CN104125223B - A kind of security protection system of mobile device private data - Google Patents
A kind of security protection system of mobile device private data Download PDFInfo
- Publication number
- CN104125223B CN104125223B CN201410349219.2A CN201410349219A CN104125223B CN 104125223 B CN104125223 B CN 104125223B CN 201410349219 A CN201410349219 A CN 201410349219A CN 104125223 B CN104125223 B CN 104125223B
- Authority
- CN
- China
- Prior art keywords
- module
- mobile device
- data
- equipment
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000004913 activation Effects 0.000 claims abstract description 23
- 238000007619 statistical method Methods 0.000 claims abstract description 6
- 238000012795 verification Methods 0.000 claims description 11
- 238000000034 method Methods 0.000 claims description 5
- 238000012986 modification Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 238000012217 deletion Methods 0.000 claims description 2
- 230000037430 deletion Effects 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims description 2
- 238000012423 maintenance Methods 0.000 claims description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims 1
- 238000012544 monitoring process Methods 0.000 abstract description 4
- 241001269238 Data Species 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000007711 solidification Methods 0.000 description 1
- 230000008023 solidification Effects 0.000 description 1
Landscapes
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A kind of security protection system of mobile device private data, belong to monitoring system field, using C/S frameworks, including service terminal software system and mobile device terminal APP systems, it is characterized in that service terminal software system includes user management module, platform management module, interface administration module, statistical analysis module, equipment safety management module, security policy manager module;Mobile device terminal APP systems include device activation module, equipment tracking module, data safety management module, equipment safety module, termination management module, data encryption module;Usefulness of the present invention:Unified, concentration safety management can be provided for mobile device, privacy of user data, the leakage problem of sensitive data is prevented.
Description
Technical field
The present invention relates to a kind of monitoring system of mobile terminal private data, belong to monitoring system field, specifically
A kind of security protection system of mobile device private data.
Background technology
Development and mobility with mobile interchange technology increasingly increase, and mobile office, movable living have turned into epoch hair
The inexorable trend of exhibition, mobile device often stores the confidential data of user, such as trade secret, individual privacy data, this
Also higher requirement is proposed to mobile data safety prevention ability.Mobile intelligent terminal while being convenient for carrying and using,
Bring be easy to lose, it is easily damaged the problem of, how to solve mobile terminal device in loss, malicious attack, system vulnerability etc.
In the case of problem of data safety, it is ensured that mobile intelligent terminal private data, the reliability of sensitive data, availability, confidentiality,
Turn into current mobile data field urgent problem to be solved.
The present invention is that one kind can provide unified, concentration safety management for mobile intelligent terminal equipment, and protection user is privately owned
The system of data safety, realizes the mobile terminal device safety guarantee based on activation mechanism unrelated with carrier network and is based on
Terminal permission and the secure user data guarantee using control, are tracked, equipment is locked, accessed by device activation, equipment
The security strategies such as control, remote wipe, reply is soft in device losses, Loopholes of OS, vulnerability of application program, malice comprehensively
Privacy of user data, the safety problem of sensitive data when part, network attack.
The general English abbreviation IMEI that the present invention is used, International Mobile Equipment
Identification Number Chinese, which is translated, means international mobile equipment identification number, is the mark for distinguishing mobile device, is stored in
In mobile device, the mobile device stolen or invalid available for monitoring.
ICCID, Integrate circuit card identity Chinese, which are translated, means integrated circuit card identification code, solidification
It is unique identification number in SIM cards of mobile phones, has 20 bit digitals composition.
IMSI, International Mobile Subscriber Identification Number Chinese, which are translated, to be meant
International mobile subscriber identity, is the mark for distinguishing mobile subscriber, is stored in SIM card, available for having for difference mobile subscriber
Imitate information.Its total length is no more than 15, uses 0~9 numeral.
APP, Application, mobile device terminal application program.
Android, Android operation system;Apple-IOS, Apple Macintosh operating system;WinCE, windows CE operating systems.
The content of the invention
There is provided a kind of security protection of mobile terminal private data with problem in view of the shortcomings of the prior art by the present invention
System, concrete scheme is:
A kind of security protection system of mobile device private data, using C/S frameworks, including service terminal software system and shifting
Dynamic device end APP systems, service terminal software system includes user management module, platform management module, interface administration module, system
Count analysis module, equipment safety management module, security policy manager module;Mobile device terminal APP systems include device activation
Module, equipment tracking module, data safety management module, equipment safety module, termination management module, data encryption module;
Described user management module is responsible for Identity Management and rights management, and keeper, auditor and user pass through service
Hold software systems registration to obtain authority, realize the operation to mobile device APP systems;
Described platform management module, i.e. business platform, be responsible for the checking of system and database positioning, database maintenance,
The local and remote upgrade in security information storehouse;
Described interface administration module is responsible for checking the details of mobile device, and automatic detection mobile device changes, and
Modification information is sent from trend platform management module;
Described statistical analysis module is mainly responsible for user journal and managed and system log management, the inquiry of support daily record,
Information is safeguarded in the definition of daily record rule and daily record;
Described equipment safety management module is responsible for mobile device activation, remote lock, remote de-locking, teledata wiping
Remove, equipment positioning, equipment nullify etc. function;
Described security policy manager module is responsible for the deletion, modification and increase, guide service end and mobile device of strategy
Carry out security response work;
Described device activation module is responsible for first Connection Service end activation mobile device, and binding mobile equipment identity should
Identity is unlocked for mobile device user, is reactivated or ciphertext data or by authenticating identity, is reactivated equipment;
Described equipment tracking module is responsible for the geographical position of positioning mobile device in real time;
When described data safety management module is responsible for user's progress encryption and decryption data, calibration equipment active information and certification
Storage card, certification is encrypted or ciphertext data by rear authorized user;
Described equipment safety module is responsible for providing local locking, local unblock and data erasing function;
Described termination management module is responsible for receiving the security strategy of service end and carries out the configuration of strategy, while providing net
Network, using and other system configuration services;
Described data encryption module is responsible for calculating the data in SD card using symmetric cryptography in mobile terminal independent operating
Method is encrypted.
Described mobile device is smart mobile phone or tablet personal computer.
A kind of application method of the security protection system of described mobile device private data:
Start service terminal software system, each functional module starts mobile device terminal APP systems in running background,
Ensure to be connected to service end by wireless network;
During the first Connection Service end of user, mobile device terminal automatically by IMEI or IMEI and SIM card ICCID,
IMSI information and active information code are sent to service end, and service end record mobile device information simultaneously returns to activation command, activated
Mobile device terminal program, it is desirable to which user sets identity information, subscriber identity information MD5 algorithm for encryption;
Mobile device terminal supports local device activation, tracking verification, equipment locking strategy;
Each mobile device system is restarted or SIM card hot plug, and current IMEI and SIM card ICCID, IMSI information are again
Active information code is generated, the active information code generated during by the information code with activation is locally verified, if verification is unsuccessfully ejected
Information alert frame, points out user to carry out remote verification;
Fail when equipment tracking module is verified, equipment locking module is called automatically, it is desirable to which user inputs identity information, and will
The identity information sends to service end together with active information code and verified, if identity information is verified, and equipment enters just
Normal working interface, if identity information authentication failed, maintains lock-out state, forbids user to use mobile device;
Data in SD card are encrypted data encryption module using symmetric encipherment algorithm, obtain protected data,
Leaking data is prevented, in mobile terminal independent operating.
A kind of application method of the security protection system of described mobile device private data, realize to Android,
The mobile device private data of Apple-IOS, WinCE mainstream operation system carries out security protection.
Mobile device terminal APP can be that mobile device carries software or the software of download.
Usefulness of the present invention:Unified, concentration safety management can be provided for mobile device;Swashing based on mobile device
Mechanism living and based on terminal permission, realizes unrelated with carrier network, protects user's private data safe;Pass through equipment
The security strategies such as activation, equipment tracking, equipment locking, access control, remote wipe, tackle device losses, operating system comprehensively
Privacy of user data, the safety problem of sensitive data when leak, vulnerability of application program, Malware, network attack.
Brief description of the drawings
The security protection system business platform integrated stand composition of Fig. 1 mobile terminal private datas;
The security protection system high-level schematic functional block diagram of Fig. 2 mobile terminal private datas.
Embodiment
Embodiment 1
A kind of security protection system of smart mobile phone private data, uses Android operation system, including service terminal software
System and mobile phone terminal APP systems, service terminal software system include user management module, platform management module, interface management mould
Block, statistical analysis module, equipment safety management module, security policy manager module;Mobile phone terminal APP systems include device activation
Module, equipment tracking module, data safety management module, equipment safety module, termination management module, data encryption module.Hand
Machine terminal APP systems are installed by downloading.
The application method of the security protection system of smart mobile phone private data:
Start service terminal software system, each functional module starts mobile phone terminal APP systems, passed through in running background
Wireless network is connected to service end;
IMEI and SIM card ICCID, IMSI information and active information code are sent to service end using mobile phone first,
Service end records mobile device information and returns to activation command, activates mobile device terminal program, sets identity information;
Work as lost mobile phone, SIM card hot plug, current IMEI and SIM card ICCID, IMSI information generates activation letter again
Code is ceased, the active information code generated during by the information code with activation is locally verified, if information alert frame is unsuccessfully ejected in verification,
User is pointed out to carry out remote verification;
Fail when equipment tracking module is verified, equipment locking module is called automatically, it is desirable to which user inputs identity information, and will
The identity information sends to service end together with active information code and verified, if identity information is verified, and equipment enters just
Normal working interface, if identity information authentication failed, maintains lock-out state, forbids user to use mobile device;
Data in SD card can also be encrypted or be solved using symmetric encipherment algorithm by data encryption module by user
Close, when carrying out encryption and decryption data, calibration equipment active information and certification storage card, certification are encrypted and decrypted by rear authorized user
Data.
Embodiment 2
A kind of security protection system of tablet personal computer private data, uses WinCE operating systems, including service terminal software system
System and flat board computer terminal APP systems, service terminal software system include user management module, platform management module, interface management
Module, statistical analysis module, equipment safety management module, security policy manager module;Tablet personal computer terminal APP systems include setting
Standby active module, equipment tracking module, data safety management module, equipment safety module, termination management module, data encryption mould
Block.Tablet personal computer terminal APP systems are to carry system.
The application method of the security protection system of tablet personal computer private data:
Start service terminal software system, each functional module starts tablet personal computer terminal APP systems in running background,
Service end is connected to by wireless network;
The existing identity information of tablet personal computer, when computer loss, system reboot;
The IMEI information of computer generates active information code again, and the active information code generated during by the information code with activation enters
The local verification of row, if information alert frame is unsuccessfully ejected in verification, points out user to carry out remote verification;
Fail when equipment tracking module is verified, equipment locking module is called automatically, it is desirable to which user inputs identity information, and will
The identity information sends to service end together with active information code and verified, if identity information is verified, and equipment enters just
Normal working interface, if identity information authentication failed, maintains lock-out state, forbids user to use mobile device;
Data in SD card can also be encrypted or be solved using symmetric encipherment algorithm by data encryption module by user
Close, when carrying out encryption and decryption data, calibration equipment active information and certification storage card, certification are encrypted and decrypted by rear authorized user
Data.
Technical characteristic to be protected is needed except the present invention is referred to, the technical characteristic that the present invention is utilized all is prior art.
Claims (3)
1. a kind of security protection system of mobile device private data, using C/S frameworks, including service terminal software system and movement
Device end APP systems, it is characterized in that service terminal software system includes user management module, platform management module, interface management
Module, statistical analysis module, equipment safety management module, security policy manager module;Mobile device terminal APP systems include setting
Standby active module, equipment tracking module, data safety management module, equipment safety module, termination management module, data encryption mould
Block;
Described user management module is responsible for Identity Management and rights management, and keeper, auditor and user pass through service end system
System registration obtains authority, realizes the operation to mobile device APP systems;
Described platform management module, i.e. business platform, are responsible for the checking of system and database positioning, database maintenance, safety
The local and remote upgrade of information bank;
Described interface administration module is responsible for checking the details of mobile device, and automatic detection mobile device changes, and automatically
Modification information is sent to platform management module;
Described statistical analysis module is mainly responsible for user journal management and system log management, supports inquiry, the daily record of daily record
Information is safeguarded in rule definition and daily record;
Described equipment safety management module be responsible for mobile device activation, remote lock, remote de-locking, teledata erasing, set
Standby positioning, equipment nullify function;
Described security policy manager module is responsible for the deletion, modification and increase of strategy, and guide service end and mobile device are carried out
Security response works;
Described device activation module is responsible for first Connection Service end activation mobile device, binding mobile equipment identity, the identity
For mobile device user unblock, reactivate or ciphertext data or by authenticating identity, reactivate equipment;
Described equipment tracking module is responsible for the geographical position of positioning mobile device in real time;
When described data safety management module is responsible for user's progress encryption and decryption data, calibration equipment active information and certification storage
Card, certification is encrypted or ciphertext data by rear authorized user;
Described equipment safety module is responsible for providing local locking, local unblock and data erasing function;
Described termination management module is responsible for receiving the security strategy of service end and carries out the configuration of strategy, while offer network,
Using and other system configuration services;
Described data encryption module is responsible for entering the data in SD card using symmetric encipherment algorithm in mobile terminal independent operating
Row encryption;
The application method of the system:
Start service end system, each functional module starts mobile device terminal APP systems, it is ensured that pass through in running background
Wireless network is connected to service end;
During the first Connection Service end of user, mobile device terminal automatically believes IMEI or IMEI and SIM card ICCID, IMSI
Breath and active information code are sent to service end, and service end record mobile device information simultaneously returns to activation command, and activation movement is set
Standby terminal program, it is desirable to which user sets identity information, subscriber identity information MD5 algorithm for encryption;
Mobile device terminal supports local device activation, tracking verification, equipment locking strategy;
Each mobile device system is restarted or SIM card hot plug, and current IMEI and SIM card ICCID, IMSI information is generated again
Active information code, the active information code generated during by the information code with activation is locally verified, if information is unsuccessfully ejected in verification
Prompting frame, points out user to carry out remote verification;
Fail when equipment tracking module is verified, equipment locking module is called automatically, it is desirable to which user inputs identity information, and by the body
Part information sends to service end together with active information code and verified, if identity information is verified, and equipment enters normal work
Make interface, if identity information authentication failed, maintain lock-out state, forbid user to use mobile device;
Data in SD card are encrypted data encryption module using symmetric encipherment algorithm, obtain protected data, are prevented
Leaking data, in mobile terminal independent operating.
2. the security protection system of a kind of mobile device private data according to claim 1, it is characterized in that described shifting
Dynamic equipment is smart mobile phone or tablet personal computer.
3. the security protection system of a kind of mobile device private data according to claim 1 or 2, it is characterized in that realization pair
The mobile device private data of Android, Apple-IOS, WinCE mainstream operation system carries out security protection.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410349219.2A CN104125223B (en) | 2014-07-22 | 2014-07-22 | A kind of security protection system of mobile device private data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410349219.2A CN104125223B (en) | 2014-07-22 | 2014-07-22 | A kind of security protection system of mobile device private data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104125223A CN104125223A (en) | 2014-10-29 |
CN104125223B true CN104125223B (en) | 2017-07-21 |
Family
ID=51770487
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410349219.2A Active CN104125223B (en) | 2014-07-22 | 2014-07-22 | A kind of security protection system of mobile device private data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104125223B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106034130A (en) * | 2015-03-18 | 2016-10-19 | 中兴通讯股份有限公司 | Data access method and device |
CN104991794A (en) * | 2015-06-18 | 2015-10-21 | 上海斐讯数据通信技术有限公司 | Android intelligent terminal application remote management system |
CN105872964A (en) * | 2016-03-24 | 2016-08-17 | 四川长虹电器股份有限公司 | Intelligent terminal security management system |
US20190268155A1 (en) * | 2016-12-02 | 2019-08-29 | Huawei Technologies Co., Ltd. | Method for Ensuring Terminal Security and Device |
CN107801146B (en) * | 2017-05-17 | 2021-04-20 | 胡志成 | Information security control method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894242A (en) * | 2010-06-22 | 2010-11-24 | 上海华御信息技术有限公司 | System and method for protecting information safety of mobile electronic equipment |
CN102299822A (en) * | 2011-09-02 | 2011-12-28 | 四川公用信息产业有限责任公司 | Digital home platform |
CN102932762A (en) * | 2012-09-20 | 2013-02-13 | 无锡华御信息技术有限公司 | Remote centralized management control encryption system and method for mobile storage equipment based on global system for mobile communication (GSM) |
WO2014047168A1 (en) * | 2012-09-18 | 2014-03-27 | Citrix Systems, Inc. | Mobile device management and security |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9015793B2 (en) * | 2012-12-21 | 2015-04-21 | Mcafee, Inc. | Hardware management interface |
-
2014
- 2014-07-22 CN CN201410349219.2A patent/CN104125223B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894242A (en) * | 2010-06-22 | 2010-11-24 | 上海华御信息技术有限公司 | System and method for protecting information safety of mobile electronic equipment |
CN102299822A (en) * | 2011-09-02 | 2011-12-28 | 四川公用信息产业有限责任公司 | Digital home platform |
WO2014047168A1 (en) * | 2012-09-18 | 2014-03-27 | Citrix Systems, Inc. | Mobile device management and security |
CN102932762A (en) * | 2012-09-20 | 2013-02-13 | 无锡华御信息技术有限公司 | Remote centralized management control encryption system and method for mobile storage equipment based on global system for mobile communication (GSM) |
Non-Patent Citations (3)
Title |
---|
基于XMPP的移动终端远程安全管理系统的研究与实现;傅镜艺,马兆丰,罗守山;《中国科技论文在线》;20140523;第1-7页 * |
我公司与DOCOMO签署移动智能终端安全项目;国泰信安;《公司新闻,http://www.cpsec.net/shownews.aspx?bid=164》;20130427;全文 * |
移动统一接入平台安全体系研究与应用;何慧萍;《电力信息与通信技术》;20140615;第12卷(第6期);第114-118页 * |
Also Published As
Publication number | Publication date |
---|---|
CN104125223A (en) | 2014-10-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102624699B (en) | Method and system for protecting data | |
CN104125223B (en) | A kind of security protection system of mobile device private data | |
CN106658474B (en) | SIM card data security protection method is realized using embedded-type security element | |
US10680814B2 (en) | Device key security | |
CN103778384B (en) | The guard method of the virtual terminal security context of a kind of identity-based certification and system | |
CN102291717B (en) | Data protection method and terminal | |
CN102136048B (en) | Mobile phone Bluetooth-based ambient intelligent computer protection device and method | |
US20100042824A1 (en) | Hardware trust anchors in sp-enabled processors | |
CN105354507A (en) | Data security confidentiality method under cloud environment | |
CN103634482A (en) | Safety protecting method for application software of portable intelligent equipment | |
US20170372085A1 (en) | Protecting data in a storage device | |
CN103403669A (en) | Securing and managing APPs on a device | |
CN105933886B (en) | ESIM number writing method, security system, ESIM number server and terminal | |
CN100353787C (en) | Security guarantee for memory data information of mobile terminal | |
EP2835997B1 (en) | Cell phone data encryption method and decryption method | |
CN103313238A (en) | Safety system and safety protection method for mobile terminal | |
US11469880B2 (en) | Data at rest encryption (DARE) using credential vault | |
CN105282117A (en) | Access control method and device | |
CN104268469A (en) | Mobile terminal and information security protection method and device thereof | |
CN103973715A (en) | Cloud computing security system and method | |
CN102207914A (en) | Hardware encrypted trans-flash (TF) card loaded with application programs | |
CN101262669B (en) | A secure guarantee method for information stored in a mobile terminal | |
US9374708B2 (en) | Method and system for encrypting terminal using subscriber identity module card | |
KR101680536B1 (en) | Method for Service Security of Mobile Business Data for Enterprise and System thereof | |
KR101133210B1 (en) | Mobile Authentication System and Central Control System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |