CN108696870B - Mobile terminal identity authentication method based on SWP-SIM technology - Google Patents

Mobile terminal identity authentication method based on SWP-SIM technology Download PDF

Info

Publication number
CN108696870B
CN108696870B CN201810385360.6A CN201810385360A CN108696870B CN 108696870 B CN108696870 B CN 108696870B CN 201810385360 A CN201810385360 A CN 201810385360A CN 108696870 B CN108696870 B CN 108696870B
Authority
CN
China
Prior art keywords
app
authentication
mobile terminal
information
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810385360.6A
Other languages
Chinese (zh)
Other versions
CN108696870A (en
Inventor
林伟雄
张潭
詹元元
贺彩虹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yueliang Chuanqi Technology Co ltd
Original Assignee
Yueliang Chuanqi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yueliang Chuanqi Technology Co ltd filed Critical Yueliang Chuanqi Technology Co ltd
Priority to CN201810385360.6A priority Critical patent/CN108696870B/en
Publication of CN108696870A publication Critical patent/CN108696870A/en
Application granted granted Critical
Publication of CN108696870B publication Critical patent/CN108696870B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

The invention provides a mobile terminal identity authentication method based on SWP-SIM technology, which comprises the following steps: when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; and if the authentication fails, the identity authentication fails. The invention can improve the safety of the identity authentication of the mobile terminal.

Description

Mobile terminal identity authentication method based on SWP-SIM technology
Technical Field
The invention relates to the field of mobile communication, in particular to a mobile terminal identity authentication method based on an SWP-SIM technology.
Background
Various mobile phone security software widely used at present are information security solutions of passive defense systems. Meanwhile, because mobile internet equipment is often based on the iOS and the android operating system, the situation of version fragmentation often causes that a vulnerability of the operating system is easily utilized by hackers or malicious software, and under the background of the current mobile internet application environment, the security strength of the mobile internet equipment cannot completely cope with various current increasingly specialized attack means.
Disclosure of Invention
Based on this, the embodiment of the present invention aims to provide a mobile terminal identity authentication method based on the SWP-SIM technology, so as to improve the security of mobile terminal identity authentication.
In order to achieve the purpose, the embodiment of the invention adopts the following technical scheme:
a mobile terminal identity authentication method based on SWP-SIM technology comprises the following steps:
when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; and if the authentication fails, the identity authentication fails.
Further, the step of calling the user identity information and the APP authorization information stored on the SIM card includes: and calling the stored user identity information and the APP authorization information by calling an Applet corresponding to the secure element SE on the SIM card.
And further, the user identity identification information and the APP authorization information are sent to a safety control platform through an API (application program interface) of the mobile terminal for identity authentication.
Further, the step of performing identity authentication according to the user identity information and the APP authorization information includes: matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity representation information is within the authorization range, the authentication is successful; otherwise, authentication fails.
And further, the user identity identification information and the APP authorization information are encrypted by adopting a unique ciphertext and then are sent to the security management and control platform for identity authentication.
By using the scheme of the invention, when a user logs in the mobile terminal APP, the user identity identification information and the APP authorization information stored on the SIM card are called; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; if the authentication fails, the identity authentication fails; by the scheme, the safety of the identity authentication of the mobile terminal can be improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings, there is shown in the drawings,
fig. 1 is a flow chart of a mobile terminal identity authentication method based on SWP-SIM technology according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the scope of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention.
Fig. 1 shows a flowchart of a mobile terminal identity authentication method based on SWP-SIM (NFC-SIM, a new specification SIM as a secure chip) technology, comprising the steps of:
s1, when the user logs in the mobile terminal APP (computer application program), calling the user identity identification information and the APP authorization information stored on the SIM card;
s2, sending the user identity identification information and the APP authorization information to a security management and control platform for identity authentication;
s3, performing identity authentication according to the user identity identification information and the APP authorization information in the security control platform;
s4, if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system;
s5, establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction;
and S6, if the authentication fails, the identity authentication fails.
By using the scheme of the invention, when a user logs in the mobile terminal APP, the user identity identification information and the APP authorization information stored on the SIM card are called; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; if the authentication fails, the identity authentication fails; by the scheme, the safety of the identity authentication of the mobile terminal can be improved.
Further, the step of calling the user identity information and the APP authorization information stored on the SIM card includes: the stored user identification information and the APP authorization information are invoked by invoking an Applet on the SIM card corresponding to the secure element SE (an Applet is a small application written in the Java programming language).
The SWP-SIM card integrates an SE (Secure Element) module on a standard SIM card, and is used for storing sensitive applications and data.
And further, the user identity identification information and the APP authorization information are sent to a safety control platform through an API (application program interface) of the mobile terminal for identity authentication.
Further, the step of performing identity authentication according to the user identity information and the APP authorization information includes: matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity representation information is within the authorization range, the authentication is successful; otherwise, authentication fails.
And further, the user identity identification information and the APP authorization information are encrypted by adopting a unique ciphertext and then are sent to the security management and control platform for identity authentication.
Any combination of the various embodiments of the present invention should be considered as disclosed in the present invention, unless the inventive concept is contrary to the present invention; within the scope of the technical idea of the invention, any combination of various simple modifications and different embodiments of the technical solution without departing from the inventive idea of the present invention shall fall within the protection scope of the present invention.

Claims (4)

1. A mobile terminal identity authentication method based on SWP-SIM technology is characterized by comprising the following steps:
when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card;
sending the user identity identification information and the APP authorization information to a security control platform for identity authentication;
in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity identification information is within the authorization range, the authentication is successful;
if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system;
establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction;
and if the authentication fails, the identity authentication fails.
2. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology as claimed in claim 1, wherein the step of calling the subscriber identity information and the APP authorization information stored on the SIM card comprises:
and calling the stored user identity information and the APP authorization information by calling an Applet corresponding to the secure element SE on the SIM card.
3. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology according to claim 1, wherein the user identity information and the APP authorization information are sent to a security management and control platform through an API interface of the mobile terminal for identity authentication.
4. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology as claimed in claim 1, wherein the user identification information and the APP authorization information are encrypted with a unique ciphertext and then sent to the security management and control platform for authentication.
CN201810385360.6A 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology Active CN108696870B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810385360.6A CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810385360.6A CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Publications (2)

Publication Number Publication Date
CN108696870A CN108696870A (en) 2018-10-23
CN108696870B true CN108696870B (en) 2021-04-09

Family

ID=63845792

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810385360.6A Active CN108696870B (en) 2018-04-26 2018-04-26 Mobile terminal identity authentication method based on SWP-SIM technology

Country Status (1)

Country Link
CN (1) CN108696870B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109041059B (en) * 2018-08-23 2022-01-21 中国联合网络通信集团有限公司 Mobile terminal security authentication method, management and control platform and mobile terminal
CN112118243B (en) * 2020-09-09 2023-04-07 中国联合网络通信集团有限公司 Identity authentication method and system, and Internet application login method and system
CN112367661B (en) * 2020-11-06 2022-08-19 中国联合网络通信集团有限公司 USAT application matching implementation method, USIM, terminal, device and medium
CN115811412A (en) * 2022-07-15 2023-03-17 中国电信股份有限公司 Communication method and device, SIM card, electronic equipment and terminal equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183949A (en) * 2007-03-30 2008-05-21 腾讯科技(深圳)有限公司 Client terminal application program starting method, application program server and client terminal
CN101222514A (en) * 2008-01-31 2008-07-16 中兴通讯股份有限公司 Apparatus and method for implementing OTA based on bearer independent protocol
CN103873439A (en) * 2012-12-11 2014-06-18 联想(北京)有限公司 Networking method and electronic device
CN105790945A (en) * 2014-12-22 2016-07-20 中国移动通信集团公司 Authentication method, device and system for authenticating user unique identity

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040103325A1 (en) * 2002-11-27 2004-05-27 Priebatsch Mark Herbert Authenticated remote PIN unblock

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183949A (en) * 2007-03-30 2008-05-21 腾讯科技(深圳)有限公司 Client terminal application program starting method, application program server and client terminal
CN101222514A (en) * 2008-01-31 2008-07-16 中兴通讯股份有限公司 Apparatus and method for implementing OTA based on bearer independent protocol
CN103873439A (en) * 2012-12-11 2014-06-18 联想(北京)有限公司 Networking method and electronic device
CN105790945A (en) * 2014-12-22 2016-07-20 中国移动通信集团公司 Authentication method, device and system for authenticating user unique identity

Also Published As

Publication number Publication date
CN108696870A (en) 2018-10-23

Similar Documents

Publication Publication Date Title
CN108696870B (en) Mobile terminal identity authentication method based on SWP-SIM technology
US9736693B2 (en) Systems and methods for monitoring an operating system of a mobile wireless communication device for unauthorized modifications
CN104967997B (en) A kind of Wi-Fi cut-in method, Wi-Fi equipment, terminal device and system
US9338647B2 (en) Mobile station with bond between end device and security element
CN107426174B (en) Access control method of trusted execution environment
US9143922B2 (en) Method and system for controlling communication between an UICC and an external application
US20090298468A1 (en) System and method for deleting data in a communication device
CN106936774B (en) Authentication method and system in trusted execution environment
US9344882B2 (en) Apparatus and methods for preventing information disclosure
KR101756692B1 (en) Terminal Device for Dynamic Secure Module and Driving Method Thereof
CN103329501A (en) Method for managing content on a secure element connected to an equipment
EP3293656A1 (en) Method for controlling access to a trusted application in a terminal
Young et al. BadVoice: Soundless voice-control replay attack on modern smartphones
CN112448930A (en) Account registration method, device, server and computer readable storage medium
US10080139B2 (en) Information sending method and apparatus, terminal device, and system
US20100161979A1 (en) Portable electronic entity for setting up secured voice over ip communication
CN108574658B (en) Application login method and device
CN109699030B (en) Unmanned aerial vehicle authentication method, device, equipment and computer readable storage medium
CN109547998B (en) Management method, device and storage medium for virtual user identity identification card
EP4093076A1 (en) Method, mobile equipment, and system for vulnerability detection and prevention in a sim, and storage media
CN108270741B (en) Mobile terminal authentication method and system
KR20150098123A (en) package application including self-defense security module and method therof
EP3241375A1 (en) Methods for providing a response to a scp80 command requesting the execution of a proactive command, related universal integrated circuit card, mobile device, server and computer program product
CN108234399B (en) Interface communication method and terminal
CN112839016B (en) Session control method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant