CN1753569A - System and method for treating mobile communication data business based on false code - Google Patents

System and method for treating mobile communication data business based on false code Download PDF

Info

Publication number
CN1753569A
CN1753569A CN200510119506.5A CN200510119506A CN1753569A CN 1753569 A CN1753569 A CN 1753569A CN 200510119506 A CN200510119506 A CN 200510119506A CN 1753569 A CN1753569 A CN 1753569A
Authority
CN
China
Prior art keywords
pseudo
code
subscriber number
data
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200510119506.5A
Other languages
Chinese (zh)
Other versions
CN1753569B (en
Inventor
周彬
魏冰
段晓东
王崇萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN200510119506.5A priority Critical patent/CN1753569B/en
Publication of CN1753569A publication Critical patent/CN1753569A/en
Application granted granted Critical
Publication of CN1753569B publication Critical patent/CN1753569B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

There is disclosed a mobile communication data service processing system based on the pseudo-code, which includes a service net gate with data identification module and a service center with the pseudo-code changing module in the mobile communication network. The data identification module is used for identifying the data information and according the identified result sending the pseudo-code request message to the service centre via the service net gate. The pseudo-code changing module is used for conversion computing according to the pseudo-code request message so as to determine the pseudo-code or the user number. There is also disclosed a processing method of the data sent to SP server from the mobile station and to the mobile station from SP server based on the said system, and disclosed a mobile communication data service processing method based on the said system and based on the pseudo-code.

Description

The system and method for handling based on the mobile communication data business of pseudo-code
Technical field
The present invention relates to the system and method that a kind of mobile communication data business is handled, especially a kind of system that handles based on the mobile communication data business of pseudo-code, a kind of method of handling based on the data service that travelling carriage is sent to the SP server of this system and the method that the data service that the SP server sends to travelling carriage is handled, and a kind of method of handling based on the mobile communication data business of this system.
Background technology
In the mobile communication technology field, traditional data service as short message service, exposes some problems gradually:
The first, the risk that exists subscriber data to leak.Traditional data service with Subscriber Number MSISDN as user ID, in the use of data service, no matter the user still is mobile network's subscribed services by the Internet, all need the user terminal number of oneself is informed SP, Subscriber Number MSISDN can be exposed to service provider SP inevitably.Service provider SP can be analyzed the Subscriber Number resource, finds out the customer group with characteristic value, and carries out some specific aims and handle.For example, initiatively send the mass promotion advertisement to VIP user; Perhaps directly sell other mobile operator or the like the VIP Subscriber Number, these behaviors have brought infringement in various degree to the user.
The second, there is user terminal user's fraud.Since business system can not the real-time judge terminal use in operation flow the state terminal; cause the appearance of following situation: the user uses the terminal of oneself to use professional in the SP registration; then the terminal of oneself is shut down; but the business of using SP to provide can be provided for he; SP and operator but can't sustain a loss from user's charge.
Summary of the invention
The objective of the invention is at the deficiencies in the prior art, a kind of system and method for handling based on the mobile communication data business of pseudo-code is proposed, by the conversion between Subscriber Number MSISDN and the pseudo-code, in data service, utilize pseudo-code to guarantee confidentiality, the authenticity of user data, preventing the leakage of subscriber data, and avoid the loss of operator.
For achieving the above object, the invention provides a kind of system that handles based on the mobile communication data business of pseudo-code, comprise the service center that is arranged on the Service Gateway that has data identification module in the mobile communications network and has the pseudo-code conversion module; Described data identification module is used for being discerned by the data message of travelling carriage or the transmission of SP server and sending pseudo-code solicited message by described Service Gateway to described service center according to recognition result; The pseudo-code response message that described Service Gateway returns according to described service center sends data message to travelling carriage or SP server; Described pseudo-code conversion module is used for carrying out transformation calculations according to described pseudo-code solicited message, determines pseudo-code or Subscriber Number; Described service center sends to described Service Gateway with pseudo-code or the Subscriber Number of determining as described pseudo-code response message.
The present invention also provides a kind of method of handling based on the data service that travelling carriage is sent to the SP server of said system, may further comprise the steps:
Data center in step 11, the mobile communications network mails to SP data in server information with travelling carriage and is sent to Service Gateway.
Step 12, Service Gateway GW are according to the user number information of the travelling carriage in the data message, determine the service center that described travelling carriage belongs to, and to this home service center transmission pseudo-code solicited message, the described pseudo-code that acquisition request is corresponding with the Subscriber Number of described travelling carriage;
Step 13, described home service center obtain sending the described pseudo-code response message that comprises this pseudo-code to described Service Gateway after the pseudo-code corresponding with this Subscriber Number according to the described Subscriber Number in the described pseudo-code solicited message;
Step 14, Service Gateway send to described SP server together with described pseudo-code and described data message.
The present invention also provides a kind of method of handling based on the data service that the SP server is sent to travelling carriage of said system, may further comprise the steps:
The data message that step 21, SP server will have pseudo-code information sends to Service Gateway;
Step 22, Service Gateway are determined pseudo-code home service center according to the pseudo-code information in the data, and send the pseudo-code solicited message to pseudo-code home service center, the Subscriber Number of request pseudo-code correspondence;
Step 23, pseudo-code home service center are according to the pseudo-code in the pseudo-code solicited message, obtain the Subscriber Number corresponding with this pseudo-code, and judge the authenticity of this Subscriber Number and this Subscriber Number whether customized described data message, be then to send the pseudo-code response message to Service Gateway, return the Subscriber Number of pseudo-code correspondence, otherwise execution in step 25;
Step 24, Service Gateway mail to called mobile station according to Subscriber Number with data, finish;
Step 25, Service Gateway are refused issuing of described data service, and return refusal information and give described SP server, finish.
The present invention also provides a kind of method of handling based on the mobile communication data business of said system, may further comprise the steps:
Data center in step 31, the mobile communications network mails to SP data in server information with travelling carriage and is sent to Service Gateway.
Step 32, Service Gateway GW are according to the user number information of the travelling carriage in the data message, determine the service center that described travelling carriage belongs to, and to this home service center transmission pseudo-code solicited message, the described pseudo-code that acquisition request is corresponding with the Subscriber Number of described travelling carriage;
Step 33, described home service center obtain sending the described pseudo-code response message that comprises this pseudo-code to described Service Gateway after the pseudo-code corresponding with this Subscriber Number according to the described Subscriber Number in the described pseudo-code solicited message;
Step 34, Service Gateway send to described SP server together with described pseudo-code and described data message;
The data message that step 35, SP server will have pseudo-code information sends to Service Gateway;
Step 36, Service Gateway are determined pseudo-code home service center according to the pseudo-code information in the data, and send the pseudo-code solicited message to pseudo-code home service center, the Subscriber Number of request pseudo-code correspondence;
Step 37, pseudo-code home service center obtain the Subscriber Number corresponding with this pseudo-code according to the pseudo-code in the pseudo-code solicited message, and send the pseudo-code response message to Service Gateway, return the Subscriber Number of pseudo-code correspondence;
Step 38, Service Gateway mail to called mobile station according to Subscriber Number with data.
The present invention is under the situation of algorithm known key, can finish positive-going transition and reciprocal transformation between Subscriber Number and the pseudo-code by mapping algorithm, do not knowing under the situation of algorithm secret key, the SP server can't be finished pseudo-code and push away and the forgery of original user number to pseudo-code to the counter of original user number, the confidentiality height, and very true, and, because SP can't calculate algorithm secret key, also can't derive other Subscriber Number and pseudo-code transfer pair in view of the above, the fail safe that has improved Subscriber Number; By to positive-going transition between Subscriber Number and the pseudo-code and reciprocal transformation, DSMP unifies searching and managing to the terminal of carrying out pseudo-code conversion, has avoided user's fraud.
Below the present invention will be described in detail by accompanying drawing and specific embodiment.
Description of drawings
Fig. 1 is the structured flowchart of system of the present invention;
Fig. 2 is the system architecture diagram of service center in the system shown in Figure 1;
The schematic diagram of a specific embodiment of the method that Fig. 3 handles for the data service that travelling carriage is sent to the SP server of the present invention;
Fig. 4 is a method flow diagram embodiment illustrated in fig. 3;
Fig. 5 be embodiment illustrated in fig. 3 in a concrete pseudo-code generate schematic diagram;
The schematic diagram of a specific embodiment of the method that Fig. 6 handles for the data service that the SP server is sent to travelling carriage of the present invention;
Fig. 7 is a method flow diagram embodiment illustrated in fig. 6;
Fig. 8 is the method flow diagram that mobile communication data business of the present invention is handled.
Embodiment
Referring to Fig. 1, structured flowchart for system of the present invention, the system that handles based on the mobile communication data business of pseudo-code of the present invention, comprise the service center that is arranged on the Service Gateway that has the data identification module (not shown) in the mobile communications network and has pseudo-code conversion module (not shown), specifically, comprise mobile station MS, service center DSMP, Service Gateway GW, service provider SP, described mobile station MS, service center DSMP, Service Gateway GW connects by the GSM network respectively, Service Gateway GW, service provider SP connects by the network beyond the GSM respectively, such as, the Internet network.Wherein, described Service Gateway GW comprises the data identification module (not shown), is used for being discerned by the data message of mobile station MS or the transmission of SP server and sending pseudo-code solicited message by described Service Gateway GW to described service center DSMP according to recognition result; The pseudo-code response message that described Service Gateway GW returns according to described service center DSMP sends data message to mobile station MS or SP server; Described pseudo-code conversion module (not shown) is used for carrying out transformation calculations according to described pseudo-code solicited message, determines pseudo-code or Subscriber Number MSISDN; Described service center DSMP sends to described Service Gateway GW with pseudo-code or the Subscriber Number MSISDN that determines as described pseudo-code response message.
Because the pairing service provider SP of Subscriber Number MSISDN may be one, also may be a plurality of, the pseudo-code that is to say respective user number MSISDN may be one or more, when having only one, in order to save computing time, pseudo-code that can good this family of calculated in advance number MSISDN, with this family number MSISDN's and corresponding pseudo-code store, so, service center DSMP of the present invention also is provided with database, and the relation that described database is used to store the pseudo-code calculated and Subscriber Number MSISDN is right.
In addition, described service center DSMP comprises the key production module that is connected with the pseudo-code conversion module, is used to generate key.Described service center DSMP can also comprise that the SP private key that is connected with the pseudo-code conversion module derives from module, is used to generate the SP private key.
In system of the present invention, described MS, described service center DSMP, described Service Gateway GW, service provider SP all can be one or more.
Shown in Figure 2, be the concrete system block diagram of service center DSMP of the present invention, comprise an interface 1, one database module 2, one user information control module, 3, one SP message control modules 4, are ordered and are concerned control module 5, a SP synchronization module 6 and a pseudo-code conversion module 7.
Interface 1 comprises interface that is connected with operation system and/or the interface that is connected with subscriber access system: operation system comprises one of MMS system, note system, Java download system, stream media system, personal information control service system, position service system, terminal control system, WAP gateway system or HTTP gateway system or its combination in any; Subscriber access system comprises one of note connecting system, WAP connecting system, WWW connecting system, voice value-added service (IVR) connecting system, client software connecting system or its combination in any.
Interface 1 also comprises message routing forwarding interface, carries out message forwarding when being used for the networking of data service control system.
Database 2 is with user information control module 3, SP message control module 4 and order and concern that control module 5 is connected, mode with tabulation is preserved the corresponding data of above-mentioned module respectively, specifically, be according to user information control module 3, SP message control module 4 and order the operational order that concerns control module 5 and carry out generation, the deletion that user profile, SP business information and user order relation information or revise change, perhaps provide and preserve data for user information control module 3, SP message control module 4 with order relation control mould control module 5 and call inquiry.
In the present embodiment, database 2 also is used to preserve the described pseudo-code of calculating setting and the corresponding relation data of described Subscriber Number.
User information control module 3 is connected with interface 1, is used to obtain the instruction of user terminal or SP server, or to user terminal or SP server return result, and wherein, user terminal is portable terminal or fixed terminal with transmitting-receiving ability; When service request that the instruction of obtaining from interface 1 sends for the user, carry out generation, deletion or the alter operation of user profile, and this instruction carries out the authentication of user profile, and the user profile of this moment is subscriber identity information, such as judging whether validated user of this user; For user, this authentication sent to order by information concern control module 5 by authentication; When the instruction of obtaining from interface 1 for the SP server send to the query statement of subscriber identity information the time, inquire about and return the query manipulation result to the SP server by interface 1.
User information control module 3 is connected with database module 2,3 pairs of user profile of database module 2 storing subscriber information control modules generate, delete, the data of inquiry or alter operation, and the respective stored data are provided when the authentication of user profile is carried out in the instruction of 3 pairs of user terminals of user information control module or SP server.
SP message control module 4 is connected with interface 1, is used to obtain the instruction of user terminal or SP server, or to user terminal or SP server return result; When SP business information that the instruction of obtaining from interface 1 sends for the SP server, carry out preservation generation, deletion or the alter operation of SP business information; When service request that the instruction of obtaining from interface 1 sends for the user, carry out the authentication of SP business information, and authenticating result is sent to user terminal by interface 1; When the instruction of obtaining from interface 1 for the user send to the query statement of SP business information the time, inquire about and send the query manipulation result to user terminal by interface 1.
SP message control module 4 is connected with database module 2,3 pairs of SP business information of database module 2 storage SP message control modules generate, delete, the data of inquiry or alter operation, and the respective stored data are provided when the authentication of SP business information is carried out in the instruction of 4 pairs of user terminals of SP message control module or SP server.
Order and concern that control module 5 is connected with interface 1, be used to obtain the instruction of user terminal or SP server, or to user terminal or SP server return result; Be connected with SP message control module 4 with user information control module 3, be used to obtain the authenticating result of user information control module 3 and SP message control module 4; When service request that the instruction user that obtains from interface 1 sends, the authenticating result of invoke user information Control module 3 and SP message control module 4, if authentication is passed through, promptly the user has the right to use the SP business, and this SP is professional to be existed, and then generates or changes the user and order relation information; When releasing user order relations information command that the instruction of obtaining from interface 1 sends for the user, the deletion user orders relation information; When information on services that the instruction of obtaining from interface 1 sends for the SP server, user according to storage orders the authentication that relation information carries out information on services, and authentication is passed through, and then information on services is sent to the user by interface 1, otherwise, return service failure information and give the SP server; When the instruction that receives be the querying order relations information of user or the transmission of SP server, inquire about and return Query Result to user or SP server respectively.
Order and concern that control module 5 is connected with database module 2, database module 2 storage order concern that 5 couples of users of control module order that relation information generates, deletes, the data of inquiry or alter operation, and when ordering the authentication that the instruction that concerns 5 pairs of user terminals of control module or SP server orders relation information, provide the respective stored data.
SP synchronization module 6 concerns that control module 5 is connected with ordering, and is used to obtain generation, deletion, inquiry or the modification information that the user orders relation information; Be connected with described interface 1, be used for the user is ordered generation, deletion, inquiry or the modification information of relation information synchronously to the SP server.When the user orders relationship module 5 when carrying out generation that the user orders relation information, deletion, inquiry or alter operation, when carrying out database module 2 stored records, this information is sent to SP synchronization module 6, give the SP server with this information synchronously by interface 1 by SP synchronization module 6.
One pseudo-code conversion module 7 is serially connected between SP synchronization module 6 and the database module 2, is used to finish pseudo-code generation and/or the inquiry of Subscriber Number MSISDN.
Pseudo-code conversion module 7 adopts the pseudo-code generating algorithms to generate pseudo-codes, finishes forward and reverse encryption conversion between Subscriber Number MSISDN and the pseudo-code, and pseudo-code authenticity, integrity checking; This pseudo-code generating algorithm adopts key schedule, finishes the generation of the key that uses in the pseudo-code generating algorithm; Can further adopt the key derivation algorithm in this key schedule, ID finishes the dispersion of root key to the SP private key according to the SP sign.Wherein, pseudo-code generating algorithm, key schedule and key derivation algorithm can use arbitrary pseudo-code generating algorithm, key schedule and the key derivation algorithm known to those skilled in the art.
Pseudo-code conversion module 7 can be connected with the key production module (not shown), finishes the generation of the key that uses in the pseudo-code generating algorithm by key production module, and this key schedule can use the arbitrary key schedule known to those skilled in the art.
Pseudo-code conversion module 7 also can derive from the module (not shown) with the SP private key and be connected, and is used for generating the SP private key according to SP server identification ID.
Pseudo-code conversion module 7 can be set up the corresponding relation of user terminal number and pseudo-code, and sends user information control module 3 to by ordering relationship module, is stored in the database module 2 by user information control module 3.Through the control of pseudo-code conversion module 7, SP synchronization module 6 orders in the relation information for synchronously the user of SP server, and the pseudo-code that user terminal number is generated substitutes, and the SP server can not be recognized real user terminal number; Accordingly, order and concern in the information on services that SP server that control module 5 receives provides, destination Mobile Station International ISDN Number also is user's pseudo-code, then call pseudo-code conversion module 7 and carry out anti-fake sign indicating number control and obtain user terminal number, order subsequently relationship module 5 still to user terminal number corresponding with the SP business information order in addition authentication of relation information.
The present invention also provides a kind of method of handling based on the data service that travelling carriage is sent to the SP server of pseudo-code, and this method comprises from MS and sends the process of data message to SP, is illustrated in figure 3 as a specific embodiment of this method.
This embodiment specifically may further comprise the steps, as shown in Figure 4:
Data center in step 11, the GSM network mails to SP data in server information with mobile station MS and is sent to Service Gateway GW, and data center is the SMC of short message service center in the present embodiment;
Step 12, Service Gateway GW determine that MSISDN ownership DSMP is DSMP2, and send the pseudo-code solicited message to DSMP2, the pseudo-code of request MSISDN correspondence according to the mobile station MS calling number MSISDN information in the data message;
Step 13, DSMP2 obtain the corresponding pseudo-code with this Subscriber Number MSISDN according to the Subscriber Number MSISDN in the pseudo-code solicited message, and send the pseudo-code response message to Service Gateway GW, return the pseudo-code of MSISDN correspondence;
Step 14, Service Gateway GW send to the SP server together with described pseudo-code and described data message.
Wherein, DSMP2 can store the right database of relation of pseudo-code and Subscriber Number MSISDN by inquiry in the step 13, obtain corresponding pseudo-code with this Subscriber Number MSISDN, this pseudo-code be obtain and be stored in before the DSMP2 in the database with the corresponding pseudo-code of this Subscriber Number MSISDN.
If described Subscriber Number MSISDN is only corresponding with a service provider SP, then have only a pseudo-code, the process that then obtains the pseudo-code corresponding with this Subscriber Number MSISDN is:
Key schedule generates root key K, and its length is 128 bits, and DSMP2 utilizes this root key K that Subscriber Number MSISDN is encrypted moving the calculation, then obtains the corresponding pseudo-code with this Subscriber Number MSISDN.This key generated before cryptographic calculation, can adopt arbitrary key schedule well known by persons skilled in the art.
If described Subscriber Number MSISDN is corresponding with a plurality of service provider SP, a plurality of pseudo-codes are then arranged, hundreds of, several thousand even, the memory data output of this moment is big, the speed of inquiry is also relatively slow, so this advances to take Dynamic calculation method to obtain and the corresponding pseudo-code of this Subscriber Number MSISDN.The process that then obtains the pseudo-code corresponding with this Subscriber Number MSISDN is, pass through Dynamic calculation method, the process that Subscriber Number MSISDN ownership DSMP obtains the pseudo-code corresponding with this Subscriber Number MSISDN is as shown in Figure 4: at first utilize key schedule to generate root key K by key production module, deriving from module by the SP private key again utilizes SP sign ID to derive each SP private key Ka1 according to the key derivation algorithm, Ka2......Kan, described SP private key Ka1, Ka2......Kan corresponds respectively to SP1, SP2......SPn, select corresponding SP private key according to SP sign ID then, utilize SP private key Ka and key schedule that Subscriber Number MSISDN is carried out cryptographic calculation, obtain the pseudo-code of MSISDN correspondence.
Described pseudo-code can comprise the Route Selection cleartext information of original number, can not comprise yet, if comprise, then described step 14 is specially: Service Gateway GW sends to called SP according to the Route Selection cleartext information of original number in the pseudo-code together with described pseudo-code and described data message.
In addition, described pseudo-code can also comprise the time stamp cleartext information; And the length of described pseudo-code is no more than 32 bytes.
By above-mentioned steps, service provider SP obtains is treated pseudo-code but not the Mobile Subscriber International ISDN Number of user terminal, has effectively protected user's privacy.
For security consideration, the algorithm secret key that mapping algorithm promptly carries out cryptographic calculation or decrypt operation needs regular update.The key difference, the pseudo-code of same Subscriber Number MSISDN correspondence has nothing in common with each other.According to service needed, pseudo-code information may be stored in the service provider SP place, so after the algorithm secret key renewal, pseudo-code information may need the long period to upgrade synchronously at mobile operator and service provider SP place.Therefore, the DSMP business platform should be stored a plurality of pseudo-codes of same Subscriber Number MSISDN correspondence, and different pseudo-codes is distinguished according to the version cleartext information.
Same Subscriber Number can have identical pseudo-code for different SP, also can have different pseudo-codes.But only there is a unique pseudo-code corresponding relation in all data services between same Subscriber Number and the same SP (push service and Pull business).For specific SP, the only corresponding pseudo-code of Subscriber Number; The only corresponding Subscriber Number of pseudo-code.The key that uses can be generated by software, and stored in clear can adopt the component backup of media such as floppy disk during backup in the computer equipment of software place.
The present invention also provides a kind of method of handling based on the data service that the SP server is sent to travelling carriage of pseudo-code, and this method comprises from SP and sends the process of data message to MS, is illustrated in figure 6 as a specific embodiment of this method.
This embodiment specifically may further comprise the steps, as shown in Figure 7:
The data message that step 21, SP server will have pseudo-code information sends to Service Gateway GW, and this pseudo-code information is that service provider SP obtains from the data message that MS sends;
Step 22, Service Gateway GW determine that according to the pseudo-code information in the data pseudo-code home service center is DSMP2, and send the pseudo-code solicited message to DSMP2, the Subscriber Number MSISDN of request pseudo-code correspondence;
Step 23, DSMP2 obtain the Subscriber Number MSISDN corresponding with this pseudo-code according to the pseudo-code in the pseudo-code solicited message;
Whether step 24, DSMP2 judge the authenticity of this Subscriber Number MSISDN, comprise judging whether this Subscriber Number MSISDN is legal, such as shutting down; Truly, then execution in step 25, otherwise, execution in step 28;
Step 25, DSMP2 judge this Subscriber Number MSISDN whether customized described data message, be execution in step 26 then; Otherwise execution in step 28;
Step 26, DSMP2 send the pseudo-code response message to Service Gateway GW, return the Subscriber Number MSISDN of pseudo-code correspondence;
Step 27, Service Gateway GW mail to called mobile station MS according to Subscriber Number MSISDN with data, finish;
Step 28, Service Gateway GW refuse issuing of described data service, and return refusal information and give described SP server, finish.
Wherein, DSMP2 can store the right database of relation of pseudo-code and Subscriber Number MSISDN by inquiry in the step 23, obtains the Subscriber Number MSISDN corresponding with this pseudo-code.
If described Subscriber Number MSISDN is only corresponding with a service provider SP, then have only a pseudo-code, the process that then obtains the Subscriber Number MSISDN corresponding with this pseudo-code is:
Described pseudo-code home service center utilizes key, such as root key K, according to the pseudo-code generating algorithm described pseudo-code is decrypted computing, obtains the Subscriber Number corresponding with this pseudo-code.
If the corresponding more than one pseudo-code of this Subscriber Number MSISDN, then described pseudo-code ownership DSMP obtains the Subscriber Number MSISDN of this pseudo-code correspondence by the method for dynamic calculation.Described pseudo-code ownership DSMP utilizes the pseudo-code version information to determine corresponding SP private key, utilizes this SP private key, according to the pseudo-code generating algorithm described pseudo-code is decrypted computing, obtains the Subscriber Number MSISDN corresponding with this pseudo-code.
For security consideration, the algorithm secret key that mapping algorithm promptly carries out cryptographic calculation or decrypt operation needs regular update.The key difference, the pseudo-code of same Subscriber Number MSISDN correspondence has nothing in common with each other.According to service needed, pseudo-code information may be stored in the service provider SP place, so after the algorithm secret key renewal, pseudo-code information may need the long period to upgrade synchronously at mobile operator and service provider SP place.Therefore, the DSMP business platform should be stored a plurality of pseudo-codes of same Subscriber Number MSISDN correspondence, and different pseudo-codes is distinguished according to the version cleartext information.
Same Subscriber Number can have identical pseudo-code for different SP, also can have different pseudo-codes.But only there is a unique pseudo-code corresponding relation in all data services between same Subscriber Number and the same SP (push service and Pull business).For specific SP, the only corresponding pseudo-code of Subscriber Number; The only corresponding Subscriber Number of pseudo-code.The key that uses can be generated by software, and stored in clear can adopt the component backup of media such as floppy disk during backup in the computer equipment of software place.
By above-mentioned steps, Service Gateway DSMP judges inquiry to MSISDN, the behavior that the number of having avoided user's utilization to shut down is swindled; Simultaneously, Service Gateway is inquired about business datum validity, has avoided the SP server to carry out not customized business and has sent.
The present invention also provides a kind of method of handling based on the mobile communication data business of pseudo-code, and its flow chart may further comprise the steps referring to Fig. 8:
Data center in step 31, the mobile communications network mails to SP data in server information with travelling carriage and is sent to Service Gateway, and this data center is SMC;
Step 32, Service Gateway GW are according to the user number information of the travelling carriage in the data message, determine that the service center that described travelling carriage belongs to is DSMP2, and to DSMP2 transmission pseudo-code solicited message, the described pseudo-code that acquisition request is corresponding with the Subscriber Number of described travelling carriage;
Step 33, DSMP2 obtain sending the described pseudo-code response message that comprises this pseudo-code to described Service Gateway GW after the pseudo-code corresponding with this Subscriber Number according to the described Subscriber Number in the described pseudo-code solicited message;
Step 34, Service Gateway GW send to described SP server together with described pseudo-code and described data message;
The data message that step 35, SP server will have pseudo-code information sends to Service Gateway GW, the business information that this data message provides for the SP server;
Step 36, Service Gateway GW determine that according to the pseudo-code information in the data pseudo-code home service center is DSMP2, and send the pseudo-code solicited message to DSMP2, the Subscriber Number of request pseudo-code correspondence;
Step 37, DSMP2 obtain the Subscriber Number corresponding with this pseudo-code according to the pseudo-code in the pseudo-code solicited message, and send the pseudo-code response message to Service Gateway GW, return the Subscriber Number of pseudo-code correspondence;
Step 38, Service Gateway GW mail to called mobile station according to Subscriber Number with data.
It should be noted last that, above embodiment is only unrestricted in order to technical scheme of the present invention to be described, although the present invention is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement technical scheme of the present invention, and not break away from the spirit and scope of technical solution of the present invention.

Claims (19)

1, a kind of system that handles based on the mobile communication data business of pseudo-code is characterized in that comprising the service center that is arranged on the Service Gateway that has data identification module in the mobile communications network and has the pseudo-code conversion module; Described data identification module is discerned the data message that is sent by travelling carriage or SP server and is sent pseudo-code solicited message by described Service Gateway to described service center according to recognition result; The pseudo-code response message that described Service Gateway returns according to described service center sends data message to travelling carriage or SP server; Described pseudo-code conversion module is used for carrying out transformation calculations according to described pseudo-code solicited message, determines pseudo-code or Subscriber Number; Described service center sends to described Service Gateway with pseudo-code or the Subscriber Number of determining as described pseudo-code response message.
2, the system that handles based on the mobile communication data business of pseudo-code according to claim 1, it is characterized in that described service center also is provided with database, described database is used to store the described pseudo-code of having calculated setting and the corresponding relation data of described Subscriber Number.
3, the system that handles based on the mobile communication data business of pseudo-code according to claim 1 is characterized in that described service center also comprises the key production module that is connected with the pseudo-code conversion module, is used to generate root key.
4, the system that handles based on the mobile communication data business of pseudo-code according to claim 3, it is characterized in that described service center comprises that the SP private key that is connected with the pseudo-code conversion module derives from module, is used for generating the SP private key according to SP server identification ID and described root key.
5, a kind of method of handling based on the data service that travelling carriage is sent to the SP server of the arbitrary described system of claim 1-4 is characterized in that may further comprise the steps:
Data center in step 11, the mobile communications network mails to SP data in server information with travelling carriage and is sent to Service Gateway;
Step 12, Service Gateway GW are according to the user number information of the travelling carriage in the data message, determine the service center that described travelling carriage belongs to, and to this home service center transmission pseudo-code solicited message, the described pseudo-code that acquisition request is corresponding with the Subscriber Number of described travelling carriage;
Step 13, described home service center obtain sending the described pseudo-code response message that comprises this pseudo-code to described Service Gateway after the pseudo-code corresponding with this Subscriber Number according to the described Subscriber Number in the described pseudo-code solicited message;
Step 14, Service Gateway send to described SP server together with described pseudo-code and described data message.
6, the method that travelling carriage is handled to the data service of SP server transmission according to claim 5, it is characterized in that the process that home service center described in the described step 13 obtains the pseudo-code corresponding with this Subscriber Number is: the inquiry of described home service center stores the right database of relation of pseudo-code and Subscriber Number, obtains the pseudo-code corresponding with this Subscriber Number.
7, the method that travelling carriage is handled to the data service of SP server transmission according to claim 5, it is characterized in that the process that home service center in the described step 13 obtains the pseudo-code corresponding with this Subscriber Number is: described home service center utilizes key, according to the pseudo-code generating algorithm Subscriber Number is carried out cryptographic calculation, obtain the pseudo-code corresponding with this Subscriber Number.
8, the method that travelling carriage is handled to the data service of SP server transmission according to claim 7, it is characterized in that utilizing before key carries out cryptographic calculation according to the pseudo-code generating algorithm to Subscriber Number, generate root key as described key at the home service center.
9, the method that travelling carriage is handled to the data service of SP server transmission according to claim 7, it is characterized in that described home service center utilizes key, according to the pseudo-code generating algorithm step that Subscriber Number carries out cryptographic calculation is specially: corresponding SP private key is selected according to SP server identification ID in described home service center, utilize this SP private key, according to the pseudo-code generating algorithm Subscriber Number is carried out cryptographic calculation, obtain the pseudo-code corresponding with this Subscriber Number.
10, the method that travelling carriage is handled to the data service of SP server transmission according to claim 9, it is characterized in that before the corresponding SP private key of described selection, carry out the SP private key and generate, described SP private key generative process comprises utilizes SP server identification ID and root key to generate the SP private key by the key derivation algorithm.
11, the method that travelling carriage is handled to the data service of SP server transmission according to claim 5 is characterized in that described pseudo-code comprises the Route Selection cleartext information of original number.
12, the method that travelling carriage is handled to the data service of SP server transmission according to claim 5 is characterized in that described pseudo-code comprises the time stamp cleartext information.
13, the method that travelling carriage is handled to the data service of SP server transmission according to claim 5 is characterized in that the length of described pseudo-code is no more than 32 bytes.
14, the method that travelling carriage is handled to the data service of SP server transmission according to claim 11, it is characterized in that described step 14 is specially: Service Gateway sends to the SP server according to the Route Selection cleartext information of original number in the pseudo-code together with described pseudo-code and described data message.
15, a kind of method of handling based on the data service that the SP server is sent to travelling carriage of the arbitrary described system of claim 1-4 is characterized in that may further comprise the steps:
The data message that step 21, SP server will have pseudo-code information sends to Service Gateway;
Step 22, Service Gateway are determined pseudo-code home service center according to the pseudo-code information in the data, and send the pseudo-code solicited message to pseudo-code home service center, the Subscriber Number of request pseudo-code correspondence;
Step 23, pseudo-code home service center are according to the pseudo-code in the pseudo-code solicited message, obtain the Subscriber Number corresponding with this pseudo-code, and judge the authenticity of this Subscriber Number and this Subscriber Number whether customized described data message, be then to send the pseudo-code response message to Service Gateway, return the Subscriber Number of pseudo-code correspondence, otherwise execution in step 25;
Step 24, Service Gateway mail to called mobile station according to Subscriber Number with data, finish;
Step 25, Service Gateway are refused issuing of described data service, and return refusal information and give described SP server, finish.
16, the method that the SP server is handled to the data service of travelling carriage transmission according to claim 15, it is characterized in that the center of pseudo-code home service described in the described step 23 is according to the pseudo-code in the pseudo-code solicited message, the process that obtains the Subscriber Number corresponding with this pseudo-code is: the inquiry of described pseudo-code home service center stores the right database of relation of pseudo-code and Subscriber Number, obtains the Subscriber Number of this pseudo-code correspondence.
17, the method that the SP server is handled to the data service of travelling carriage transmission according to claim 15, it is characterized in that the center of pseudo-code home service described in the described step 23 is according to the pseudo-code in the pseudo-code solicited message, the process that obtains the Subscriber Number corresponding with this pseudo-code is: described pseudo-code home service center utilizes key, according to the pseudo-code generating algorithm described pseudo-code is decrypted computing, obtains the Subscriber Number corresponding with this pseudo-code.
18, the method that the SP server is handled to the data service of travelling carriage transmission according to claim 17, it is characterized in that described pseudo-code home service center utilizes key, according to the pseudo-code generating algorithm described pseudo-code is decrypted computing, the step that obtains the Subscriber Number corresponding with this pseudo-code is specially: described pseudo-code home service center utilizes the pseudo-code version information to determine corresponding SP private key, utilize this SP private key, according to the pseudo-code generating algorithm described pseudo-code is decrypted computing, obtains the Subscriber Number corresponding with this pseudo-code.
19, a kind of method of handling based on the mobile communication data business of the arbitrary described system of claim 1-4 is characterized in that may further comprise the steps:
Data center in step 31, the mobile communications network mails to SP data in server information with travelling carriage and is sent to Service Gateway;
Step 32, Service Gateway GW are according to the user number information that mails to the travelling carriage in the SP data in server information, determine the service center that described travelling carriage belongs to, and to this home service center transmission pseudo-code solicited message, the described pseudo-code that acquisition request is corresponding with the Subscriber Number of described travelling carriage;
Step 33, described home service center obtain sending the described pseudo-code response message that comprises this pseudo-code to described Service Gateway after the pseudo-code corresponding with this Subscriber Number according to the described Subscriber Number in the described pseudo-code solicited message;
Step 34, Service Gateway send to described SP server together with described pseudo-code and the described SP of mailing to data in server information;
The data message that step 35, SP server will have pseudo-code information sends to Service Gateway;
Step 36, Service Gateway are determined pseudo-code home service center, and are sent the pseudo-code solicited message to pseudo-code home service center according to the pseudo-code information in the data message of described SP server transmission, the Subscriber Number of request pseudo-code correspondence;
Step 37, pseudo-code home service center obtain the Subscriber Number corresponding with this pseudo-code according to the pseudo-code in the pseudo-code solicited message, and send the pseudo-code response message to Service Gateway, return the Subscriber Number of pseudo-code correspondence;
Step 38, Service Gateway mail to called mobile station according to Subscriber Number with the data message that described SP server sends.
CN200510119506.5A 2005-11-02 2005-11-02 System and method for treating mobile communication data business based on false code Active CN1753569B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200510119506.5A CN1753569B (en) 2005-11-02 2005-11-02 System and method for treating mobile communication data business based on false code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200510119506.5A CN1753569B (en) 2005-11-02 2005-11-02 System and method for treating mobile communication data business based on false code

Publications (2)

Publication Number Publication Date
CN1753569A true CN1753569A (en) 2006-03-29
CN1753569B CN1753569B (en) 2010-05-12

Family

ID=36680203

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200510119506.5A Active CN1753569B (en) 2005-11-02 2005-11-02 System and method for treating mobile communication data business based on false code

Country Status (1)

Country Link
CN (1) CN1753569B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010028563A1 (en) * 2008-09-09 2010-03-18 中兴通讯股份有限公司 Method and system for protecting privacy
CN102045717A (en) * 2009-10-26 2011-05-04 中国移动通信集团公司 System, method and relevant equipment for acquiring user identifier in data service
CN101616369B (en) * 2008-06-26 2012-03-07 中兴通讯股份有限公司 Method for detecting false transmitted number in multimedia message
CN102413107A (en) * 2010-09-25 2012-04-11 中国电信股份有限公司 System and method for improving user information open safety
CN103188665A (en) * 2011-12-31 2013-07-03 中国移动通信集团北京有限公司 System, method and device of improving safety of cell phone receiving advertising
CN103974255A (en) * 2014-05-05 2014-08-06 宇龙计算机通信科技(深圳)有限公司 System and method for vehicle access
CN110535823A (en) * 2019-07-09 2019-12-03 中移(杭州)信息技术有限公司 Exchange method, system and pseudo-code service platform based on pseudo-code
CN113438089A (en) * 2021-06-29 2021-09-24 山东新一代标准化研究院有限公司 Block chain-based power Internet of things equipment communication method and network equipment thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI974341A (en) * 1997-11-26 1999-05-27 Nokia Telecommunications Oy Data protection for data connections
US6999458B2 (en) * 2003-02-14 2006-02-14 Theglobe.Com Internet telephony network and methods for using the same
CN100342706C (en) * 2003-05-19 2007-10-10 腾讯科技(深圳)有限公司 Method for instant communication user by telephone call

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101616369B (en) * 2008-06-26 2012-03-07 中兴通讯股份有限公司 Method for detecting false transmitted number in multimedia message
WO2010028563A1 (en) * 2008-09-09 2010-03-18 中兴通讯股份有限公司 Method and system for protecting privacy
CN101674524B (en) * 2008-09-09 2012-09-05 中兴通讯股份有限公司 Privacy protection method and system of subdistrict short messages
CN102045717A (en) * 2009-10-26 2011-05-04 中国移动通信集团公司 System, method and relevant equipment for acquiring user identifier in data service
CN102413107A (en) * 2010-09-25 2012-04-11 中国电信股份有限公司 System and method for improving user information open safety
CN102413107B (en) * 2010-09-25 2014-12-03 中国电信股份有限公司 System and method for improving user information open safety
CN103188665A (en) * 2011-12-31 2013-07-03 中国移动通信集团北京有限公司 System, method and device of improving safety of cell phone receiving advertising
CN103188665B (en) * 2011-12-31 2016-01-27 中国移动通信集团北京有限公司 Improve the system of the fail safe of the mobile phone receiving advertisement, method and device
CN103974255A (en) * 2014-05-05 2014-08-06 宇龙计算机通信科技(深圳)有限公司 System and method for vehicle access
CN110535823A (en) * 2019-07-09 2019-12-03 中移(杭州)信息技术有限公司 Exchange method, system and pseudo-code service platform based on pseudo-code
CN110535823B (en) * 2019-07-09 2021-10-22 中移(杭州)信息技术有限公司 Pseudo code-based interaction method and system and pseudo code service platform
CN113438089A (en) * 2021-06-29 2021-09-24 山东新一代标准化研究院有限公司 Block chain-based power Internet of things equipment communication method and network equipment thereof

Also Published As

Publication number Publication date
CN1753569B (en) 2010-05-12

Similar Documents

Publication Publication Date Title
CN1753569A (en) System and method for treating mobile communication data business based on false code
CN102196035B (en) For providing the method and system of unified web service discovery
CN1284099C (en) Electronic keying system and use method thereof
CN111027087B (en) Enterprise information management system and method for encrypting mnemonics by applying block chain
CN1287305C (en) Network system
CN1554176A (en) System and method for secure message key caching in a mobile communication device
CN1839608A (en) Device and method for generating a unique user's identity for use between different domains
CN1122213C (en) Method and apparatus for signing and sealing objects
CN1767438A (en) System and method for verifying digital signatures on certificates
CN106254324A (en) A kind of encryption method storing file and device
CN101065940A (en) Relay device, relay method, and program
CN1905446A (en) Client-based method, system to manage multiple authentication
CN1949765A (en) Method and system for obtaining SSH host computer public key of device being managed
CN104869099A (en) Multi-network-account login method and system based on fingerprint account
CN1874218A (en) Method, system and equipment for license management
CN1747380A (en) The block encryption data are decrypted
CN1787528A (en) Method for realizing information grading authorized access in presenting service system
CN1910531A (en) Method and system used for key control of data resource, related network and computer program product
CN109754322A (en) A kind of data service system
CN1866882A (en) System and method for carrying out monitoring on mobile IP user
CN1759585A (en) Method for provision of access
CN1532711A (en) Device and method for realizing coprocessing
CN1659558A (en) Broker-based interworking using hierarchical certificates
CN112398861B (en) Encryption system and method for sensitive data in web configuration system
CN113240145B (en) Order-preserving encryption-based network vehicle-restraining platform and method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant