CN115348578B

CN115348578B - Method and device for tracking contacter

Info

Publication number: CN115348578B
Application number: CN202211252742.4A
Authority: CN
Inventors: 郝向宇; 柳耀勇; 习熹; 肖青; 孙东昱
Original assignee: XINSHENG TECHNOLOGY CO LTD
Current assignee: XINSHENG TECHNOLOGY CO LTD
Priority date: 2022-10-13
Filing date: 2022-10-13
Publication date: 2023-03-24
Anticipated expiration: 2042-10-13
Also published as: CN115348578A

Abstract

The invention provides a method and a device for tracking a contacter, wherein the method applied to a second terminal comprises the following steps: receiving first message information; the first message information includes: an encrypted target seed pair; decrypting the encrypted target seed pair, and generating a contact person tracking identity of the first user according to the decrypted target seed pair; comparing the generated contact person tracking identity with a locally stored contact person tracking identity; and if at least one contactor tracking identification which is the same as the locally stored contactor tracking identification exists in the generated contactor tracking identifications, determining that the second user is the contactor of the first user. Therefore, compared with the situation that the data calculation is centralized on a unified central server, the data calculation and comparison are carried out by the second terminal body, the method is safe and reliable, and the data safety and the privacy of the user are further guaranteed by the decentralized tracking thought.

Description

Method and device for tracking contacter

Technical Field

The embodiment of the invention relates to the technical field of Internet of things, in particular to a method and a device for tracking a contacter.

Background

Contacter tracking is the process of identifying, evaluating and managing persons who have been exposed to contagious patients. According to the existing contacter tracking scheme, nearby Bluetooth devices are searched through a terminal, the searched Bluetooth device information, the current time and the terminal positioning information are stored, when a terminal user is diagnosed as an infectious disease patient, the terminal uploads the stored Bluetooth device record to a personnel contact information database, and a worker of a disease control center searches and tracks a close contacter according to the Bluetooth device information discovered by the terminal of the patient who is diagnosed in the personnel contact information database.

According to the scheme, the closely contacted person is searched and tracked by the staff of the disease control center according to the Bluetooth equipment information once found by the confirmed patient terminal in the staff contact information database, the resource utilization rate and the network load are higher, and a centralized tracking mode is adopted in the scheme, so that the technical problems that the safety of data cannot be guaranteed and the privacy of a user is leaked are solved.

Disclosure of Invention

The embodiment of the invention provides a method and a device for tracing a contacter, and aims to solve the technical problems that the existing tracing scheme has higher requirements on resource utilization rate and network load, and the centralized tracing mode causes that the safety of data cannot be ensured and the privacy of a user is leaked.

In order to solve the technical problem, the invention is realized as follows:

in a first aspect, an embodiment of the present invention provides a method for tracking a contacter, where the method is applied in a first terminal, and the method includes:

acquiring a time interval to be tracked of a first user corresponding to the first terminal;

determining a corresponding target seed pair according to the time interval to be tracked; the first terminal prestores a one-to-one correspondence relationship between a time interval and a seed pair;

encrypting the target seed pair;

sending first message information to a contact tracking backend platform, wherein the first message information comprises: an encrypted target seed pair, the encrypted target seed pair for use in determining a contacter of the first user.

Preferably, before determining the corresponding target seed pair according to the time interval to be tracked, the method further includes:

when the current time is the starting endpoint of the first time interval, calling a random number generator to generate a first random number; determining the first random number as a seed value, and generating a seed pair corresponding to a first time interval;

when the current time is the starting endpoint of the ith time interval, performing hash calculation on the ith-1 random number to obtain the ith random number, determining the ith random number as a seed value, and generating a seed pair corresponding to the ith time interval;

wherein i is equal to 2, \8230; \ 8230;, N; n is a positive integer, the interval length of each time interval is the same, and the time of the ith time interval is later than the time of the (i-1) th time interval.

Preferably, the method further comprises:

generating m contact person tracking identity marks of the first user according to the seed pairs after generating the seed pairs in any time interval;

randomly selecting one contact person tracking identity mark from m contact person tracking identity marks at intervals of preset time;

sending the selected contact person tracking identity, the current time and the signal intensity to a terminal establishing a connection relation with the contact person tracking identity, the current time and the signal intensity;

wherein m is equal to the interval length/preset time interval of the time interval, and m represents the number of the generated contact person tracking identity marks in any time interval of the first user.

Preferably, at any time interval, after generating the seed pair, generating m contact person tracking identities of the first user according to the seed pair is implemented by the following formula:

CTID ₁ ||CTID ₂ ||…||CTID _n ＝SM4(HAMC(SP _t ,"contact tracing session key"))；

wherein, SM4 is a symmetric encryption algorithm; HAMC is calculated as HMAC-SHA 256; SP _t Is the seed value of the seed pair;

the contact routing session key is a process key; the process key is generated after a contact person tracking identity key pre-stored in the first terminal is dispersed through a dispersion factor;

CTID _n is the generatedTracking the identity of the nth contact person of the first user; n is equal to 1, \8230 \ 8230;, m and n are positive integers.

Preferably, the first message information further includes: before the first identity authentication information is sent to the first message information to the contacter tracking backend platform, the method further comprises:

and carrying out Hash Message Authentication Code (HMAC) calculation on the target seed pair to generate first identity authentication information.

Preferably, the first message information further includes:

encrypted location information of the first terminal.

In a second aspect, an embodiment of the present invention provides a method for tracking a contacter, where the method is applied to a backend platform for tracking a contacter, and the method includes:

receiving first message information sent by a first terminal; the first message information includes: an encrypted target seed pair;

sending the first message information to a second terminal; the encrypted target seed pair is used for indicating the second terminal to determine whether a second user corresponding to the second terminal is a contacter of the first user;

and the first user is a user corresponding to the first terminal.

Preferably, after receiving the first message information sent by the first terminal, the method further includes:

and decrypting and storing the encrypted target seed pair.

Preferably, the first message information further includes: the first identity authentication information, after decrypting the encrypted target seed pair, the method further comprises:

performing Hash Message Authentication Code (HMAC) calculation on the decrypted target seed pair to generate second identity authentication information;

comparing the second identity authentication information with the first identity authentication information;

if the first terminal is consistent with the second terminal, determining that the first terminal is a legal terminal;

and if the first message information is inconsistent with the second message information, discarding the first message information.

Preferably, the first message information further includes:

encrypted location information of the first terminal;

decrypting and storing the encrypted target seed pair comprises:

decrypting the encrypted position information and the encrypted target seed pair;

and storing the decrypted target seed pair and the decrypted position information in an associated manner so as to store the information of the first terminal.

Preferably, the receiving the first message information sent by the first terminal includes:

receiving the first message information sent by the first terminal through a BIP channel;

sending the first message information to a second terminal includes:

and sending the first message information to a second terminal through a BIP channel.

In a third aspect, an embodiment of the present invention provides a method for tracking a contacter, where the method is applied to a second terminal, and the method includes:

receiving first message information sent by a contact person tracking back-end platform; the first message information includes: an encrypted target seed pair;

decrypting the encrypted target seed pair, and generating a contact person tracking identity of the first user according to the decrypted target seed pair;

comparing the generated contact person tracking identity of the first user with a locally stored contact person tracking identity;

if at least one contactor tracking identity identical to the locally stored contactor tracking identity exists in the generated contactor tracking identity of the first user, determining that the second user corresponding to the second terminal is the contactor of the first user.

performing Hash Message Authentication Code (HMAC) calculation on the decrypted target seed pair to generate third identity authentication information;

comparing the third identity authentication information with the first identity authentication information;

if the first message information is consistent with the second message information, determining that the first message information is legal;

In a fourth aspect, an embodiment of the present invention provides an apparatus for tracking a contacter, where the apparatus is applied to a first terminal, and the apparatus includes:

the acquisition module is used for acquiring a time interval to be tracked of a first user corresponding to the first terminal;

the first determining module is used for determining a corresponding target seed pair according to the time interval to be tracked; the first terminal prestores a one-to-one correspondence relationship between a time interval and a seed pair;

the encryption module is used for encrypting the target seed pair;

a first sending module, configured to send first message information to a contacter tracking backend platform, where the first message information includes: an encrypted target seed pair, the encrypted target seed pair for use in determining a contacter of the first user.

In a fifth aspect, an embodiment of the present invention provides a contact tracking apparatus, which is applied to a contact tracking backend platform, and includes:

the first receiving module is used for receiving first message information sent by a first terminal; the first message information includes: an encrypted target seed pair;

the second sending module is used for sending the first message information to a second terminal; the encrypted target seed pair is used for indicating the second terminal to determine whether a second user corresponding to the second terminal is a contacter of the first user;

and the first user is a user corresponding to the first terminal.

In a sixth aspect, an embodiment of the present invention provides an apparatus for tracking a contacter, where the apparatus is applied to a second terminal, and the apparatus includes:

the second receiving module is used for receiving first message information sent by the contact person tracking back-end platform; the first message information includes: an encrypted target seed pair;

the generating module is used for decrypting the encrypted target seed pair and generating a contact person tracking identity of the first user according to the decrypted target seed pair;

the comparison module is used for comparing the generated contact person tracking identity of the first user with a locally stored contact person tracking identity;

a second determining module, configured to determine that a second user corresponding to the second terminal is a contacter of the first user if at least one contacter tracking identity that is the same as the locally stored contacter tracking identity exists in the generated contacter tracking identity of the first user.

In a seventh aspect, an embodiment of the present invention provides a network device, including: a processor, a memory and a program stored on the memory and executable on the processor, the program, when executed by the processor, implementing the steps of the contacter tracking method according to the first aspect; or the program when executed by the processor implements the steps of the contacter tracking method as described in the second aspect; alternatively, the program realizes the steps of the contacter tracking method according to the third aspect when executed by the processor.

In an eighth aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, the computer program, when being executed by a processor, implementing the steps of the contacter tracking method according to the first aspect; alternatively, the computer program when executed by a processor implements the steps of the contacter tracking method as described in the second aspect; alternatively, the program realizes the steps of the contacter tracking method according to the third aspect when executed by the processor.

In this embodiment of the present invention, a first terminal sends first message information to a contacter tracking backend platform, where the first message information includes: an encrypted target seed pair, the encrypted target seed pair for determining the contacter of the first user. Therefore, the security of the data can be further ensured by encrypting the target seed pair, the seed pair is encrypted and uploaded locally at the first terminal, the contacter of the first user is determined by the encrypted seed pair, and compared with the situation that the calculation of the data is concentrated on a certain unified central server, the decentralized tracking mode and the encryption of the target seed pair can further avoid the leakage of the data, and the privacy of the user is ensured.

Drawings

Various additional advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:

FIG. 1 is a block diagram of a system for tracking a contact person according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of information interaction between platforms in a contact tracking system according to an embodiment of the present invention;

FIG. 3 is a flowchart of a method for tracking a contact according to an embodiment of the present invention;

FIG. 4 is a flowchart of a method for tracking a contact according to an embodiment of the present invention;

FIG. 5 is a flowchart of a method for tracking a contact according to an embodiment of the present invention;

fig. 6 is a schematic diagram of information exchange between terminals according to an embodiment of the present invention;

FIG. 7 is a flowchart of a method for tracking a contact according to an embodiment of the present invention;

FIG. 8 is a flowchart of a method for tracking a contact according to an embodiment of the present invention;

FIG. 9 is a block diagram of a contact tracking device according to an embodiment of the present invention;

FIG. 10 is a block diagram of a contact tracking device according to an embodiment of the present invention;

FIG. 11 is a block diagram of a contact tracking device according to an embodiment of the present invention;

fig. 12 is a block diagram of a network device according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

To make the technical solutions of the present application clearer, the proper terms and prior art related to the solutions are briefly introduced.

SIM card

A SIM (Subscriber Identity Module) card is an IC card held by a mobile Subscriber of the GSM system, also called a Subscriber Identity card. In the GSM digital mobile phone system, the SIM card plays an extremely important role, which is both an important component of the mobile phone and an identity card provided for each GSM mobile phone user, so that the SIM card realizes the idea of recognizing people without recognition.

The SIM card mainly performs two functions: storing data (controlling access to various data) and completing the whole process of customer identity authentication and customer information encryption algorithm under the safety condition (the personal identity number PIN and the authentication key Ki are correct). This function is mainly performed by a microprocessor with an operating system in the SIM card. The chip of the SIM card has eight contacts and is interconnected with the mobile station device after the SIM card is inserted into the device and powered on. At this point, the operating system and instruction set may provide smart features for the SIM.

The logical structure of the smart nature of the SIM card is a tree structure. All the characteristic parameter information is expressed by means of data fields. Namely, under the root directory, there are three application directories, one belonging to the administrative department and two belonging to the technical management, which are the GSM application directory and the telecommunications application directory, respectively. All directories have data fields, binary and formatted data fields. The information in the data fields is persistent, i.e. not updatable, and temporary, i.e. needs to be updated. Each data field may express its purpose, degree of update, field characteristics (such as identifier), type (binary or formatted), etc. Besides storing normal data fields, the SIM card also stores non-file fields such as authentication key, personal identification number, personal unlock code, etc.

AT instruction

The AT command is a command applied to connection and communication between the terminal device and the PC application. AT is Attention. Each AT command line can only contain one AT command, and for the transmission of AT commands, the length of 1056 characters (including the last null character) can be received AT most, except for two AT characters.

The AT command set is transmitted from a Terminal Equipment (TE) or a Data Terminal Equipment (DTE) to a Terminal Adapter (TA) or a Data Circuit Terminal Equipment (DCTE). It defines the size of the transmitted data packet: i.e., for the transmission of AT commands, a length of 1056 characters (including the last null character) can be received AT most, in addition to two characters for AT.

Each AT command line can only contain one AT command, and for URC indication or response actively reported to the PC by the terminal device, AT most one line is required, and multiple indications or responses in the reported line are not allowed. The AT command ends with a carriage return, and the response or report ends with a carriage return and a line feed.

3. Security chip

The safety chip is a trusted platform module, is a device capable of independently generating a secret key and encrypting and decrypting, is internally provided with an independent processor and a storage unit, can store the secret key and characteristic data, and provides encryption and safety authentication services for a computer. The encryption is carried out by using the security chip, the key is stored in hardware, and stolen data cannot be decrypted, so that the business privacy and the data security are protected.

SE-SIM card

The SE function (safety function) is added on the basis of the traditional SIM card telecommunication capability, and the functions are combined into one. The packaging shape is highly consistent with that of the traditional SIM card, and can be in a plugging or pasting mode. Besides providing 7816 interfaces required by traditional SIM cards, SPI and IIC interfaces are also provided in a customized manner, which makes the applicable scenarios more extensive. The system can be combined with a security platform to provide a series of security capability extensions for customers, such as: safe storage, safe starting, safe upgrading, secret key management, safe communication service, universal password operation service and the like.

5.BIP

The BIP (Bearer Independent protocol) technology is based on the original passive operation mode of the SIM card, and adds new active operation capability of the SIM card, i.e. allows the application and service in the SIM card to actively perform interactive operation with the mobile phone terminal. An asymmetric master-slave relationship exists between a traditional mobile phone and an SIM card, namely the SIM card can only passively receive and execute an instruction of the mobile phone, and the mobile phone is in an absolute active control position. Any action can only be initiated by the handset and responded to by the SIM card. The biggest defect of the command-response action mode is that the SIM card does not have initiative, thereby limiting the development on the SIM card and restricting the development of new mobile value-added services.

A brand-new BIP (Bearer Independent Protocol) Protocol interface is introduced into the USIM card, the BIP Protocol is combined with USAT application, and the mobile phone terminal allows transparent data transmission between the USIM card and a remote server. The BIP protocol is more beneficial to realizing the transmission of high-speed mobile data service, so that the downloading of various service data becomes easier and faster. In existing 2G networks. The SIM card also has a dynamic service download/delete function, but all downloads are performed through an SMS channel, so that the data carrying capacity is small, the stability is poor, and a large application service cannot be downloaded. And the service data of the 3G USIM card can be downloaded through an SMS channel (2G-compatible) or a BIP channel. The BIP is introduced, so that the transmission efficiency and stability are greatly improved, and the application service downloading with large data volume can be carried out.

6. Symmetric encryption

Symmetric encryption algorithms are well-established techniques that apply older encryption algorithms. In the symmetric encryption algorithm, a data sender processes a plaintext (original data) and an encryption key together through a special encryption algorithm, and then the plaintext and the encryption key are changed into a complex encryption ciphertext to be sent out. After the receiver receives the ciphertext, if the receiver wants to decode the original text, the receiver needs to decrypt the ciphertext by using the key used for encryption and the inverse algorithm of the same algorithm so as to recover the ciphertext into readable plaintext. In the symmetric encryption algorithm, only one key is used, and both the sender and the receiver use the key to encrypt and decrypt data, so that the encryption key must be known by a secret party in advance.

7. Digital signature verification label

The whole process of digital signature is divided into two parts, namely signature and verification. The sender obtains a digital abstract from the original text by using a Hash algorithm, encrypts the digital abstract by using a signature private key to obtain a digital signature, and sends the original text and the digital signature to the receiver; the receiver verifies the signature, namely the digital signature is decrypted by using the public key of the sender to obtain the digital abstract. And the receiver obtains a new digital abstract again from the original text by adopting the same hash algorithm, compares the two digital abstracts, and if the two digital abstracts are matched, the electronic file with the digital signature is successfully transmitted.

8.HMAC

Computing HMAC requires a hash function hash (which may be md5 or sha-1) and a key. The hash function output string length is denoted by L (md 5 is 16), and the block length is denoted by B (the split block lengths of md5 and sha-1 are both 64). The key may have a length less than or equal to the data block length B, and if the key is greater than the data block length B, the key may be converted using a hash function, resulting in an L-long key.

According to RFC 2316 (Report of the IAB, april 1998), HMAC (Hashed Message Authentication Code) and IPSec are considered as key core protocols for Interact security. It is not a hash function, but rather employs a message authentication mechanism that uses an MD5 or SHA1 hash function with a shared secret key (as opposed to a public/private key pair). Basically, the message is combined with the key and a hash function is run. The result is then run in combination with the key and the hash function is run again. This 128-bit result is truncated into 96 bits, which becomes the MAC.

9. Bluetooth BLE

BLE (Bluetooth Low Energy) Bluetooth Low Energy technology is a short-range, low-cost, interoperable wireless technology that utilizes many intelligent means to minimize power consumption.

The operating mode of BLE technology is well suited for transferring data from micro wireless sensors (exchanging data every half second) or other peripherals such as remote controls using fully asynchronous communication. These devices transmit very small amounts of data (typically a few bytes) and also transmit very small numbers of times (e.g., a few times per second to once per minute, or even less).

10. Key dispersion, dispersion factor

In order to prevent the whole system from collapsing after the main key is cracked, the main key needs to be dispersed into a plurality of sub keys through a key dispersion algorithm. The dispersion factor is used as an output to participate in the key dispersion operation.

In order to solve the technical problems that the existing tracking scheme has high requirements on resource utilization rate and network load, and a centralized tracking mode causes that the safety of data cannot be guaranteed and the privacy of a user is leaked, an embodiment of the present invention provides a contacter tracking system, an architecture diagram of the system is shown in fig. 1, and the system includes: the system comprises a contact person tracking back-end platform, a security service platform, a BIP platform, a user intelligent terminal and an SE-SIM card. It should be noted that the platform illustrated in the drawings is not a physical structure, and the platform may be understood as a system environment in which software is executed.

The application service of the contact person tracking back-end platform is as follows: data recording, trend statistics, seed issuing peer-to-peer, and the bottom layer capability of the method is data acquisition, address judgment and validity judgment. The contact person tracking platform can perform data interaction with the BIP platform and the safety service platform, the BIP platform is used for performing information matching and data reporting, and the safety service platform comprises a data module, an identification module, a safety module and a terminal access module. The SE-SIM card may store a seed pair in the contact tracking application, encrypt or decrypt the seed pair and perform data traffic through a key algorithm, may also verify the contact tracking identity and securely store it (verification ID and secure storage in fig. 1), and the SE-SIM card and the BIP platform perform data transmission through the BIP channel. The SE-SIM card can be integrated and arranged on the intelligent terminal, the exchange of the contact person tracking identity (the identity ID exchange in the attached figure 1) can be carried out between the intelligent terminal and the intelligent terminal through Bluetooth, the intelligent terminal can carry out data interaction with the security platform, and the contact person tracking identity is generated through a secret key distributed by the security platform and a corresponding algorithm.

The platform shown in figure 1 is described in detail below.

The security service platform realizes one-cipher/one-cipher one-time, can perform bidirectional authentication, and realizes identity authentication and data encryption communication by calling the capability of the security platform in each sensitive operation flow. The security service platform supports national commercial cryptographic algorithms SM2, SM3 and SM4, and ensures that a contacter tracks credible analysis of related data so as to achieve the purposes of counterfeiting prevention, tampering prevention, replay prevention, eavesdropping prevention and the like. Meanwhile, the security service platform defines a strict data access authority mechanism and template management, realizes the atomic-level data reading and writing control, and avoids the risk of data leakage. Based on the basic capabilities of the existing secret key distribution, encryption and decryption, signature verification and the like, the secret key is embedded into the service flow, and the safety and the reliability of the service flow and the data are guaranteed.

The BIP platform can assist in uploading tracking identification ID and related information uploaded by the SIM card to the contactor tracking back-end platform, checks the matching relation between the positioning information and the identification ID information by calling the LBS positioning function of the SIM card, and uploads data to the contactor tracking back-end platform through an interface. And the mobile data network can be utilized, the data service of the SIM card is combined, the air BIP connection capability is provided, the SIM card service access is realized, and a safety channel for data transmission between the BIP platform and the SIM card is provided through the BIP channel.

The contacter tracking back-end platform is responsible for acquiring terminal reported data, judging position information, judging legality and other bottom layer capabilities, and specific data applications are made through an upper application module, for example, application processes of terminal data storage, statistical trend, issuing data submitted by a confirmer (such as a confirmed patient in an epidemic situation) and the like.

The intelligent terminal can be a mobile phone or a portable intelligent terminal of the Internet of things with a tracking function.

The SE-SIM card is a SE-SIM card unit which is used for realizing the tracer tracking service at the terminal and bears the application of the tracer identification by butting a BIP platform through the SE-SIM card. The SE-SIM card has the following functions: the contacter generates an identification store: and providing storage service for generating identification seed pairs for the contacts for the industrial Internet terminal by relying on the security characteristics of the SIM card and hardware resources. The SIM card is a special application of a security chip, generally requires to have the protection capability of hardware attack, the security level can reach EAL4+, the uniqueness of an identifier stored in the SIM card can be effectively guaranteed, and the SIM card has a signature verification function and prevents malicious tampering. Key management for the contacter tracking service: based on the high-security hardware environment of the SIM card, a high-security key storage and password operation environment can be provided, the stored key is not easy to be attacked and issued by hardware, and the leakage is not easy to occur in the operation process. The security environment depending on the key can provide corresponding key service for the contact person generation identifier stored in the SIM card, the transmission channel security and credibility are realized by adopting the identifier service based on the password service, the confidentiality and the legality of the identifier service are guaranteed, the key service can support but is not limited to international or national cryptographic algorithm, symmetric or asymmetric key, PKI certificate service and the like, and the specifically used key service can be selected by negotiation on a security service platform. The contact person generation identification service based on the BIP protocol comprises the following steps: the BIP protocol-based data communication service can be realized by depending on the active command function of the SIM, the SIM can send an active command request to establish a basic network communication service with the platform, and meanwhile, the safe and credible identification service is realized based on the internal identification storage service and the key service. Therefore, part of functions of the identification service are transferred from the intelligent terminal to the SIM card, and the docking cost of the control terminal is simplified. The control terminal only needs to trigger the command request, and the SIM card realizes the data communication flow, the data message analysis and the creation of the target link of the whole identification service. Contact identification generation service: based on portability of intelligent terminals, applications adapted to the intelligent terminals use Bluetooth Low Energy (BLE), that is, applications loaded by the device create a random temporary Tracing Identity (ID) identifier at intervals of a period (for example, every few minutes) within a specific time period, broadcast based on the Bluetooth Low Energy, and collect identifiers sent by other intelligent terminals nearby.

In fig. 1, each smart terminal needs to be connected to a cellular network, equipped with a SIM card, and have a Bluetooth Low Energy (BLE) capability, and the SIM card is used as a carrier to participate in a process of completing the tracking of a contacter through a BIP protocol. Therefore, the problem of low safety caused by a mode that a traditional terminal utilizes a baseband module to carry out data interaction with a platform through a TCP \ UDP protocol can be solved, and safety guarantee is provided for a contact person tracking service by combining the safety characteristic of the SE-SIM card. And the safety service platform, the BIP platform and the functional module equipped by the contact person tracking back-end platform can provide guarantee for the smooth execution of the contact person tracking service. And the storage and matching of the data, the generation, matching and verification of the contact person tracking identity are all completed on the local terminal instead of the unified central server, and the security of the user data can be further ensured by a decentralized tracking mode.

Fig. 2 shows a schematic interaction flow diagram of the terminal and the contact tracking backend platform, and based on the schematic architecture diagram of the contact tracking system in fig. 1 and the schematic interaction flow diagram shown in fig. 2, a brief introduction is now made to a flow of the technical solution of the present application: and the first terminal generates a plurality of different temporary tracing IDs according to the seed pairs (time and random number) and a preset period, and randomly selects one temporary tracing ID for broadcasting at a time in a Bluetooth mode according to the preset period. When other terminals are in the communication range of the first terminal, the other intelligent terminals exchange the temporary tracing ID, the current time and the signal strength information with the first terminal and store the temporary tracing ID, the current time and the signal strength information to corresponding storage spaces. When the user corresponding to the first terminal is confirmed to be a target user (such as an infectious disease patient), after the user is authorized, the first terminal sends the seed pair required when the temporary tracing ID is generated to the SE-SIM, and the SE-SIM carries out safe storage on the seed pair. The SE-SIM encrypts the seed pair to generate an encrypted seed pair and identity verification information, the encrypted seed pair or the encrypted seed pair and the identity verification information are uploaded to the BIP platform through the BIP channel, and relevant information is uniformly and transparently transmitted to the contact person tracking back-end platform through the BIP platform. After the contact person tracking back-end platform receives the message, the security platform capability is called to decrypt the message, and the infectious disease patient information is recorded. Preferably, the identity information can be verified, after the identity information is verified, the first terminal is determined to be a legal terminal, and if the identity information is not verified, the message information is discarded, so that the accuracy and the safety of message transmission can be further improved. The contactor tracking back-end platform also needs to encrypt the seed pair issued by the first terminal and perform identity authentication calculation, and the encrypted seed pair and the identity authentication information are issued to the SE-SIM of the second terminal through the BIP platform. The SE-SIM of the second terminal decrypts the message to obtain a seed pair of the first terminal, generates a temporary tracing ID of the first terminal according to the seed pair of the first terminal, determines whether a user of the second terminal is a contacter or not by matching the temporary tracing ID of the first terminal with the temporary tracing ID stored locally, determines that the user corresponding to the second terminal is the contacter if the matching is successful, and indicates that the user corresponding to the second terminal is not in contact with the user corresponding to the first terminal if the matching is failed. Generally, based on the contact person tracking platform shown in fig. 1, the application provides a decentralized contact person tracking method, wherein an SE-SIM card, a security service platform and a BIP platform are matched with each other, so that the security of sent information can be further improved, the SE-SIM card is used for uploading, issuing and processing data, the data cannot be forged, the security and credibility of the data can be guaranteed, the BIP platform can guarantee that the data cannot be tampered, a first terminal randomly selects a temporary tracing ID for broadcasting through a bluetooth mode, the randomness of the broadcasted temporary tracing ID also further guarantees the security of the information, the data is stored and matched, the generation, matching and verification of a contact person tracking identity are completed on a local terminal instead of a unified central server, and distributed computing can further guarantee the privacy security of a user.

It should be noted that, a typical application scenario of the above technical solution is the confirmation of the close contact person in the new crown epidemic situation, the above technical solution can assist the health department to confirm the close contact person of the positive patient, and the technical solution can be established on the basis of the user authorization and is restricted according to the relevant laws and regulations.

The above-mentioned technical solution of the present application is introduced from the perspective of the contacter tracking system as a whole, and the data interaction among the first terminal, the contacter tracking backend platform, and the second terminal. The following describes the technical solution of the present application mainly with the first terminal, the contact tracking backend platform, and the second terminal, respectively.

As shown in fig. 3, the present application provides a method for tracking a contacter, which is applied to a first terminal, and the method includes:

step S301, acquiring a time interval to be tracked of a first user corresponding to a first terminal;

step S302, determining a corresponding target seed pair according to a time interval to be tracked;

step S303, encrypting the target seed pair;

step S304, sending first message information to a contact person tracking back-end platform, wherein the first message information comprises: the encrypted target seed pair is used to determine the contacter of the first user.

Therefore, the security of the data can be further ensured by encrypting the target seed pair, the seed pair is encrypted and uploaded locally at the first terminal, and compared with the situation that the calculation of the data is centralized on a certain unified central server, the data can be further prevented from being leaked, and the privacy of a user is guaranteed.

In step S301, the first terminal is a target terminal, and in a specific application scenario, when the first user corresponding to the first terminal is a diagnosed patient, the first terminal is required to be taken as a reference to search for a contacter of the first user. Preferably, after the first user authorizes, the time interval to be tracked of the first user corresponding to the first terminal may be acquired, for example: according to the official information, the first user can be confirmed to diagnose in 8 months and 15 days, and according to the infection intensity and the infection time of a certain infectious disease, the five days of 8 months and 13 days, 14 days, 15 days, 16 days and 17 days are determined as the time interval to be tracked of the first user.

In step S302, a corresponding target seed pair may be determined according to the time interval to be tracked; the first terminal prestores a one-to-one correspondence relationship between the time interval and the seed pair. After the time interval to be tracked is determined, the corresponding seed pair needs to be matched in the storage space of the first terminal.

In a possible implementation manner, as shown in fig. 4, before determining the corresponding target seed pair according to the time interval to be tracked, the method further includes:

step S401, when the current time is the starting endpoint of the first time interval, calling a random number generator to generate a first random number; determining the first random number as a seed value, and generating a seed pair corresponding to a first time interval;

step S402, when the current time is the starting endpoint of the ith time interval, performing hash calculation on the ith-1 random number to obtain the ith random number, determining the ith random number as a seed value, and generating a seed pair corresponding to the ith time interval;

In steps S401 and S402, the first terminal initializes a seed pair generation program, generates a current date and time t, and invokes a random number generator of the SE-SIM card to generate an initial random number SPt according to t. SP pair using HASH algorithm _t Performing a hash countAnd (4) calculating and determining a digest value, wherein the algorithm is generally SHA-256. If the SP has been generated before that _t Then the random number SP of the above time interval _t-1 Performing hash calculation for the base, namely: SP _t ＝H(SP _t-1 ). The SPt is stored in the corresponding storage space safely, and the amount of storage can be modified according to the specification (usually 14 days). In a specific application example, the time interval is one day, i.e. 24 hours, and assuming that the current time interval is 6 month 1, the random number generator is called to generate the first random number SP at the zero point of 6 month 1 _6.1 (ii) a And determines the first random number as a seed value SP _6.1 Generating a seed pair corresponding to No. 1 in 6 months; (SP) _6.1 6.1), at the zero point of the current time of No. 2 of 6 months, for SP _6.1 Performing Hash calculation to obtain SP _6.2 And combining SP _6.2 Determining as seed value, and generating Seed Pair (SP) corresponding to No. 2 of 6 months _6.2 ，6.2)。

Therefore, at the beginning end point of each time interval, the random number generator can be called to generate all the seed pairs in the time interval, the randomness of the seed pairs ensures the safety of subsequent data transmission, and if the data is illegally acquired, the randomness can ensure that the data is not illegally decoded to the greatest extent.

After generating the seed pairs, in one possible implementation, as shown in fig. 5, the method further includes:

step S501, after generating seed pairs in any time interval, generating m contact person tracking identity marks of a first user according to the seed pairs;

step S502, randomly selecting one contact person tracking identification from m contact person tracking identification at preset time intervals;

step S503, the selected contact person tracking identity, the current time and the signal intensity are sent to a terminal establishing a connection relation with the contact person tracking identity;

It should be noted that, generating m contact person tracking identities (CTID n) of the first user according to the seed is implemented by the following formula:

CTID ₁ ||CTID ₂ ||…||CTID _n ＝SM4(HAMC(SP _t ,"contact tracing session key"))； (1)

wherein SM4 is a symmetric encryption algorithm; HAMC is calculated as HMAC-SHA 256; SP _t Is the seed value of the seed pair;

the contact routing session key is a process key; the process key is a key generated after a seed pre-stored in the first terminal is scattered to the key by a scattering factor,

CTID _n tracking an identity for the generated nth contacter of the first user; n is equal to 1, \ 8230 \ 8230:, and m and n are positive integers.

In step S501, a security algorithm interface of the SE-SIM may be called to perform HMAC-SHA256 calculation on the seed value SPt in the seed pair, and the calculation result is further encrypted by using a cryptographic symmetric encryption algorithm SM4 to generate data of n × 16 bytes. In the above formula (1), the SM4 and the process key contact transmitting session key used in the HAMC calculation are generated by distributing a contact tracking identification key (CTID key) by a specific dispersion factor through a contact tracking ID key preset in the SE-SIM chip. The dispersion factors can be generated by means of a counter, a pseudo random number and the like, and this way can ensure that the used keys are the same in one calculation process, the keys generated by the security platform in the same way are used for decryption when decrypting, but the keys used for each calculation are different (for example, when encrypting the target seed pair in the first time interval and encrypting the target seed pair in the second time interval, the used keys are different, but after encrypting the target seed pair in the first time interval, the used keys are the same in subsequent decryption and the like), thereby further ensuring that the original key cannot be leaked, and further enhancing the security. As can be seen from equation (1), the final result is m 16bytes (16 bytes) blocks, each of which has a CTID ₁ ...CTID _n I.e. as to be broadcast by bluetooth at every other time interval LCTID, the generating mode of CTID can guarantee the uniqueness of identity.

In step S502, a preset time interval is determined and recorded as L, where the preset time interval is a time interval at which the first terminal broadcasts the contact tracking id through bluetooth, and one contact tracking id is broadcasted every other preset time interval L. The number of the contact person tracking identifiers to be broadcasted, that is, the number of the contact person tracking identifiers to be generated in each time interval can be calculated through L. Assuming that the time interval is from zero to twenty-four points and the time interval period L is 15min, then

In 24 hours, every 15 minutes, one of 96 contact person tracking identity identifications is randomly selected to be broadcasted, and because the sequence of the CTID broadcasted by the first terminal is out of order, namely, the CTID is not broadcasted according to the generation sequence of the CTID, the unpredictability of the CTID is ensured, and even if a CTID is illegally received, the CTID cannot be restored ₁ ...CTID _n The data security is further guaranteed, and the privacy of the user is protected.

In step S503, the first terminal sends the selected tracking identifier, the current time and the signal strength of the contacter to the terminal that establishes the connection relationship with the first terminal. That is, when the other terminal is in the communication range of the first terminal, the two terminals establish a connection, as shown in fig. 6, and exchange the CTID of each other, the current time of broadcasting the CTID, and the signal strength through bluetooth, and store the three in respective storage spaces. The CTID broadcasting current moment can assist in determining the contact time and the contact distance of the first user and the second user, the signal strength is related to the contact distance, the closer the contact distance is, the higher the signal strength is, the farther the contact distance is, the lower the signal strength is, and the infection risk of a contact person can be assisted to be confirmed.

Both fig. 4 and fig. 5 are possible implementation manners before determining the corresponding target seed pair according to the time interval to be tracked in step S302, which is equivalent to a preamble preparation work in the contact person tracking process, and in the contact person tracking process, after step S302, step S303 is performed to encrypt the target seed pair.

Specifically, the first terminal sends the generated seed pair to the SE-SIM card through an interface channel (usually 7816, IIC and other interfaces) of the SE-SIM card, stores the seed pair in a file service space of the SIM card safely, calls a security capability interface of the SE-SIM card, disperses the key seed pair key by using a specific dispersion factor, generates a seed pair process key pair key, and encrypts the seed pair SM4 by using the process key. The dispersion factor may be generated by means of a counter, a random number, or the like, which can ensure that the used keys are the same in one calculation process, for example: the subsequent security platform generates a key for decryption in the same way when decrypting, but the key used in each calculation is different (for example, when encrypting the target seed pair in the first time interval and encrypting the target seed pair in the second time interval, the used keys are different, but the used keys are the same in the subsequent decryption and other processes after encrypting the target seed pair in the first time interval), so that the decryption difficulty can be further enhanced, the data is prevented from being illegally decrypted, and the security is enhanced.

In step S304, after encrypting the target seed pair, sending first message information to the contacter tracking backend platform, where the first message information includes: the encrypted target seed pair is used to determine the contacter of the first user.

The user may authorize uploading of the encrypted target seed pair to the contacter tracking backend platform. The encrypted seed introduces the process of how to determine the contact person of the first user in the subsequent technical scheme mainly based on the contact person tracking backend platform and the second terminal.

In a preferred implementation, the first message information further includes: encrypted location information of the first terminal. If the administrator has the requirement for acquiring the geographical location information of the first user, after the authorization of the first user, the first terminal can call the module LBS location information through the AT instruction, encrypt the location information and the target seed pair together, and send the encrypted location information to the contact person tracking back-end platform, so that the contact person tracking back-end platform can acquire and enter the geographical location information of the first user.

In a possible implementation manner, the first packet information further includes: first identity authentication information. Before sending the first message information to the contacter tracking backend platform, the method further comprises: and carrying out Hash Message Authentication Code (HMAC) calculation on the target seed pair to generate first identity authentication information. The first identity authentication information may be used to confirm whether the message information received by the contacter tracking backend platform is consistent with the message information sent by the first terminal to the contacter tracking backend platform, so as to avoid the message information from being changed or damaged in the transmission process, and further ensure the security of information transmission (how to determine the consistency of the message information through the first identity authentication information is specifically introduced in the scheme in which the contacter tracking backend platform is used as the execution main body).

In a possible implementation mode, the SE-SIM card uploads first message information to the BIP platform through the BIP channel, the BIP platform directly transmits data to the contact person tracking rear-end platform after receiving the message, the BIP channel is the unique capability of an operator, the SE-SIM card is guaranteed to be directly connected with the platform, the data are reported to the corresponding platform, credit endorsements are provided through the public trust of the operator and the safety capability of the SE-SIM card, the authenticity and the credibility of the data are guaranteed, and the possibility that the user uploads the data can be changed by modifying a module program can be prevented.

In the technical solution taking the first terminal as the execution subject, the preamble preparation work before the contact person tracking procedure is mainly introduced, for example: how to generate the seed pairs, how to generate the contact person tracking identity according to the seed pairs, how to establish the one-to-one correspondence relationship between the time intervals and the seed pairs, how to encrypt the seed pairs by the first terminal, and sending the seed pairs to the contact person tracking back-end platform. In addition to the above technical effects, the following effects are provided: the SE-SIM card is used as a carrier to store and authenticate the seed pair, and the capacities of encryption, authentication information calculation and the like are provided in subsequent services, so that the reliability of data can be guaranteed, and the data can be prevented from being tampered. By means of the safe storage, the key management and the password operation functions of the SE-SIM card and the key management and the password calculation functions of the safe service platform, the safety of data can be further guaranteed, and the data is prevented from being stolen and counterfeited.

As shown in fig. 7, the present application provides a method for tracking a contact, which is applied to a backend platform for tracking a contact, and the method includes:

step S701, receiving first message information sent by a first terminal; the first message information includes: an encrypted target seed pair;

step S702, sending first message information to a second terminal; the encrypted target seed pair is used for indicating the second terminal to determine whether a second user corresponding to the second terminal is a contact person of the first user;

the first user is a user corresponding to the first terminal.

In a possible implementation manner, after receiving the first message information sent by the first terminal, the method further includes: and decrypting and storing the encrypted target seed pair, so that the target seed pair information of the first terminal can be input on the contact person tracking back-end platform.

In a possible implementation manner, the first packet information further includes: the first identity authentication information, after decrypting the encrypted target seed pair, the method further comprises: performing Hash Message Authentication Code (HMAC) calculation on the decrypted target seed pair to generate second identity authentication information; comparing the second identity authentication information with the first identity authentication information; if the first terminal is consistent with the second terminal, determining that the first terminal is a legal terminal; and if the first message information is inconsistent with the second message information, discarding the first message information. HMAC is a mechanism for message authentication using a hash function in cryptography, and the message authentication that can be provided includes two aspects: and (3) message integrity authentication: it can be proven that the message content has not been modified during the delivery process. And (3) information source identity authentication: because both parties share the authenticated key, the receiver can authenticate that the source sending the data is identical to what is claimed, i.e., can reliably confirm that the received message is identical to what was sent. Therefore, in this possible implementation manner, after receiving the first message information, the contacter tracking backend platform may invoke the security service platform interface to decrypt the first message information, perform identity authentication, and confirm that the first message information is from a legal first terminal, so as to ensure the accuracy of the first message information.

In a possible implementation manner, the first packet information further includes: encrypted location information of the first terminal; decrypting and storing the encrypted target seed pair comprises: decrypting the encrypted position information and the encrypted target seed; and storing the decrypted target seed pair and the decrypted position information in an associated manner so as to save the information of the first terminal. That is to say, if the administrator has the demand for acquiring the geographical location information of the first user, after the authorization of the first user, the first terminal may invoke the module LBS location information through the AT instruction, encrypt the location information and the target seed pair together, and send the encrypted location information and the encrypted target seed pair to the contacter tracking back-end platform, so that the contacter tracking back-end platform stores the decrypted target seed pair and the decrypted location information in an associated manner, thereby performing the information entry of the first user.

In a possible implementation manner, the receiving the first message information sent by the first terminal includes: receiving first message information sent by a first terminal through a BIP channel; the sending the first message information to the second terminal includes: and sending the first message information to the second terminal through the BIP channel. That is, the information interaction with the contact tracking backend platform is performed by means of the BIP channel, regardless of the first terminal or the second terminal. By combining the technical scheme that the first terminal is taken as the execution main body, the SE-SIM card of the first terminal uploads the first message information to the BIP platform through the BIP channel, the BIP platform directly transmits the data to the contact person tracking rear-end platform after receiving the first message information, the BIP channel is unique capacity of an operator, the SE-SIM card is guaranteed to be directly connected with the platform, the data is reported to the corresponding platform, credit endorsements are provided through public credibility of the operator and safety capacity of the SE-SIM card, authenticity and credibility of the data are guaranteed, and the possibility that the user uploads the data can be changed by modifying a module program can be prevented.

In step S702, the contacter tracking back-end platform prepares the work of issuing the seed pair, encrypts the key pair of the confirmer by calling the secure service platform interface, calculates the identity information, issues the encrypted key pair to the BIP platform, and issues the encrypted key pair to the SE-SIM of other potential contacters through the BIP channel.

Therefore, the contact person tracking back-end platform receives the first message information sent by the first terminal and forwards the first message information to the second terminal, the first message information provides a data transfer function, and the second terminal can determine whether the corresponding second user is the contact person of the first user or not according to the encrypted target seed pair. The confirmation process of the contacter is carried out by the second terminal body, and the situation that the closely contacted person is searched and tracked by the working personnel of the disease control center according to the Bluetooth equipment information which is found by the confirmed patient terminal in the personnel contact information database as described in the prior art is not replaced, and the safety of data and the privacy of a user are further ensured by the decentralized tracking thought and the encryption and decryption of the target seed pair.

As shown in fig. 8, the present application provides a method for tracking a contact, the method being applied to a second terminal, and the method including:

step S801, receiving first message information sent by a contact person tracking back-end platform; the first message information includes: an encrypted target seed pair;

s802, decrypting the encrypted target seed pair, and generating a contact person tracking identity of the first user according to the decrypted target seed pair;

step S803, comparing the generated contact person tracking identity of the first user with a locally stored contact person tracking identity;

step S804, if at least one contacter tracking identity identical to the locally stored contacter tracking identity exists in the generated contacter tracking identity of the first user, determining that the second user corresponding to the second terminal is the contacter of the first user.

In step S801, the first message information may further include: the first identity authentication information, after decrypting the encrypted target seed pair, the method further comprises: performing Hash Message Authentication Code (HMAC) calculation on the decrypted target seed pair to generate third identity authentication information; comparing the third identity authentication information with the first identity authentication information; if the first message information is consistent with the second message information, determining that the first message information is legal; and if the first message information is inconsistent with the second message information, discarding the first message information. Similarly, through HMAC calculation, after receiving the first message information, the second terminal may invoke the security service platform interface to decrypt the first message information, perform identity authentication, and confirm the validity of the first message information, so as to ensure the accuracy of the first message information.

In step S802, the second terminal invokes a security capability interface of its SE-SIM card, and uses a specific dispersion factor to disperse the preset seed pair key, thereby generating a seed pair process key seed pair key. The dispersion factor may be generated by means of a counter, a random number, or the like. It should be noted that, corresponding to the technical solution in which the first terminal is used as the execution subject, the process key seed pair generated by the second terminal for decryption and the process key generated for encryption in the first terminal are the same in one process (for example, obtaining the seed pair in the first time interval and determining the contact person according to the seed pair), and in the next process (for example, obtaining the seed pair in the second time interval and determining the contact person according to the seed pair), the preset seed pair key may be dispersed by using a specific dispersion factor to generate different process keys, so that the keys are different in each process, thereby further enhancing the decryption difficulty, preventing the data from being illegally decrypted, and enhancing the security.

In steps S803 and S804, the second terminal obtains the delivered decrypted target seed pair through the interface channel corresponding to the SE-SIM card, and calculates the first user' S contact tracking identity CTID according to the seed value SPt (t represents the time interval corresponding to the seed pair) of the seed pair _n Calling a security algorithm interface of the SE-SIM card to perform HMAC-SHA256 calculation on the SPt, and encrypting the calculation result by using a cryptographic symmetric encryption algorithm SM4 to generate data of n × 16bytes, wherein the formula is as follows:

CTID ₁ ||CTID ₂ ||…||CTID _n ＝SM4(HAMC(SP _t ,"contact tracing session key"))

the SM4 and HAMC process key tracking session key used in calculation is generated by dispersing a tracking identification key tracking ID key preset in an SE-SIM card chip through a specific dispersion factor, and the used process key is the same as that used in the step of generating a contact person tracking identity by a first terminal according to a seed pair, so that the corresponding CTID can be restored ₁ ||CTID ₂ ||…||CTID _n 。

The second terminal compares the CTID which is stored in the local storage space and exchanged with other terminals, and if the CTID is calculated ₁ …CTID _n If a certain value in the first user is consistent with the locally stored CTID, the second user corresponding to the second terminal is judged as the contact of the first user. In possible implementations, the locally stored and calculated CTID may also be compared ₁ …CTID _n The receiving time of the CTID and the Bluetooth signal strength which are consistent with each other are provided for relevant departments so as to assist in determining the contact time and the contact distance of the first user and the second user.

Therefore, the CTID value is calculated and matched to determine that the contacter is completely performed at the second terminal, the CTID is not stored by the contacter tracking back-end platform, the CTID is determined according to the seed value in the seed pair, the seed value is the random number generated by the random number generator, and the CTID does not relate to personal data. And the decentralized data storage mode and the distributed data calculation mode further improve the data security and indirectly protect the privacy of users.

Generally speaking, the second terminal receives the encrypted target seed pair, decrypts the encrypted target seed pair, and generates the contact person tracking identity of the first user according to the decrypted target seed pair; and comparing the generated contact person tracking identity of the first user with a locally stored contact person tracking identity to determine whether the user corresponding to the user is the contact person of the first user. Therefore, the calculation and comparison of the data are performed by the second terminal body, and the situation that the closely contacted person is searched and tracked by the staff of the disease control center according to the Bluetooth device information ever found by the confirmed patient terminal in the staff contact information database as in the prior art is not solved, and the safety of the data and the privacy of the user are further guaranteed by the decentralized tracking thought and the encryption and decryption of the target seed pair.

Besides the above technical effects, the embodiment of the present invention also has the following technical effects: the contact person tracking scheme realized based on the BIP communication protocol of the SE-SIM card is realized by transferring part of functions of the identity identification service which originally needs to be participated by the intelligent terminal to the SE-SIM card. The SE-SIM card supporting the application of the contact person tracking identity can realize quick access, thereby effectively reducing the butt joint complexity of the application of the contact person tracking identity of the terminal, and reducing the transformation cost and research and development investment of the terminal and a platform. The software and hardware of the existing terminal can be modified by zero or few, so that the access of the complete contact person tracking identification system shown in the embodiment of the invention can be realized.

The security module in the security service platform and the security service in the SE-SIM card carrier provide security guarantee for the whole tracking service, can effectively prevent data tampering, improve the security of the whole service,

the SE-SIM card provides seed pair safe storage service, directly and safely stores the seed pairs issued by the platform, provides a reliable safe storage environment for the terminal, ensures the uniqueness of the seed pairs and prevents the seed pairs from being maliciously tampered and counterfeited.

The BIP channel based on the operator can ensure that data cannot be bypassed, namely, the seed pair can be sent to a contacter to track a rear-end platform all the time, LBS positioning is called through an SE-SIM card, the requirement that a supervision department traces the positioning information of a first terminal can be met, certain public confidence is provided, in addition, information recording is not required to be carried out through third-party equipment, the cost is low, and the scheme is simple to realize.

Fig. 9 shows a contact tracking apparatus 90 according to an embodiment of the present invention, the apparatus 90 is applied to a first terminal, and the apparatus 90 includes:

an obtaining module 901, configured to obtain a time interval to be tracked of a first user corresponding to a first terminal;

a first determining module 902, configured to determine, according to a time interval to be tracked, a corresponding target seed pair; the first terminal prestores a one-to-one correspondence relationship between a time interval and a seed pair;

an encryption module 903, configured to encrypt the target seed pair;

a first sending module 904, configured to send first message information to the contacter tracking backend platform, where the first message information includes: an encrypted target seed pair, the encrypted target seed pair for determining the contacter of the first user.

Fig. 10 shows a contact person tracking apparatus 100 according to an embodiment of the present invention, the apparatus 100 is applied to a contact person tracking backend platform, the apparatus 100 includes:

a first receiving module 1001, configured to receive first message information sent by a first terminal; the first message information includes: an encrypted target seed pair;

a second sending module 1002, configured to send the first message information to the second terminal; the encrypted target seed pair is used for indicating the second terminal to determine whether a second user corresponding to the second terminal is a contacter of the first user;

the first user is a user corresponding to the first terminal.

Fig. 11 shows a contact tracking apparatus 110 according to an embodiment of the present invention, the apparatus 110 is applied to a second terminal, and the apparatus 110 includes:

the second receiving module 1101 is configured to receive first message information sent by a contacter tracking backend platform; the first message information includes: an encrypted target seed pair;

the generating module 1102 is configured to decrypt the encrypted target seed pair, and generate a contact tracking identity of the first user according to the decrypted target seed pair;

a comparison module 1103, configured to compare the generated contact tracking identifier of the first user with a locally stored contact tracking identifier;

a second determining module 1104, configured to determine that a second user corresponding to the second terminal is a contacter of the first user if at least one contacter tracking identity that is the same as the locally stored contacter tracking identity exists in the generated contacter tracking identity of the first user.

As can be seen from the block diagrams shown in fig. 9, 10, and 11, in the present application, the smart terminal using the SE-SIM card implements the requirement of contact tracking in a certain specific scenario (e.g., contact tracking of an infected person in a current epidemic situation) through the bluetooth low energy technology. The contacter tracking identification is generated locally at the terminal, and the restoration and matching processes of the contacter tracking identification are completed locally at the terminal. That is, the present application provides a decentralized and distributed contacter tracking method, in which the backend platform of contacter tracking does not store data related to the privacy of the user except for recording the location of the first user (authorized by the user or adjusted according to relevant laws and regulations) when the need of the supervisor arises, and this method can avoid the disclosure of the privacy of the user.

Fig. 12 shows a network device 120 comprising: a processor 1201, a memory 1202 and a program stored on the memory 1202 and executable on the processor 1201, the program when executed by the processor 1201 implementing the steps of the contacter tracking method as described in the above embodiments.

An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method for tracking a contact person described in the foregoing embodiment are implemented, and the same technical effects can be achieved. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a component of' 8230; \8230;" does not exclude the presence of another like element in a process, method, article, or apparatus that comprises the element.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims

1. A method for tracking a contact, the method being applied to a first terminal, the method comprising:

encrypting the target seed pair;

sending first message information to a contact tracking backend platform, wherein the first message information comprises: an encrypted target seed pair, the encrypted target seed pair for determining a contacter of the first user;

before determining the corresponding target seed pair according to the time interval to be tracked, the method further includes:

calling a random number generator to generate a first random number when the current time is the starting endpoint of the first time interval; determining the first random number as a seed value, and generating a seed pair corresponding to a first time interval;

wherein i is equal to 2, \8230; \ 8230;, N; n is a positive integer, the interval length of each time interval is the same, and the time of the ith time interval is later than the time of the (i-1) th time interval;

the method further comprises the following steps:

generating m contact person tracking identification of the first user according to the seed pairs after generating the seed pairs at any time interval;

wherein m is equal to the interval length/preset time interval of the time interval, and m represents the number of the generated contact person tracking identity marks of the first user in any time interval;

after generating the seed pairs at any time interval, generating m contact person tracking identities of the first user according to the seed pairs by the following formula:

CTID ₁ ||CTID ₂ ||…||CTID _n ＝SM4(HAMC(SP _t ,"contacttracingsessionkey"))；

wherein, SM4 is a symmetric encryption algorithm; HAMC is calculated for HMAC-SHA 256; SP _t Is the seed value of the seed pair;

2. The method of claim 1, wherein the first packet information further comprises: before the first identity authentication information is sent to the first message information to the contacter tracking backend platform, the method further comprises:

3. The method of claim 1, wherein the first message information further comprises:

encrypted location information of the first terminal.

4. A method for tracking a contact, the method being applied to a second terminal, the method comprising:

if at least one contactor tracking identity which is the same as the locally stored contactor tracking identity exists in the generated contactor tracking identity of the first user, determining that a second user corresponding to the second terminal is a contactor of the first user;

generating a contact person tracking identity of the first user according to the decrypted target seed by the following formula:

wherein, SM4 is a symmetric encryption algorithm; HAMC is calculated as HMAC-SHA 256; SP _t The seed value of the decrypted target seed pair; the contact routing session key is a process key; CTID _n Tracking an identity for the generated nth contacter of the first user; n is equal to 1, \ 8230 \ 8230:, and m and n are positive integers.

5. The method of claim 4, wherein the first packet information further comprises: the first identity authentication information, after decrypting the encrypted target seed pair, the method further comprises:

6. A contact tracking apparatus, for use in a first terminal, the apparatus comprising:

the encryption module is used for encrypting the target seed pair;

a first sending module, configured to send first message information to a contacter tracking backend platform, where the first message information includes: an encrypted target seed pair, the encrypted target seed pair for determining a contacter of the first user;

before determining a corresponding target seed pair according to the time interval to be tracked, calling a random number generator to generate a first random number when the current time is the starting endpoint of a first time interval; determining the first random number as a seed value, and generating a seed pair corresponding to a first time interval;

7. A contact tracking device, the device being applied to a second terminal, the device comprising:

a second determining module, configured to determine that a second user corresponding to the second terminal is a contacter of the first user if at least one contacter tracking identity that is the same as a locally stored contacter tracking identity exists in the generated contacter tracking identity of the first user;

the method comprises the following steps of generating a contact person tracking identity of a first user according to a decrypted target seed through the following formula:

wherein, SM4 is a symmetric encryption algorithm; HAMC is calculated as HMAC-SHA 256; SP _t For the decrypted target seedA seed value of the pair; the contact routing session key is a process key; CTID _n Tracking an identity for the generated nth contacter of the first user; n is equal to 1, \8230 \ 8230;, m and n are positive integers.

8. A network device, comprising: a processor, a memory and a program stored on the memory and executable on the processor, the program when executed by the processor implementing the steps of the contacter tracking method as claimed in any one of claims 1 to 3; alternatively, the program when executed by the processor implements the steps of the contacter tracking method as claimed in any one of claims 4 to 5.

9. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the contacter tracking method as claimed in one of the claims 1 to 3; alternatively, the program when executed by the processor implements the steps of the contacter tracking method as claimed in any one of claims 4 to 5.