CN104717646B - A kind of cut-in method of mobile network, equipment and system - Google Patents

A kind of cut-in method of mobile network, equipment and system Download PDF

Info

Publication number
CN104717646B
CN104717646B CN201310676311.5A CN201310676311A CN104717646B CN 104717646 B CN104717646 B CN 104717646B CN 201310676311 A CN201310676311 A CN 201310676311A CN 104717646 B CN104717646 B CN 104717646B
Authority
CN
China
Prior art keywords
interim
imsi
key
sim card
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310676311.5A
Other languages
Chinese (zh)
Other versions
CN104717646A (en
Inventor
李伟强
李冀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201310676311.5A priority Critical patent/CN104717646B/en
Publication of CN104717646A publication Critical patent/CN104717646A/en
Application granted granted Critical
Publication of CN104717646B publication Critical patent/CN104717646B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Abstract

The invention discloses the cut-in method of mobile network a kind of, equipment and systems, this method comprises: the SIM card of mobile terminal receives the mobile terminal number of user's input;Mobile terminal number is sent to business platform by SIM card, generates the corresponding interim IMSI of mobile terminal number and interim Ki key by business platform;SIM card receives the interim IMSI and interim Ki key that business platform returns, and stores interim IMSI and interim Ki key on the sim card, and pass through interim IMSI and interim Ki key access to mobile network.In the embodiment of the present invention, SIM card is by being sent to business platform for mobile terminal number, mobile terminal number is authenticated by business platform, after the authentication is passed, generate the interim IMSI and interim Ki key of the mobile terminal number, to enable SIM card to be based on the interim IMSI and interim Ki key access to mobile network, and makes user that arbitrary SIM card can be used and be linked into mobile network, and user's use feeling can be improved.

Description

A kind of cut-in method of mobile network, equipment and system
Technical field
The present invention relates to field of communication technology more particularly to a kind of cut-in methods of mobile network, equipment and system.
Background technique
Currently, mobile terminal has mobile terminal number and IMSI(International Mobile Subscriber Identification Number, international mobile subscriber identity), mobile terminal number and IMSI are corresponded.Mobile terminal IMSI be used to identify the identity of mobile terminal, and be stored in SIM(Subscriber Identity Module, client's identification Module) in card, and access authentication is realized by the Ki key in SIM card.
In the prior art, can in HLR(Home Location Register, home location register) in storage it is mobile eventually The corresponding relationship of number and IMSI is held, and user is directed to the related service of mobile terminal number, is required to through the mobile terminal The corresponding IMSI access to mobile network of number, i.e. mobile terminal access mobile network by IMSI the and Ki key stored in SIM card Network.But since IMSI the and Ki key stored in SIM card can not change, arbitrary SIM card is not available so as to cause user Access to mobile network.
Summary of the invention
The embodiment of the present invention provides cut-in method, equipment and the system of a kind of mobile network, appoints so that user can be used The SIM card of meaning is linked into mobile network, to improve user's use feeling.
In order to achieve the above object, the embodiment of the present invention provides the cut-in method of mobile network a kind of, the method includes Following steps: the client identification module SIM card of mobile terminal receives the mobile terminal number of user's input;The SIM card is by institute It states mobile terminal number and is sent to business platform, the corresponding interim world of the mobile terminal number is generated by the business platform Mobile identification number IMSI and interim Ki key;The SIM card receive the interim IMSI that the business platform returns and The interim Ki key, and the interim IMSI and the interim Ki key are stored in the SIM card;The SIM card passes through The interim IMSI and the interim Ki key access to mobile network.
The SIM card is specifically included by the process of the interim IMSI and the interim Ki key access to mobile network: Effective IMSI of the SIM card is switched to the interim IMSI, and having the SIM card from intrinsic IMSI by the SIM card It imitates Ki key and is switched to the interim Ki key from intrinsic Ki key, and connect by the interim IMSI and the interim Ki key Enter mobile network.
After the SIM card is by the interim IMSI and the interim Ki key access to mobile network, the method is also It include: the SIM card in the notice of the interim IMSI of cancellation for receiving user's input, by the mobile terminal number and described Interim IMSI is sent to the business platform, and it is corresponding described interim to nullify the mobile terminal number by the business platform IMSI and the interim Ki key;The SIM card receives the interim IMSI that the business platform returns and is canceled successfully Notice, and the interim IMSI and the interim Ki key are deleted in the SIM card;The SIM card passes through the SIM card Intrinsic IMSI and intrinsic Ki key access to mobile network.
The SIM card is specifically wrapped by the intrinsic IMSI of the SIM card and the process of intrinsic Ki key access to mobile network Include: effective IMSI of the SIM card is switched to the intrinsic IMSI from the interim IMSI by the SIM card, and by the SIM Effective Ki key of card is switched to the intrinsic Ki key from the interim Ki key, and passes through the intrinsic IMSI and described solid There is Ki key access to mobile network.
The embodiment of the present invention provides the cut-in method of mobile network a kind of, the described method comprises the following steps: business platform Receive the mobile terminal number of the client identification module SIM card from mobile terminal;The business platform is to the mobile terminal Number is authenticated, and after the authentication is passed, generates the corresponding interim international mobile subscriber identification of the mobile terminal number Code IMSI and interim Ki key;The interim IMSI and the interim Ki key are sent to the SIM card by the business platform, Store the interim IMSI and the interim Ki key in the SIM card by the SIM card, and by the interim IMSI and The interim Ki key access to mobile network.
After the business platform generates the corresponding interim IMSI of mobile terminal number and interim Ki key, the side Method further include: the business platform is by the intrinsic IMSI of the mobile terminal number recorded in HLR and the SIM card, intrinsic Corresponding relationship between Ki key is updated to the interim IMSI, described interim of the mobile terminal number and the SIM card Corresponding relationship between Ki key.
After the business platform generates the corresponding interim IMSI of mobile terminal number and interim Ki key, the side Method further include: the business platform is receiving the mobile terminal number and the interim IMSI from the SIM card Later, the mobile terminal number is authenticated, and after the authentication is passed, nullifies the corresponding institute of the mobile terminal number State interim IMSI and the interim Ki key;The business platform by the interim IMSI be canceled successful information notify to The SIM card is deleted the interim IMSI and the interim Ki key in the SIM card by the SIM card, and passes through institute State the intrinsic IMSI and intrinsic Ki key access to mobile network of SIM card.
After the business platform nullifies the corresponding interim IMSI of mobile terminal number and interim Ki key, the method Further include: the business platform is by the interim IMSI of the mobile terminal number recorded in HLR and the SIM card, institute The corresponding relationship between interim Ki key is stated, the intrinsic IMSI, the institute of the mobile terminal number and the SIM card are updated to State the corresponding relationship between intrinsic Ki key.
The embodiment of the present invention provides a kind of client identification module SIM card of mobile terminal, which includes: that STK authentication is answered With module, for receiving the mobile terminal number of user's input, and the mobile terminal number is sent to business platform, by institute It states business platform and generates the corresponding interim international mobile subscriber identity IMSI of mobile terminal number and interim Ki key;With And receive the interim IMSI and the interim Ki key that the business platform returns;Card module is write, in the SIM The interim IMSI and the interim Ki key are stored on card;AM access module, for passing through the interim IMSI and described interim Ki key access to mobile network.
The AM access module, it is described interim specifically for effective IMSI of the SIM card to be switched to from intrinsic IMSI IMSI, and effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and by described interim IMSI and the interim Ki key access to mobile network.
The STK authenticates application module, is also used in the notice of the interim IMSI of cancellation for receiving user's input, will be described Mobile terminal number and the interim IMSI are sent to the business platform, nullify the mobile terminal by the business platform The corresponding interim IMSI of number and the interim Ki key;And receive the described interim of the business platform return IMSI is canceled successful notice;It is described to write card module, it is also used to delete the interim IMSI on the sim card and interim Ki is close Key;The AM access module is also used to through intrinsic IMSI and intrinsic Ki key access to mobile network.
The AM access module, it is described solid specifically for effective IMSI of the SIM card to be switched to from the interim IMSI There is IMSI, and effective Ki key of the SIM card is switched to the intrinsic Ki key from the interim Ki key, and pass through institute State intrinsic IMSI and the intrinsic Ki key access to mobile network.
The embodiment of the present invention provides a kind of business platform, and the business platform specifically includes: subscription authentication module, for connecing The mobile terminal number of the client identification module SIM card from mobile terminal is received, and the mobile terminal number is authenticated; User identity management module, for generating the corresponding interim international mobile subscriber of the mobile terminal number after the authentication is passed The interim IMSI and the interim Ki key are sent to the SIM card, by described by identification code IMSI and interim Ki key SIM card stores the interim IMSI and the interim Ki key in the SIM card, and by the interim IMSI and described faces When Ki key access to mobile network.
Further include: HLR update module, for by the intrinsic of the mobile terminal number recorded in HLR and the SIM card Corresponding relationship between IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, interim Ki key.
The subscription authentication module is also used to receiving the mobile terminal number and institute from the SIM card After stating interim IMSI, the mobile terminal number is authenticated;The user identity management module is also used to logical in authentication Later, the corresponding interim IMSI of the mobile terminal number and interim Ki key are nullified, the interim IMSI is infused It sells successful information to notify to the SIM card, deletes the interim IMSI and described interim in the SIM card by SIM card Ki key, and pass through the intrinsic IMSI of the SIM card and intrinsic Ki key access to mobile network.
Further include: HLR update module, for will be described in the mobile terminal number that recorded in HLR and the SIM card Corresponding relationship between interim IMSI, the interim Ki key is updated to the described of the mobile terminal number and the SIM card Corresponding relationship between intrinsic IMSI, the intrinsic Ki key.
The embodiment of the present invention provides the access system of mobile network a kind of, and the access system of the mobile network specifically includes The client identification module SIM card and business platform of mobile terminal;Wherein:
The mobile terminal number is sent to business for receiving the mobile terminal number of user's input by the SIM card Platform, and interim international mobile subscriber identity IMSI and interim Ki key that the business platform returns are received, and described The interim IMSI and the interim Ki key are stored in SIM card;And pass through the interim IMSI and the interim Ki key Access to mobile network;
The business platform reflects to the mobile terminal number for receiving the mobile terminal number from SIM card Power, and after the authentication is passed, the corresponding interim IMSI of the mobile terminal number and interim Ki key are generated, it will be described interim IMSI and the interim Ki key are sent to the SIM card.
The SIM card, specifically for effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI, And effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and pass through the interim IMSI With the interim Ki key access to mobile network;
The business platform, specifically for the mobile terminal number and the SIM that will be recorded in home location register HLR The intrinsic IMSI of card, the corresponding relationship between intrinsic Ki key are updated to the described of the mobile terminal number and the SIM card Corresponding relationship between interim IMSI, the interim Ki key.
Compared with prior art, the embodiment of the present invention has at least the following advantages: in the embodiment of the present invention, SIM card passes through Mobile terminal number is sent to business platform, mobile terminal number is authenticated by business platform, and the authentication is passed it Afterwards, the interim IMSI and interim Ki key of the mobile terminal number are generated, so that SIM card be enable to be based on the interim IMSI and face When Ki key access to mobile network, and make user that arbitrary SIM card can be used and be linked into mobile network, and user can be improved Use feeling.
Detailed description of the invention
It, below will be to attached drawing needed in embodiment description in order to illustrate more clearly of technical solution of the present invention It is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, general for this field For logical technical staff, without creative efforts, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of cut-in method flow diagram for mobile network that the embodiment of the present invention one provides;
Fig. 2 is the cut-in method flow diagram of mobile network provided by Embodiment 2 of the present invention a kind of;
Fig. 3 is a kind of structural schematic diagram for SIM card that the embodiment of the present invention three provides;
Fig. 4 is a kind of structural schematic diagram for business platform that the embodiment of the present invention four provides;
Fig. 5 is a kind of cut-in method flow diagram for mobile network that the embodiment of the present invention five provides;
Fig. 6 is a kind of cut-in method flow diagram for mobile network that the embodiment of the present invention six provides.
Specific embodiment
Below in conjunction with the attached drawing in the present invention, the technical solution in the present invention is clearly and completely described, is shown So, described embodiment is only a part of the embodiments of the present invention, instead of all the embodiments.Based in the present invention Embodiment, every other embodiment obtained by those of ordinary skill in the art without making creative efforts, all Belong to the scope of protection of the invention.
Embodiment one
The embodiment of the present invention one provides the cut-in method of mobile network a kind of, and this method is the register flow path of interim IMSI, As shown in Figure 1, the cut-in method of the mobile network may comprise steps of:
Step 101, the SIM card of mobile terminal receives the mobile terminal number of user's input.
In a particular application, the SIM card of mobile terminal can also receive the service password of user's input.
Step 102, mobile terminal number is sent to business platform by the SIM card of mobile terminal.
In a particular application, service password can also be sent to business platform by the SIM card of mobile terminal.
In the embodiment of the present invention, the SIM card of mobile terminal is put down mobile terminal number and service password are sent to business Before platform, mobile terminal number and service password can also be encrypted in the SIM card of mobile terminal, and by encryption Mobile terminal number and service password afterwards is sent to business platform.
Step 103, business platform is after the mobile terminal number for receiving the SIM card from mobile terminal, to the movement After termination number is authenticated, and the authentication is passed in the mobile terminal number, which is generated by business platform The corresponding interim IMSI of code and interim Ki key.
Wherein, business platform knows mobile terminal after the mobile terminal number for receiving the SIM card from mobile terminal SIM card current request use interim IMSI access to mobile network, therefore, business platform directly to the mobile terminal number carry out Authentication, and after in the mobile terminal number, the authentication is passed, it is corresponding interim which is generated by business platform IMSI and interim Ki key.
In a particular application, business platform can also receive the service password of the SIM card from mobile terminal, and come from The service password and mobile terminal number of SIM card are the mobile terminal number and service password after encryption.Based on this, business Platform also need to after encryption mobile terminal number and service password be decrypted, and according to from SIM card Service password and mobile terminal number carry out authentication process, and after the authentication is passed, it is corresponding that business platform generates mobile terminal number Interim IMSI and interim Ki key.
In the embodiment of the present invention, business platform generate the corresponding interim IMSI of mobile terminal number and interim Ki key it Afterwards, between the mobile terminal number that business platform also needs to record in HLR and the intrinsic IMSI of SIM card, intrinsic Ki key Corresponding relationship, the corresponding relationship being updated between the interim IMSI of mobile terminal number and SIM card, interim Ki key.Wherein, The intrinsic IMSI of SIM card and intrinsic Ki key are SIM card preconfigured IMSI and Ki key when leaving the factory.
Step 104, interim IMSI and interim Ki key are sent to SIM card by business platform.
In the embodiment of the present invention, business platform by interim IMSI and interim Ki key be sent to mobile terminal SIM card it Before, interim IMSI and interim Ki key can also be encrypted in business platform, and by the interim IMSI after encryption The SIM card of mobile terminal is sent to interim Ki key.
Step 105, the SIM card of mobile terminal receives the interim IMSI and interim Ki key that business platform returns, and at this Interim IMSI and interim Ki key are stored in SIM card.Wherein, to be stored with SIM card in the SIM card of mobile terminal preparatory when leaving the factory The intrinsic IMSI and intrinsic Ki key of configuration, on this basis, SIM card is in the interim IMSI for receiving business platform return and temporarily After Ki key, interim IMSI and interim Ki key can be stored in the interim IMSI/Ki key storage area of this SIM card.
In a particular application, the interim IMSI and interim Ki key that business platform returns can also be facing after encryption When IMSI and interim Ki key.Based on this, the SIM card of mobile terminal is also needed to the interim IMSI and interim Ki after encryption Key is decrypted, and after decryption processing completion, stores in the interim IMSI/Ki key storage area of this SIM card Interim IMSI and interim Ki key.
Step 106, the SIM card of mobile terminal is by interim IMSI and interim Ki key access to mobile network, and notifies to use The currently used interim IMSI of family SIM card and interim Ki key access to mobile network.
In embodiments of the present invention, SIM card is by the process of interim IMSI and interim Ki key access to mobile network, specifically Including but not limited to: effective IMSI of SIM card is switched to interim IMSI from intrinsic IMSI by SIM card, and by effective Ki of SIM card Key is switched to interim Ki key from intrinsic Ki key, and later, the SIM card of mobile terminal can pass through interim IMSI and interim Ki Key access to mobile network.
In conclusion SIM card is by being sent to business platform for mobile terminal number, by business in the embodiment of the present invention Platform authenticates mobile terminal number, and after the authentication is passed, generates the interim IMSI of the mobile terminal number and faces When Ki key, thus enable SIM card be based on the interim IMSI and interim Ki key access to mobile network, and make user can so that It is linked into mobile network with arbitrary SIM card, and user's use feeling can be improved.Further, aforesaid way provides not Mobile terminal number function can be alternatively carried, is transformed based on existing mobile network's system, protects operator pair The investment of mobile network, and user experience is more preferable.Aforesaid way faces by the encryption technology of mobile network what is dynamically issued When IMSI and interim Ki key encrypted, guarantee the safety of system.
Embodiment two
Second embodiment of the present invention provides the cut-in method of mobile network a kind of, this method is the logout flow path of interim IMSI, As shown in Fig. 2, the cut-in method of the mobile network may comprise steps of:
Step 201, the SIM card of mobile terminal receives the notice of the interim IMSI of cancellation of user's input.
Wherein, the function of nullifying interim IMSI is provided in the SIM card of mobile terminal, it is interim to be based on the cancellation in user The function of IMSI, when nullifying the notice of interim IMSI to the input of the SIM card of mobile terminal, input is also needed that nullifies to face by user When the corresponding mobile terminal number of IMSI, nullify interim IMSI pairs of needs of user's input is received by the SIM card of mobile terminal The mobile terminal number answered.
In a particular application, user can also input the corresponding service password of interim IMSI for needing to nullify, by mobile whole The SIM card at end receives the corresponding service password of interim IMSI that the needs of user's input are nullified.
Step 202, the SIM card of mobile terminal, will be mobile whole in the notice of the interim IMSI of cancellation for receiving user's input End number and the mobile terminal number correspond to interim IMSI and are sent to business platform.
In a particular application, service password can also be sent to business platform by the SIM card of mobile terminal.
In the embodiment of the present invention, the SIM card of mobile terminal is by mobile terminal number, service password, mobile terminal number Corresponding interim IMSI is sent to before business platform, and SIM card can also be to mobile terminal number, service password, mobile terminal number The corresponding interim IMSI of code is encrypted, and by mobile terminal number, service password, the mobile terminal number after encryption Corresponding interim IMSI is sent to business platform.
Step 203, business platform the mobile terminal number and interim IMSI for receiving the SIM card from mobile terminal it Afterwards, mobile terminal number is authenticated, and after the authentication is passed in the mobile terminal number, is nullified and is moved by business platform The corresponding interim IMSI of termination number and interim Ki key.
Wherein, business platform is after the mobile terminal number and interim IMSI for receiving the SIM card from mobile terminal, Know that the SIM card current request of mobile terminal nullifies interim IMSI, therefore, business platform directly carries out the mobile terminal number Authentication, and after the authentication is passed in the mobile terminal number, is directly nullified that mobile terminal number is corresponding to be faced by business platform When IMSI and interim Ki key.
In a particular application, business platform can also receive the service password of the SIM card from mobile terminal, and come from Service password, mobile terminal number and the interim IMSI of SIM card be encryption after service password, mobile terminal number with And interim IMSI.Based on this, business platform is also needed to service password, the mobile terminal number and interim after encryption IMSI is decrypted, and according to service password and mobile terminal number progress authentication process from SIM card.Further , after the authentication is passed, business platform can nullify the corresponding interim IMSI of mobile terminal number and interim Ki key.
In the embodiment of the present invention, business platform nullify the corresponding interim IMSI of mobile terminal number and interim Ki key it Afterwards, between the mobile terminal number that business platform also needs to record in HLR and the interim IMSI of SIM card, interim Ki key Corresponding relationship, the corresponding relationship being updated between the intrinsic IMSI of mobile terminal number and SIM card, intrinsic Ki key.Wherein, The intrinsic IMSI of SIM card and intrinsic Ki key are SIM card preconfigured IMSI and Ki key when leaving the factory.
Step 204, interim IMSI is canceled successful information and notified to SIM card by business platform.
Step 205, the interim IMSI that the SIM card of mobile terminal receives that business platform returns is canceled successful notice, and Interim IMSI and interim Ki key are deleted on the sim card.Wherein, SIM card can be deposited from the interim IMSI/Ki key of this SIM card Interim IMSI and interim Ki key are deleted in storage area.
Step 206, the SIM card of mobile terminal passes through the intrinsic IMSI and intrinsic Ki key access to mobile network of this SIM card, And notify user that interim IMSI is canceled success.
In embodiments of the present invention, SIM card passes through the intrinsic IMSI of SIM card and the mistake of intrinsic Ki key access to mobile network Journey is specifically including but not limited to: effective IMSI of SIM card is switched to intrinsic IMSI from interim IMSI by SIM card, and by SIM card Effective Ki key be switched to intrinsic Ki key from interim Ki key, and mobile network is accessed by intrinsic IMSI and intrinsic Ki key Network.
Embodiment three
Based on inventive concept same as the above method, a kind of visitor of mobile terminal is additionally provided in the embodiment of the present invention three Family identification module SIM card, as shown in figure 3, the SIM card specifically includes:
STK authenticates application module 11, for receiving the mobile terminal number of user's input, and by the mobile terminal number It is sent to business platform, the corresponding interim international mobile subscriber of the mobile terminal number is generated by the business platform later and is known Other code IMSI and interim Ki key;Further, STK authentication application module 11 receives the described of business platform return and faces When the IMSI and interim Ki key;Card module 12 is write, for storing the interim IMSI and described in the SIM card Interim Ki key;AM access module 13, for passing through the interim IMSI and the interim Ki key access to mobile network.
Wherein, the AM access module 13, it is described specifically for effective IMSI of the SIM card to be switched to from intrinsic IMSI Interim IMSI, and effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and by described Interim IMSI and the interim Ki key access to mobile network.
In the embodiment of the present invention, the STK authenticates application module 11, is also used to interim in the cancellation for receiving user's input When the notice of IMSI, the mobile terminal number and the interim IMSI are sent to the business platform, by the business Platform nullifies the corresponding interim IMSI of mobile terminal number and the interim Ki key;And receive business platform The interim IMSI returned is canceled successful notice;It is described to write card module 12, it is also used to delete on the sim card described interim IMSI and interim Ki key;The AM access module 13 is also used to through intrinsic IMSI and intrinsic Ki key access to mobile network.
The AM access module 13, it is described intrinsic specifically for effective IMSI of SIM card to be switched to from the interim IMSI IMSI, and effective Ki key of the SIM card is switched to the intrinsic Ki key from the interim Ki key, and by described Intrinsic IMSI and the intrinsic Ki key access to mobile network.
It can also include encrypting module in the SIM card, and the encrypting module is specifically used for guaranteeing in the embodiment of the present invention The safety of the information interacted between SIM card and business platform, details are not described herein.
Wherein, the modules of apparatus of the present invention can integrate in one, can also be deployed separately.Above-mentioned module can close And be a module, multiple submodule can also be further split into.
Example IV
Based on inventive concept same as the above method, a kind of business platform is additionally provided in the embodiment of the present invention four, such as Shown in Fig. 4, the business platform is specifically included:
Subscription authentication module 21, for receiving the mobile terminal number of the client identification module SIM card from mobile terminal, And the mobile terminal number is authenticated;User identity management module 22, for generating the movement after the authentication is passed The corresponding interim international mobile subscriber identity IMSI of termination number and interim Ki key, and by the interim IMSI and described face When Ki key be sent to the SIM card, store the interim IMSI in the SIM card by the SIM card later and described face When Ki key, and pass through the interim IMSI and the interim Ki key access to mobile network.
The business platform further include: HLR update module 23, for by the mobile terminal number recorded in HLR and the SIM The intrinsic IMSI of card, the corresponding relationship between intrinsic Ki key are updated to the described of the mobile terminal number and the SIM card Corresponding relationship between interim IMSI, interim Ki key.
In the embodiment of the present invention, the subscription authentication module 21 is also used to receiving the movement from SIM card eventually After holding number and the interim IMSI, the mobile terminal number is authenticated;The user identity management module 22, It is also used to after the authentication is passed, the corresponding interim IMSI of the mobile terminal number and interim Ki key is nullified, by institute It states interim IMSI and is canceled successful information and notify to the SIM card, deleted in the SIM card by SIM card described interim IMSI and the interim Ki key, and pass through the intrinsic IMSI of the SIM card and intrinsic Ki key access to mobile network.
HLR update module 23, the mobile terminal number for being also used to record in HLR face with described in the SIM card When IMSI, the interim Ki key between corresponding relationship, be updated to the described solid of the mobile terminal number and the SIM card There is the corresponding relationship between IMSI, the intrinsic Ki key.
Wherein, the modules of apparatus of the present invention can integrate in one, can also be deployed separately.Above-mentioned module can close And be a module, multiple submodule can also be further split into.
Embodiment five
The embodiment of the present invention five provides the cut-in method of mobile network a kind of, and this method is the register flow path of interim IMSI, As shown in figure 5, the cut-in method of the mobile network may comprise steps of:
The SIM card of mobile terminal STK authentication application module (provide STK menu for user input mobile terminal number and Service password) receive mobile terminal number and service password that user inputs.
Mobile terminal number and service password are sent to the encrypting module of SIM card by STK authentication application module, by encryption mould Mobile terminal number and service password is encrypted in block.
STK authenticates application module and receives mobile terminal number and service password after encryption.
STK authenticate application module by after encryption mobile terminal number and service password be sent to the use of business platform Family authentication module authenticates mobile terminal number by subscription authentication module.
After in the mobile terminal number, the authentication is passed, the user identity management of subscription authentication module application business platform Module is that mobile terminal number distributes interim IMSI and interim Ki key.
User identity management module is that mobile terminal number distributes interim IMSI and interim Ki key, by interim IMSI and is faced When Ki key notification give subscription authentication module, notice HLR update module is by the mobile terminal number recorded in HLR and SIM card Corresponding relationship inherently between IMSI, intrinsic Ki key is updated to the interim IMSI of mobile terminal number and SIM card, interim Ki key Between corresponding relationship.
Interim IMSI and interim Ki key is encrypted in subscription authentication module, and returns to STK authentication application module Interim IMSI and interim Ki key after returning encryption.
STK authenticate application module by after encryption interim IMSI and interim Ki key be sent to encrypting module, by adding Interim IMSI and interim Ki key is decrypted in close module.
STK authenticates the interim IMSI and interim Ki key of application module receiving and deciphering processing.
STK authenticates application module and writes card module for what interim IMSI and interim Ki key were sent to SIM card, by writing card module Interim IMSI and interim Ki key are stored on the sim card.
Further, STK authenticates the AM access module that interim IMSI and interim Ki key are sent to SIM card by application module, Interim IMSI and interim Ki key access to mobile network are used by AM access module.
Further, STK authentication application module notifies user's SIM card with interim IMSI and interim Ki key in mobile network In succeed in registration, currently used interim IMSI and interim Ki key access to mobile network.
Embodiment six
The embodiment of the present invention six provides the cut-in method of mobile network a kind of, and this method is the logout flow path of interim IMSI, As shown in fig. 6, the cut-in method of the mobile network may comprise steps of:
The SIM card of mobile terminal STK authentication application module (provide STK menu for user input mobile terminal number and Service password) receive mobile terminal number and service password that user inputs.
STK authenticates application module for mobile terminal number, service password and the corresponding interim IMSI of mobile terminal number It is sent to the encrypting module of SIM card, it is corresponding to mobile terminal number, service password and mobile terminal number by encrypting module Interim IMSI is encrypted.
STK authenticates mobile terminal number, service password after application module receives the encryption that encrypting module returns And the corresponding interim IMSI of mobile terminal number.
STK authenticates application module for mobile terminal number, service password and the mobile terminal number pair after encryption The interim IMSI answered is sent to the subscription authentication module of business platform, and request subscription authentication module nullifies the interim IMSI, and by Subscription authentication module authenticates mobile terminal number.
After in mobile terminal number, the authentication is passed, the user identity management mould of subscription authentication module application business platform Block nullifies the corresponding interim IMSI of the mobile terminal number and interim Ki key.
User identity management module nullifies the corresponding interim IMSI of mobile terminal number and interim Ki key, by interim IMSI Be canceled successful information notice subscription authentication module, notice HLR update module by the mobile terminal number recorded in HLR with The interim IMSI of SIM card, interim Ki key corresponding relationship be updated to the intrinsic IMSI of mobile terminal number and SIM card, intrinsic The corresponding relationship of Ki key.
Interim IMSI is canceled successfully by subscription authentication module after receiving interim IMSI and being canceled successful information Information notifies to authenticate application module to STK.
STK authentication application module notice writes card module and deletes interim IMSI and interim Ki key on the sim card, by writing card mold Block deletes interim IMSI and interim Ki key on the sim card.
Further, STK authenticates application module and the deleted information of interim IMSI and interim Ki key is sent to access Module uses intrinsic IMSI and intrinsic Ki key access to mobile network by AM access module.
Further, STK authentication application module notifies user that interim IMSI is canceled success.
Embodiment seven
Based on inventive concept same as the above method, a kind of connecing for mobile network is additionally provided in the embodiment of the present invention seven Enter system, the access system of the mobile network specifically includes the client identification module SIM card and business platform of mobile terminal; Wherein:
The mobile terminal number is sent to business for receiving the mobile terminal number of user's input by the SIM card Platform, and interim international mobile subscriber identity IMSI and interim Ki key that the business platform returns are received, and described The interim IMSI and the interim Ki key are stored in SIM card;And pass through the interim IMSI and the interim Ki key Access to mobile network;
The business platform reflects to the mobile terminal number for receiving the mobile terminal number from SIM card Power, and after the authentication is passed, the corresponding interim IMSI of the mobile terminal number and interim Ki key are generated, it will be described interim IMSI and the interim Ki key are sent to the SIM card.
The SIM card, specifically for effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI, And effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and pass through the interim IMSI With the interim Ki key access to mobile network;
The business platform, specifically for the mobile terminal number and the SIM that will be recorded in home location register HLR The intrinsic IMSI of card, the corresponding relationship between intrinsic Ki key are updated to the described of the mobile terminal number and the SIM card Corresponding relationship between interim IMSI, the interim Ki key.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can be by Software adds the mode of required general hardware platform to realize, naturally it is also possible to which by hardware, but in many cases, the former is more Good embodiment.Based on this understanding, technical solution of the present invention substantially in other words contributes to the prior art Part can be embodied in the form of software products, which is stored in a storage medium, if including Dry instruction is used so that a computer equipment (can be personal computer, server or the network equipment etc.) executes this hair Method described in bright each embodiment.
It will be appreciated by those skilled in the art that attached drawing is the schematic diagram of a preferred embodiment, module or stream in attached drawing Journey is not necessarily implemented necessary to the present invention.
It will be appreciated by those skilled in the art that the module in device in embodiment can describe be divided according to embodiment It is distributed in the device of embodiment, corresponding change can also be carried out and be located in one or more devices different from the present embodiment.On The module for stating embodiment can be merged into a module, can also be further split into multiple submodule.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Disclosed above is only several specific embodiments of the invention, and still, the present invention is not limited to this, any ability What the technical staff in domain can think variation should all fall into protection scope of the present invention.

Claims (13)

1. a kind of cut-in method of mobile network, which is characterized in that the described method comprises the following steps:
The client identification module SIM card of mobile terminal receives the mobile terminal number of user's input;
The mobile terminal number is sent to business platform by the SIM card, generates the mobile terminal by the business platform The corresponding interim international mobile subscriber identity IMSI of number and interim Ki key;
The SIM card receives the interim IMSI and the interim Ki key that the business platform returns, and in the SIM card The upper storage interim IMSI and the interim Ki key;
The SIM card passes through the interim IMSI and the interim Ki key access to mobile network;
Wherein, the mobile terminal number is that can carry mobile terminal number;
The SIM card is specifically included by the process of the interim IMSI and the interim Ki key access to mobile network:
Effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI by the SIM card, and by the SIM card Effective Ki key be switched to the interim Ki key from intrinsic Ki key, and it is close by the interim IMSI and interim Ki Key access to mobile network;
The business platform is intrinsic by the mobile terminal number recorded in home location register HLR and the SIM card Corresponding relationship between IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, the interim Ki key.
2. the method as described in claim 1, which is characterized in that the SIM card passes through the interim IMSI and interim Ki After key access to mobile network, the method also includes:
The SIM card is in the notice of the interim IMSI of cancellation for receiving user's input, by the mobile terminal number and described Interim IMSI is sent to the business platform, and it is corresponding described interim to nullify the mobile terminal number by the business platform IMSI and the interim Ki key;
The SIM card receives the interim IMSI that the business platform returns and is canceled successful notice, and in the SIM card The upper deletion interim IMSI and the interim Ki key;
The intrinsic IMSI and intrinsic Ki key access to mobile network that the SIM card passes through the SIM card.
3. method according to claim 2, which is characterized in that the SIM card passes through the intrinsic IMSI of the SIM card and intrinsic The process of Ki key access to mobile network, specifically includes:
Effective IMSI of the SIM card is switched to the intrinsic IMSI from the interim IMSI by the SIM card, and will be described Effective Ki key of SIM card is switched to the intrinsic Ki key from the interim Ki key, and passes through the intrinsic IMSI and institute State intrinsic Ki key access to mobile network.
4. a kind of cut-in method of mobile network, which is characterized in that the described method comprises the following steps:
The mobile terminal number of client identification module SIM card of the business platform reception from mobile terminal;
The business platform authenticates the mobile terminal number, and after the authentication is passed, generates the mobile terminal The corresponding interim international mobile subscriber identity IMSI of number and interim Ki key;
The interim IMSI and the interim Ki key are sent to the SIM card by the business platform, by the SIM card in institute It states and stores the interim IMSI and the interim Ki key in SIM card, and pass through the interim IMSI and the interim Ki key Access to mobile network;
Wherein, the mobile terminal number is that can carry mobile terminal number;
After the business platform generates the corresponding interim IMSI of mobile terminal number and interim Ki key, the method is also Include:
The business platform is intrinsic by the mobile terminal number recorded in home location register HLR and the SIM card Corresponding relationship between IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, the interim Ki key;
Effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI by the SIM card, and by the SIM card Effective Ki key be switched to the interim Ki key from intrinsic Ki key, and it is close by the interim IMSI and interim Ki Key access to mobile network.
5. method as claimed in claim 4, which is characterized in that it is corresponding that the business platform generates the mobile terminal number After interim IMSI and interim Ki key, the method also includes:
The business platform after receiving the mobile terminal number and the interim IMSI from the SIM card, The mobile terminal number is authenticated, and after the authentication is passed, nullifies that the mobile terminal number is corresponding described to be faced When the IMSI and interim Ki key;
The interim IMSI is canceled successful information and notified to the SIM card by the business platform, by the SIM card in institute It states and deletes the interim IMSI and the interim Ki key in SIM card, and by the intrinsic IMSI of the SIM card and inherently Ki key access to mobile network.
6. method as claimed in claim 5, which is characterized in that it is corresponding that the business platform nullifies the mobile terminal number After the interim IMSI and the interim Ki key, the method also includes:
The business platform by the interim IMSI of the mobile terminal number recorded in HLR and the SIM card, described face When Ki key between corresponding relationship, be updated to the intrinsic IMSI, described solid of the mobile terminal number and the SIM card There is the corresponding relationship between Ki key.
7. a kind of client identification module SIM card of mobile terminal, which is characterized in that the SIM card includes:
STK authenticates application module, for receiving the mobile terminal number of user's input, and the mobile terminal number is sent to Business platform, by the business platform generate the corresponding interim international mobile subscriber identity IMSI of the mobile terminal number and Interim Ki key;And receive the interim IMSI and the interim Ki key that the business platform returns;Wherein, described Mobile terminal number is that can carry mobile terminal number;
Card module is write, for storing the interim IMSI and the interim Ki key in the SIM card;
AM access module, for passing through the interim IMSI and the interim Ki key access to mobile network;
Wherein, the AM access module, it is described interim specifically for effective IMSI of the SIM card to be switched to from intrinsic IMSI IMSI, and effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and by described interim IMSI and the interim Ki key access to mobile network;
The business platform is intrinsic by the mobile terminal number recorded in home location register HLR and the SIM card Corresponding relationship between IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, the interim Ki key.
8. SIM card as claimed in claim 7, which is characterized in that
The STK authenticates application module, is also used in the notice of the interim IMSI of cancellation for receiving user's input, by the movement Termination number and the interim IMSI are sent to the business platform, nullify the mobile terminal number by the business platform The corresponding interim IMSI and the interim Ki key;And receive the interim IMSI quilt that the business platform returns Nullify successfully notice;
It is described to write card module, it is also used to delete the interim IMSI and interim Ki key on the sim card;
The AM access module is also used to through intrinsic IMSI and intrinsic Ki key access to mobile network.
9. SIM card as claimed in claim 8, which is characterized in that
The AM access module, it is described intrinsic specifically for effective IMSI of the SIM card to be switched to from the interim IMSI IMSI, and effective Ki key of the SIM card is switched to the intrinsic Ki key from the interim Ki key, and by described Intrinsic IMSI and the intrinsic Ki key access to mobile network.
10. a kind of business platform, which is characterized in that the business platform specifically includes:
Subscription authentication module, for receiving the mobile terminal number of the client identification module SIM card from mobile terminal, and to institute Mobile terminal number is stated to be authenticated;
User identity management module, it is corresponding interim international mobile for after the authentication is passed, generating the mobile terminal number The interim IMSI and the interim Ki key are sent to the SIM card, by institute by CUSTOMER ID IMSI and interim Ki key It states SIM card and stores the interim IMSI and the interim Ki key in the SIM card, and pass through the interim IMSI and described Interim Ki key access to mobile network;Wherein, the mobile terminal number is that can carry mobile terminal number;
Further include:
Home location register HLR update module, for by the mobile terminal number recorded in HLR and the SIM card Corresponding relationship between intrinsic IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, interim Ki key;
Effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI by the SIM card, and by the SIM card Effective Ki key be switched to the interim Ki key from intrinsic Ki key, and it is close by the interim IMSI and interim Ki Key access to mobile network.
11. business platform as claimed in claim 10, which is characterized in that
The subscription authentication module is also used to receiving the mobile terminal number from the SIM card and described facing When IMSI after, the mobile terminal number is authenticated;
The user identity management module, is also used to after the authentication is passed, nullifies that the mobile terminal number is corresponding described to be faced When IMSI and interim Ki key, the interim IMSI is canceled successful information and notifies to be existed to the SIM card by SIM card The interim IMSI and the interim Ki key are deleted in the SIM card, and by the intrinsic IMSI of the SIM card and admittedly There is Ki key access to mobile network.
12. business platform as claimed in claim 10, which is characterized in that further include:
HLR update module, for the interim IMSI by the mobile terminal number recorded in HLR with the SIM card, institute The corresponding relationship between interim Ki key is stated, the intrinsic IMSI, the institute of the mobile terminal number and the SIM card are updated to State the corresponding relationship between intrinsic Ki key.
13. a kind of access system of mobile network, which is characterized in that the access system of the mobile network specifically includes mobile whole The client identification module SIM card and business platform at end;Wherein:
The mobile terminal number is sent to business and put down by the SIM card for receiving the mobile terminal number of user's input Platform, and interim international mobile subscriber identity IMSI and interim Ki key that the business platform returns are received, and in the SIM The interim IMSI and the interim Ki key are stored on card;And it is connect by the interim IMSI and the interim Ki key Enter mobile network;
The business platform authenticates the mobile terminal number for receiving the mobile terminal number from SIM card, And after the authentication is passed, the corresponding interim IMSI of the mobile terminal number and interim Ki key are generated, by the interim IMSI The SIM card is sent to the interim Ki key;Wherein, the mobile terminal number is that can carry mobile terminal number;
Wherein,
The SIM card, specifically for effective IMSI of the SIM card is switched to the interim IMSI from intrinsic IMSI, and will Effective Ki key of the SIM card is switched to the interim Ki key from intrinsic Ki key, and passes through the interim IMSI and institute State interim Ki key access to mobile network;
The business platform, specifically for mobile terminal number and the SIM card that will be recorded in home location register HLR Corresponding relationship between intrinsic IMSI, intrinsic Ki key is updated to the described interim of the mobile terminal number and the SIM card Corresponding relationship between IMSI, the interim Ki key.
CN201310676311.5A 2013-12-11 2013-12-11 A kind of cut-in method of mobile network, equipment and system Active CN104717646B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310676311.5A CN104717646B (en) 2013-12-11 2013-12-11 A kind of cut-in method of mobile network, equipment and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310676311.5A CN104717646B (en) 2013-12-11 2013-12-11 A kind of cut-in method of mobile network, equipment and system

Publications (2)

Publication Number Publication Date
CN104717646A CN104717646A (en) 2015-06-17
CN104717646B true CN104717646B (en) 2019-01-01

Family

ID=53416506

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310676311.5A Active CN104717646B (en) 2013-12-11 2013-12-11 A kind of cut-in method of mobile network, equipment and system

Country Status (1)

Country Link
CN (1) CN104717646B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109429226A (en) * 2017-09-05 2019-03-05 中国移动通信有限公司研究院 A kind of generation method, subscriber card, terminal and the network equipment of casual user's voucher

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444414A (en) * 2002-03-12 2003-09-24 斯伦贝谢神码(北京)信息技术有限公司 User identification module card, method for activating user identification module card in sky and its system
CN102111268A (en) * 2009-12-28 2011-06-29 北京安码科技有限公司 Two-way authentication method of global system for mobile communications (GSM) network
CN102523578A (en) * 2011-12-09 2012-06-27 北京握奇数据系统有限公司 Over-the-air card writing method, apparatus and system
WO2013124194A1 (en) * 2012-02-24 2013-08-29 Alcatel Lucent Smart card initial personnalization

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444414A (en) * 2002-03-12 2003-09-24 斯伦贝谢神码(北京)信息技术有限公司 User identification module card, method for activating user identification module card in sky and its system
CN102111268A (en) * 2009-12-28 2011-06-29 北京安码科技有限公司 Two-way authentication method of global system for mobile communications (GSM) network
CN102523578A (en) * 2011-12-09 2012-06-27 北京握奇数据系统有限公司 Over-the-air card writing method, apparatus and system
WO2013124194A1 (en) * 2012-02-24 2013-08-29 Alcatel Lucent Smart card initial personnalization

Also Published As

Publication number Publication date
CN104717646A (en) 2015-06-17

Similar Documents

Publication Publication Date Title
KR102221123B1 (en) Synchronization and verification groups among related devices
CN105050081B (en) Method, device and system for connecting network access device to wireless network access point
CN105027107B (en) Migrate the computer implemented method and computing system of computing resource
CN104903905B (en) By the security service management for computer application for the object code for changing computer application
US10187202B2 (en) Key agreement for wireless communication
CN105453105B (en) System and method for cloud data safety
EP3232634B1 (en) Identity authentication method and device
CN103685282B (en) A kind of identity identifying method based on single-sign-on
CN103249045B (en) A kind of methods, devices and systems of identification
EP1994710B1 (en) Using a trusted-platform-based shared-secret derivation and wwan infrastructure-based enrollment to establish a secure local channel
US9647984B2 (en) System and method for securely using multiple subscriber profiles with a security component and a mobile telecommunications device
CN104205891B (en) Virtual SIM card cloud platform
CN106529327B (en) Mix the data access arrangement and method below cloud environment to encrypting database
CN104852925B (en) Mobile intelligent terminal anti-data-leakage secure storage, backup method
CN102595404B (en) For storing and executing the method and device of access control clients
US20170063827A1 (en) Data obfuscation method and service using unique seeds
CN103107995B (en) A kind of cloud computing environment date safety storing system and method
CN106161359B (en) It authenticates the method and device of user, register the method and device of wearable device
CN103873454B (en) Authentication method and equipment
US10135611B1 (en) Delivering a content item from a server to a device
CN100586066C (en) System and method for realizing single-point login
CN103533539B (en) Virtual SIM card parameter management method and device
CN102045367B (en) Registration method and authentication server of real-name authentication
CN101641976B (en) An authentication method
CN107317789B (en) Key distribution and authentication method, device and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant