CN108696870B - Mobile terminal identity authentication method based on SWP-SIM technology - Google Patents
Mobile terminal identity authentication method based on SWP-SIM technology Download PDFInfo
- Publication number
- CN108696870B CN108696870B CN201810385360.6A CN201810385360A CN108696870B CN 108696870 B CN108696870 B CN 108696870B CN 201810385360 A CN201810385360 A CN 201810385360A CN 108696870 B CN108696870 B CN 108696870B
- Authority
- CN
- China
- Prior art keywords
- app
- authentication
- mobile terminal
- information
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
Abstract
The invention provides a mobile terminal identity authentication method based on SWP-SIM technology, which comprises the following steps: when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; and if the authentication fails, the identity authentication fails. The invention can improve the safety of the identity authentication of the mobile terminal.
Description
Technical Field
The invention relates to the field of mobile communication, in particular to a mobile terminal identity authentication method based on an SWP-SIM technology.
Background
Various mobile phone security software widely used at present are information security solutions of passive defense systems. Meanwhile, because mobile internet equipment is often based on the iOS and the android operating system, the situation of version fragmentation often causes that a vulnerability of the operating system is easily utilized by hackers or malicious software, and under the background of the current mobile internet application environment, the security strength of the mobile internet equipment cannot completely cope with various current increasingly specialized attack means.
Disclosure of Invention
Based on this, the embodiment of the present invention aims to provide a mobile terminal identity authentication method based on the SWP-SIM technology, so as to improve the security of mobile terminal identity authentication.
In order to achieve the purpose, the embodiment of the invention adopts the following technical scheme:
a mobile terminal identity authentication method based on SWP-SIM technology comprises the following steps:
when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; and if the authentication fails, the identity authentication fails.
Further, the step of calling the user identity information and the APP authorization information stored on the SIM card includes: and calling the stored user identity information and the APP authorization information by calling an Applet corresponding to the secure element SE on the SIM card.
And further, the user identity identification information and the APP authorization information are sent to a safety control platform through an API (application program interface) of the mobile terminal for identity authentication.
Further, the step of performing identity authentication according to the user identity information and the APP authorization information includes: matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity representation information is within the authorization range, the authentication is successful; otherwise, authentication fails.
And further, the user identity identification information and the APP authorization information are encrypted by adopting a unique ciphertext and then are sent to the security management and control platform for identity authentication.
By using the scheme of the invention, when a user logs in the mobile terminal APP, the user identity identification information and the APP authorization information stored on the SIM card are called; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; if the authentication fails, the identity authentication fails; by the scheme, the safety of the identity authentication of the mobile terminal can be improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings, there is shown in the drawings,
fig. 1 is a flow chart of a mobile terminal identity authentication method based on SWP-SIM technology according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the scope of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention.
Fig. 1 shows a flowchart of a mobile terminal identity authentication method based on SWP-SIM (NFC-SIM, a new specification SIM as a secure chip) technology, comprising the steps of:
s1, when the user logs in the mobile terminal APP (computer application program), calling the user identity identification information and the APP authorization information stored on the SIM card;
s2, sending the user identity identification information and the APP authorization information to a security management and control platform for identity authentication;
s3, performing identity authentication according to the user identity identification information and the APP authorization information in the security control platform;
s4, if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system;
s5, establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction;
and S6, if the authentication fails, the identity authentication fails.
By using the scheme of the invention, when a user logs in the mobile terminal APP, the user identity identification information and the APP authorization information stored on the SIM card are called; sending the user identity identification information and the APP authorization information to a security control platform for identity authentication; in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system; establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction; if the authentication fails, the identity authentication fails; by the scheme, the safety of the identity authentication of the mobile terminal can be improved.
Further, the step of calling the user identity information and the APP authorization information stored on the SIM card includes: the stored user identification information and the APP authorization information are invoked by invoking an Applet on the SIM card corresponding to the secure element SE (an Applet is a small application written in the Java programming language).
The SWP-SIM card integrates an SE (Secure Element) module on a standard SIM card, and is used for storing sensitive applications and data.
And further, the user identity identification information and the APP authorization information are sent to a safety control platform through an API (application program interface) of the mobile terminal for identity authentication.
Further, the step of performing identity authentication according to the user identity information and the APP authorization information includes: matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity representation information is within the authorization range, the authentication is successful; otherwise, authentication fails.
And further, the user identity identification information and the APP authorization information are encrypted by adopting a unique ciphertext and then are sent to the security management and control platform for identity authentication.
Any combination of the various embodiments of the present invention should be considered as disclosed in the present invention, unless the inventive concept is contrary to the present invention; within the scope of the technical idea of the invention, any combination of various simple modifications and different embodiments of the technical solution without departing from the inventive idea of the present invention shall fall within the protection scope of the present invention.
Claims (4)
1. A mobile terminal identity authentication method based on SWP-SIM technology is characterized by comprising the following steps:
when a user logs in a mobile terminal APP, calling user identity identification information and APP authorization information stored on an SIM card;
sending the user identity identification information and the APP authorization information to a security control platform for identity authentication;
in the security control platform, identity authentication is carried out according to user identity identification information and APP authorization information; matching the user identity identification information with pre-stored associated information to obtain an application APP corresponding to the user identity identification information, wherein the pre-stored associated information is established according to the user identity identification and the usable application APP; according to the APP authorization information, if the APP corresponding to the identity identification information is within the authorization range, the authentication is successful;
if the authentication is successful, returning the authentication result to the mobile terminal APP and the mobile internet application management system;
establishing connection between the mobile terminal APP and the mobile Internet application management system according to the authentication result so as to carry out information interaction;
and if the authentication fails, the identity authentication fails.
2. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology as claimed in claim 1, wherein the step of calling the subscriber identity information and the APP authorization information stored on the SIM card comprises:
and calling the stored user identity information and the APP authorization information by calling an Applet corresponding to the secure element SE on the SIM card.
3. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology according to claim 1, wherein the user identity information and the APP authorization information are sent to a security management and control platform through an API interface of the mobile terminal for identity authentication.
4. The method for authenticating the identity of a mobile terminal based on the SWP-SIM technology as claimed in claim 1, wherein the user identification information and the APP authorization information are encrypted with a unique ciphertext and then sent to the security management and control platform for authentication.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810385360.6A CN108696870B (en) | 2018-04-26 | 2018-04-26 | Mobile terminal identity authentication method based on SWP-SIM technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810385360.6A CN108696870B (en) | 2018-04-26 | 2018-04-26 | Mobile terminal identity authentication method based on SWP-SIM technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108696870A CN108696870A (en) | 2018-10-23 |
CN108696870B true CN108696870B (en) | 2021-04-09 |
Family
ID=63845792
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810385360.6A Active CN108696870B (en) | 2018-04-26 | 2018-04-26 | Mobile terminal identity authentication method based on SWP-SIM technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108696870B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109041059B (en) * | 2018-08-23 | 2022-01-21 | 中国联合网络通信集团有限公司 | Mobile terminal security authentication method, management and control platform and mobile terminal |
CN112118243B (en) * | 2020-09-09 | 2023-04-07 | 中国联合网络通信集团有限公司 | Identity authentication method and system, and Internet application login method and system |
CN112367661B (en) * | 2020-11-06 | 2022-08-19 | 中国联合网络通信集团有限公司 | USAT application matching implementation method, USIM, terminal, device and medium |
CN115811412A (en) * | 2022-07-15 | 2023-03-17 | 中国电信股份有限公司 | Communication method and device, SIM card, electronic equipment and terminal equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101183949A (en) * | 2007-03-30 | 2008-05-21 | 腾讯科技(深圳)有限公司 | Client terminal application program starting method, application program server and client terminal |
CN101222514A (en) * | 2008-01-31 | 2008-07-16 | 中兴通讯股份有限公司 | Apparatus and method for implementing OTA based on bearer independent protocol |
CN103873439A (en) * | 2012-12-11 | 2014-06-18 | 联想(北京)有限公司 | Networking method and electronic device |
CN105790945A (en) * | 2014-12-22 | 2016-07-20 | 中国移动通信集团公司 | Authentication method, device and system for authenticating user unique identity |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040103325A1 (en) * | 2002-11-27 | 2004-05-27 | Priebatsch Mark Herbert | Authenticated remote PIN unblock |
-
2018
- 2018-04-26 CN CN201810385360.6A patent/CN108696870B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101183949A (en) * | 2007-03-30 | 2008-05-21 | 腾讯科技(深圳)有限公司 | Client terminal application program starting method, application program server and client terminal |
CN101222514A (en) * | 2008-01-31 | 2008-07-16 | 中兴通讯股份有限公司 | Apparatus and method for implementing OTA based on bearer independent protocol |
CN103873439A (en) * | 2012-12-11 | 2014-06-18 | 联想(北京)有限公司 | Networking method and electronic device |
CN105790945A (en) * | 2014-12-22 | 2016-07-20 | 中国移动通信集团公司 | Authentication method, device and system for authenticating user unique identity |
Also Published As
Publication number | Publication date |
---|---|
CN108696870A (en) | 2018-10-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108696870B (en) | Mobile terminal identity authentication method based on SWP-SIM technology | |
US9736693B2 (en) | Systems and methods for monitoring an operating system of a mobile wireless communication device for unauthorized modifications | |
CN104967997B (en) | A kind of Wi-Fi cut-in method, Wi-Fi equipment, terminal device and system | |
US9338647B2 (en) | Mobile station with bond between end device and security element | |
CN107426174B (en) | Access control method of trusted execution environment | |
US9143922B2 (en) | Method and system for controlling communication between an UICC and an external application | |
US20090298468A1 (en) | System and method for deleting data in a communication device | |
CN106936774B (en) | Authentication method and system in trusted execution environment | |
US9344882B2 (en) | Apparatus and methods for preventing information disclosure | |
KR101756692B1 (en) | Terminal Device for Dynamic Secure Module and Driving Method Thereof | |
CN103329501A (en) | Method for managing content on a secure element connected to an equipment | |
EP3293656A1 (en) | Method for controlling access to a trusted application in a terminal | |
Young et al. | BadVoice: Soundless voice-control replay attack on modern smartphones | |
CN112448930A (en) | Account registration method, device, server and computer readable storage medium | |
US10080139B2 (en) | Information sending method and apparatus, terminal device, and system | |
US20100161979A1 (en) | Portable electronic entity for setting up secured voice over ip communication | |
CN108574658B (en) | Application login method and device | |
CN109699030B (en) | Unmanned aerial vehicle authentication method, device, equipment and computer readable storage medium | |
CN109547998B (en) | Management method, device and storage medium for virtual user identity identification card | |
EP4093076A1 (en) | Method, mobile equipment, and system for vulnerability detection and prevention in a sim, and storage media | |
CN108270741B (en) | Mobile terminal authentication method and system | |
KR20150098123A (en) | package application including self-defense security module and method therof | |
EP3241375A1 (en) | Methods for providing a response to a scp80 command requesting the execution of a proactive command, related universal integrated circuit card, mobile device, server and computer program product | |
CN108234399B (en) | Interface communication method and terminal | |
CN112839016B (en) | Session control method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |