CN105025002A - Security audit of communication data realized through authentication codes - Google Patents

Security audit of communication data realized through authentication codes Download PDF

Info

Publication number
CN105025002A
CN105025002A CN201510301987.5A CN201510301987A CN105025002A CN 105025002 A CN105025002 A CN 105025002A CN 201510301987 A CN201510301987 A CN 201510301987A CN 105025002 A CN105025002 A CN 105025002A
Authority
CN
China
Prior art keywords
authentication codes
communication data
user
security audit
reading
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510301987.5A
Other languages
Chinese (zh)
Inventor
任明和
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHONGQING ZHITAO INFORMATION TECHNOLOGY CENTER
Original Assignee
CHONGQING ZHITAO INFORMATION TECHNOLOGY CENTER
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHONGQING ZHITAO INFORMATION TECHNOLOGY CENTER filed Critical CHONGQING ZHITAO INFORMATION TECHNOLOGY CENTER
Priority to CN201510301987.5A priority Critical patent/CN105025002A/en
Publication of CN105025002A publication Critical patent/CN105025002A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

According to the security audit of communication data realized through authentication codes, through a service provider central switch system and/or a mobile district base station and/ or WIFI hot spots, authentication codes are written in communication data. When the communication data is read in a user terminal, the communication data is determined to be safe information if effective authentication codes are written in communication data. Otherwise, prompt will be automatically given to a user. According to the invention, problems of the user are solved from the angle of the user. In a mode of repeatedly educating the user and with consideration of application advantages of other technical schemes, telecommunication fraud problems are effectively and thoroughly solved.

Description

The security audit to communication data is realized by authentication codes
Technical field
The present invention relates to mobile communication and the Internet correlation technique, by operator's Centrex system and/or by base station, mobile cell, authentication codes is write in the communication data of transmission, when reading at user terminal, if communication data is written with effective authentication codes, be then security information, there is no then automatically prompting user.The present invention fundamentally solves a difficult problem for the pernicious swindle in pseudo-base station, realizes the effective supervision to communication data.
Background technology
The dolus malus that Telecoms Fraud, particularly pseudo-base station or steal-number WIFI hot spot cause, has been one and has been subject to the disgustful social malignant tumor of users.How eradicating this malignant tumor, how to solve this social difficult problem technically, is the problem that network communications industry must be anxious to be resolved.
Be worth the existing disclosed patent CN200910176999.4 compared, a kind of method using number password to prevent note from harassing.This patent of invention is in the side of sending SMS message, and sets up a set of authorization identifying cryptographic system, and the short message that transmit leg sends is by after cipher authentication, and short message service center could by this short message to recipient.This can not cause the problem of harassing and wrecking or injury to wipe out to recipient user by what comprise in short message, larger problem does not give user's salutary reminder and treating method that is anti-harassment or swindle, allow certain some operator do not need to bear oneself must bear in responsibility, but issue with immoral short message service operator the information content that some users are damaged in partnership, this does not conform to the actual needs of symbol user and law.
Set the communication data that sent by operator base station, be all through that operator effectively examines, in fact this Ye Shi operator is as the statutory business of operator, and not so, operator just should bear thus to the compensation for damages that user causes; Otherwise all take forbidding and tackling of high strength, the relative commercial object that operator so must be caused to realize based on this channel cannot realize, and the means of communication ability desired by user also will weaken greatly.Accordingly, we only need to judge operator base station or legal authorized base station, send to the communication data of user to be all useful, so get rid of the communication data received beyond both of these case, user is worth taking precautions against and noting, operator is necessary to take technological means, provides the risk as bottom data source to remind to user.
Summary of the invention
Telecoms Fraud, refuse messages etc. itself can't cause great economic loss in access link to user, are only bring harassing and wrecking.Existing some safety management softwares at user's incoming end, can take part active interception technology.But for accessing first, or not repeatedly access the communication data implementing swindle, this interception or unpractical.
In fact, whether user is had dust thrown into the eyes, most critical is the very first time that will obtain information of being deceived user, give user one to remind clearly, give user's rationality analyze in order after prompting, accurately inform the problem place that this communication data of user leaves a question open, allow user moment can come out of from the state of stress losing one's head of being deceived after, language point is waken up people in dream, provides the technological guidance how user suitably tackles.Under user's rationality state, by the instruct education of science, believe that in the face of any telecommunication fraud, user can tackle calmly, be unlikely to have dust thrown into the eyes.
Based on the above-mentioned thinking that can effectively deal with problems in actual applications, of the present invention by the security audit of authentication codes realization to communication data, the problem of user is solved from the angle of user, by repeatedly educating the mode of user, take into account the application advantage absorbing other technologies scheme, achieve the Telecoms Fraud problem to pseudo-base station and steal-number WIFI hot spot, carry out sound solution, construct a real anti-swindle technical solution with practical value to user.
Of the present invention by the security audit of authentication codes realization to communication data, by operator's Centrex system and/or by base station, mobile cell and/or pass through WIFI hot spot, authentication codes is write in the communication data of transmission, when reading at user terminal, if communication data is written with effective authentication codes, be security information, there is no then automatically prompting user.
Communication data of the present invention, comprises the telephone number of access, the multimedia message of reception and note, and the data flow being transmitted download by mobile network.
Described by the security audit of authentication codes realization to communication data, comprise following technology realization flow:
S1, transmission communication data in write authentication codes.
S2, customer mobile terminal obtain communication data, read authentication codes.
S3, comparison match authentication codes, obtain safety certification and pass through.
S4, communication data is carried out to the data convert process of filtering code.
S5, by reduction after communication data submit to corresponding described business module process complete operation flow.
S6, when not reading authentication codes, or the authentication codes read is when being pseudo-code, then send warning to user.
Of the present invention by the security audit of authentication codes realization to communication data, described write authentication codes, its authentication codes can, according to the different requirements of safe class, can be set as writing static authentication codes or write dynamic authentication code.By arranging the cycle length of dynamic authentication code variations, strengthen the difficulty cracked.
Of the present invention by the security audit of authentication codes realization to communication data, described reading authentication codes, maybe when not reading authentication codes, then rejects this communication data, and operation flow stops; Maybe when the authentication codes read is pseudo-code, then reject this communication data, operation flow stops.
Of the present invention by the security audit of authentication codes realization to communication data, described reading authentication codes, maybe when not reading authentication codes, continuing to receive this communication data, sending prompting after finishing service license to user; Maybe when the authentication codes read is pseudo-code, continue to receive this communication data, after finishing service license, send prompting to user.
Of the present invention by the security audit of authentication codes realization to communication data, described communication data submits to corresponding business module process, or activate the double-directional speech dialogue of ring UNICOM, or at information list display short message or MMS content, perhaps can continue to network with this base station or WIFI hot spot.
Of the present inventionly realize security audit to communication data by authentication codes, described prompting is sent to user, or further to the method suggestion that user provides more detailed relevant malicious data knowledge and deals with problems.
Accompanying drawing explanation
Accompanying drawing is of the present invention by the operation system pie graph of authentication codes realization to the security audit of communication data.
Embodiment
Below in conjunction with the explanation that accompanying drawing carries out specific embodiments of the invention, it is only the introduction of wherein a kind of technology implementation pattern.Should be appreciated that embodiment described herein is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Security audit to being realized by authentication codes communication data of the present invention, comprises following technology realization flow:
S1, by operator mobile base station 103 or through safety certification WIFI hot spot 104 transmit communication data in writing authentication codes.
S2, customer mobile terminal 101 obtain communication data, read authentication codes by the reading business module 1021 of safe control 102.
S3, matching ratio comparatively business module 1022 matching ratio comparatively authentication codes by safe control 102, obtain safety certification and pass through.
S4, carried out the data convert process of filtering code by filter traffic module 1023 pairs of communication datas of safe control 102.
S5, safe control 102, by the communication data after reduction, are submitted corresponding business module to, are completed corresponding operation flow.
S6, when by pseudo-base station 105 or the WIFI hot spot 104 access user mobile terminal 101 without safety certification, and do not read authentication codes, or when the authentication codes read is pseudo-code, 101 couples of users send warning at mobile terminal.
In sum, of the present invention by the security audit of authentication codes realization to communication data, by operator's Centrex system and/or by base station, mobile cell and/or pass through WIFI hot spot, authentication codes is write in the communication data of transmission, when reading at user terminal, if communication data is written with effective authentication codes, be then security information, there is no then automatically prompting user.The present invention solves the problem of user from the angle of user, by repeatedly educating the mode of user, taking into account the application advantage absorbing other technologies scheme, achieving effectively and thoroughly solving Telecoms Fraud problem.

Claims (6)

1. realize the security audit to communication data by authentication codes, be characterised in that by operator's Centrex system and/or by base station, mobile cell and/or pass through WIFI hot spot, authentication codes is write in the communication data of transmission, when reading at user terminal, if communication data is written with effective authentication codes, be security information, there is no then automatically prompting user;
Comprise following technology realization flow:
S1, transmission communication data in write authentication codes;
S2, customer mobile terminal obtain communication data, read authentication codes;
S3, comparison match authentication codes, obtain safety certification and pass through;
S4, communication data is carried out to the data convert process of filtering code;
S5, by reduction after communication data submit to corresponding business module process to complete described operation flow;
S6, when not reading authentication codes, or the authentication codes read is when being pseudo-code, then send warning to user.
2. realize the security audit to communication data by authentication codes according to claim 1, be characterised in that the write authentication codes of step S1, its authentication codes can, according to the different requirements of safe class, can be set as writing static authentication codes or write dynamic authentication code.
3. realize the security audit to communication data by authentication codes according to claim 1, being characterised in that the reading authentication codes of step S2, maybe when not reading authentication codes, then rejecting this communication data, operation flow stops; Maybe when the authentication codes read is pseudo-code, then reject this communication data, operation flow stops.
4. realize the security audit to communication data by authentication codes according to claim 1, be characterised in that the reading authentication codes of step S2, maybe when not reading authentication codes, continuing to receive this communication data, after finishing service license, sending prompting to user; Maybe when the authentication codes read is pseudo-code, continue to receive this communication data, after finishing service license, send prompting to user.
5. realize the security audit to communication data by authentication codes according to claim 1, be characterised in that the communication data of step S5 submits to corresponding business module process, or activate the double-directional speech dialogue of ring UNICOM, or at information list display short message or MMS content, perhaps can continue to network with this base station or WIFI hot spot.
6. realize security audit to communication data according to described in claim 1/4 by authentication codes, be characterised in that and described prompting sent to user, or further to the method suggestion that user provides more detailed relevant malicious data knowledge and deals with problems.
CN201510301987.5A 2015-06-05 2015-06-05 Security audit of communication data realized through authentication codes Pending CN105025002A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510301987.5A CN105025002A (en) 2015-06-05 2015-06-05 Security audit of communication data realized through authentication codes

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510301987.5A CN105025002A (en) 2015-06-05 2015-06-05 Security audit of communication data realized through authentication codes

Publications (1)

Publication Number Publication Date
CN105025002A true CN105025002A (en) 2015-11-04

Family

ID=54414709

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510301987.5A Pending CN105025002A (en) 2015-06-05 2015-06-05 Security audit of communication data realized through authentication codes

Country Status (1)

Country Link
CN (1) CN105025002A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220641A (en) * 2012-01-19 2013-07-24 联想(北京)有限公司 Information processing method and electronic terminal
CN103763690A (en) * 2014-01-28 2014-04-30 北京奇虎科技有限公司 Method and device for sending short messages to mobile terminal from detection fake base station
CN104010285A (en) * 2014-06-18 2014-08-27 中国联合网络通信集团有限公司 Short message filtering method and system, short message service center and terminal
CN104168568A (en) * 2014-08-28 2014-11-26 中国联合网络通信集团有限公司 Mobile terminal and method for cell identity authentication through same
CN104185158A (en) * 2014-09-01 2014-12-03 北京奇虎科技有限公司 Malicious short message processing method and client based on false base station

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103220641A (en) * 2012-01-19 2013-07-24 联想(北京)有限公司 Information processing method and electronic terminal
CN103763690A (en) * 2014-01-28 2014-04-30 北京奇虎科技有限公司 Method and device for sending short messages to mobile terminal from detection fake base station
CN104010285A (en) * 2014-06-18 2014-08-27 中国联合网络通信集团有限公司 Short message filtering method and system, short message service center and terminal
CN104168568A (en) * 2014-08-28 2014-11-26 中国联合网络通信集团有限公司 Mobile terminal and method for cell identity authentication through same
CN104185158A (en) * 2014-09-01 2014-12-03 北京奇虎科技有限公司 Malicious short message processing method and client based on false base station

Similar Documents

Publication Publication Date Title
CN109347635A (en) A kind of Internet of Things security certification system and authentication method based on national secret algorithm
CN102457845B (en) Wireless traffic identity identifying method, equipment and system
CN103295304B (en) Based on community intelligent entrance guard control method and the device thereof of mobile phone 3G network
CN103020820A (en) Transaction payment method and system
CN102254264A (en) Security control method and security control system of mobile payment
CN103096316A (en) Terminal, network side equipment system and method for authenticating user identification card
CN102760262A (en) System and method based on biometrics identification payment risks
CN103886661A (en) Entrance guard management method and system
CN107733838A (en) A kind of mobile terminal client terminal identity identifying method, device and system
CN107113613A (en) Server, mobile terminal, real-name network authentication system and method
CN103037366A (en) Mobile terminal user authentication method and mobile terminal based on asymmetric cryptographic technique
CN107239955A (en) The method of reinforcement bank account safety of payment based on Beidou satellite navigation system
CN103686651A (en) Emergency call based authentication method, device and system
CN105553669A (en) Identity authentication based information encryption transmission apparatus, method, and control method
CN104376631B (en) A kind of implementation method of safety door prohibition system based on commercial cipher algorithm
CN104301886A (en) Short message reading method and system, terminal and wearable device
CN104506481A (en) Authentication method of mobile communication network
CN106027560A (en) Intelligent terminal oriented security transmission method and system
CN103401686A (en) User Internet identity authentication system and application method thereof
CN103312511A (en) Information confirming system and information confirming method
CN103020505A (en) Information management system and information management method based on fingerprint identification
CN103200298A (en) System and method for controlling mobile terminal to conduct voice communication
CN104935550A (en) Intelligent electronic commerce user management system technique and operating method thereof
CN106304052A (en) A kind of method of secure communication, device, terminal and client identification module card
CN106686196A (en) Personal mobile phone safety management method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20151104