CN111757326A - Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium - Google Patents
Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium Download PDFInfo
- Publication number
- CN111757326A CN111757326A CN202010560880.3A CN202010560880A CN111757326A CN 111757326 A CN111757326 A CN 111757326A CN 202010560880 A CN202010560880 A CN 202010560880A CN 111757326 A CN111757326 A CN 111757326A
- Authority
- CN
- China
- Prior art keywords
- access point
- point type
- network connection
- access
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The embodiment of the application discloses a vulnerability prevention and control method, a vulnerability prevention and control device, a mobile terminal and a computer readable storage medium. The method comprises the following steps: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; according to the first access point type parameter and the connection state of the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the defects in the prior art are overcome.
Description
Technical Field
The present application relates to the field of security protection technologies, and in particular, to a vulnerability prevention and control method, device, mobile terminal, and computer-readable storage medium.
Background
An IP Multimedia Subsystem (ims) is a Subsystem supporting IP Multimedia services proposed by the third Generation mobile communication partner organization (3rd Generation Partnership Project, 3GPP) in Release5 version standard, and is an important way to solve the convergence of mobile networks and fixed networks and introduce differentiation services such as triple fusion of voice, data, and video, which brings more entertainment to users and also makes communication between users more and more convenient. Currently, SIM cards provided by various operators basically support ims services to meet market demands, and are generally implemented by a type field of an Access Point Name (APN), where the type field of the APN determines functions of network connections established based on the type field, and a same SIM card may establish multiple network connections to implement multiple functions.
When multiple network connections need to be established by the same SIM card to realize multiple functions, the network connections are usually respectively established based on received access requests, and in some scenes, because type fields corresponding to two network connections are mutually influenced, the risk that a data switch is not controlled exists, so that a certain hacker or lawless person can take advantage of the risk.
Content of application
In view of the above, it is necessary to provide a vulnerability defense method, apparatus, mobile terminal and computer readable storage medium for avoiding data switch failure.
The embodiment of the application provides a vulnerability prevention and control method, which comprises the following steps:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection status of the second network connection includes:
if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request;
and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
In one embodiment, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request includes:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
a non-null type of network connection is established as the first network connection.
In one embodiment, the establishing a first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request includes:
if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
a network connection of a third access point type is established as the first network connection.
In one embodiment, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request includes:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
a network connection of a fourth access point type is established as the first network connection.
In one embodiment, establishing a first network connection based on the first access point type parameter comprises:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
a network connection of a fifth access point type is established as the first network connection.
The embodiment of the application provides a loophole prevention and control device, the device includes:
the access control device comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring a first access network request and a connection state of a second network connection, the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and the establishing module is used for establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the setup module includes:
a first establishing unit, configured to establish a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request if the connection status of the second network connection is unconnected;
and the second establishing unit is used for establishing the first network connection according to the first access point type parameter if the connection state of the second network connection is connected.
The embodiment of the application provides a mobile terminal, which comprises a memory and a controller, wherein the memory stores a computer program, and the controller realizes the steps of the vulnerability prevention and control method provided by any embodiment of the application when executing the computer program.
The embodiment of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a controller, implements the steps of the vulnerability prevention and control method provided in any embodiment of the present application.
According to the vulnerability prevention and control method, the vulnerability prevention and control device, the mobile terminal and the computer readable storage medium, the first access network request and the connection state of the second network connection are obtained, the first access network request comprises the first access point type parameter, and the second network connection is the network connection corresponding to the second access network request; according to the first access point type parameter and the connection state of the second network connection, the first network connection corresponding to the first access network request is established, the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art is effectively solved, and the defects in the prior art are overcome.
Drawings
FIG. 1 is a diagram illustrating an application scenario of a vulnerability defense method in an embodiment;
FIG. 2 is a flow chart illustrating a vulnerability defense method according to an embodiment;
FIG. 3 is a schematic flow chart illustrating a vulnerability defense method according to another embodiment;
FIG. 4 is a schematic diagram illustrating an implementation flow of a vulnerability defense method in an embodiment;
FIG. 5 is a block diagram of a vulnerability defense apparatus in one embodiment;
fig. 6 is an internal structural diagram of a mobile terminal in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. It should also be understood that the appearances of "first," "second," "third," "fourth," and "fifth" in the embodiments of the present application are not necessarily in chronological order, but are merely for purposes of distinction.
The vulnerability prevention and control method provided by the application can be applied to the application environment shown in FIG. 1. The SIM card in the mobile terminal 100 supports the ims network, and when the mobile terminal 100 is in an environment with the ims network, an ims connection can be automatically established to provide voice, data, and video functions. The mobile terminal 100 of the embodiment is exemplified by a smart phone. The mobile terminal 100 may access the mobile network through the APN, or may access the mobile network through wifi or a hotspot, where for the mobile terminal 100 of this embodiment, for example, accessing the mobile network through the APN, the APN parameter needs to be configured in the first step before accessing the mobile network.
In one embodiment, as shown in fig. 2, a flow diagram of a vulnerability defense method is provided. The present embodiment is mainly illustrated by applying the method to the mobile terminal 100 in fig. 1.
The first access network request and the second access network request are request information for establishing network connection, which is sent by the user to the mobile terminal 100, wherein the first access network request may be sent prior to the second access network request, or may be sent after the second access network request. The first access network request includes a first access point parameter, which is a parameter that must be configured for the user to access the mobile network via the mobile terminal 100, including but not limited to a first access point name, a proxy, a port, a first access point type parameter, and the like. The first access point type parameter, i.e. the type field of the APN, is used to reflect the connection type of the first network connection, generally, the type field may be set to at least one of default, mms, supply, dun, hipri, fota, and ims, and of course, may also be set to another type, which is not limited in this embodiment. The different connection types correspond to different functions, for example, when the type field is mms, the connection type of the first network connection is represented as mms type and has the capability of sending multimedia messages, and when the type field is default, the connection type of the first network connection is represented as default type and can access the Internet by using a data network, and the first network connection requests the corresponding network connection for the first access network.
Correspondingly, the second access network request includes a second access point type parameter, which includes but is not limited to a second access point name, a proxy, a port, a second access point type parameter, and the like. The second access point type parameter, namely type field, can be ims or non-ims, when the type field is ims, the connection type of the established second network connection is represented as ims type, and the second network connection has voice, video and data capabilities; when the type field is not ims, such as default, the connection type of the established second network connection is default type. The connected state of the second network connection may include both connected and unconnected states. Step 220, establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
The connection state of the second network connection may affect the establishment of the first network connection under certain circumstances, and the conventional method ignores the effect of the connection state of the second network connection on the first network connection when the first network connection is established, so that the data switch is not controlled under certain circumstances, and a hacker or a lawless person can take a chance. For example, when the second network connection is not established, the second access point type parameter is ims, and the first access point type parameter is null, the APN connection of the null type is established as the first network connection in a conventional manner, if the first network connection is successfully connected preferentially, the second network connection may multiplex the first network connection, and after the user closes the data switch, because the second network connection still needs to use the first network connection, the first network connection is not disconnected, and the final expression result is that the data switch is closed, but the background still can use data traffic, thereby bringing a ride-by-pass opportunity to some hackers or lawless persons. Therefore, when the first network connection is established, the first access point type parameter and the connection state of the second network connection are considered at the same time, the defects existing in the prior art are overcome, and the safety is guaranteed.
In an embodiment, when the first access point type parameter is default, the second access point type parameter is ims, and the second network connection is not connected, it may be determined that the connection type of the first network connection is default type, and the connection type of the second network connection is ims type, so that an APN connection of default type may be established as the first network connection, and an APN connection of ims type may be established as the second network connection.
In another embodiment, when the first access point type parameter is null, the second access point type parameter is ims, and the second network connection is unconnected, it may be determined that the connection type of the first network connection is a non-null type, and the connection type of the second network connection is an ims type, so that the non-null type APN connection may be established as the first network connection and the ims type APN connection may be established as the second network connection.
In another embodiment, if the second network connection is already connected and the second access point type parameter is ims, the first network connection may be established directly according to the first access network request corresponding to the first access point type parameter. For example, if the first access point TYPE parameter is null, it may be determined that the connection TYPE of the first network connection is APN _ TYPE _ ALL, and an APN connection of the APN _ TYPE _ ALL TYPE is established as the first network connection. If the first access point type parameter is default, it may be determined that the connection type of the first network connection is default, and an APN connection of the default type is established as the first network connection.
The TYPE field is empty, which means that the TYPE field is not configured, and this situation is usually defined as APN _ TYPE _ ALL, and a network established by using APN _ TYPE _ ALL has ALL network capabilities, for example, the network may have the capabilities of accessing Internet, sending multimedia messages, voice, video, and data at the same time. The present embodiment does not limit the specific type of the non-empty type, and may be, for example, a default type, an mms type, a supply type, an dun type, a hipri type, or a fota type.
It should be noted that the mobile terminal 100 of this embodiment supports the ims-type APN connection by default, that is, when the mobile terminal 100 is in an environment with an ims network, the ims-type APN connection may be established based on the obtained ims connection request, or the ims-type APN connection may be automatically established in a default manner. The ims connection request may be the aforementioned second access network request, and the corresponding second access point type parameter is ims. The second network connection in this embodiment takes an ims-type APN connection and a non-type APN connection as examples, and correspondingly, the second access point type parameter may be ims or non-ims.
The vulnerability prevention and control method comprises the steps of obtaining a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
In another embodiment, as shown in fig. 3, a flowchart of a vulnerability defense method is provided. In this embodiment, the method is mainly applied to the mobile terminal 100 in fig. 1, the second network connection is an ims type APN connection and a non-ims type APN connection, and the connection status is illustrated by taking a connection and a non-connection as an example.
And 320, judging whether the connection state of the second network connection is unconnected, if so, executing a step 330, otherwise, executing a step 340.
In some scenarios, it is necessary for the mobile terminal 100 to support ALL network capabilities, and in order to simplify the operation, the TYPE field may be directly configured to be empty, and a long connection of APN _ TYPE _ ALL may be established to meet the application requirement. For example, in the area a, all functions need to be supported by using the same network, and the type field may be configured to be null, i.e., null characters. Since the second network connection is also not currently connected, there may be a long connection condition multiplexing APN _ TYPE _ ALL at this time, resulting in a data switch failure. This embodiment refines step 330 to this end.
In one embodiment, if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
The second access point type is a type corresponding to the second access point type parameter, for example, when the second access point type parameter is ims, the second access point type is ims type, and when the second access point type parameter is non-ims, the second access point type is non-ims type. Specifically, when the second access point TYPE is an ims TYPE and the first access point TYPE parameter is empty, in order to avoid the failure of the data switch due to the long connection of the second network connection multiplexing APN _ TYPE _ ALL, the embodiment does not resolve the first access point TYPE parameter as null resolving APN _ TYPE _ ALL, but resolves the first access point TYPE parameter as a non-null TYPE, for example, a default TYPE. Under normal conditions, the second network connection can not multiplex default type APN connection, so that the defects of the prior art are overcome, and the problem of data switch failure caused by user operation is solved. At this time, an ims type APN connection may be established as a second network connection, and when the data switch is turned off, the first network connection is also disconnected, and the second network connection may maintain normal operation.
In another embodiment, if the second access point type is an ims type and the first access point type parameter is non-null, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
Specifically, when the second access point TYPE is an ims TYPE, if the first network connection is a long connection of APN _ TYPE _ ALL, the second network connection may multiplex the first network connection, and if the first network connection is a non-empty TYPE APN connection, the second network connection may not multiplex the first network connection. For example, in this embodiment, when the first access point type parameter is non-empty, the third access point type obtained by analyzing the first access point type parameter is consistent with the first access point type parameter, for example, when the first access point type parameter is default, the third access point type is default; and if the first access point type parameter is mms, the third access point type parameter is mms type. At this time, an APN connection of a third access point type may be established as the first network connection, and an APN connection of an ims type may be established as the second network connection, respectively.
In another embodiment, if the second access point type is a non-ims type, the first access point type parameter is analyzed to obtain a fourth access point type, and the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
Specifically, if the second access point TYPE is a non-ims TYPE, the analysis of the first access point TYPE parameter is not affected, that is, a fourth access point TYPE obtained by analyzing the first access point TYPE parameter is consistent with the first access point TYPE parameter, for example, when the first access point TYPE parameter is empty, the third access point TYPE is an APN _ TYPE _ ALL TYPE; and if the first access point type parameter is mms, the third access point type parameter is mms type. When the first access point TYPE parameter is null, the non-ims TYPE second network connection can multiplex the long connection of APN _ TYPE _ ALL without affecting the effect of data switching.
If the connection state of the second network connection is connected, the establishment of the first network connection is not affected no matter whether the type of the second access point is an ims type or not, and at this time, the corresponding APN connection can be established directly according to the parameter of the type of the first access point to serve as the first network connection.
In an embodiment, the first access point type parameter may be analyzed to obtain a fifth access point type, where the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
Illustratively, when the first access point TYPE parameter is empty, the first access point TYPE parameter may be analyzed as APN _ TYPE _ ALL, and an APN connection may be established based on the APN _ TYPE _ ALL, and when the user closes the data switch, the background may not use the data traffic any more, which may ensure the security of the user.
It should be noted that, when the mobile terminal 100 requests to configure the APN parameter based on the first access network, if the first access point type parameter set by the user is non-empty but is not matched with the operator corresponding to the mobile terminal 100, at this time, the mobile terminal 100 may select a type field from a default APN library in the system, and if the type field successfully matched is empty, at this time, the type field needs to be replaced, and a non-empty type field matched with the operator is reselected, thereby preventing the above vulnerability from occurring.
In an embodiment, as shown in fig. 4, an implementation flow diagram of a vulnerability prevention and control method is provided. Fig. 4 illustrates an example in which a type field set by the user and a connection state of the second network connection are not connected, and the type field set by the user is matched with an operator corresponding to the mobile terminal 100.
Analyzing a first access point type parameter in the first access network request, if the first access point type parameter is null, further determining whether a second access point type is an ims type, if the second access point type is the ims type, analyzing the first access point type parameter as default, establishing APN connection of the default type as first network connection and establishing APN connection of the ims type as second network connection. If the second access point TYPE is a non-ims TYPE, resolving the first access point TYPE parameter into APN _ TYPE _ ALL, and establishing APN connection of APN _ TYPE _ ALL TYPE as a first network connection, where the second network connection may multiplex APN connection of APN _ TYPE _ ALL TYPE. And if the first access point type parameter is non-null, directly establishing the non-null APN connection as a first network connection, and simultaneously establishing the APN connection of a second access point type as a second network connection.
It should be understood that although the various steps in the flow charts of fig. 2-3 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-3 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least some of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 5, a block diagram of a vulnerability prevention and control apparatus is provided, where the vulnerability prevention and control apparatus includes an obtaining module 51 and an establishing module 52, where:
the obtaining module 51 is configured to obtain a first access network request and a connection status of a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request.
An establishing module 52, configured to establish, according to the first access point type parameter and the connection status of the second network connection, a first network connection corresponding to the first access network request.
The vulnerability prevention and control device acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
On the basis of the above embodiment, the building module 52 includes: a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if a connection status of the second network connection is unconnected; and a second establishing unit, configured to establish the first network connection according to the first access point type parameter if the connection status of the second network connection is connected.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; establishing a non-null type of network connection as the first network connection.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; establishing a network connection of a third access point type as the first network connection.
On the basis of the foregoing embodiment, the first establishing unit is specifically configured to: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; establishing a network connection of a fourth access point type as the first network connection.
On the basis of the foregoing embodiment, the second establishing unit is specifically configured to: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; establishing a network connection of a fifth access point type as the first network connection.
For specific limitations of the vulnerability defense apparatus, reference may be made to the above limitations of the vulnerability defense method, which are not described herein again. All or part of the modules in the vulnerability prevention and control device can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent of a controller in the mobile terminal, and can also be stored in a memory in the mobile terminal in a software form, so that the controller can call and execute operations corresponding to the modules.
In one embodiment, as shown in fig. 6, an internal structure diagram of a mobile terminal, which may be a smart phone, is provided, and the internal structure thereof is shown in fig. 6. The mobile terminal includes a memory 61, a controller 62, a communication interface 63, a display 64, and an input device 65 connected through a system bus. Controller 62 is used to provide, among other things, computational and control capabilities. The memory of the mobile terminal includes a nonvolatile storage medium storing an operating system and a computer program, and an internal memory. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface 63 of the mobile terminal is used for performing wired or wireless communication with an external terminal, and the wireless communication may be implemented by WIFI, an operator network, Near Field Communication (NFC), or other technologies. The computer program when executed by the controller 62 implements a vulnerability defense method. The display 64 of the mobile terminal may be a liquid crystal display or an electronic ink display, and the input device 65 of the mobile terminal may be a touch layer covered on the display 64, a key, a trackball or a touch pad arranged on a housing of the mobile terminal, or an external keyboard, a touch pad or a mouse.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
In one embodiment, the mobile terminal implements the following steps when executing the computer program: establishing a first network connection according to a first access point type parameter, comprising: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The mobile terminal acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
Those skilled in the art will appreciate that the configuration shown in fig. 6 is a block diagram of only a portion of the configuration associated with the present application and does not constitute a limitation of the mobile terminal to which the present application applies, and that a particular mobile terminal may include more or less components than those shown, or combine certain components, or have a different arrangement of components.
In one embodiment, a computer readable storage medium is provided, having a computer program stored thereon, the computer program, when executed by a controller, implementing the steps of: acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, including: if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request; and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter. In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type; a non-null type of network connection is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to the first access point type parameter and a second access point type corresponding to the second access network request, comprising: if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter; a network connection of a third access point type is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request, including: if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter; a network connection of a fourth access point type is established as the first network connection.
In one embodiment, the computer program when executed by the controller further performs the steps of: establishing a first network connection according to a first access point type parameter, comprising: analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter; a network connection of a fifth access point type is established as the first network connection.
The computer program acquires a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request; and establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection, thereby effectively solving the problem that the data switch may fail due to the fact that the first network connection is directly established according to the first access point type parameter in the prior art, and making up the loophole in the prior art.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. Non-volatile memory may include Read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM is available in many forms, such as Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), and the like.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A vulnerability prevention and control method is characterized by comprising the following steps:
acquiring a first access network request and a connection state of a second network connection, wherein the first access network request comprises a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and establishing a first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
2. The method of claim 1, wherein the establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection status of the second network connection comprises:
if the connection state of the second network connection is not connected, establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request;
and if the connection state of the second network connection is connected, establishing the first network connection according to the first access point type parameter.
3. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is an ims type and the first access point type parameter is null, analyzing the first access point type parameter to obtain a first access point type, wherein the first access point type is a non-null type;
establishing a non-null type of network connection as the first network connection.
4. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is an ims type and the first access point type parameter is non-empty, analyzing the first access point type parameter to obtain a third access point type, wherein the third access point type is consistent with the first access point type parameter;
establishing a network connection of a third access point type as the first network connection.
5. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request comprises:
if the second access point type is a non-ims type, analyzing the first access point type parameter to obtain a fourth access point type, wherein the fourth access point type is consistent with the first access point type parameter;
establishing a network connection of a fourth access point type as the first network connection.
6. The method of claim 2, wherein the establishing the first network connection according to the first access point type parameter comprises:
analyzing the first access point type parameter to obtain a fifth access point type, wherein the fifth access point type is consistent with the first access point type parameter;
establishing a network connection of a fifth access point type as the first network connection.
7. A vulnerability prevention and control apparatus, the apparatus comprising:
an obtaining module, configured to obtain a first access network request and a connection status of a second network connection, where the first access network request includes a first access point type parameter, and the second network connection is a network connection corresponding to the second access network request;
and the establishing module is used for establishing the first network connection corresponding to the first access network request according to the first access point type parameter and the connection state of the second network connection.
8. The apparatus of claim 7, wherein the establishing module comprises:
a first establishing unit, configured to establish the first network connection according to the first access point type parameter and a second access point type corresponding to a second access network request if a connection status of the second network connection is unconnected;
and a second establishing unit, configured to establish the first network connection according to the first access point type parameter if the connection status of the second network connection is connected.
9. A mobile terminal comprising a memory and a controller, the memory storing a computer program, wherein the controller implements the steps of the vulnerability prevention and control method according to any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a controller, implements the steps of the vulnerability prevention and control method according to any of claims 1 to 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010560880.3A CN111757326B (en) | 2020-06-18 | 2020-06-18 | Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010560880.3A CN111757326B (en) | 2020-06-18 | 2020-06-18 | Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111757326A true CN111757326A (en) | 2020-10-09 |
CN111757326B CN111757326B (en) | 2023-10-13 |
Family
ID=72676345
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010560880.3A Active CN111757326B (en) | 2020-06-18 | 2020-06-18 | Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111757326B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090182871A1 (en) * | 2008-01-14 | 2009-07-16 | Qualmcomm Incorporated | Backup paging for wireless communication |
CN103299684A (en) * | 2011-01-13 | 2013-09-11 | 瑞典爱立信有限公司 | Roaming control for IMS APN |
CN106817193A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | The method and access point of a kind of access point communication |
CN110933770A (en) * | 2019-11-27 | 2020-03-27 | 惠州Tcl移动通信有限公司 | Connection request sending method and device, storage medium and electronic equipment |
CN111225451A (en) * | 2018-11-26 | 2020-06-02 | 中国电信股份有限公司 | Halt processing method, system, MME and computer readable storage medium |
-
2020
- 2020-06-18 CN CN202010560880.3A patent/CN111757326B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090182871A1 (en) * | 2008-01-14 | 2009-07-16 | Qualmcomm Incorporated | Backup paging for wireless communication |
CN103299684A (en) * | 2011-01-13 | 2013-09-11 | 瑞典爱立信有限公司 | Roaming control for IMS APN |
CN106817193A (en) * | 2015-11-30 | 2017-06-09 | 华为技术有限公司 | The method and access point of a kind of access point communication |
CN111225451A (en) * | 2018-11-26 | 2020-06-02 | 中国电信股份有限公司 | Halt processing method, system, MME and computer readable storage medium |
CN110933770A (en) * | 2019-11-27 | 2020-03-27 | 惠州Tcl移动通信有限公司 | Connection request sending method and device, storage medium and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN111757326B (en) | 2023-10-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109842617B (en) | Advertisement blocking method and device and storage medium | |
CN108521644B (en) | Network access method, equipment and system | |
CN107979835B (en) | eSIM card and management method thereof | |
US9615244B2 (en) | Method for accessing a service and a corresponding device | |
CN108282521B (en) | BIP protocol data transmission method and device, computer equipment and storage medium | |
US20150119017A1 (en) | Method and system for implementing smart card remote operation based on smart card web server | |
US10901716B2 (en) | Implicit file creation in APDU scripts | |
CN108616979B (en) | Dual-card network system control method and device, computer equipment and storage medium | |
CN105635084A (en) | Apparatus and method for authenticating terminal | |
US11895611B2 (en) | Sim card registration method and apparatus, computer device, and storage medium | |
CN109842877B (en) | Method for realizing IMSI changing function in SIM card | |
CN105637940B (en) | The method of wireless telecom equipment and initiation and the session of radio network node | |
KR102045662B1 (en) | System and method for managing logical channels for accessing several virtual profiles within a secure element | |
US20220159103A1 (en) | Method, device, system, and storage medium for establishing local communication link | |
WO2018095079A1 (en) | Method and apparatus for switching voice service, mobile terminal and computer storage medium | |
CN109831521B (en) | Cache instance management method and device, computer equipment and storage medium | |
US10412585B2 (en) | User identity authentication method and device | |
CN112702739A (en) | Wireless network sharing method, device, readable storage medium and mobile terminal | |
US8898302B2 (en) | Method and system for prevention of applications from initiating data connection establishment | |
CN111757326A (en) | Vulnerability prevention and control method and device, mobile terminal and computer readable storage medium | |
US20220255938A1 (en) | Method and system for processing network resource access requests, and computer device | |
KR100608826B1 (en) | Data access method for mobile communication device | |
CN112153109B (en) | Method, device, computer equipment and storage medium for establishing communication connection | |
CN112995399B (en) | Refused short message sending method and device, computer equipment and storage medium | |
CN113301289B (en) | Communication processing method, communication processing device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |