of terminal that prevents the terminal illegal update, and said terminal comprises handover module, is used to receive behind the switching command that mode switch with the terminal is to target pattern; Target pattern comprises entering version protected mode and withdraws from the version protected mode.
Further, said terminal also comprises enquiry module and sending module;
Said enquiry module is used to receive this terminal present located pattern of pattern query instruction back inquiry;
Said sending module is used for Query Result is fed back to equipment.
Further, said terminal also comprises authentication module, is used to receive that checking verifies equipment after the message, and will verifies that the result is sent to sending module; The checking result comprises that checking successfully reaches authentication failed;
Said sending module is used for the checking result is fed back to equipment.
In sum, adopt the present invention, can prevent effectively that the lawless person from carrying out the malice upgrading to the terminal, thereby reach the purpose of protection terminal market, protection client's vital interests.
Description of drawings
Fig. 1 is that the inventive method embodiment one PC side gets into version protected mode process flow diagram.
Fig. 2 is that the inventive method embodiment two PC sides withdraw from version protected mode process flow diagram.
Fig. 3 is that the inventive method embodiment three terminals get into or withdraw from version protected mode processing flow chart.
Fig. 4 is that the authentication module process flow diagram is carried out at the inventive method embodiment four PC sides and terminal.
Fig. 5 can't carry out the illegal update process flow diagram after the inventive method embodiment five terminals get into the version protected mode.
Embodiment
Hereinafter will combine to describe in detail with reference to the accompanying drawings content of the present invention.
The invention provides a kind of equipment, terminal and method that prevents the terminal illegal update,
Apparatus embodiments
Present embodiment provides a kind of equipment that prevents the terminal illegal update, comprises sending module;
Sending module is used for to terminal transmission the carrying out instruction of mode switch, and said mode switch comprises entering version protected mode and withdraws from the version protected mode.
Further, sending module also is used for first transmit status query statement before the instruction that transmit status switches, be in dbjective state and then finished if inquire said terminal, otherwise the transmit status switching command.
Further, sending module also is used for transmit status switching command forward direction terminal and sends certificate message, receives after the checking message of successful to terminal transmit status switching command.
This equipment can but to be not limited to be PC.
Terminal embodiment
Present embodiment provides a kind of terminal that prevents the terminal illegal update, comprises handover module, enquiry module, authentication module and sending module;
Handover module is used to receive behind the switching command that mode switch with the terminal is to target pattern; Target pattern comprises entering version protected mode and withdraws from the version protected mode;
Enquiry module is used to receive this terminal present located pattern of pattern query instruction back inquiry;
Authentication module is used to receive that checking verifies equipment after the message, and will verifies that the result is sent to sending module; The checking result comprises that checking successfully reaches authentication failed.
Sending module is used for Query Result is fed back to equipment; Also be used for the checking result is fed back to equipment.
Method embodiment
Equipment all is that example is described with the PC among the following method embodiment.
Embodiment one
Be that embodiment of the invention equipment side gets into version protected mode process flow diagram as shown in Figure 1.
S101:PC is to terminal sending mode query statement, and this instruction can be to be used for the diag of pattern query instruction; The pattern of inquiring about comprises entering version protected mode and withdraws from the version protected mode.
The S102:PC side is received the mode state that the terminal is returned, if the terminal has got into the version protected mode, then withdraws from, returns success; If the terminal does not also get into the version protected mode, then carry out S103.
S103:PC sends certificate message to the terminal;
S104:PC receives the authentication result who returns at the terminal, if authentication failed then withdraws from, returns failure; If S105 is then carried out in the authentication success.
S105:PC is to terminal sending mode switching command, and indicating terminal switches to entering version protected mode from withdrawing from the version protected mode; This instruction can be the diag instruction that is used to indicate mode switch.
Instruction of restarting is sent at S106:PC side direction terminal.
Embodiment two
Be that the embodiment of the invention withdraws from version protected mode process flow diagram as shown in Figure 2.
S201:PC is to terminal sending mode query statement, and this instruction can be to be used for the diag of pattern query instruction; The pattern of inquiring about comprises entering version protected mode and withdraws from the version protected mode.
The S202:PC side is received the mode state that the terminal is returned, if the terminal current state then withdraws from, returns success for withdrawing from the version protected mode; If the version protected mode is not also withdrawed from the terminal, then carry out S203.
S203:PC sends certificate message to the terminal;
S204:PC receives the authentication result who returns at the terminal, if failure is then withdrawed from, returned in the authentication failure; If S205 is then carried out in the authentication success.
S205:PC is to terminal sending mode switching command, and indicating terminal switches to from entering version protected mode and withdraws from the version protected mode; This instruction can be the diag instruction that is used to indicate mode switch.
Instruction of restarting is sent at S206:PC side direction terminal.
Embodiment three
Be that embodiment of the invention end side gets into or withdraw from version protected mode processing flow chart as shown in Figure 3.
S301: pattern query instruction back inquiry terminal present located pattern is received at the terminal, and the present located pattern comprises that getting into the version protection still withdraws from the version protection;
S302: the terminal returns present mode state of living in for the PC side.
If the present mode state need switch, then need carry out following steps;
S303: certificate message is received at the terminal.
S304: the terminal judges, judges whether PC leans to one side part legal.
S305: the terminal is to PC feedback authentication result; The result comprises that authentication successfully reaches the authentication failure.
S306: if the authentication success, the mode switch instruction is received at the terminal, and according to the indication of instruction the terminal is switched to target pattern;
Particularly, if this instruction is for getting into the instruction of version protected mode, the terminal will get into the downloading mode instruction and read version number's instruction and forbid; If this instruction is for withdrawing from the instruction of version protected mode, the terminal will get into the downloading mode instruction and read version number's instruction and enable.
S307: instruction of restarting is received at the terminal, restarts, and restarts the entering of terminal, back or withdraw from the version protected mode success is set.
Embodiment four
Be that the authentication module process flow diagram is carried out at embodiment of the invention PC side and terminal as shown in Figure 4.
S401: in the code of terminal, reserve the array space of a fixed position, be used to deposit the authentication information of encryption.Load description document through revising to distribute, the address of this reservation array space compiling is fixed and noted.
Step S401 specifically comprises following content: in a specific file, in the empty array (adopting 128 RSA cryptographic algorithms) of the char type of one 128 of the forward location definitions of file; In distribute loading file description, the compiling address of this specific file is fixed as certain address; Through the position of this array in this document, calculate this array compiling address and note.
S402: select a pair of RSA key that KEY is used for authentication;
S403: utilize public information and key that KEY is carried out authentication, add the authentication code in end side and PC side respectively.
The S404:PC side software is encrypted the public information at terminal with the PKI of KEY, and the public information that the PC side software will be encrypted sends to terminal software, and terminal software is deciphered with checking PC side software identity with the KEY private key.Its security has mainly utilized the authentication function of RSA Algorithm, and its security leans on the security of KEY to guarantee.
This step specifically comprises following content: public information generally can be considered ESN or the IMEI at terminal etc., and the PC side software obtains the ESN or the IMEI at terminal through some interfaces.The PC side software sends to the terminal after with ESN or the public key encryption of IMEI with KEY; Decipher this information with the private key of KEY at the terminal; If can correctly decipher the ESN or the IMEI at terminal, represent that then PC software is legal software, the operation that allows to carry out follow-up entering or withdraw from the version protected mode.
Embodiment five
Be to carry out the illegal update process flow diagram after the embodiment of the invention gets into the version protected mode as shown in Figure 5.
S501: download operations such as preceding terminal backup radio frequency NV, user profile;
S502:PC side direction terminal is sent the diag instruction and is got into the high pass downloading mode;
S503: because the terminal has got into the version protected mode, forbidden responding the instruction that gets into the high pass downloading mode, can't get into the high pass downloading mode, failed download.Thereby reach the protection terminal not by the purpose of illegal update.
Claims (12)
1. method that prevents the terminal illegal update comprises:
Equipment sends to the terminal and carries out the instruction of mode switch, and said mode switch comprises entering version protected mode and withdraws from the version protected mode.
2. the method for claim 1 is characterized in that, said method also comprises:
Said equipment is first transmit status query statement before the instruction that transmit status is switched, and has been in dbjective state and then finishes if inquire said terminal, otherwise sent said status switching instruction.
3. method as claimed in claim 1 or 2 is characterized in that:
Said equipment also need send certificate message to the terminal before sending said status switching instruction, send said status switching instruction to said terminal after receiving the checking message of successful.
4. method that prevents the terminal illegal update comprises:
The terminal switches to target pattern according to said instruction with this terminal after receiving the instruction of carrying out mode switch; Said mode switch comprises entering version protected mode and withdraws from the version protected mode.
5. method as claimed in claim 4 is characterized in that:
Before the instruction of receiving mode switch if said terminal receives that status poll instruction then carries out status poll and feed back current state and give equipment.
6. like claim 4 or 5 methods that equipment is stated, it is characterized in that:
Authentication is carried out after receiving the message of authentication in said terminal, and whether verifies success to the equipment feedback.
7. equipment that prevents the terminal illegal update is characterized in that:
Said equipment comprises sending module, is used for to terminal transmission the carrying out instruction of mode switch, and said mode switch comprises entering version protected mode and withdraws from the version protected mode.
8. equipment as claimed in claim 7 is characterized in that:
Said sending module also is used for first transmit status query statement before the instruction that transmit status switches, has been in dbjective state and then finished if inquire said terminal, otherwise the transmit status switching command.
9. like claim 7 or 8 described equipment, it is characterized in that:
Said sending module also is used for transmit status switching command forward direction terminal and sends certificate message, receives after the checking message of successful to terminal transmit status switching command.
10. terminal that prevents the terminal illegal update is characterized in that:
Said terminal comprises handover module, is used to receive behind the switching command that mode switch with the terminal is to target pattern; Target pattern comprises entering version protected mode and withdraws from the version protected mode.
11. terminal as claimed in claim 10 is characterized in that:
Said terminal also comprises enquiry module and sending module;
Said enquiry module is used to receive this terminal present located pattern of pattern query instruction back inquiry;
Said sending module is used for Query Result is fed back to equipment.
12., it is characterized in that like claim 10 or 11 described terminals:
Said terminal also comprises authentication module, is used to receive that checking verifies equipment after the message, and will verifies that the result is sent to sending module; The checking result comprises that checking successfully reaches authentication failed;
Said sending module is used for the checking result is fed back to equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110237567.7A CN102354360B (en) | 2011-08-18 | A kind of prevent the equipment of terminal illegal update, terminal and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110237567.7A CN102354360B (en) | 2011-08-18 | A kind of prevent the equipment of terminal illegal update, terminal and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102354360A true CN102354360A (en) | 2012-02-15 |
| CN102354360B CN102354360B (en) | 2016-12-14 |
Family
ID=
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102981881A (en) * | 2012-12-10 | 2013-03-20 | 中兴通讯股份有限公司 | Method and system for preventing mobile terminal from being updated to illegal firmware version |
| CN104361287A (en) * | 2014-11-12 | 2015-02-18 | 深圳市中兴移动通信有限公司 | Method and device for switching working states of terminal |
| WO2017008729A1 (en) * | 2015-07-16 | 2017-01-19 | 福建联迪商用设备有限公司 | Method and system for securely switching terminal between product mode and development mode |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1482805A (en) * | 2002-09-12 | 2004-03-17 | 深圳市中兴通讯股份有限公司上海第二 | Method for video conference terminal protection mode |
| JP2005196595A (en) * | 2004-01-08 | 2005-07-21 | Kyocera Corp | Data management device, control method of computer and program |
| US20100016001A1 (en) * | 2008-07-16 | 2010-01-21 | Hon Hai Precision Industry Co., Ltd. | Dual mode phone and security key setting method |
| CN101867650A (en) * | 2010-05-21 | 2010-10-20 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for protecting user behavior at operating terminal |
| CN101984691A (en) * | 2010-10-25 | 2011-03-09 | 东莞宇龙通信科技有限公司 | Upgrading method of system built-in software and mobile terminal |
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1482805A (en) * | 2002-09-12 | 2004-03-17 | 深圳市中兴通讯股份有限公司上海第二 | Method for video conference terminal protection mode |
| JP2005196595A (en) * | 2004-01-08 | 2005-07-21 | Kyocera Corp | Data management device, control method of computer and program |
| US20100016001A1 (en) * | 2008-07-16 | 2010-01-21 | Hon Hai Precision Industry Co., Ltd. | Dual mode phone and security key setting method |
| CN101867650A (en) * | 2010-05-21 | 2010-10-20 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for protecting user behavior at operating terminal |
| CN101984691A (en) * | 2010-10-25 | 2011-03-09 | 东莞宇龙通信科技有限公司 | Upgrading method of system built-in software and mobile terminal |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102981881A (en) * | 2012-12-10 | 2013-03-20 | 中兴通讯股份有限公司 | Method and system for preventing mobile terminal from being updated to illegal firmware version |
| WO2013182155A1 (en) * | 2012-12-10 | 2013-12-12 | 中兴通讯股份有限公司 | Firmware version upgrade method and system |
| CN102981881B (en) * | 2012-12-10 | 2018-03-27 | 中兴通讯股份有限公司 | A kind of method and system for preventing updating mobile terminal to illegal firmware version |
| CN104361287A (en) * | 2014-11-12 | 2015-02-18 | 深圳市中兴移动通信有限公司 | Method and device for switching working states of terminal |
| CN104361287B (en) * | 2014-11-12 | 2018-08-14 | 努比亚技术有限公司 | Terminal operating status switching handling method and device |
| WO2017008729A1 (en) * | 2015-07-16 | 2017-01-19 | 福建联迪商用设备有限公司 | Method and system for securely switching terminal between product mode and development mode |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3800909B1 (en) | Remote management method, and device | |
| CN102981881A (en) | Method and system for preventing mobile terminal from being updated to illegal firmware version | |
| US8495731B1 (en) | Multiple domain smartphone | |
| JP5688458B2 (en) | System and method for securely using multiple subscriber profiles in security components and portable communication devices | |
| US8498619B2 (en) | Method and apparatus for validating integrity of a mobile communication | |
| US8458800B1 (en) | Secure smartphone | |
| US8270963B1 (en) | Cross domain notification | |
| CN101194229B (en) | Updating of data instructions | |
| KR102281782B1 (en) | Method and apparatus for managing an application of a terminal remotely in a wireless communication system | |
| EP2827266A2 (en) | Information distribution system, and server, on-board terminal and communication terminal used therefor | |
| CN105308560A (en) | Method and apparatus for setting profile | |
| JP2007519308A (en) | Application authentication method | |
| US9113499B2 (en) | Multiple domain smartphone | |
| CN104202744A (en) | Operation authentication method for intelligent terminal, terminal and system | |
| CN108702353B (en) | Method of receiving data within an electronic entity and associated electronic entity | |
| CN105493098A (en) | Terminal device for terminal protection, terminal protecting method for same, and terminal managing server device | |
| CN111399867B (en) | Software upgrading method, device, equipment and computer readable storage medium | |
| CN105187410A (en) | Application self-upgrading method and system | |
| CN104715192A (en) | Restricting software to authorized wireless environments | |
| CN102354360A (en) | Device, terminal and method for preventing illegal updating of terminal | |
| CN102354360B (en) | A kind of prevent the equipment of terminal illegal update, terminal and method | |
| US9996689B2 (en) | Secure element for a telecommunications terminal | |
| CN105357670A (en) | Router | |
| CN108432201B (en) | Electronic device including a security module supporting a local management mode for subscriber profile configuration | |
| US20230370247A1 (en) | Method for protecting a network access profile against cloning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |