CN108696870A - A kind of mobile terminal authentication method based on SWP-SIM technologies - Google Patents

A kind of mobile terminal authentication method based on SWP-SIM technologies Download PDF

Info

Publication number
CN108696870A
CN108696870A CN201810385360.6A CN201810385360A CN108696870A CN 108696870 A CN108696870 A CN 108696870A CN 201810385360 A CN201810385360 A CN 201810385360A CN 108696870 A CN108696870 A CN 108696870A
Authority
CN
China
Prior art keywords
app
mobile terminal
user identity
authentication
identity information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810385360.6A
Other languages
Chinese (zh)
Other versions
CN108696870B (en
Inventor
林伟雄
张潭
詹元元
贺彩虹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yueliang Chuanqi Technology Co Ltd
Lenovo Chinaweal System and Service Co Ltd
Original Assignee
Yueliang Chuanqi Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yueliang Chuanqi Technology Co Ltd filed Critical Yueliang Chuanqi Technology Co Ltd
Priority to CN201810385360.6A priority Critical patent/CN108696870B/en
Publication of CN108696870A publication Critical patent/CN108696870A/en
Application granted granted Critical
Publication of CN108696870B publication Critical patent/CN108696870B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention proposes a kind of mobile terminal authentication method based on SWP-SIM technologies, including step:When user logs in mobile terminal APP, the User Identity information stored in SIM card and APP authorization messages are called;User Identity information and APP authorization messages are sent to safety control platform and carry out authentication;In safety control platform, authentication is carried out according to User Identity information and APP authorization messages;If certification success, authentication result is returned and sends mobile terminal APP and mobile Internet application management system;The connection that mobile terminal APP and mobile Internet application management system are established according to authentication result, to carry out information exchange;If authentification failure, authentication failure.The safety of mobile terminal authentication can be improved using the present invention.

Description

A kind of mobile terminal authentication method based on SWP-SIM technologies
Technical field
The present invention relates to mobile communication field more particularly to a kind of mobile terminal authentications based on SWP-SIM technologies Method.
Background technology
All kinds of mobile phone safe softwares being widely used at present, are all the information security solutions of Passive Defence system. Simultaneously as mobile internet device is often based upon iOS and Android operation system, the case where version fragmentation, often results in operation The loophole of system itself is easy to be used by hacker or Malware, in current mobile Internet application environment background Under, security intensity can not cope with current more and more specialized all kinds of attack means completely.
Invention content
Based on this, a kind of mobile terminal identity based on SWP-SIM technologies of being designed to provide of the embodiment of the present invention is recognized Card method improves the safety of mobile terminal authentication.
In order to achieve the above objectives, the embodiment of the present invention uses following technical scheme:
A kind of mobile terminal authentication method based on SWP-SIM technologies, including step:
When user logs in mobile terminal APP, the User Identity information stored in SIM card and APP is called to authorize Information;User Identity information and APP authorization messages are sent to safety control platform and carry out authentication;In bursting tube It controls in platform, authentication is carried out according to User Identity information and APP authorization messages;If certification success, by certification As a result it returns and sends mobile terminal APP and mobile Internet application management system;According to authentication result establish mobile terminal APP with The connection of mobile Internet application management system, to carry out information exchange;If authentification failure, authentication failure.
Further, described the step of calling the User Identity information stored in SIM card and APP authorization messages, wraps It includes:By call SIM card on Applet corresponding with safety element SE come call storage User Identity information and APP authorization messages.
Further, the User Identity information and APP authorization messages are sent out by the api interface of mobile terminal It send to safety control platform and carries out authentication.
Further, include according to the step of User Identity information and progress authentication of APP authorization messages:It will User Identity information is matched with pre-stored related information, obtains application corresponding with User Identity information APP, wherein pre-stored related information is established with workable using APP according to User Identity;According to APP Authorization message, if application APP corresponding with identification presentation information, within the scope of authority, certification is successful;Otherwise, certification is lost It loses.
Further, it is retransmited after User Identity information and APP authorization messages being encrypted using unique ciphertext Authentication is carried out to safety control platform.
Using the present invention program the User Identity stored in SIM card is called when user logs in mobile terminal APP Information and APP authorization messages;User Identity information and APP authorization messages are sent to safety control platform and carry out body Part certification;In safety control platform, authentication is carried out according to User Identity information and APP authorization messages;If recognizing It demonstrate,proves successfully, then authentication result is returned and send mobile terminal APP and mobile Internet application management system;It is built according to authentication result The connection of vertical mobile terminal APP and mobile Internet application management system, to carry out information exchange;If authentification failure, identity Authentification failure;The safety of mobile terminal authentication can be improved through the above scheme.
Description of the drawings
Attached drawing is to be used to provide further understanding of the present invention, an and part for constitution instruction, and following specific Embodiment is used to explain the present invention together, but should not be construed as limiting the invention.In the accompanying drawings,
Fig. 1 is a kind of flow signal of mobile terminal authentication method based on SWP-SIM technologies proposed by the present invention Figure.
Specific implementation mode
To make the objectives, technical solutions, and advantages of the present invention more comprehensible, with reference to the accompanying drawings and embodiments, to this Invention is described in further detail.It should be appreciated that the specific embodiments described herein are only used to explain the present invention, Do not limit protection scope of the present invention.
Fig. 1 shows a kind of based on SWP-SIM (NFC-SIM cards, a kind of the SIM card of new spec as safety chip) technology Mobile terminal authentication method flow chart, including step:
S1, when user logs in mobile terminal APP (computer applied algorithm), call the user identity that stores in SIM card Identification information and APP authorization messages;
S2, User Identity information and APP authorization messages are sent to safety control platform progress authentication;
S3, in safety control platform, carry out authentication according to User Identity information and APP authorization messages;
If S4, certification success, authentication result is returned and sends mobile terminal APP and mobile Internet application management system System;
S5, the connection that mobile terminal APP and mobile Internet application management system are established according to authentication result, to carry out letter Breath interaction;
If S6, authentification failure, authentication failure.
Using the present invention program the User Identity stored in SIM card is called when user logs in mobile terminal APP Information and APP authorization messages;User Identity information and APP authorization messages are sent to safety control platform and carry out body Part certification;In safety control platform, authentication is carried out according to User Identity information and APP authorization messages;If recognizing It demonstrate,proves successfully, then authentication result is returned and send mobile terminal APP and mobile Internet application management system;It is built according to authentication result The connection of vertical mobile terminal APP and mobile Internet application management system, to carry out information exchange;If authentification failure, identity Authentification failure;The safety of mobile terminal authentication can be improved through the above scheme.
Further, described the step of calling the User Identity information stored in SIM card and APP authorization messages, wraps It includes:By call SIM card on Applet corresponding with safety element SE (Applet be write using Java programming languages it is small Application program) call the User Identity information and APP authorization messages of storage.
Wherein, SWP-SIM, which is stuck on standard SIM card, is integrated with SE (Secure Element, safety element) module, uses In storage sensitive application and data.
Further, the User Identity information and APP authorization messages are sent out by the api interface of mobile terminal It send to safety control platform and carries out authentication.
Further, include according to the step of User Identity information and progress authentication of APP authorization messages:It will User Identity information is matched with pre-stored related information, obtains application corresponding with User Identity information APP, wherein pre-stored related information is established with workable using APP according to User Identity;According to APP Authorization message, if application APP corresponding with identification presentation information, within the scope of authority, certification is successful;Otherwise, certification is lost It loses.
Further, it is retransmited after User Identity information and APP authorization messages being encrypted using unique ciphertext Authentication is carried out to safety control platform.
Without departing from the thought of the invention, arbitrary combination is carried out to the various different embodiments of the present invention, it should all When being considered as present disclosure;Within the scope of the technical concept of the present invention, a variety of simple modifications are carried out to technical solution And the arbitrary combination of the thought without prejudice to the invention that different embodiments carry out, should all protection scope of the present invention it It is interior.

Claims (5)

1. a kind of mobile terminal authentication method based on SWP-SIM technologies, which is characterized in that including step:
When user logs in mobile terminal APP, the User Identity information stored in SIM card and APP authorization messages are called;
User Identity information and APP authorization messages are sent to safety control platform and carry out authentication;
In safety control platform, authentication is carried out according to User Identity information and APP authorization messages;
If certification success, authentication result is returned and sends mobile terminal APP and mobile Internet application management system;
The connection that mobile terminal APP and mobile Internet application management system are established according to authentication result, to carry out information exchange;
If authentification failure, authentication failure.
2. the mobile terminal authentication method based on SWP-SIM technologies as described in claim 1, which is characterized in that described The step of calling in SIM card the User Identity information that stores and APP authorization messages include:
By call SIM card on Applet corresponding with safety element SE come call storage User Identity information and APP authorization messages.
3. the mobile terminal authentication method based on SWP-SIM technologies as described in claim 1, which is characterized in that by institute It states User Identity information and APP authorization messages and safety control platform progress is sent to by the api interface of mobile terminal Authentication.
4. the mobile terminal authentication method based on SWP-SIM technologies as described in claim 1, which is characterized in that foundation User Identity information and APP authorization messages carry out the step of authentication and include:
User Identity information is matched with pre-stored related information, is obtained corresponding with User Identity information Apply APP, wherein pre-stored related information according to User Identity with it is workable using APP foundation;
According to APP authorization messages, if application APP corresponding with identification presentation information, within the scope of authority, certification is successful;
Otherwise, authentification failure.
5. the mobile terminal authentication method based on SWP-SIM technologies as described in claim 1, which is characterized in that will use Family identification information and APP authorization messages are retransmited to safety control platform after being encrypted using unique ciphertext and carry out identity Certification.
CN201810385360.6A 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology Active CN108696870B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810385360.6A CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810385360.6A CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Publications (2)

Publication Number Publication Date
CN108696870A true CN108696870A (en) 2018-10-23
CN108696870B CN108696870B (en) 2021-04-09

Family

ID=63845792

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810385360.6A Active CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Country Status (1)

Country Link
CN (1) CN108696870B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109041059A (en) * 2018-08-23 2018-12-18 中国联合网络通信集团有限公司 A kind of mobile terminal safety authentication method, control platform and mobile terminal
CN112118243A (en) * 2020-09-09 2020-12-22 中国联合网络通信集团有限公司 Identity authentication method and system, and Internet application login method and system
CN112367661A (en) * 2020-11-06 2021-02-12 中国联合网络通信集团有限公司 USAT application matching implementation method, USIM, terminal, device and medium
WO2024011863A1 (en) * 2022-07-15 2024-01-18 中国电信股份有限公司 Communication method and apparatus, sim card, electronic device, and terminal device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040103325A1 (en) * 2002-11-27 2004-05-27 Priebatsch Mark Herbert Authenticated remote PIN unblock
CN101183949A (en) * 2007-03-30 2008-05-21 腾讯科技(深圳)有限公司 Client terminal application program starting method, application program server and client terminal
CN101222514A (en) * 2008-01-31 2008-07-16 中兴通讯股份有限公司 Apparatus and method for implementing OTA based on bearer independent protocol
CN103873439A (en) * 2012-12-11 2014-06-18 联想(北京)有限公司 Networking method and electronic device
CN105790945A (en) * 2014-12-22 2016-07-20 中国移动通信集团公司 Authentication method, device and system for authenticating user unique identity

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040103325A1 (en) * 2002-11-27 2004-05-27 Priebatsch Mark Herbert Authenticated remote PIN unblock
CN101183949A (en) * 2007-03-30 2008-05-21 腾讯科技(深圳)有限公司 Client terminal application program starting method, application program server and client terminal
CN101222514A (en) * 2008-01-31 2008-07-16 中兴通讯股份有限公司 Apparatus and method for implementing OTA based on bearer independent protocol
CN103873439A (en) * 2012-12-11 2014-06-18 联想(北京)有限公司 Networking method and electronic device
CN105790945A (en) * 2014-12-22 2016-07-20 中国移动通信集团公司 Authentication method, device and system for authenticating user unique identity

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109041059A (en) * 2018-08-23 2018-12-18 中国联合网络通信集团有限公司 A kind of mobile terminal safety authentication method, control platform and mobile terminal
CN109041059B (en) * 2018-08-23 2022-01-21 中国联合网络通信集团有限公司 Mobile terminal security authentication method, management and control platform and mobile terminal
CN112118243A (en) * 2020-09-09 2020-12-22 中国联合网络通信集团有限公司 Identity authentication method and system, and Internet application login method and system
CN112367661A (en) * 2020-11-06 2021-02-12 中国联合网络通信集团有限公司 USAT application matching implementation method, USIM, terminal, device and medium
CN112367661B (en) * 2020-11-06 2022-08-19 中国联合网络通信集团有限公司 USAT application matching implementation method, USIM, terminal, device and medium
WO2024011863A1 (en) * 2022-07-15 2024-01-18 中国电信股份有限公司 Communication method and apparatus, sim card, electronic device, and terminal device

Also Published As

Publication number Publication date
CN108696870B (en) 2021-04-09

Similar Documents

Publication Publication Date Title
CN108696870A (en) A kind of mobile terminal authentication method based on SWP-SIM technologies
KR102242218B1 (en) User authentication method and apparatus, and wearable device registration method and apparatus
US9756056B2 (en) Apparatus and method for authenticating a user via multiple user devices
US20180205416A1 (en) Devices and Methods for Identification, Authentication and Signing Purposes
EP2397972B1 (en) Smart card with microphone
US9628460B2 (en) Method of controlling access to an internet-based application
EP2905715A1 (en) Method, system and terminal for encrypting/decrypting application program on communication terminal
EP2895982B1 (en) Hardware-enforced access protection
US9817972B2 (en) Electronic assembly comprising a disabling module
JP2016500173A (en) A system and method for secure remote access and payment using a mobile device and a powered display card.
KR20110022694A (en) Releasing a service on an electronic appliance
CN105592072A (en) Method for obtaining login certification in intelligent terminal, intelligent terminal and operation system thereof
AU2017417132B2 (en) Mobile device authentication using different channels
CN109714297A (en) Safe verification method, system and user terminal and application platform
KR20160058375A (en) A Protected Communication with an Embedded Secure Element
US20150326558A1 (en) Architecture for platform security using a dedicated security device for user interaction
US9977907B2 (en) Encryption processing method and device for application, and terminal
CN108923934B (en) Method and device for realizing management of life cycle of card
KR20190052405A (en) Computer security system and method using authentication function in smart phone
CN110399714B (en) Method for verifying authenticity of trusted user interface of terminal and system thereof
CN107113533A (en) The method and apparatus that a kind of bluetooth equipment is matched
KR20160124336A (en) Method for Providing Electronic Signature by using Secure Operating System
CN106250049B (en) Method for clearing mobile phone data, management terminal and mobile phone
US10929522B2 (en) Enhanced level of authentication related to a software client application within a client computing device
CN112839016B (en) Session control method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant