Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a system and a method for realizing simultaneous online of one card and multiple numbers of a mobile terminal, so as to realize simultaneous online of all card numbers of an SIM card.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
a system for realizing simultaneous online of one card and multiple numbers of a mobile terminal comprises an SIM card, the mobile terminal and a background server accessed to a core network of an operator, wherein the SIM card is communicated with the background server through the mobile terminal; the SIM card stores n international mobile subscriber identities IMSI, one IMSI corresponds to one MSISDN number, and n is more than 1;
the SIM card comprises:
the security module is used for storing n sets of card number authentication data corresponding to the n IMSIs; each set of card number authentication data comprises a card number identifier of the IMSI and authentication data of the IMSI corresponding to the card number identifier;
the mobile terminal is used for sending network access requests of the n IMSIs of the SIM card to an operator core network through a background server;
the background server comprises:
the card number identification database is used for storing the one-to-one mapping relation between the n IMSIs of the SIM card and the n card number identifications;
the data forwarding module is used for sending the network access requests of the n IMSIs of the SIM card sent by the mobile terminal to an operator core network, receiving n authentication requests returned by the operator core network aiming at the n network access requests, and sending the authentication requests processed by the data encapsulation module to the SIM card through the mobile terminal;
the data encapsulation module is used for adding the card number identification of the IMSI corresponding to each authentication request into the authentication request to obtain the processed authentication request;
the mobile terminal is also used for forwarding the processed authentication request sent by the background server to the SIM card;
after the SIM card receives the processed authentication request, the security module calls corresponding card number authentication data according to the card number identification in each authentication request, processes each authentication request, and communicates with the operator core network through the mobile terminal and the background server to complete the authentication of each IMSI by the operator core network.
Further, the system for realizing simultaneous online of one card with multiple numbers of the mobile terminal,
the data forwarding module is also used for receiving a first instruction sent by the core network of the operator after the authentication of each IMSI by the core network of the operator is completed, and sending a second instruction processed by the data encapsulation module to the SIM card through the mobile terminal;
the data encapsulation module is further used for adding the card number identifier of the IMSI corresponding to the channel into the first instruction according to the source channel of the first instruction after receiving the first instruction, so as to obtain a second instruction;
and after receiving the second instruction, the SIM card calls the corresponding card number data according to the card number identification in the second instruction to process the instruction.
Further, the system for realizing simultaneous online of multiple mobile terminals with one card is described above, where the first instruction includes a call instruction or a short message instruction.
Further, the system for realizing one-card multi-number simultaneous online of the mobile terminal as described above, wherein the security module includes a secure element SE, an embedded secure element eSE, a trusted execution environment TEE module, or a host-based card emulation HCE module.
Further, according to the system for realizing simultaneous online of one card and multiple numbers of the mobile terminal, the security module is communicated with the mobile terminal through a machine-card channel; the machine card channel comprises an OpenMobile interface, a Bluetooth interface, a bearer independent protocol BIP interface or an SPI interface.
The invention also provides a method for realizing simultaneous online of one card and multiple numbers of the mobile terminal based on the system, which comprises the following steps:
the mobile terminal sends network access requests of n IMSIs of the SIM card to an operator core network through a background server;
after receiving the network access request, the operator core network sends an authentication request aiming at each network access request to a background server;
after receiving the authentication requests, the background server adds the card number identification of the IMSI corresponding to each authentication request into the authentication requests and sends the processed authentication requests to the SIM card through the mobile terminal;
after the SIM card receives the processed authentication request, the security module calls corresponding card number authentication data according to the card number identification in the processed authentication request, processes the authentication request, and communicates with the core network of the operator through the mobile terminal and the background server to complete the authentication of each IMSI.
Further, the method for implementing simultaneous online of multiple mobile terminals with one card number as described above further includes, after completing the authentication of each IMSI:
the background server receives a first instruction sent by an operator core network, adds a card number identifier of the IMSI corresponding to a channel into the first instruction according to a source channel of the first instruction to obtain a second instruction, and sends the second instruction to the mobile terminal;
and the mobile terminal sends the second instruction to the SIM card, and the SIM card calls the corresponding card number data according to the card number identification in the second instruction to process the instruction.
Further, the method for realizing simultaneous online of multiple numbers of one card of the mobile terminal as described above, where the first instruction includes a call instruction or a short message instruction.
Further, as described above, in a method for implementing simultaneous online of multiple numbers in one card of a mobile terminal, a security module of a SIM card includes a secure element SE, an embedded secure element eSE, a trusted execution environment TEE module, or a host-based card emulation HCE module.
Further, according to the method for realizing simultaneous online of one card and multiple numbers of the mobile terminal, the security module communicates with the mobile terminal through a machine-card channel; the machine card channel comprises an OpenMobile interface, a Bluetooth interface, a bearer independent protocol BIP interface or an SPI interface.
The invention has the beneficial effects that: the system and the method provided by the invention realize simultaneous online of one card and multiple numbers without adding additional equipment, and better meet the use requirements of users.
Detailed Description
The invention is described in further detail below with reference to the drawings and the detailed description.
Fig. 1 shows an architecture diagram of a system for implementing simultaneous online of multiple numbers of a mobile terminal with one card in an embodiment of the present invention, and as can be seen from the diagram, the system includes a SIM card, a mobile terminal, and a background server accessing to a core network of an operator, where the SIM card communicates with the background server through the mobile terminal.
In this embodiment, n international mobile subscriber identities IMSI are stored in the SIM card, where one IMSI corresponds to one MSISDN number, and n > 1; correspondingly, the operator core network also stores n sets of card number relationships (one-to-one correspondence relationship between n IMSIs and n MSISDN numbers) of the SIM cards.
The SIM card comprises a security module, wherein the security module is used for storing n sets of card number authentication data corresponding to n IMSI numbers of the SIM card; each set of card number authentication data comprises a card number identifier of the IMSI and authentication data of the IMSI corresponding to the card number identifier, wherein the authentication data is common authentication data in the authentication of the existing SIM card, and comprises the IMSI, Ki, OPC (obtained by calculating Ki and an operator root key OP) and the like; similarly, the authentication center of the operator core network also stores n sets of authentication data corresponding to the n IMSIs of the SIM card.
The mobile terminal is used for sending network access requests of the n IMSIs of the SIM card to an operator core network through a background server;
the background server comprises:
the card number identification database is used for storing the one-to-one mapping relation between the n IMSIs of the SIM card and the n card number identifications;
the data forwarding module is used for sending the network access requests of the n IMSIs of the SIM card sent by the mobile terminal to an operator core network, receiving n authentication requests returned by the operator core network aiming at the n network access requests, and sending the authentication requests processed by the data encapsulation module to the SIM card through the mobile terminal;
the data encapsulation module is used for adding the card number identification of the IMSI corresponding to each authentication request into the authentication request to obtain the processed authentication request;
the mobile terminal is also used for forwarding the processed authentication request sent by the background server to the SIM card;
after the SIM card receives the processed authentication request, the security module calls corresponding card number authentication data according to the card number identification in each authentication request, processes each authentication request, and communicates with the core network of the operator through the mobile terminal and the background server to complete the authentication of each IMSI by the core network of the operator.
In this embodiment, at a time when the SIM card needs to be authenticated (e.g. when a user first accesses a network, powers on, etc.), the mobile terminal obtains n IMSI numbers of the SIM card, sends a network access request of the n IMSI numbers of the SIM card to a core network of an operator through a background server, and after the core network receives the n network access requests, returns a corresponding authentication request to a background server for each network access request, because for each IMSI, communication channels between the background server and the core network of the operator are in one-to-one correspondence, that is, one IMSI corresponds to a communication channel between the background server and the core network, when the background server receives the authentication request sent by the core network, it can know which IMSI the authentication request is for according to the communication channel from which the authentication request is from, and add the card number identifier of the IMSI to the authentication request, and the processed authentication request is sent to the SIM card through the mobile terminal, so that the security module of the SIM card can call corresponding card number authentication data according to the card number identification in the processed authentication request, and then the security module communicates with an operator core network through the mobile terminal and a background server to complete the network access authentication of each IMSI of the SIM card.
After the network access authentication of each IMSI of the SIM card is completed, the data forwarding module receives a first instruction sent by an operator core network and sends a second instruction processed by the data encapsulation module to the SIM card through the mobile terminal; the first instruction includes but is not limited to a call instruction or a short message instruction and the like;
the data encapsulation module is further used for adding the card number identifier of the IMSI corresponding to the channel into the first instruction according to the source channel of the first instruction after receiving the first instruction, so as to obtain a second instruction;
and after receiving the second instruction, the SIM card calls the corresponding card number data according to the card number identification in the second instruction to process the instruction.
As shown in fig. 2, in this embodiment, the security module of the SIM card communicates with the mobile terminal through a phone-card channel, and the implementation manner of the phone-card channel includes, but is not limited to, an OpenMobile interface, a bluetooth interface, a bearer independent protocol BIP interface or an SPI interface. The security module comprises a secure element SE, an embedded secure element eSE, a trusted execution environment TEE module, or a host-based card emulation HCE module, etc.
The mobile terminal communicates with the background server through the Internet, and the background server is used for establishing a connection with an operator core network (the network shown in fig. 2) for the mobile terminal, so as to complete signaling transmission between the mobile terminal and the operator core network. The communication interface between the background server and the operator core network includes, but is not limited to, an Iuh interface or an S1 interface.
In this embodiment, the form of the SIM card includes, but is not limited to, a common mobile phone card, as long as it is a module capable of identifying a subscriber identity, for example, a security chip SE may be directly used, which has n international mobile subscriber identities ISMI (other identification names may also be used) capable of uniquely identifying a mobile subscriber, and an MSISDN number corresponding to each identification name is stored in an operator core network; the SIM card may not have a physical card, but the SIM card may be pre-installed when the mobile terminal leaves the factory, and is used as a part of the mobile terminal.
The system for realizing one-card multi-number simultaneous online of the mobile terminal provided by the invention has the advantages that the SIM card is communicated with the core network of an operator through the mobile terminal and the background server, and the authentication data issued by the core network is packaged through the background server, so that the SIM card can know which IMSI authentication data is issued by the core network, and the corresponding card number authentication data can be called to sequentially complete the network access authentication of a plurality of corresponding IMSIs, and the simultaneous online of a plurality of card numbers is realized. In the subsequent communication process, when the background server receives an instruction which needs to be sent to the SIM card by the core network of the operator, the card number identification corresponding to the source channel of the instruction is sent to the SIM card through the mobile terminal, and the SIM card can identify the card number data which needs to be called according to the card number identification to complete the processing of the instruction.
Based on the system shown in fig. 1, the present embodiment further provides a method for implementing simultaneous online of multiple numbers in a mobile terminal, as shown in fig. 3, the method mainly includes the following steps:
step S1: the mobile terminal sends network access requests of n IMSIs of the SIM card to an operator core network through a background server;
step S2: the background server sends the network access request to an operator core network and receives an authentication request sent by the operator core network;
step S3: the background server adds the card number identification into the authentication request and sends the processed authentication request to the SIM card through the mobile terminal;
step S4: the SIM card calls the corresponding card number authentication data according to the received card number identification in the processed authentication request, processes the authentication request, communicates with the core network of the operator, and completes the authentication of each IMSI.
In this embodiment, when the SIM card access authentication is required, the mobile terminal first obtains n IMSIs in the SIM card, and sends network access requests of the n IMSIs to the background server, and the background server sends the n network access requests to the operator core network.
It should be noted that, for each IMSI, the communication channels between the background server and the core network are in one-to-one correspondence, that is, one IMSI has a dedicated communication channel between the core network and the background server, which is the only communication channel between the core network and each mobile terminal when a plurality of user mobile terminals perform network access authentication of their SIM cards in the prior art.
After receiving n network access requests sent by a background server, an operator core network returns an authentication request to a background server aiming at each network access request, after receiving the authentication request returned by the core network, the background server adds a card number identifier of IMSI corresponding to a source communication channel of each authentication request into the authentication request, and sends the processed authentication request to an SIM card through a mobile terminal, after receiving the processed authentication request, the SIM card calls corresponding card number authentication data according to the card number identifier in the processed authentication request, processes the authentication request, and communicates with the operator core network through the mobile terminal and the background server to finish the authentication of each IMSI.
In practical application, it is assumed that the SIM card has two IMSIs, where the card number identifiers of the IMSIs 1 and the IMSI2, and the card number identifiers of the IMSI1 and the IMSI2 are 0001 and 0002, respectively, and the security module of the SIM card stores two sets of card number authentication data, one set includes the identifier 0001 and an authentication key k1 corresponding to the identifier, and the other set includes the identifier 0002 and an authentication key k2, when the mobile terminal is powered on, the mobile terminal first communicates with the SIM card to obtain the IMSI1 and the IMSI2, and sends the IMSI1 and the IMSI2 to the background server to send two network access requests for the IMSI1 and the IMSI2, the background server sends the network access request for the IMSI1 to the core network through a channel a, sends the network access request for the IMSI2 to the core network through a channel B, the core network returns an authentication request through a channel a, returns an authentication request through a channel B, the background server adds the identifier 0001 to the authentication request received by the channel a, and adds the identifier 2 to the authentication request received by the channel B, and the two processed authentication requests are sent to the SIM card through the mobile terminal, and the security module of the SIM card can respectively call corresponding authentication data according to the identifiers in the two requests to complete the network access authentication of the two ISMIs.
In the prior art, the specific implementation modes of SIM card network authentication are various, and in practical application, an authentication method can be selected according to actual needs.
After the network access authentication of each IMSI of the SIM card is completed, the MSISDN number corresponding to the IMSI passing the authentication is in an online state, that is, the call or short message information and the like sent by other user terminals through the core network can be received. Namely, the method provided by the invention further comprises the following steps:
step S5: the background server receives a first instruction sent by an operator core network, adds a card number identifier of the IMSI corresponding to a channel into the first instruction according to a source channel of the first instruction to obtain a second instruction, and sends the second instruction to the mobile terminal;
step S6: and the mobile terminal sends the second instruction to the SIM card, and the SIM card calls the corresponding card number data according to the card number identification in the second instruction to process the instruction.
The first instruction includes, but is not limited to, a call instruction or a short message instruction. After receiving the second instruction, the SIM card specifically needs to call which card number data is determined by the type of the instruction.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is intended to include such modifications and variations.