CN111314064B - Mobile phone shield state management method, TSM platform server and storage medium - Google Patents

Abstract

The application provides a mobile phone shield state management method, a TSM platform server and a storage medium, and relates to the field of data processing. The method comprises the following steps: receiving a mobile phone shield application request of terminal equipment; responding to a mobile phone shield application request, sending a first Application Protocol Data Unit (APDU) task list corresponding to the mobile phone shield application request to the terminal equipment, and recording the state of the mobile phone shield as a first state in the TSM platform, wherein the first state represents the downloading of the mobile phone shield; receiving a first APDU instruction request sent by terminal equipment; responding to the first APDU command request, and sending a first APDU command corresponding to the first APDU task list to the terminal equipment; and receiving a first APDU command response message sent by the terminal equipment, and if the first APDU command response message indicates that the tasks in the first APDU task list are successfully executed, recording the state of the mobile phone shield as a second state in the TSM platform, wherein the second state represents that the downloading of the mobile phone shield is completed. By the technical scheme, the performance of the mobile phone shield state management system can be improved.

Description

Mobile phone shield state management method, TSM platform server and storage medium

Technical Field

The application belongs to the field of data processing, and particularly relates to a mobile phone shield state management method, a TSM platform server and a storage medium.

Background

The U shield is a tool for electronic signature and digital authentication of online banking. The U shield can write the digital certificate into the security equipment, so that the security of the electronic payment transaction is ensured. However, the traditional U shield cannot meet the service requirement of the mobile terminal. In order to meet the safety requirement of the mobile terminal on electronic payment transaction, the mobile terminal is utilized to realize the function of the traditional U shield, namely, a mobile phone shield is developed.

The management of the mobile phone shield state is realized through the communication among the terminal equipment, a Trusted Service Manager (TSM) platform and a Service provider server. The TSM platform and the mobile phone in the terminal device are mutually synchronized in shield state. Specifically, the mobile phone shield state can be shown as the following table one:

watch 1

As shown in table one, the mobile phone shield states are twelve in total. The mobile phone shield is installed once, and the mobile phone shield state changes for many times, for example, at least six times. The change of the mobile phone shield state needs to be written into a database in the mobile phone shield state management system every time, so that the operation times of the database are increased, and the performance of the mobile phone shield state management system is adversely affected.

Disclosure of Invention

The embodiment of the application provides a method and a system for managing the state of a mobile phone shield, a TSM platform server and a terminal device, which can improve the performance of the system for managing the state of the mobile phone shield.

In a first aspect, an embodiment of the present application provides a method for managing a mobile phone shield state, which is applied to a trusted service management TSM platform, and the method includes:

receiving a mobile phone shield application request of terminal equipment;

responding to a mobile phone shield application request, sending a first Application Protocol Data Unit (APDU) task list corresponding to the mobile phone shield application request to the terminal equipment, and recording the state of the mobile phone shield as a first state in the TSM platform, wherein the first state represents the downloading of the mobile phone shield;

receiving a first APDU instruction request sent by terminal equipment;

responding to the first APDU command request, and sending a first APDU command corresponding to the first APDU task list to the terminal equipment;

and receiving a first APDU command response message sent by the terminal equipment, and if the first APDU command response message indicates that the tasks in the first APDU task list are successfully executed, recording the state of the mobile phone shield as a second state in the TSM platform, wherein the second state represents that the downloading of the mobile phone shield is completed.

In a second aspect, an embodiment of the present application provides a TSM platform server, including:

the receiving module is used for receiving a mobile phone shield application request of the terminal equipment;

the sending module is used for responding to the mobile phone shield application request and sending a first Application Protocol Data Unit (APDU) task list corresponding to the mobile phone shield application request to the terminal equipment;

the state storage module is used for recording the state of the mobile phone shield as a first state when the sending module sends the first APDU task list, and the first state represents the downloading of the mobile phone shield;

the receiving module is further used for receiving a first APDU instruction request sent by the terminal equipment;

the sending module is further used for responding to the first APDU instruction request and sending a first APDU instruction corresponding to the first APDU task list to the terminal equipment;

the receiving module is further configured to receive a first APDU instruction response message sent by the terminal device;

and the state storage module is further configured to record the mobile phone shield state as a second state if the first APDU instruction response message indicates that all tasks in the first APDU task list are successfully executed, where the second state represents that the mobile phone shield download is completed.

In a third aspect, an embodiment of the present application provides a TSM platform server, which includes a processor, a memory, and a computer program that is stored in the memory and can be run on the processor, and when the computer program is executed by the processor, the method for managing a mobile phone shield state in the technical solution of the first aspect is implemented.

In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when executed by a processor, the computer program implements the method for managing a mobile phone shield state in the technical solution of the first aspect, or implements the method for managing a mobile phone shield state in the technical solution of the second aspect.

The embodiment of the application provides a mobile phone shield state management method, a TSM platform server and a storage medium, wherein the TSM platform sends a first APDU task list corresponding to a mobile phone shield application request to a terminal device, and the TSM platform records the mobile phone shield state as a first state representing mobile phone shield downloading. And under the condition that the TSM platform receives a first APDU instruction response message indicating that the tasks in the first APDU task list are successfully executed, the TSM platform records the mobile phone shield state as a second state representing that the mobile phone shield is completely downloaded. Therefore, the states of the mobile phone shield related to downloading can be managed through the first state and the second state. The mobile phone shield can be downloaded and installed once, and the state change of the mobile phone shield can be generated at least twice. The mobile phone shield state change needs to be written into a database in the mobile phone shield state management system each time, so that the operation times of the database are reduced, the adverse effect on the performance of the mobile phone shield state management system is reduced and even avoided, and the performance of the mobile phone shield state management system is improved.

Drawings

The present application will be better understood from the following description of specific embodiments of the invention taken in conjunction with the accompanying drawings. Wherein like or similar reference numerals refer to like or similar features.

Fig. 1 is a schematic structural diagram of a mobile phone shield state management system according to an embodiment of the present application;

fig. 2 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to an embodiment of the present application;

fig. 3 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to another embodiment of the present application;

fig. 4 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to another embodiment of the present application;

fig. 5 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to yet another embodiment of the present application;

fig. 6 is a schematic diagram of a mobile phone shield identifier according to an embodiment of the present application;

fig. 7 is a schematic diagram of a state machine of a mobile phone shield state according to an embodiment of the present disclosure;

fig. 8 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to an embodiment of the present application;

fig. 9 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to another embodiment of the present application;

fig. 10 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to another embodiment of the present application;

fig. 11 is a schematic structural diagram of a TSM platform server according to an embodiment of the present application;

fig. 12 is a schematic structural diagram of a TSM platform server according to another embodiment of the present application;

fig. 13 is a schematic structural diagram of a terminal device in an embodiment of the present application;

fig. 14 is a schematic hardware structure diagram of a TSM platform server according to an embodiment of the present disclosure.

Detailed Description

Features and exemplary embodiments of various aspects of the present application will be described in detail below. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof. The present application is in no way limited to any specific configuration and algorithm set forth below, but rather covers any modification, replacement or improvement of elements, components or algorithms without departing from the spirit of the present application. In the drawings and the following description, well-known structures and techniques are not shown in order to avoid unnecessarily obscuring the present application.

The embodiment of the application provides a mobile phone shield state management method, a TSM platform server and a storage medium, which can be applied to a scene of management of a mobile phone shield state among a Trusted Service Manager (TSM) platform, a terminal device and a Service provider server. For example, fig. 1 is a schematic structural diagram of a mobile phone shield state management system according to an embodiment of the present application. The handset shield state management system can comprise a TSM platform server 10 and a terminal device 20. The TSM platform server 10 is used for managing the mobile phone shield status, and one or more TSM platform servers 10 may constitute a TSM platform, which is not limited herein. The terminal device 20 may be a mobile phone, a tablet computer, etc., but is not limited thereto. The terminal equipment can request the TSM platform for mobile phone shield downloading, and therefore mobile phone shield downloading of the terminal is achieved. The terminal equipment can also request the TSM platform for deleting the mobile phone shield, so that the mobile phone shield of the terminal is deleted. Under the condition that the mobile phone shield is downloaded or deleted, the TSM platform can change and store the state of the mobile phone shield in real time.

The embodiment of the application provides a mobile phone shield state management method, which is applied to a TSM platform. Fig. 2 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to an embodiment of the present disclosure. As shown in fig. 2, the method for managing the shield status of the mobile phone may include steps S301 to S305.

In step S301, a request for a mobile phone shield application from a terminal device is received.

The mobile phone shield application request is used for applying for mobile phone shield downloading. In some examples, the mobile phone shield application request may include a terminal device identification of the terminal device and at least a portion of the mobile phone shield identification. The terminal device Identifier may include an International Mobile Equipment Identity (IMEI), a Mobile Equipment Identity (MEID), a Secure Element Identity (SEID), i.e., a serial number of a Near Field Communication (NFC) module, and the like, which is not limited herein. Different users may log in the same terminal device, and different users need to download different mobile phone shields. The mobile phone shield identification is used for identifying the mobile phone shield, and the mobile phone shield identifications of different mobile phone shields are different.

In step S302, in response to the mobile phone shield Application request, a first Application Protocol Data Unit (APDU) task list corresponding to the mobile phone shield Application request is sent to the terminal device, and the state of the mobile phone shield is recorded as a first state in the TSM platform.

The first state represents the downloading of the mobile phone shield. And the TSM sends a first APDU task list corresponding to the mobile phone shield application request to the terminal equipment to indicate that the mobile phone shield application is in the downloading process. Before the mobile phone shield applied by the terminal equipment is not downloaded successfully, the corresponding mobile phone shield state is the first state.

The first APDU task list may include at least one task, and the task in the first APDU task list is used to instruct the terminal device to download the instance of the mobile phone shield requested to be downloaded by the mobile phone shield application request. And if the terminal equipment needs to execute the task in the first APDU task list, the terminal equipment needs to execute a first APDU instruction corresponding to the first APDU task list.

In step S303, a first APDU instruction request transmitted by the terminal device is received.

The first APDU instruction request is used for indicating the terminal device to request the first APDU instruction from the TSM platform. The number of first APDU command requests is not limited, and in some examples, one first APDU command request corresponds to one first APDU command.

In step S304, in response to the first APDU command request, a first APDU command corresponding to the first APDU task list is transmitted to the terminal device.

The number of the first APDU commands may be one or more, and the number of the first APDU commands is not limited herein. And if the terminal equipment receives all the first APDU commands corresponding to the first APDU task list and all the first APDU commands are successfully executed, the terminal equipment is indicated to successfully download the instance of the mobile phone shield.

In step S305, a first APDU command response message sent by the terminal device is received, and if the first APDU command response message indicates that all tasks in the first APDU task list are successfully executed, the mobile phone shield state is recorded as the second state in the TSM platform.

Here, the number of the first APDU command response messages is not limited herein. In some examples, one first APDU command corresponds to one first APDU command response message. The first APDU command response message is used to indicate whether the task corresponding to the first APDU command in the first APDU task list is successfully executed. And the TSM platform determines whether the first APDU instruction is executed successfully or not through a first APDU instruction response message sent by the terminal equipment. The first APDU instruction is successfully executed, that is, the task corresponding to the first APDU instruction in the first APDU task list is successfully executed.

In some examples, the TSM platform receives a first APDU command request sent by the terminal device, and sends a corresponding first APDU command to the terminal device. If the first APDU instruction request sent by the terminal device received by the TSM platform is not the first APDU instruction request sent for the first time corresponding to the first APDU task list, the TSM platform may also receive the first APDU instruction response message corresponding to the previous first APDU instruction along with receiving the first APDU instruction request.

And all tasks in the first APDU task list are successfully executed, which indicates that the mobile phone shield is completely downloaded. And the second state represents that the mobile phone shield is downloaded completely. The TSM platform may determine that the mobile phone shield is completely downloaded through the first APDU command response message indicating that all tasks in the first APDU task list are successfully executed.

In the embodiment of the application, the TSM platform sends a first APDU task list corresponding to the mobile phone shield application request to the terminal device, and the TSM platform records the mobile phone shield state as a first state representing the mobile phone shield download. And under the condition that the TSM platform receives a first APDU instruction response message indicating that the tasks in the first APDU task list are successfully executed, the TSM platform records the mobile phone shield state as a second state representing that the mobile phone shield is completely downloaded. Therefore, the states of the mobile phone shield related to downloading can be managed through the first state and the second state. The mobile phone shield can be downloaded and installed once, and the state change of the mobile phone shield can be generated at least twice. The mobile phone shield state change needs to be written into a database in the mobile phone shield state management system each time, so that the operation times of the database are reduced, the adverse effect on the performance of the mobile phone shield state management system is reduced and even avoided, and the performance of the mobile phone shield state management system is improved.

Moreover, the independent TSM platform is arranged to manage the state of the mobile phone shield, so that the management difference of the mobile phone shield caused by different terminal equipment manufacturers and different built-in chips can be shielded for a service provider, the management difference of the mobile phone shield caused by different service providers can be shielded for a user or a terminal equipment manufacturer, and the applicability of the management of the mobile phone shield is improved.

Fig. 3 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to another embodiment of the present application. The difference between the method for managing the mobile phone shield state shown in fig. 3 and the method for managing the mobile phone shield state shown in fig. 2 is that the method for managing the mobile phone shield state shown in fig. 3 may further include steps S306 to S311.

In step S306, a mobile phone shield deletion request sent by the server is received.

The server is a server of the service provider. The terminal equipment sends a mobile phone shield deleting request to the server, and the server forwards the mobile phone shield deleting request to the TSM platform. The mobile phone shield deleting request is used for requesting to delete the mobile phone shield in the terminal equipment. In some examples, the mobile phone shield deletion request includes a terminal device identifier and a mobile phone shield identifier to delete a mobile phone shield corresponding to the terminal device and a user logged in to the terminal device.

In step S307, in response to the mobile phone shield deletion request, a deletion success response message is sent to the server, and the mobile phone shield state is recorded as the third state in the TSM platform.

After receiving the mobile phone shield deletion request, the TSM platform may send a deletion success response message to the server of the service provider if the mobile phone shield requested to be deleted by the mobile phone shield of the terminal device has not been deleted, so that the mobile phone shield state in the server of the service provider is a service invalid state. And under the condition of invalid service, the service related to the mobile phone shield is unavailable. The method and the device solve the strong dependence relationship between the service of the server of the service provider and the instance of the mobile phone shield in the on-off device, so as to avoid the situation that the service of the server of the service provider related to the terminal device is blocked when the instance of the mobile phone shield requested to be deleted in the terminal device is not deleted, and the service of the server of the service provider related to the terminal device can not be continuously executed until the instance of the mobile phone shield requested to be deleted in the terminal device is deleted. Therefore, the service waiting time is reduced or even eliminated, and the service processing efficiency is improved.

However, at this time, the instance of the mobile phone shield in the terminal device is not deleted yet, and the TSM platform needs to record the actual state of the mobile phone shield in the terminal device, so that the TSM platform records the state of the mobile phone shield as the third state representing deletion of the mobile phone shield.

In step S308, the second APDU task list corresponding to the handset shield deletion request is sent to the terminal device.

The second APDU task list comprises at least one task, and the task user in the second APDU task list indicates the terminal device to delete the instance of the mobile phone shield requested to be deleted by the mobile phone shield deletion request. And if the terminal equipment needs to execute the task in the second APDU task list, the terminal equipment needs to execute a second APDU instruction corresponding to the second APDU task list.

In step S309, the second APDU instruction request transmitted by the terminal device is received.

And the second APDU instruction request user instructs the terminal device to request the second APDU instruction from the TSM platform. The data requested by the second APDU command is not limited, and in some examples, one second APDU command request corresponds to one second APDU command.

In step S310, in response to the second APDU command request, a second APDU command corresponding to the second APDU task list is transmitted to the terminal device.

The number of the second APDU commands may be one or more, and the number of the second APDU commands is not limited herein. And if the terminal equipment receives all the second APDU commands corresponding to the second APDU task list and all the second APDU commands are successfully executed, the fact that the terminal equipment deletes the mobile phone shield is successful is shown.

In step S311, a second APDU command response message sent by the terminal device is received, and if the second APDU command response message indicates that all tasks in the second APDU task list are successfully executed, the mobile phone shield state is recorded as the fourth state in the TSM platform.

Here, the number of the second APDU command response messages is not limited herein. In some examples, one second APDU command corresponds to one second APDU command response message. The second APDU command response message is used to indicate whether the task corresponding to the second APDU command in the second APDU task list is successfully executed. And the TSM platform determines whether the second APDU instruction is executed successfully or not through a second APDU instruction response message sent by the terminal equipment. The second APDU instruction is successfully executed, that is, the task corresponding to the second APDU instruction in the second APDU task list is successfully executed.

In some examples, the TSM platform receives a second APDU command request sent by the terminal device, and sends a corresponding second APDU command to the terminal device. If the second APDU instruction request sent by the terminal device received by the TSM platform is not the first-sent second APDU instruction request corresponding to the second APDU task list, the TSM platform may also receive a second APDU instruction response message corresponding to the previous second APDU instruction along with receiving the second APDU instruction request.

And all tasks in the second APDU task list are successfully executed, which indicates that the mobile phone shield is deleted completely. And the fourth state represents that the mobile phone shield is deleted completely. The TSM platform may determine that the mobile phone shield deletion is completed by the second APDU instruction response message indicating that all tasks in the second APDU task list are successfully executed.

In this embodiment, the TSM platform only needs to maintain four mobile phone shield states, namely, the first state, the second state, the third state, and the fourth state. By maintaining the four mobile phone shield states, the TSM platform can meet the requirements of mobile phone shield state management. In the process of downloading and installing the mobile phone shield or deleting the mobile phone shield, the times of state change of the mobile phone shield are reduced, and the times of operation on the database are reduced, so that the performance of the mobile phone shield state management system is further improved.

It should be noted that the first state, the second state, the third state, and the fourth state in the above embodiments may be specifically represented by numbers, letters, special symbols, or character strings, and are not limited herein.

Fig. 4 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to another embodiment of the present application. The method for managing the mobile phone shield state shown in fig. 4 is different from the method for managing the mobile phone shield state shown in fig. 2 in that the method for managing the mobile phone shield state shown in fig. 4 may further include steps S312 to S316.

In step S312, a data cleaning request sent by the terminal device is received.

And after the state of the mobile phone shield is recorded as the second state in the TSM platform, the mobile phone shield is downloaded completely, namely the instance of the mobile phone shield in the terminal equipment is downloaded completely. And the TSM platform receives a data cleaning request actively sent by the terminal equipment. The data cleaning request is used for requesting to delete the instance of the mobile phone shield with the state of the mobile phone shield being the intermediate state. The intermediate state includes the first state or the third state.

In step S313, in response to the data clearing request, if the TSM platform has a mobile phone shield state in the first state or the third state, the third APDU task list is sent to the terminal device.

The third APDU task list may include at least one task, and the task in the third APDU task list indicates to delete the instance of the mobile phone shield whose mobile phone shield state is the first state or the third state. And if the terminal equipment needs to execute the task in the third APDU task list, the terminal equipment needs to execute a third APDU instruction corresponding to the third APDU task list.

And if the TSM platform does not have the mobile phone shield state in the first state or the third state, the TSM platform does not need to send a third APDU task list to the terminal equipment.

In step S314, the third APDU instruction request transmitted by the terminal device is received.

And the third APDU command request is used for indicating the terminal equipment to request the third APDU command from the TSM platform. The number of third APDU command requests is not limited, and in some examples, one third APDU command request corresponds to one third APDU command.

In step S315, in response to the third APDU command request, a third APDU command corresponding to the third APDU task list is transmitted to the terminal device.

The number of the third APDU instructions may be one or more, and the number of the third APDU instructions is not limited herein. If the terminal device receives all the third APDU instructions corresponding to the third APDU task list and all the third APDU instructions are successfully executed, it indicates that the terminal device succeeds in deleting the instance of the mobile phone shield of which the mobile phone shield state is the first state or the third state.

In step S316, a third APDU command response message sent by the terminal device is received, and if the third APDU command response message indicates that all tasks in the third APDU task list are successfully executed, the mobile phone shield state in the first state or the third state is updated to the fourth state in the TSM platform.

Here, the number of the third APDU command response messages is not limited herein. In some examples, one third APDU command corresponds to one third APDU command response message. The third APDU command response message is used to indicate whether the task corresponding to the third APDU command in the third APDU task list is successfully executed. And the TSM platform determines whether the third APDU instruction is executed successfully or not through a third APDU instruction response message sent by the terminal equipment. And the third APDU instruction is successfully executed, that is, the task corresponding to the third APDU instruction in the third APDU task list is successfully executed.

In some examples, the TSM platform receives a third APDU command request sent by the terminal device, and sends a corresponding third APDU command to the terminal device. If the third APDU instruction request sent by the terminal device received by the TSM platform is not the first-sent third APDU instruction request corresponding to the third APDU task list, the TSM platform may also receive a third APDU instruction response message corresponding to the previous third APDU instruction along with receiving the third APDU instruction request.

And all tasks in the third APDU task list are successfully executed, which indicates that the mobile phone shield in the first state or the third state is deleted completely. The TSM platform may update the mobile phone shield state in the first state or the third state to the fourth state, so as to synchronize the mobile phone shield state in the TSM platform with the actual state of the mobile phone shield in the terminal device.

It should be noted that some useless mobile phone shields with the intermediate state, i.e., the first state or the third state, may be generated in the downloading process or the deleting process. For example, a mobile phone shield in a service unavailable state in a server of a service provider may record a mobile phone shield state in a non-fourth state in the TSM platform. The instance of the handset shield in the terminal device may still be present. After the mobile phone shield is downloaded, the terminal device actively initiates cleaning of the unavailable mobile phone shield to the TSM platform, and deletes the mobile phone shield with the mobile phone shield state being the first state or the third state, so that silent deletion of the unavailable mobile phone shield is realized. After deleting the unavailable mobile phone shield in a silent mode, the TSM platform can inform a server of a service provider through notification information. And after the mobile phone shield is downloaded and installed, the unavailable mobile phone shield is deleted silently, so that the size of a data packet installed by the mobile phone shield can be reduced, the installation efficiency of the mobile phone shield is improved, the utilization rate of a storage space in the terminal equipment can be improved, and dirty data residue is avoided.

During the process of downloading the mobile phone shield, an exception may occur, which may result in a download failure. In order to ensure that the mobile phone shield can still be downloaded after the exception is eliminated, the mobile phone shield can be continuously downloaded by adopting a breakpoint retry mode. However, there are some drawbacks to the way breakpoint retries.

For example, when the downloading of the mobile phone shield is abnormal, the TSM platform does not receive the first APDU instruction response message indicating whether the task in the first APDU task list is successfully executed, that is, whether the first APDU instruction is successfully executed, and the TSM platform cannot determine whether the last APDU instruction issued to the terminal device is successfully executed. If the mobile phone shield is downloaded and installed again if the breakpoint retry is carried out, the TSM platform determines the breakpoint position according to the record of the sent first APDU instruction, and issues the last first APDU instruction issued to the terminal device before to the terminal device. If the terminal device has executed the last first APDU instruction issued before the TSM platform, executing the first APDU instruction again may cause a conflict, and generate a conflict response code. However, when there are differences between different terminal device manufacturers and different versions of built-in chips, there is a high possibility that conflicting response codes are not uniform. At this time, since the TSM platform does not maintain the conflicting response codes, the TSM platform cannot process the non-uniform conflicting response codes, which results in a download failure. Even if the breakpoint retry is carried out again, the downloading and installation of the mobile phone shield still causes the downloading failure, so that the mobile phone shield enters a downloading card dead state and cannot be downloaded.

For another example, in the terminal device UE1, the mobile phone shield download of the user a is performed to half, for example, only the installation of an Applet is completed, or only half of the mobile phone shield application is completed, the mobile phone shield download process is suspended due to network interruption, and the user a chooses to temporarily abandon retry for some reason. User B applies for the mobile phone shield on terminal device UE1, and the TSM platform may mistakenly determine user a and user B as the same application, and perform a breakpoint retry. The mobile phone shield of the user a is downloaded and installed to the user B, so that sensitive information is leaked.

In order to avoid the problems of dead download card or sensitive information leakage and the like caused by abnormality in the mobile phone shield downloading process, the TSM platform can generate a mobile phone shield identifier corresponding to the terminal device and store the mapping relation between the mobile phone shield identifier and the mobile phone shield state. The mobile phone shield identifier is used for identifying a mobile phone shield, and the state of the mobile phone shield changes along with the change of the state of the mobile phone shield. If the mobile phone shield state changes, the TSM platform updates the mapping relation between the mobile phone shield identification and the mobile phone shield state.

It should be noted that, for the same terminal device, the mobile phone shield identifier stored in the TSM platform has uniqueness. That is to say, the mobile phone shield identifier of the mobile phone shield stored in the TSM platform and having a corresponding relationship with the same terminal device has uniqueness. The mobile phone shield is identified by setting a mobile phone shield identifier with uniqueness, each downloading of the mobile phone shield can be distinguished by different mobile phone shield identifiers, a downloading card-dead state can be separated, and the mobile phone shield can be installed from new downloading; the condition that different users download the same mobile phone shield or a plurality of service providers correspond to the same mobile phone shield can be avoided, and sensitive information is prevented from being leaked.

In this embodiment, the request for application of the mobile phone shield includes the first part of the mobile phone shield identifier and the terminal device identifier. Fig. 5 is a flowchart of a method for managing a mobile phone shield state applied to a TSM platform according to yet another embodiment of the present application. The method for managing a mobile phone shield state shown in fig. 5 is different from the method for managing a mobile phone shield state shown in fig. 2 in that the method for managing a mobile phone shield state shown in fig. 5 may further include steps S317 to S322.

In step S317, for the terminal device corresponding to each terminal device identifier, it is queried in the TSM platform whether a mobile phone shield identifier matching the first part and the terminal device identifier is stored.

The mobile phone shield identifier may be composed of multiple parts, which is not limited herein. The first part is one of the parts forming the mobile phone shield identifier, for example, the first part may be a prefix of the mobile phone shield identifier. And generating the mobile phone shield identification of the mobile phone shield requested by the mobile phone shield application request in the TSM platform. The TSM platform stores mobile phone shield identifications corresponding to each terminal device, and in order to ensure that the generated mobile phone shield identifications are different from mobile phone shield identifications of other mobile phone shields in the terminal device, whether mobile phone shield identifications matched with the first part and the terminal device identifications exist or not is searched in the TSM platform by utilizing the terminal device identifications and the first part of the mobile phone shield identifications in the current mobile phone shield application request.

In step S318, if there is no mobile phone shield identifier matching the first part and the terminal device identifier in the TSM platform, a second part of the mobile phone shield identifier with an initial value is generated, and a mobile phone shield identifier corresponding to the terminal device is generated based on the first part and the second part.

If the TSM platform does not have a mobile phone shield identifier matching the first part and the terminal device identifier, the generated second part of the mobile phone shield identifier may be an initial value based on the first part and the mobile phone shield identifier. And because the TSM platform does not have the mobile phone shield identification matched with the first part and the terminal equipment identification, the TSM platform does not have the mobile phone shield identification which is the same as the generated mobile phone shield identification. For example, the second portion may be recorded in hexadecimal, and the initial value of the second portion may be "00".

In step S319, if the TSM platform stores the mobile phone shield identifier matching the first part and the terminal device identifier, a target mobile phone shield identifier is obtained.

If the mobile phone shield identification matched with the first part and the terminal equipment identification is stored in the TSM platform, the target mobile phone shield identification is obtained from the mobile phone shield identification matched with the first part and the terminal equipment identification in the TSM platform. The target mobile phone shield identification is a mobile phone shield identification which is generated recently and matched with the first part and the terminal equipment identification.

In step S320, the value of the second part of the target mobile phone shield identifier is increased by a preset step value, and a new target mobile phone shield identifier is generated based on the second part and the first part after the preset step value is increased.

In order to make the currently generated mobile phone shield identifier different from the existing mobile phone shield identifier matching the first part and the terminal device identifier in the TSM platform, the value of the second part of the target mobile phone shield identifier may be increased by a preset step value to generate a new value of the second part. And generating a target mobile phone shield identification based on the new second part and the first part.

The preset step value may be set according to a working scene and a working requirement, and is not limited herein. For example, the preset step value may be 1. And increasing the preset step value every time, namely increasing the value of the second part of the target mobile phone shield identifier by 1. For example, a "00" increased by 1 results in "01", and a "01" increased by 1 results in "02", which are not illustrated herein.

In step S321, if the mobile phone shield identifier identical to the new target mobile phone shield identifier is stored in the TSM platform and the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, the value of the second part of the new target mobile phone shield identifier is increased by the preset step value again until there is no mobile phone shield identifier identical to the new target mobile phone shield identifier in the TSM platform, and the new target mobile phone shield identifier is used as the mobile phone shield identifier corresponding to the terminal device.

In step S322, if the TSM platform stores the mobile phone shield identifier that is the same as the new target mobile phone shield identifier and the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, the value of the second part of the new target mobile phone shield identifier is increased by the preset step value again until the TSM platform stores the mobile phone shield identifier that is the same as the new target mobile phone shield identifier and the mobile phone shield state corresponding to the mobile phone shield identifier is the fourth state, and the new target mobile phone shield identifier is used as the mobile phone shield identifier corresponding to the terminal device.

The mobile phone shield with the mobile phone shield state being the fourth state is deleted, so that in the process of generating the mobile phone shield identifier for the mobile phone shield applying for the request from the mobile phone shield, the mobile phone shield identifier of the mobile phone shield with the mobile phone shield state being the fourth state in the TSM platform can be used, the mobile phone shield state corresponding to the mobile phone shield identifier is changed from the fourth state to the first state, and the mobile phone shield identifier can be reused, and the mobile phone shield identifiers stored in the TSM for the same terminal device are always unique, so that download deadness or sensitive information leakage cannot be caused. Specifically, in step S321, if the new target mobile phone shield identifier is different from the mobile phone shield identifier of the mobile phone shield in the TSM platform whose mobile phone shield state is not the fourth state, the new target mobile phone shield identifier may be used as the mobile phone shield identifier of the mobile phone shield requested by the mobile phone shield application request of the terminal device. In step S322, if the new target mobile phone shield identifier is the same as the mobile phone shield identifier of the mobile phone shield in the TSM platform whose mobile phone shield state is the fourth state, the mobile phone shield state corresponding to the new target mobile phone shield identifier may be recorded as the first state, the new target mobile phone shield identifier is used as the mobile phone shield identifier of the mobile phone shield requested by the mobile phone shield application request of the terminal device, and the mobile phone shield identifier of the mobile phone shield in the fourth state, which is originally stored in the TSM platform and is the same as the new target mobile phone shield identifier, is deleted. Or, if the new target mobile phone shield identifier is the same as the mobile phone shield identifier of the mobile phone shield in the TSM platform whose mobile phone shield state is the fourth state, the mobile phone shield identifier of the mobile phone shield in the TSM platform whose mobile phone shield state is the fourth state may be regarded as the new target mobile phone shield identifier, and the mobile phone shield state is changed from the fourth state to the first state.

It should be noted that, if the value of the second part of the new target mobile phone shield identifier reaches the preset upper limit value in the cyclic process of increasing the value of the second part by the preset step value, the value of the second part may be updated to the initial value, and the cycle of increasing the preset step value is continued from the initial value. The preset upper limit value may be set according to a working scene and a working requirement, and is not limited herein. For example, the hexadecimal counting is adopted, the preset upper limit value is "FF", the value of the second part is updated to "00" after the value of the second part reaches "FF", and a cycle of increasing the preset step value can be performed on the basis of "00".

It should be noted that, if the cycle number of the second part value increased by the preset step value exceeds the maximum cycle number threshold, the generation process of the mobile phone shield identifier is ended.

In some examples, the handset shield identification may be implemented as an Application Identifier (AID). The AID may include a registration identifier of 5 bytes, i.e., RID, and an extended application identifier of 11 bytes, i.e., PIX. RID and PIX may be defined by standard organizations. In the embodiment of the application, partial character bits of the AID except for RID and PIX can be used as the second part of the mobile phone shield identifier in the above embodiment. For example, fig. 6 is a schematic diagram of a mobile phone shield identifier provided in the embodiment of the present application. As shown in fig. 6, the mobile phone shield identifier includes 16 bytes. The 1 st byte to the 5 th byte are RIDs, the 6 th byte to the 8 th byte are mobile phone shield service identifiers, the 9 th byte is a service type identifier, the 10 th byte to the 13 th byte are service provider codes, the 14 th byte is a mobile phone shield type identifier, the 15 th byte is a mobile phone shield identifier, and the 16 th byte is a reserved byte. If the number of mobile phone shield identifiers of the mobile phone shield that can be opened by the same user exceeds the amount that can be accommodated by one byte, the 15 th byte and the 16 th byte can be used together as the mobile phone shield identifier, which is not limited herein.

In some examples, after the TSM platform generates the handset shield identifier, the TSM platform may further obtain personalized data corresponding to the user of the terminal device from a server of the service provider, which is not limited herein.

The mobile phone shield state maintained by the TSM platform can comprise a first state, a second state, a third state and a fourth state. The mobile phone shield state maintained by the terminal equipment can comprise an instance non-existing state and an instance existing state. The mobile phone shield state maintained by the server of the service provider comprises a service invalid state and a service valid state. The TSM platform maintains four states, the terminal equipment maintains two states, and the server of the service provider maintains two states, so that the management of the mobile phone shield state in the whole mobile phone shield state management system can be realized.

The following will exemplify the relationship between the mobile phone shield state maintained by the TSM platform, the mobile phone shield state maintained by the terminal device, and the mobile phone shield state maintained by the server of the service provider.

Under the condition that the TMS platform sends the first APDU task list to the terminal device, if the terminal device has executed the task of mobile phone shield downloading, but the mobile phone shield downloading fails, correspondingly, the mobile phone shield state maintained by the TSM platform is the first state, the mobile phone shield state maintained by the terminal device is the instance non-existing state, and the mobile phone shield state maintained by the server of the service provider is the service invalid state.

Under the condition that the TMS platform sends the first APDU task list to the terminal device, if the terminal device has executed the task of mobile phone shield downloading and the mobile phone shield downloading is successful, correspondingly, the mobile phone shield state maintained by the TSM platform is the first state, the mobile phone shield state maintained by the terminal device is the instance existing state, and the mobile phone shield state maintained by the server of the service provider is the service invalid state.

Under the condition that the TMS platform receives a first APDU command response message indicating that the tasks in the first APDU task list are successfully executed, if the state synchronization between the TSM platform and the server of the service provider is successful, correspondingly, the mobile phone shield state maintained by the TSM platform is a second state, the mobile phone shield state maintained by the terminal equipment is an instance existing state, and the mobile phone shield state maintained by the server of the service provider is a service valid state.

Under the condition that the TMS platform receives a first APDU command response message indicating that the tasks in the first APDU task list are successfully executed, if the mobile phone shield state synchronization between the TSM platform and the server of the service provider fails, correspondingly, the mobile phone shield state maintained by the TSM platform is a second state, the mobile phone shield state maintained by the terminal equipment is an instance existing state, and the mobile phone shield state maintained by the server of the service provider is a service invalid state.

Under the condition that the TSM responds to the mobile phone shield deletion request, if the terminal device does not execute the deletion task of the mobile phone shield, correspondingly, the mobile phone shield state maintained by the TSM is the third state, the mobile phone shield state maintained by the terminal device is the instance existing state, and the mobile phone shield state maintained by the server of the service provider is the service invalid state.

Under the condition that the TSM responds to the mobile phone shield deletion request, if the terminal device fails to execute the task of deleting the mobile phone shield, correspondingly, the mobile phone shield state maintained by the TSM is the third state, the mobile phone shield state maintained by the terminal device is the instance existing state, and the mobile phone shield state maintained by the server of the service provider is the service invalid state.

If the terminal device successfully executes the task of deleting the mobile phone shield, but the state synchronization of the mobile phone shield between the terminal device and the TSM platform fails, correspondingly, the state of the mobile phone shield maintained by the TSM platform is a third state, the state of the mobile phone shield maintained by the terminal device is an instance non-existing state, and the state of the mobile phone shield maintained by the server of the service provider is a service invalid state.

If the terminal device successfully executes the task of deleting the mobile phone shield and the state synchronization of the mobile phone shield between the terminal device and the TSM platform is successful, correspondingly, the state of the mobile phone shield maintained by the TSM platform is a fourth state, the state of the mobile phone shield maintained by the terminal device is an instance non-existing state, and the state of the mobile phone shield maintained by the server of the service provider is a service invalid state.

In order to more intuitively explain the change of the mobile phone shield state maintained by the TSM platform, the following description will be made with reference to a state machine of the mobile phone shield state. Fig. 7 is a schematic diagram of a state machine of a mobile phone shield state according to an embodiment of the present disclosure. As shown in fig. 7, the TSM platform receives a mobile phone shield application request sent by the terminal device, and the mobile phone shield state maintained by the TSM platform enters the first state 00. If the mobile phone shield is downloaded successfully, the state of the mobile phone shield maintained by the TSM platform is changed from the first state 00 to the second state 01. If the mobile phone shield state is the first state 00, the TSM platform receives the mobile phone shield deletion request, and the mobile phone shield state maintained by the TSM platform is changed from the first state 00 to the third state 02. If the mobile phone shield state is the second state 01, the TSM platform receives the mobile phone shield deletion request, and the mobile phone shield state maintained by the TSM platform is changed from the second state 01 to the third state 02. If the mobile phone shield state is the third state 02, the TSM platform determines that the mobile phone shield has been successfully deleted, and the mobile phone shield state maintained by the TSM platform is changed from the third state 02 to the fourth state 03. If the TSM platform receives the data cleaning request and the data cleaning request deletes the mobile phone shield whose mobile phone shield state is the first state 00, the mobile phone shield state of the mobile phone shield is changed from the first state 00 to the fourth state 03. If the mobile phone shield identifier generated by the TSM platform is the same as the mobile phone shield identifier of the mobile phone shield in the TSM platform whose mobile phone shield state is the fourth state 03, the mobile phone shield state corresponding to the generated mobile phone shield identifier is changed from the fourth state 03 to the first state 00.

Corresponding to the mobile phone shield state management method applied to the TSM platform, the embodiment of the present application further provides a mobile phone shield state management method, which can be applied to a terminal device. The terminal device comprises a mobile phone shield control and a Secure Element (SE). Fig. 8 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to an embodiment of the present application. As shown in fig. 8, the method for managing the shield status of the mobile phone may include steps S401 to S407.

In step S401, the mobile phone shield control sends a mobile phone shield application request to the TSM platform.

In step S402, the mobile phone shield control receives a first APDU task list corresponding to the mobile phone shield application request sent by the TSM platform.

Wherein, the task in the first APDU task list is used for instructing the secure element to download the instance of the handset shield. At this time, the mobile phone shield state of the mobile phone shield corresponding to the mobile phone shield application request in the terminal device is an instance non-existing state.

In step S403, the mobile phone shield control sends a first APDU instruction request corresponding to the first APDU task list to the TSM platform.

In step S404, the mobile phone shield control receives a first APDU instruction corresponding to the first APDU task list sent by the TSM platform.

In step S405, the mobile phone shield control forwards the first APDU instruction to the secure element.

In step S406, the secure element executes the tasks in the first APDU task list according to the first APDU instruction, generates a first APDU instruction response message, and transmits the first APDU instruction response message to the handset shield control.

And the secure element executes the tasks in the first APDU task list, and downloads and stores the instance of the mobile phone shield. The first APDU command response message indicates whether the tasks in the first APDU task list are successfully executed, i.e. indicates whether the first APDU command is successfully executed.

And if the first APDU instruction response message indicates that the tasks in the first APDU task list are all successfully executed, the mobile phone shield state of the mobile phone shield corresponding to the mobile phone shield application request in the terminal equipment is an example existing state.

In step S407, the mobile phone shield control sends a first APDU command response message to the TSM platform.

For the contents of the request for the mobile phone shield, the first APDU task list, the request for the first APDU command, the first APDU command response message, the presence status of the example, and the absence status of the example, reference may be made to the relevant description in the above embodiments, which is not repeated herein.

In this embodiment of the application, the terminal device and the TSM platform interact with each other by using the first APDU command and the first APDU command response message to generate or update the mobile phone shield state maintained in the TSM platform, and generate or update the mobile phone shield state maintained in the terminal device. The TSM platform can realize the management of the states of the mobile phone shield related to downloading through the first state and the second state. Compared with the prior art, the number of times of changing the state of the mobile phone shield is less by once downloading and installing the mobile phone shield. The mobile phone shield state change needs to be written into a database in the mobile phone shield state management system each time, so that the operation times of the database are reduced, the adverse effect on the performance of the mobile phone shield state management system is reduced and even avoided, and the performance of the mobile phone shield state management system is improved.

Fig. 9 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to another embodiment of the present application. Correspondingly, the terminal device is further provided with an application program, and the application program can be specifically an application program of a service provider. The difference between the method for managing the mobile phone shield state shown in fig. 9 and the method for managing the mobile phone shield state shown in fig. 8 is that the method for managing the mobile phone shield state shown in fig. 9 may further include steps S408 to S415.

In step S408, the application sends a mobile phone shield deletion request to the server, so that the server forwards the mobile phone shield deletion request to the TSM platform.

In some examples, the mobile phone shield deletion request includes a terminal device identification and a mobile phone shield identification.

In step S409, the application receives the mobile phone shield deletion response message sent by the server.

The mobile phone shield deleting response message is sent to the server by the TSM platform and is used for representing that the mobile phone shield is successfully deleted. The server here refers to a server of a service provider. And the application program receives the mobile phone shield deletion response message sent by the server so as to enable the state of the application program to be consistent with that of the mobile phone shield in the server of the service provider.

In step S410, the mobile phone shield control receives a second APDU task list corresponding to the TSM platform and the mobile phone shield deletion request.

The task in the second APDU task list is used to instruct the secure element to delete the instance of the mobile phone shield, specifically, to delete the instance of the mobile phone shield corresponding to the mobile phone shield deletion request. At this time, the mobile phone shield identifier of the mobile phone shield corresponding to the mobile phone shield deletion request in the terminal device is an example existing state.

In step S411, the mobile phone shield control sends a second APDU instruction request corresponding to the second APDU task list to the TSM platform.

In step S412, the mobile phone shield control receives a second APDU instruction corresponding to the second APDU task list sent by the TSM platform.

In step S413, the mobile phone shield control forwards the second APDU instruction to the secure element.

In step S414, the secure element executes the tasks in the second APDU task list according to the second APDU instruction, generates a second APDU instruction response message, and transmits the second APDU instruction response message to the handset shield control.

If the second APDU response message indicates that all tasks in the second APDU task list are successfully executed, the mobile phone shield identifier of the mobile phone shield corresponding to the mobile phone shield deletion request in the terminal device is in an example non-existing state.

In step S415, the mobile phone shield control sends a second APDU command response message to the TSM platform.

The contents of the mobile phone shield deletion request, the mobile phone shield deletion response message, the second APDU task list, the second APDU instruction request, the second APDU instruction response message, the example existing state, and the example nonexistence state may refer to the relevant description in the above embodiments, and are not described herein again.

Fig. 10 is a flowchart of a method for managing a mobile phone shield state applied to a terminal device according to another embodiment of the present application. The method for managing a mobile phone shield state shown in fig. 10 is different from the method for managing a mobile phone shield state shown in fig. 8 in that the method for managing a mobile phone shield state shown in fig. 10 may further include steps S416 to S422.

In step S416, after the secure element successfully executes the tasks in the first APDU task list, the mobile phone shield control sends a data cleaning request to the TSM platform.

In step S417, the mobile phone shield control receives the third APDU task list sent by the TSM platform.

Wherein the task in the third APDU task list is used to instruct the secure element to delete the instance of the handset shield. At this time, the mobile phone shield state of the mobile phone shield corresponding to the data cleaning request in the terminal device is an example existing state.

In step S418, the mobile phone shield control sends a third APDU instruction request corresponding to the third APDU task list to the TSM platform.

In step S419, the mobile phone shield control receives a third APDU instruction corresponding to the third APDU task list sent by the TSM platform.

In step S420, the mobile phone shield control forwards the third APDU instruction to the secure element.

In step S421, the secure element executes a task in the third APDU task list according to the third APDU instruction, reserves an Applet, generates a third APDU instruction response message, and transmits the third APDU instruction response message to the mobile phone shield control.

If the third APDU command response message indicates that all tasks in the third APDU task list are successfully executed, the mobile phone shield state of the mobile phone shield corresponding to the data cleaning request in the terminal device is an example non-existing state.

In some existing technical solutions, in a case that there is no instance of a mobile phone shield in a secure element of a terminal device, the terminal device may automatically delete an Applet in the secure element. If the mobile phone shield is downloaded again, the Applet needs to be downloaded again. In the embodiment of the application, the secure element executes the task in the third APDU task list according to the third APDU instruction, silently deletes the instance of the mobile phone shield whose mobile phone shield state is the first state and the third state, but keeps the Applet not to delete, thereby avoiding frequently deleting and downloading the Applet, avoiding the network data packet transmission resource occupied by frequently deleting and downloading the Applet, reducing the size of the network transmission data packet, shortening the processing time, improving the processing efficiency, and also saving the terminal device resource and the network resource.

In step S422, the mobile phone shield control sends a third APDU command response message to the TSM platform.

For the contents of the data cleaning request, the third APDU task list, the third APDU command request, the third APDU command response message, the example existing state, and the example nonexistence state, reference may be made to the relevant description in the above embodiments, and details are not repeated herein.

The embodiment of the application also provides a TSM platform server, and the TSM platform server can realize the functions of the TSM platform in the embodiment. Fig. 11 is a schematic structural diagram of a TSM platform server according to an embodiment of the present disclosure. As shown in fig. 11, the TSM platform server 500 may include a receiving module 501, a transmitting module 502, and a status storing module 503.

The receiving module 501 is configured to receive a request for a mobile phone shield application from a terminal device.

The sending module 502 is configured to send a first application protocol data unit APDU task list corresponding to the mobile phone shield application request to the terminal device in response to the mobile phone shield application request.

The state storage module 503 is configured to record a mobile phone shield state as a first state when the sending module sends the first APDU task list.

The first state represents the downloading of the mobile phone shield.

The receiving module 501 is further configured to receive a first APDU instruction request sent by the terminal device.

The sending module 502 is further configured to send, in response to the first APDU instruction request, a first APDU instruction corresponding to the first APDU task list to the terminal device.

The receiving module 501 is further configured to receive a first APDU instruction response message sent by the terminal device;

the state storage module 503 is further configured to record the mobile phone shield state as the second state if the first APDU instruction response message indicates that all tasks in the first APDU task list are successfully executed.

And the second state represents that the mobile phone shield is downloaded completely.

In the embodiment of the application, the TSM platform server sends the first APDU task list corresponding to the mobile phone shield application request to the terminal device, and the TSM platform server records the mobile phone shield state as the first state representing the mobile phone shield download. And under the condition that the TSM platform server receives a first APDU instruction response message indicating that the tasks in the first APDU task list are successfully executed, the TSM platform server records the mobile phone shield state as a second state representing that the mobile phone shield is completely downloaded. Therefore, the states of the mobile phone shield related to downloading can be managed through the first state and the second state. The mobile phone shield can be downloaded and installed once, and the state change of the mobile phone shield can be generated at least twice. The mobile phone shield state change needs to be written into a database in the mobile phone shield state management system each time, so that the operation times of the database are reduced, the adverse effect on the performance of the mobile phone shield state management system is reduced and even avoided, and the performance of the mobile phone shield state management system is improved.

Moreover, the independent TSM platform server is arranged to manage the state of the mobile phone shield, so that the management difference of the mobile phone shield caused by different terminal equipment manufacturers and different built-in chips can be shielded for a service provider, the management difference of the mobile phone shield caused by different service providers can be shielded for a user or a terminal equipment manufacturer, and the applicability of the management of the mobile phone shield is improved.

In some examples, the receiving module 501 is further configured to receive a handset shield deletion request sent by the server, and receive a second APDU instruction request sent by the terminal device, and receive a second APDU instruction response message sent by the terminal device.

The sending module 502 is further configured to send a response message indicating that the deletion is successful to the server in response to the mobile phone shield deletion request, send a second APDU task list corresponding to the mobile phone shield deletion request to the terminal device, and send a second APDU instruction corresponding to the second APDU task list to the terminal device in response to the second APDU instruction request.

The state storage module 503 is further configured to record the mobile phone shield state as a third state when the sending module 502 responds to the mobile phone shield deletion request and sends a deletion success response message to the server, and record the mobile phone shield state as a fourth state if the second APDU instruction response message indicates that all tasks in the second APDU task list are successfully executed.

And the third state represents the deletion of the mobile phone shield. And the fourth state represents that the mobile phone shield is deleted completely.

Specifically, the mobile phone shield deletion request may include a terminal device identifier and a mobile phone shield identifier.

In some examples, the receiving module 501 is further configured to receive a data cleaning request sent by the terminal device, and receive a third APDU instruction response message sent by the terminal device.

The sending module 502 is further configured to send a third APDU task list to the terminal device in response to the data cleaning request, if the TSM platform has a mobile phone shield state in the first state or the third state, and send a third APDU instruction corresponding to the third APDU task list to the terminal device in response to the third APDU instruction request.

And the task in the third APDU task list indicates to delete the instance of the mobile phone shield with the mobile phone shield state being the first state or the third state.

The state storage module 503 is further configured to update the mobile phone shield state in the first state or the third state to the fourth state in the TSM platform if the third APDU instruction response message indicates that all tasks in the third APDU task list are successfully executed.

Fig. 12 is a schematic structural diagram of a TSM platform server according to another embodiment of the present application. The TSM platform server shown in fig. 12 is different from the TSM platform server shown in fig. 11 in that the TSM platform server shown in fig. 12 may further include an identification generation module 504 and a mapping storage module 505.

The identifier generating module 504 is configured to generate a mobile phone shield identifier corresponding to the terminal device.

The mapping storage module 505 is configured to store a mapping relationship between a mobile phone shield identifier and a mobile phone shield state.

And for the same terminal equipment, the mobile phone shield identification has uniqueness.

In some examples, the mobile phone shield application request may include a first portion of a mobile phone shield identification and a terminal device identification.

The identity generation module 504 may be specifically configured to: for the terminal equipment corresponding to each terminal equipment identifier, inquiring whether a mobile phone shield identifier matched with the first part and the terminal equipment identifier is stored in the TSM platform; and if the TSM platform does not have the mobile phone shield identification matched with the first part and the terminal equipment identification, generating a second part of the mobile phone shield identification with the initial value, and generating the mobile phone shield identification corresponding to the terminal equipment based on the first part and the second part.

The identity generation module 504 may be further specifically configured to: if a mobile phone shield identifier matched with the first part and the terminal equipment identifier is stored in the TSM platform, acquiring a target mobile phone shield identifier, wherein the target mobile phone shield identifier is a mobile phone shield identifier which is generated recently and is matched with the first part and the terminal equipment identifier; increasing the value of the second part of the target mobile phone shield identification by a preset step value, and generating a new target mobile phone shield identification based on the second part and the first part after the preset step value is increased; if the TSM platform stores a mobile phone shield identifier which is the same as the new target mobile phone shield identifier and the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, the value of the second part of the new target mobile phone shield identifier is increased by the preset step value again until no mobile phone shield identifier which is the same as the new target mobile phone shield identifier exists in the TSM platform, the new target mobile phone shield identifier is used as the mobile phone shield identifier corresponding to the terminal device, or, if the TSM platform stores the mobile phone shield identifier identical to the new target mobile phone shield identifier, and if the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, increasing the value of the second part of the new target mobile phone shield identifier by the preset step value again until the mobile phone shield identifier same as the new target mobile phone shield identifier is stored in the TSM platform and the mobile phone shield state corresponding to the mobile phone shield identifier is the fourth state, and taking the new target mobile phone shield identifier as the mobile phone shield identifier corresponding to the terminal device.

And the fourth state represents that the mobile phone shield is deleted completely.

In some examples, the identification generation module 504 may be further specifically configured to: and if the value of the second part of the new target mobile phone shield identifier reaches the preset upper limit value, updating the value of the second part to an initial value.

The embodiment of the application also provides the terminal equipment. Fig. 13 is a schematic structural diagram of a terminal device in an embodiment of the present application. As shown in fig. 13, the terminal device 600 may include a transmitting module 601, a receiving module 602, a processing module 603, and a state storage module 604.

The sending module 601 is configured to send a request for a mobile phone shield application to a trusted service management TSM platform server.

The receiving module 602 is configured to receive a first application protocol data unit APDU task list, which is sent by the TSM platform server and corresponds to the mobile phone shield application request.

Wherein, the task in the first APDU task list is used for instructing the secure element to download the instance of the handset shield. And the mobile phone shield state of the mobile phone shield corresponding to the mobile phone shield application request in the terminal equipment is an example non-existing state.

The sending module 601 is further configured to send a first APDU instruction request corresponding to the first APDU task list to the TSM platform server.

The receiving module 602 is further configured to receive a first APDU instruction corresponding to the first APDU task list sent by the TSM platform server.

The processing module 603 is configured to execute a task in the first APDU task list according to the first APDU instruction, generate a first APDU instruction response message, and transmit the first APDU instruction response message to the mobile phone shield control.

If the first APDU command response message indicates that all tasks in the first APDU task list are successfully executed, the mobile phone shield state of the mobile phone shield corresponding to the mobile phone shield application request in the terminal device is an example existing state.

The sending module 601 is further configured to send a first APDU command response message to the TSM platform server.

The state storage module 604 is used for storing the mobile phone shield state.

In this embodiment of the application, the terminal device and the TSM platform server interact with each other by using the first APDU command and the first APDU command response message, so as to generate or update the mobile phone shield state maintained in the TSM platform server, and generate or update the mobile phone shield state maintained in the terminal device. The TSM platform server can manage the states of the mobile phone shield related to downloading through the first state and the second state. Compared with the prior art, the number of times of changing the state of the mobile phone shield is less by once downloading and installing the mobile phone shield. The mobile phone shield state change needs to be written into a database in the mobile phone shield state management system each time, so that the operation times of the database are reduced, the adverse effect on the performance of the mobile phone shield state management system is reduced and even avoided, and the performance of the mobile phone shield state management system is improved.

In some examples, the sending module 601 is further configured to send a mobile phone shield deletion request to the server, so that the server forwards the mobile phone shield deletion request to the TSM platform server.

The receiving module 602 is further configured to receive a mobile phone shield deletion response message sent by the server.

The mobile phone shield deleting response message is sent to the server by the TSM platform server and is used for representing that the mobile phone shield is successfully deleted.

In some examples, the receiving module 602 is further configured to receive a second APDU task list corresponding to the handset shield deletion request, and receive a second APDU instruction corresponding to the second APDU task list, where the second APDU instruction is sent by the TSM platform server.

Tasks in the second APDU task list are used to instruct the secure element to delete an instance of the handset shield. The mobile phone shield identifier of the mobile phone shield corresponding to the mobile phone shield deletion request in the state storage module 604 is an example existing state.

The sending module 601 is further configured to send a second APDU instruction request corresponding to the second APDU task list to the TSM platform server, and send a second APDU instruction response message to the TSM platform server.

The processing module 603 is further configured to execute the task in the second APDU task list according to the second APDU instruction, and generate a second APDU instruction response message.

If the second APDU response message indicates that all tasks in the second APDU task list are successfully executed, the mobile phone shield identifier of the mobile phone shield corresponding to the mobile phone shield deletion request in the state storage module 604 is an instance absent state.

Specifically, the mobile phone shield deletion request includes a terminal device identifier and a mobile phone shield identifier.

In some examples, the sending module 601 is further configured to send a data cleaning request to the TSM platform server after the processing module 603 executes a task in the successful first APDU task list, send a third APDU instruction request corresponding to the third APDU task list to the TSM platform server, and send a third APDU instruction response message to the TSM platform server.

The receiving module 602 is further configured to receive a third APDU task list sent by the TSM platform server, and receive a third APDU instruction corresponding to the third APDU task list sent by the TSM platform server.

Wherein the task in the third APDU task list is used to instruct the secure element to delete the instance of the handset shield. The mobile phone shield state of the mobile phone shield corresponding to the data cleaning request in the state storage module 604 is an example existing state.

The processing module 603 is further configured to execute a task in the third APDU task list according to the third APDU instruction, reserve an Applet, and generate a third APDU instruction response message.

If the third APDU command response message indicates that all tasks in the third APDU task list are successfully executed, the mobile phone shield state of the mobile phone shield corresponding to the data cleaning request in the state storage module 604 is an instance non-existing state.

Fig. 14 is a schematic hardware structure diagram of a TSM platform server according to an embodiment of the present disclosure. As shown in fig. 14, TSM platform server 700 includes a memory 701, a processor 702, and a computer program stored on memory 701 and executable on processor 702.

In one example, the processor 702 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.

Memory 701 may include mass storage for data or instructions. By way of example, and not limitation, memory 701 may include an HDD, floppy disk drive, flash memory, optical disk, magneto-optical disk, magnetic tape, or a Universal Serial Bus (USB) drive or a combination of two or more of these. Memory 701 may include removable or non-removable (or fixed) media, where appropriate. Memory 701 may be internal or external to TSM platform server 700 at the terminal hotspot, where appropriate. In a particular embodiment, the memory 701 is a non-volatile solid-state memory. In a particular embodiment, the memory 701 includes Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.

The processor 702 runs a computer program corresponding to the executable program code by reading the executable program code stored in the memory 701, so as to implement the mobile phone shield state management method applied to the TSM platform in the above embodiment.

In one example, TSM platform server 700 may also include a communications interface 703 and a bus 704. As shown in fig. 14, the memory 701, the processor 702, and the communication interface 703 are connected by a bus 704 to complete mutual communication.

The communication interface 703 is mainly used for implementing communication between modules, apparatuses, units and/or devices in this embodiment of the application. Input devices and/or output devices may also be accessed through communications interface 703.

Bus 704 includes hardware, software, or both to couple the components of TSM platform server 700 to each other. By way of example, and not limitation, the bus 704 may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a Hyper Transport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of these. Bus 704 may include one or more buses, where appropriate. Although specific buses are described and shown in the embodiments of the application, any suitable buses or interconnects are contemplated by the application.

The embodiment of the present application further provides a terminal device, where a hardware structure of the terminal device is substantially the same as the structure shown in the hardware structure schematic diagram of the TSM platform server in the foregoing embodiment. The processor of the terminal device runs the computer program corresponding to the executable program code by reading the executable program code stored in the memory of the terminal device, so as to implement the mobile phone shield state management method applied to the terminal device in the above embodiments. The hardware structure of the terminal device is not described in detail herein.

An embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the method for managing a mobile phone shield state applied to a TSM platform in the foregoing embodiment may be implemented, or the method for managing a mobile phone shield state applied to a terminal device in the foregoing embodiment may be implemented.

It should be clear that the embodiments in this specification are described in a progressive manner, and the same or similar parts in the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. For TSM platform server embodiments, terminal device embodiments, and computer-readable storage medium embodiments, reference may be made to the description of method embodiments for relevant points. The present application is not limited to the particular steps and structures described above and shown in the drawings. Those skilled in the art may make various changes, modifications and additions or change the order between the steps after appreciating the spirit of the present application. Also, a detailed description of known process techniques is omitted herein for the sake of brevity.

It will be appreciated by persons skilled in the art that the above embodiments are illustrative and not restrictive. Different features which are present in different embodiments may be combined to advantage. Other variations to the disclosed embodiments can be understood and effected by those skilled in the art upon studying the drawings, the specification, and the claims. In the claims, the term "comprising" does not exclude other means or steps; the indefinite article "a" does not exclude a plurality; the terms "first" and "second" are used to denote a name and not to denote any particular order. Any reference signs in the claims shall not be construed as limiting the scope. The functions of the various parts appearing in the claims may be implemented by a single hardware or software module. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims (11)

1. A method for managing the shield state of a mobile phone is applied to a Trusted Service Management (TSM) platform, and comprises the following steps:

receiving a mobile phone shield application request of terminal equipment;

responding to the mobile phone shield application request, sending a first Application Protocol Data Unit (APDU) task list corresponding to the mobile phone shield application request to the terminal equipment, and recording a mobile phone shield state as a first state in the TSM platform, wherein the first state represents the downloading of the mobile phone shield;

receiving a first APDU instruction request sent by the terminal equipment;

responding to the first APDU command request, and sending a first APDU command corresponding to the first APDU task list to the terminal equipment;

and receiving a first APDU command response message sent by the terminal equipment, and if the first APDU command response message indicates that the tasks in the first APDU task list are successfully executed, recording the mobile phone shield state as a second state in the TSM platform, wherein the second state represents that the mobile phone shield is completely downloaded.

2. The method of claim 1, further comprising:

receiving a mobile phone shield deleting request sent by a server;

responding to the mobile phone shield deleting request, sending a successful deleting response message to the server, and recording the state of the mobile phone shield as a third state in the TSM platform, wherein the third state represents the deletion of the mobile phone shield;

sending a second APDU task list corresponding to the mobile phone shield deleting request to the terminal equipment;

receiving a second APDU instruction request sent by the terminal equipment;

responding to the second APDU command request, and sending a second APDU command corresponding to the second APDU task list to the terminal equipment;

and receiving a second APDU command response message sent by the terminal equipment, and if the second APDU command response message indicates that the tasks in the second APDU task list are successfully executed, recording the state of the mobile phone shield as a fourth state in the TSM platform, wherein the fourth state represents that the deletion of the mobile phone shield is completed.

3. The method of claim 2, wherein the mobile phone shield deletion request comprises a terminal device identifier and a mobile phone shield identifier.

4. The method of claim 2, wherein after recording the handset shield state as the second state within the TSM platform, further comprising:

receiving a data cleaning request sent by the terminal equipment;

responding to the data cleaning request, and if a mobile phone shield state in the first state or the third state is in the TSM platform, sending a third APDU task list to the terminal device, wherein a task in the third APDU task list indicates to delete an instance of the mobile phone shield in which the mobile phone shield state is the first state or the third state;

receiving a third APDU instruction request sent by the terminal equipment;

responding to the third APDU command request, and sending a third APDU command corresponding to the third APDU task list to the terminal equipment;

and receiving a third APDU command response message sent by the terminal equipment, and if the third APDU command response message indicates that all tasks in the third APDU task list are successfully executed, updating the mobile phone shield state in the first state or the third state into a fourth state in the TSM platform.

5. The method according to claim 1, further comprising, after the receiving of the request for the handset shield of the terminal device, the step of:

generating a mobile phone shield identifier corresponding to the terminal equipment;

and storing the mapping relation between the mobile phone shield identification and the mobile phone shield state, wherein the mobile phone shield identification has uniqueness for the same terminal equipment.

6. The method of claim 5, wherein the mobile phone shield application request includes a first part of a mobile phone shield ID and a terminal device ID,

the generating of the mobile phone shield identifier corresponding to the terminal device includes:

for the terminal equipment corresponding to each terminal equipment identifier, inquiring whether a mobile phone shield identifier matched with the first part and the terminal equipment identifier is stored in the TSM platform;

if the TSM platform does not have the mobile phone shield identification matched with the first part and the terminal equipment identification, generating a second part of the mobile phone shield identification with an initial value, and generating the mobile phone shield identification corresponding to the terminal equipment based on the first part and the second part.

7. The method according to claim 6, wherein the generating of the mobile phone shield identifier corresponding to the terminal device further includes:

if a mobile phone shield identifier matched with the first part and the terminal equipment identifier is stored in the TSM platform, acquiring a target mobile phone shield identifier, wherein the target mobile phone shield identifier is a mobile phone shield identifier which is generated recently and is matched with the first part and the terminal equipment identifier;

increasing the value of the second part of the target mobile phone shield identification by a preset step value, and generating a new target mobile phone shield identification based on the second part and the first part after the preset step value is increased;

if the TSM platform stores a mobile phone shield identifier which is the same as the new target mobile phone shield identifier and the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, increasing the value of the second part of the new target mobile phone shield identifier by the preset step value again until no mobile phone shield identifier which is the same as the new target mobile phone shield identifier exists in the TSM platform, and taking the new target mobile phone shield identifier as the mobile phone shield identifier corresponding to the terminal device,

or, if a mobile phone shield identifier identical to the new target mobile phone shield identifier is stored in the TSM platform, and the mobile phone shield state corresponding to the mobile phone shield identifier is not the fourth state, increasing the value of the second part of the new target mobile phone shield identifier by the preset step value again until the mobile phone shield identifier identical to the new target mobile phone shield identifier is stored in the TSM platform and the mobile phone shield state corresponding to the mobile phone shield identifier is the fourth state, and using the new target mobile phone shield identifier as the mobile phone shield identifier corresponding to the terminal device;

and the fourth state represents that the mobile phone shield is deleted completely.

8. The method of claim 7, further comprising:

and if the value of the second part of the new target mobile phone shield identifier reaches the preset upper limit value, updating the value of the second part to an initial value.

9. A TSM platform server, comprising:

the receiving module is used for receiving a mobile phone shield application request of the terminal equipment;

a sending module, configured to respond to the mobile phone shield application request and send a first application protocol data unit APDU task list corresponding to the mobile phone shield application request to the terminal device;

the state storage module is used for recording the state of the mobile phone shield as a first state when the sending module sends the first APDU task list, wherein the first state represents the downloading of the mobile phone shield;

the receiving module is further configured to receive a first APDU instruction request sent by the terminal device;

the sending module is further configured to send, in response to the first APDU instruction request, a first APDU instruction corresponding to the first APDU task list to the terminal device;

the receiving module is further configured to receive a first APDU instruction response message sent by the terminal device;

the state storage module is further configured to record a mobile phone shield state as a second state if the first APDU instruction response message indicates that all tasks in the first APDU task list are successfully executed, where the second state represents that the mobile phone shield download is completed.

10. A TSM platform server comprising a processor, a memory, and a computer program stored on the memory and operable on the processor, wherein the computer program, when executed by the processor, implements the method for managing the status of a mobile phone shield according to any one of claims 1 to 8.

11. A computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the method for managing the status of a mobile phone shield according to any one of claims 1 to 8.

Images