CN1764106A - System and method for preventing software and hardware with communication condition/function against embezzlement - Google Patents

System and method for preventing software and hardware with communication condition/function against embezzlement Download PDF

Info

Publication number
CN1764106A
CN1764106A CNA200510096358XA CN200510096358A CN1764106A CN 1764106 A CN1764106 A CN 1764106A CN A200510096358X A CNA200510096358X A CN A200510096358XA CN 200510096358 A CN200510096358 A CN 200510096358A CN 1764106 A CN1764106 A CN 1764106A
Authority
CN
China
Prior art keywords
data
terminal
loss
hardware
record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA200510096358XA
Other languages
Chinese (zh)
Inventor
乔超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CNA200510096358XA priority Critical patent/CN1764106A/en
Publication of CN1764106A publication Critical patent/CN1764106A/en
Priority to CNB2006102010963A priority patent/CN100452908C/en
Priority to PCT/CN2006/003087 priority patent/WO2007056951A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal

Abstract

The system to prevent stealing of the soft/hard ware with communication function comprises: the terminal soft/hard ware with an ID number, the server of management center to store basic and register information of every ID number, a WEB server, a client for after service with terminal soft/hard ware, and the communication network between client and servers. Wherein, the terminal hardware sends register information to management server and obtains returned ACK demand to start work. This invention can send lock demand to terminal soft/hard ware to disable opposite function and track communication number to anti false.

Description

A kind of stolen system and method for software and hardware that prevents communication condition/function
Affiliated technical field
The present invention relates to the field that a kind of software and hardware that prevents to have communication condition/function is illegally used, especially relate to the system and method that the SIM card of the computer that prevents mobile phone, e-commerce, connection the Internet, mobile phone, computer software that needs connect the Internet are illegally used.In addition, also relate to field to illegal user's track and localization of software and hardware with communication condition/function.
Background technology
Along with the development of economy, technology and the raising of living standards of the people, the user of personal communication devices, personal computer, all kinds of computer softwares increases rapidly, but the loss situation of personal communication devices's (particularly mobile phone, Personal Handyphone System), personal computer is also more and more serious.In addition, the piracy of software is also very rampant.Because developing rapidly of Internet, most computer all use the Internet to communicate by letter with extraneous, this just makes that also the computer that can utilize existing communication condition or function to prevent loss is illegally used, and can follow the tracks of illegal user.Also can be used for preventing software pirate usefulness.
The smuggling problem of personal computer and mobile communication equipment, the "parallel goods" that just is commonly called as, also grievous injury manufacturer and user's interests.At present there is not a kind of good technology can control the smuggling of these equipment yet.
A kind of equipment of making special SIM mobile phone card occurs on the market now, can make the SIM card of one-card multi-number.The appearance of this equipment may be used to eavesdropping, free call on somebody else's expense through illegal means or otherwise usurp unlawful activities such as mobile phone rate.Also there is not at present relevant resist technology.
The existing communication apparatus that prevents loss is stolen and method that give for change is all perfect not to the utmost.As application number is 00101440.4, provides a kind of online register method in the patent of invention of " mobile phone antitheft self-explosion and online registration alarming method " by name.This method and the present invention have similarity, but have fatal mistake in this method.The inventor writes " this program comprises a modifiable telephone number that is connected with database hub " in its claim 4 (a), since be a modifiable telephone number, thief or pick up the machine person is modified as a spacing with it so, this system is just as illusory.In its claim 4 (b), write " checking behind the each plug-in card of mobile phone whether this card number occurs for the first time, if occur for the first time, then behind search network, dials database hub automatically, registers ".At first mobile phone is in closed condition during plug-in card, can't check whether this card number occurs for the first time.Secondly, if there is not network, perhaps ended when dialing database hub, that will not registered to database hub, and database hub just can't be followed the tracks of and control this cell-phone number at this moment.And this invention is communicated by letter with database hub with the mode of calling, and is both expensive, dangerous again (discovered by the people easily and ended).In the claim 4 (e) of this invention, write " after database hub obtaining that the owner of lost property agrees and confirming owner of lost property's identity; download manufacturer's internal command; remove all information in mobile phone basic configuration program and the memory ", this way is difficult to operation, destroyed early, mobile phone is retrieved and can not have been used, evening data outflowed, and be a kind of serious potential safety hazard.
In addition, the antitheft mobile phone technology that also has must set in advance password or contact number, can't protect original mobile phone.Some anti-theft technique depends on the Equipment Serial Number that is kept in the terminal equipment, and this sequence number generally is revisable, in case sequence number is modified, then these anti-theft techniques are with ineffective.
Summary of the invention
For the personation that solves hardware device effectively with communication function, renovate, lose, trans-regional sale, problem such as smuggle and usurp; and has a problem of piracy of the software (particularly needing server that the software of service is provided) of communication condition; the interests of protection user and producer; the invention provides a kind of stolen system and method for software and hardware that prevents communication condition/function; by strengthening the after sale management of producer to its product, can false proof effectively, antitheft and anti-smuggling.
The technical solution adopted for the present invention to solve the technical problems is:
A kind of stolen system and method for software and hardware that prevents communication condition/function, constitute by the communication network between terminal software and hardware, management center server, WEB server, after-sale service client and terminal software and hardware, after-sale service client and management center server, the WEB server, it is characterized in that:
Terminal essential information tables of data is arranged in the database of management center server, wherein preserve the essential information of all the terminal software and hardwares that will protect, the field of this tables of data has: Termination ID number, terminal number, password, terminal models/version number, date of manufacture, the place of production, current state, current characteristic and designated sale zone; If shielded terminal is a hardware, then terminal essential information tables of data also has color field; Termination ID number is the major key of this table; The current state field value is an enumeration type, have not enabled, normal, report the loss locking, smuggling locks and limit five kinds, and can add new value as required, the acquiescence initial value is a not enabled; The codomain of current state field is by the management of the state codomain table in the database of management center server, and the field in the state codomain table has: status number, state name, Status Type, information, restriction useful life; Also have the endpoint registration tables of data in the database of management center server, the field of this tables of data has: terminal number, terminal communication number and hour of log-on; Also have the illegal log-on data table of terminal in the database of management center server, the field of this tables of data has: Termination ID number, terminal communication number, hour of log-on, log-on message content; Report the loss the record data table in addition in the database of management center server and the record data table is reported the loss in releasing; The field of reporting the loss in the record data table has: report the loss Record ID, terminal number, report the loss preceding SOT state of termination, owner of lost property's contact details, remove and report the loss password, drop-out time, report the loss the time, remove and report the loss Record ID, remove report the loss the Record ID field initial value for empty; The field that releasing is reported the loss in the record data table has: remove and report the loss Record ID, remove and report the loss the time; The endpoint registration tables of data, report the loss the record data table and terminal essential information tables of data is associated by the terminal number field; Releasing is reported the loss the record data table and is reported the loss the record data table and report the loss the Record ID field by releasing and be associated.
Add a legitimate verification module in the terminal software and hardware, this module has 1 data submodule and data consistent check submodule, registration submodule, status checkout submodule, management center server order detection sub-module, management center server command process submodule, locks submodule and check 7 subroutine modules of data consistency submodule to server; Under the situation of specified otherwise not, the operated data of the subroutine module of legitimate verification module are the corresponding data in the data submodule; The legitimate verification module is after the terminal software and hardware is enabled, called to monopolize the system process mode, its workflow is: call the data consistent check submodule, if return value is false, then display reminding information " secure data is inconsistent; please with after service department's door link " is called the locking submodule then; If return value is true, then call the registration submodule; Then, call the status checkout submodule; If the return value of status checkout submodule is not normal, then call the locking submodule; If the return value of status checkout submodule is normal, then withdraw from the legitimate verification module, allow the user to use the terminal software and hardware.
The data of preserving in the data submodule have: 1 terminal software and hardware ID number, 1 management center server contact number tabulation, the item of information of 1~2 command id tabulation, 1 expression terminal software and hardware current state, 1 character string of representing the information under the abnormal condition, 1 set of feature data, 1 used communicating number tabulation of terminal software and hardware, 1 specific communication list of numbers and 2 groups of protected datas; Wherein, the Termination ID field value in the terminal essential information tables of data in terminal software hardware ID number and the management center server database is corresponding one by one; The current state information value is an enumeration type, and its value has normally, locks, reports the loss locking, smuggling locking, and initial value is locking; The initial value of current characteristic field is consistent in the terminal essential information tables of data in the initial value of characteristic and the management center server database; The initial value of the used communicating number tabulation of terminal software and hardware is a null character string; The initial value of the information character string under the abnormal condition is not enabled still; Preserve urgency communication number and owner of lost property's contact number in the specific communication list of numbers; There is not the 2nd group of protected data in the legitimate verification module when initial; The deposit position of the 1st group of protected data is the fixed position, and the deposit position of the 2nd group of protected data is determined by the numerical value of appointment in the 1st group of protected data.
The return value of data consistent check submodule is a Boolean variable, and its workflow is:
Aa) check whether the characteristic and the 1st group of protected data of preserving in the data submodule all are the corresponding initial value of specifying, and as null character string, if all be the initial value of appointment, then carry out Ab), otherwise carry out Ac);
Ab) according to the individuation data beyond the data submodule of being kept at of appointment, as be kept at the sequence number of given hardware device on the random number, terminal of the appointment beyond the data submodule, produce the 1st group of protected data by specified rule, and in the 1st group of protected data, add the random number that produces by specified rule; Calculate the deposit position of the 2nd group of protected data according to the 1st group of protected data by pre-defined rule, and add in this position and to specify initial value, as null character string; Then, the used communicating number tabulation of terminal software and hardware is set to null character string, returns " very ", withdraws from this submodule.
Ac) calculate due nonrandom numerical value in the 1st group of data by the rule of the 1st group of protected data of calculating of appointment, check whether corresponding numerical value is consistent in result of calculation and the 1st group of protected data, the inconsistent Ad that then carries out), unanimity is then carried out Ae);
Ad) return " vacation ", withdraw from this submodule.
Ae) press the rule of appointment according to the used communicating number tabulation calculating of the 1st group of protected data, the tabulation of management center server contact number, current state information and terminal software and hardware the 2nd group of protected data and deposit position thereof, deposit position according to the 2nd group of protected data of calculating takes out corresponding value from the data submodule, and compare with the 2nd group of protected data that calculates, if the two is identical, then return " very ", withdraw from this submodule; If different, then return " vacation ", withdraw from this submodule.
The workflow of registration submodule is:
Ba) according to specified rule, if as not having current communicating number in the used communicating number tabulation of registration terminal software and hardware earlier before each and the server communication would register, each initiatively communicate by letter with other software and hardware before registration earlier, accept to register earlier before the specified services at every turn, need to judge whether registration, do not need registration then to carry out Bb), need registration then to carry out Bc);
Bb) withdraw from this submodule.
Bc) whether the current state information value that detects in the data submodule is normal, if normal, then carries out next step, otherwise execution in step Be);
Bd) the current state information value is set to locking, and the value of the information character string under the abnormal condition is set to " registering; please after a while ", and the rule by appointment recomputates the 2nd group of protected data again, replaces the 2nd group of current protected data with new the 2nd group of protected data of calculating;
Be) produce new characteristic by specified rule, as generating the character string of a designated length at random, from the used communicating number tabulation of terminal software and hardware, take out the communicating number of last registration again, and by specified rule taking-up management center server communicating number from the tabulation of management center server contact number, the communication function that calls terminal then sends log-on message to the management center server communicating number; The communicating number, current characteristic, the new feature data that comprise sign-on ID character string, terminal software and hardware ID number, registration at last in the log-on message, wherein, the sign-on ID character string produces by specified rule, and other data except that the new feature data are the corresponding data in the data submodule; An initial value be set be 0 cycle counter;
Bf) cycle counter is from adding 1; Detect the value of cycle counter, if surpass predetermined number of times, display reminding information " server does not respond, registration failure ", the software and hardware of closing a terminal then; The calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Bf); Call management center server order detection sub-module, detect whether management center server order detection sub-module the 1st return value is " very ", if for very carry out Bg); Otherwise, carry out Bf);
Bg) carry out Bh);
Bh) with the current characteristic in the new feature data replacement data submodule; Call management center server command process submodule; Current communicating number is joined in the used communicating number tabulation of this terminal software and hardware; Withdraw from the registration submodule.
Management center server order detection sub-module is returned 3 values: the 1st return value is Boolean variable, and whether the information that expression detects is the management center server order; The 2nd return value is the enumeration type variable, the type of expression management center server order; The 3rd return value is character string, represents corresponding remark information; Have only when the 1st return value is " very ", latter two value is just meaningful; When shielded software and hardware is received with the similar information of management center server order, call management center server order detection sub-module; Information in the management center server order has: communicating number, the remark information of command id character string, terminal software and hardware ID number, characteristic, registration at last; The workflow of this submodule is:
Ca) whether the transmission number that detects the information receive is the management center server communicating number, is not then to carry out Cb), be then to carry out Cc);
Cb) the 1st return value is set to " vacation ", withdraws from this submodule.
Cc) form by the management center server order extracts corresponding data from the information of receiving; Checking whether the command id character string is the legal sign of regulation, is then to carry out Cd), be not then to carry out Cb);
Cd) the terminal software and hardware that relatively extracts ID number, characteristic, whether the communicating number of registration is consistent with the corresponding data in the data submodule at last, if there is 1 group of data inconsistent, then carries out Cb), otherwise execution Ce);
Ce) delete the raw information of receiving; The 1st return value is set to " very ", the command id character string that extracts is transformed to the enumeration type management center server order of appointment by specified rule, the 2nd return value is set to this enumeration type management center server order, again the 3rd remark information that return value is set to extract; Withdraw from this submodule.
Management center server command process submodule has two parameters, and no return parameters is in registration and program to server is checked the data consistency submodule, when the 1st return value of management center server order detection sub-module is that true time calls; Two parameters are respectively the 2nd, 3 return value that management center server order detection sub-module is returned; The workflow of this submodule is:
Da) check the bid value that the 1st parameter indicated; If Dh is carried out in the data consistent order); If revise the management center server communicating number, carry out Db); If confirm order, carry out Dc); If Dd is carried out in locking class order and the inconsistent order of data); If remove the class lock command, carry out Df);
Db) press specified rule, according to the 2nd parameter value the management center server contact number in the data submodule is tabulated and make amendment, withdraw from this module then;
Dc) the current state information value in the data submodule is set to normally; Carry out Dg);
Dd) value of the current state information in the data submodule is set to corresponding lock value, and with the value of the information character string under the abnormal condition in the 2nd the parameter update data submodule; Whether the bid value of checking the 1st parameter indication is to report the loss lock command, is then to carry out De), be not then to carry out Dg);
De) from the 2nd parameter, extract owner of lost property's contact number, and the owner of lost property's contact number that extracts is added in the specific communication list of numbers of data submodule; Carry out Dg);
Df) check that whether the value of the current state information in this unlock order and data submodule is corresponding, if not corresponding, then carries out Dh); If corresponding, then the value of current state information is set to the analog value that the 2nd parameter indicated in the data submodule; Carry out Dg);
Dg) rule by appointment recomputates the 2nd group of protected data, and replaces currency with new value;
Dh) withdraw from this module.
The return value of status checkout submodule is an enumeration type, its workflow: the value of returning current state information.
The locking submodule does not have return value, and its workflow is:
Ea) call the status checkout submodule,, then withdraw from this submodule if return value is normal; Otherwise, carry out next step;
Eb) value of the information character string under the abnormal condition in the video data submodule; The calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Eb); Calling management center server order detection sub-module, detect whether management center server order detection sub-module the 1st return value is " very ", is then to call management center server command process submodule, is not then to carry out next step; The calling system function, the input operation of monitoring terminal software and hardware, if input operation be with the specific communication list of numbers in number communication, then allow operation to carry out, otherwise forbid the execution of this operation; Carry out Ea);
Checking the data consistency submodule to server does not have return value, at specified requirements, as software and hardware start the back at every turn, ask before the specified services at every turn, the numerical value that produces at random equals to specify numerical value, calls when being satisfied, its workflow is:
Fa) calling system communication function, send request to management center server and check data consistency information, this information comprises communicating number, the current characteristic of checking request mark character string, terminal software and hardware ID number, registration at last, wherein, check the request mark character string and produce by specified rule, other data are the corresponding data in the data submodule;
Fb) calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Fb); Call management center server order detection sub-module, detect the 1st, 2 return values of management center server order detection sub-module, if be respectively true and data consistent/inconsistent order/locking class order then carry out Fc); Otherwise, carry out Bb);
Fc) check management center server order detection sub-module the 2nd return value,, then withdraw from this submodule if the 2nd return value is the data consistent order, otherwise, the locking submodule called.
There are terminal request respond module, endpoint registration module, terminal to report the loss module, remove and to report the loss module, terminal inquiry respond module, user's service module, terminal software and hardware sales situation analysis module, check data consistency module, terminal software and hardware log-on message monitoring module in the software of management center server.
The workflow of endpoint registration module is:
Ga) record sends the communicating number of this log-on message and the time of receiving this log-on message, and according to the form of log-on message, extracts corresponding character string from this log-on message; In terminal essential information tables of data, search the essential information record of this terminal software and hardware ID number according to the terminal software and hardware that extracts again,, then carry out Gb) if do not find corresponding record; Otherwise carry out Gc);
Gb) in the illegal log-on data table of terminal, add a record, terminal software and hardware ID number, the communicating number that sends this log-on message, the time of receiving this log-on message and log-on message content that registration extracts, and to the communicating number transmission warning message that sends this log-on message, the warning message content is " the ID mistake in the log-on message can't be registered "; Then, finishing this calls.
Gc) whether the current characteristic field value of the essential information of this terminal software and hardware record is consistent in the current characteristic that relatively extracts and the terminal essential information tables of data, the inconsistent Gd that then carries out); Unanimity is then carried out Ge);
Gd) carry out Gf);
Ge) according to terminal number field value in the essential information record of this terminal software and hardware in the terminal essential information tables of data and the hour of log-on field value in the endpoint registration tables of data, in the endpoint registration tables of data, search the record of the last registration of this terminal software and hardware, if the communicating number of the last registration of not finding and extracting is not a null character string, if the value of the terminal communication number field of the record that perhaps finds is inconsistent with the communicating number of the last registration that extracts, then carry out Gf); Otherwise, carry out Gg);
Gf) in the illegal log-on data table of terminal, add a record, terminal software and hardware ID number, the communicating number that sends this log-on message, the time of receiving this log-on message and log-on message content that registration extracts, and to the inconsistent order of communicating number transmission data that sends this log-on message, the communicating number of characteristic in this order and last registration is the respective symbols string that extracts from this log-on message, remark information is " secure data and server are inconsistent, please with after service department's door link "; Then, finishing this calls.
Gg) analyze to send the indicated country /region of communicating number of this log-on message, and whether the indicated country /region of designated sale area field value was consistent during the essential information of this terminal software and hardware write down in comparative analysis result and the terminal essential information tables of data; If consistent, then carry out Gh), otherwise, carry out Gi);
Gh) current state field value during the essential information of this terminal software and hardware writes down in the inspection terminal essential information tables of data, it is upgraded by specified rule according to the current state field value, and write corresponding management center server order, the command id character string of this order is pressed the specified rule setting according to the current state field value, the communicating number of current characteristic in this order and last registration is the corresponding data that extracts from this log-on message, remark information in this order be in the state codomain table with terminal essential information tables of data in the information field value of the corresponding record of current state field value of this terminal software and hardware essential information record, if this order is to report the loss lock command, also the owner of lost property's contact information field value that should from report the loss the record data table this terminal software and hardware be reported the loss in the record is for the last time added in the remark information of this order; Send the management center server order that has write to the communicating number that sends this log-on message; Carry out Gj);
Gi) revise the current state field value, send the management center server order of appointment to the communicating number that sends this log-on message according to corresponding specified rule;
Gj) carry out Gk);
Gk) in the endpoint registration tables of data, add a record, terminal software and hardware ID number that registration extracts, send the communicating number of this log-on message, the time of receiving this log-on message from this log-on message; Current characteristic field value in the essential information record of this terminal software and hardware in the terminal essential information tables of data is revised as the new feature data that extract from log-on message; Finishing this calls.
The terminal software and hardware sales situation analysis module of management center server, the workflow of this module is: the zone at the communicating number place that the terminal software and hardware is registered for the first time in the analysing terminal log-on data table, each designated sale zone of statistic of classification at the appointed time in the zone at the terminal software and hardware of the every kind of model/version communicating number place of registering for the first time, show statistics.
Reporting the loss solicited message comprises: password, owner of lost property's contact details, drop-out time, the communicating number when losing that terminal software and hardware ID number, password, the releasing that report the loss the solicited message sign, will report the loss reported the loss; Releasing is reported the loss solicited message and is comprised: remove the password that terminal software and hardware ID number, password, the releasing report the loss the solicited message sign, to have reported the loss report the loss, the communicating number of current use.
The workflow that the terminal software and hardware of management center server is reported the loss module is:
Ha) record sends this and reports the loss communicating number of solicited message and receive that this reports the loss the time of solicited message; According to the form of reporting the loss solicited message, report the loss the corresponding character string of extraction the solicited message from this, in terminal essential information tables of data, search the essential information record of this terminal software and hardware according to the terminal software and hardware ID sign character string that will report the loss that extracts, do not find and then carry out Hf), found and then carried out Hb);
Hb) whether the current state field value of checking this record is then to carry out Hc for reporting the loss locking), otherwise carry out Hd);
Hc) return bomp information " this terminal is reported the loss, and this asks failure " to sending this communicating number of reporting the loss solicited message, finish this and call.
Hd) check whether the password field selection values in the essential information record of this terminal software and hardware is identical with the password that reads from report the loss solicited message, the identical He that then carries out); Difference is then carried out Hf);
He) in reporting the loss the record data table, add a record, the Record ID field value of reporting the loss of this record is generated automatically by system, the terminal number field value is got the terminal number field value in the essential information record of this terminal software and hardware, the SOT state of termination field value is got the current state field value in the essential information record of this terminal software and hardware before reporting the loss, releasing is reported the loss password field selection values and get the password that the releasing that extracts is reported the loss from is reported the loss solicited message, the drop-out time field value is got the drop-out time that extracts from report the loss solicited message, report the loss the time word segment value and be and receive that this reports the loss the time of solicited message, the owner of lost property contact details of owner of lost property's contact information field value for extracting from report the loss solicited message are removed and are reported the loss the Record ID field value for empty; Current state field value in the essential information of this terminal software and hardware record changed into report the loss locking, this terminal software and hardware of search is lost all communicating numbers of post-registration in the endpoint registration tables of data, sends to these communicating numbers and reports the loss lock command; Whether the communicating number that inspection extracts from solicited message when losing is null character string, if be not null character string, then to extract lose the time communicating number send and report the loss lock command; The contact details that include the owner of lost property in the remark information of lock command; Return and report the loss successful information to sending this communicating number of reporting the loss solicited message; Finishing this calls.
Hf) return bomp information to sending this communicating number of reporting the loss solicited message, finish this and call.
The workflow that module is reported the loss in the releasing of management center server is:
Ia) record sends this releasing and reports the loss the communicating number of solicited message and receive that this releasing reports the loss the time of solicited message; Report the loss the form of solicited message according to releasing, report the loss from this releasing and extract corresponding character string the solicited message; In terminal essential information tables of data, search the essential information record of this terminal software and hardware according to the terminal software and hardware ID sign character string of reporting the loss of will removing that extracts,, that is, do not find, then carry out Ii) if the record number that returns is 0; Otherwise, carry out Ib);
Ib) whether the current state field value of checking this record is to report the loss locking, is then to carry out Ic); Otherwise carry out Ih);
Ic) check password field selection values in the essential information record of this terminal software and hardware with whether report the loss the password that reads the solicited message from this releasing identical, the identical Id that then carries out); Difference is then carried out Ii);
Id) according to the terminal number field value in the essential information of this terminal software and hardware record with report the loss and report the loss the time word segment value in the record data table, in reporting the loss the record data table, search this terminal and report the loss record for the last time, if the record number that returns is 0, then carry out Ii); Otherwise, carry out Ie);
Ie) checking that this terminal software and hardware is reported the loss in the record to remove for the last time reports the loss password field selection values to report the loss password identical with report the loss the releasing that extracts the solicited message from releasing, the identical If that then carries out); The Ii that then carries out inequality);
If) check whether the Record ID field value is reported the loss in the releasing of reporting the loss record for the last time is empty, for sky is then carried out Ig); Then do not carry out Ii) for sky;
Ig) report the loss in the record data table in releasing and add a record, the releasing of this record is reported the loss the Record ID field value and is generated automatically by system, removes the time of reporting the loss and is and receive that this releasing reports the loss the time of solicited message; This terminal is reported the loss releasing in the record for the last time and is reported the loss the Record ID field value and be set to the releasing that the new releasing of adding reports the loss in the record and report the loss the Record ID field value again; Next, the current state field value that this terminal software and hardware essential information is write down changes into and reports the loss the preceding SOT state of termination field value of reporting the loss of record for the last time; Detect then and report the loss the current communicating number that uses that extracts the solicited message from releasing and whether be null character string, if not, then send to remove and report the loss order to this communicating number; The current state field value that the remark information in the order writes down for this terminal software and hardware essential information is reported the loss in releasing; Report the loss the communicating number of solicited message and return success to remove and report the loss information to sending this releasing, finish this and call.
Ih) report the loss the communicating number of solicited message and return bomp information " this terminal is not reported the loss, and this ask to fail " to sending this releasing, finish this and call.
Ii) report the loss the communicating number of solicited message and return bomp information to sending this releasing, finish this and call.
The data consistency module workflow of checking of management center server is:
Ja) record sends this and checks the communicating number of data consistency solicited message; According to the form of checking the data consistency solicited message, check the corresponding character string of extraction the data consistency solicited message from this; In terminal essential information tables of data, search the record of this terminal software and hardware according to the terminal software and hardware ID sign character string that extracts,, then carry out Jh) if the record number that returns is 0; Otherwise, carry out Jb);
Jb) whether the current characteristic field value of the essential information of this terminal software and hardware record is consistent in the current characteristic that relatively extracts and the terminal essential information tables of data, if unanimity is then carried out Jc); Otherwise, carry out Jd);
Jc) according to terminal number field value in the essential information record of this terminal software and hardware, in the endpoint registration tables of data, search the record of the last registration of this terminal software and hardware, if the communicating number of the last registration of not finding and extracting is not the initial value of appointment, if the terminal communication Number character segment value of the record that perhaps finds is inconsistent with the communicating number of the last registration that extracts, then carry out Jd); Otherwise, carry out Je);
Jd) send the inconsistent order of data to sending this communicating number of checking the data consistency solicited message, and finish this and call.
Je) whether the current state field value of checking this record is the value of locking class, is then to carry out Jf); Otherwise carry out Jg);
Jf) send corresponding lock command to sending this communicating number of checking the data consistency solicited message; Finishing this calls.
Jg) send the data consistent order to sending this communicating number of checking the data consistency solicited message; Finishing this calls.
Jh) return bomp information to sending this communicating number of checking the data consistency solicited message, finish this and call.
The information that comprises in the terminal inquiry solicited message has: query requests sign, terminal software and hardware ID number, password, the remark information that will inquire about; The terminal inquiry request has inquiry of terminal essential information and endpoint registration to inquire about two kinds; In the trade mark enquiries request, include the hour of log-on scope of the registration number that returns, the record that will inquire about in the remark information.
The workflow of the terminal inquiry respond module of management center server is:
Ka) record sends the communicating number of this Query Information; According to the form of Query Information, from this Query Information, extract corresponding character string; In terminal essential information tables of data, search the record of this terminal software and hardware according to the terminal software and hardware ID sign character string that extracts,, then carry out Kf) if the record number that returns is 0; Otherwise, carry out Kb);
Kb) check whether the password field selection values in the essential information record of this terminal software and hardware is identical with the password that reads from this Query Information, the identical Kc that then carries out); Difference is then carried out Kf);
Kc) according to the terminal number field value in the essential information record of this terminal software and hardware, the hour of log-on field value in the endpoint registration tables of data, the registration of in the endpoint registration tables of data, searching this terminal software and hardware; The type of the query requests sign that inspection extracts from the Query Information of receiving is if Kd is then carried out in the essential information inquiry); If Ke is then carried out in the log-on message inquiry);
Kd) Termination ID of this terminal software and hardware essential information record number, terminal models/version number, date of manufacture, the place of production, current state and the time of designated sale area field value and registration for the first time and the communicating number of last registration are write a return string by specified rule, again this return string is sent to the communicating number that sends this Query Information; Finishing this calls.
Ke) according to the parameter of from the remark information that extracts, extracting, write return string, again this return string is sent to the communicating number that sends this Query Information by specified rule; Finishing this calls.
Kf) return bomp information to the communicating number that sends this Query Information, finish this and call.
The terminal request respond module of management center server is called when system start-up, memory-resident, and up to system closing, workflow is:
La) appointed information sent of sense terminals software and hardware is if detect then carry out Lb); Otherwise, carry out La);
Lb) by the general format of terminal request, from the information of receiving, extract the request mark character string, detect the request type of request mark character string representative,, then call the endpoint registration module if represent register requirement; If request is reported the loss in representative, then call terminal and report the loss module; If representative is removed and reported the loss request, then module is reported the loss in call release; If the terminal inquiry respond module is then called in the request of GC group connector inquiry class; Otherwise, this information is handed to other corresponding module of system; Carry out La again).
All communicating number modules, the request management center server that the after-sale service client has inquiry terminal software and hardware current state and basic information module, inquiry terminal software and hardware to register reported the loss the terminal module of software and hardware, the request management center server is removed the terminal software and hardware and reported the loss block of state.
Said method is characterized in: the workflow of the endpoint registration module of management center server can be made following modification;
With step Gd) be revised as: check whether the current characteristic that extracts is the initial value of appointment, and whether the communicating number of the last registration that extracts is null character string from log-on message; Specify initial value and null character string if be respectively, then carry out Gd1); Otherwise, carry out Gf);
Add step Gd1): send the information that requires to provide password to the communicating number that sends this log-on message, if receive at the appointed time that password that the communicating number of this log-on message sends and the password of receiving are consistent with the password field selection values in the essential information record, then carry out Gg); Otherwise, carry out Gf);
At step Gj) in, finish this and call the following operation of adding before; Whether the current characteristic that inspection extracts from log-on message is the initial value of appointment, if the initial value of appointment, then produce the new password character string at random by specified rule, change the password field selection values in this terminal software and hardware essential information record into the new password character string, send the new password character string to the communicating number that sends this log-on message and user's pre-specified address again.
Said method is characterized in: for the terminal software and hardware that must provide service to work by server, the available specific personalized service that it is successfully asked is as characteristic; Before each request server provided service, the terminal software and hardware sent to management center server and checks the data consistency solicited message; Check the data consistency solicited message and comprise communicating number, the current characteristic of checking request mark character string, terminal software and hardware ID number, registration at last; The current characteristic of checking in the data consistency solicited message can be the part character of appointment in the characteristic; After management center server is received and checked the data consistency solicited message, check whether data corresponding in terminal software and hardware ID number extract, the communicating number of registration at last, current characteristic and the database are consistent, if inconsistent, then refuse to provide service; If consistent, then provide service; After serving successfully end, terminal software and hardware and management center server all upgrade the communicating number and the current characteristic of each self-recording last registration with this specific personalized service of serving used communicating number and appointment.
Said method; be characterized in: the 2nd group of protected data in the data submodule of legitimate verification module also can generate at random by specified rule; press regular the 2nd group of new protected data that produces each the modification when tabulation of management center server contact number, current state information and the used communicating number of terminal software and hardware are tabulated, according to the 2nd group of protected data above-mentioned three groups of data are encrypted then.
Said method is characterized in: the customized information that can all preserve according to protected terminal software and hardware and management center server, as the communicating number of characteristic, the registration of terminal software and hardware, the communication between them is encrypted.
Said method is characterized in: the workflow of the registration submodule of the legitimate verification module of terminal software and hardware can be made following modification;
With Bg) change into: what whether the 2nd return value of detection management center server order detection sub-module indicated is to confirm order, is then to carry out Bh); Not then to carry out Bh1);
Interpolation step Bh1) calls management center server command process submodule; Withdraw from the registration submodule;
Accordingly, in management center server software, also make following modification;
In the management center server database, increase the not successful log-on data table of terminal; Simultaneously, the endpoint registration module of management center server is also made following modification;
With Gj) be revised as: check whether the management center server order that sends out is to confirm order, is then to carry out Gk); Not then to carry out Gk1);
Add step: Gk1) in the not successful log-on data table of terminal, add a record, terminal software and hardware ID number that registration extracts, send the communicating number of this log-on message, the time of receiving this log-on message from this log-on message; Finishing this calls.
The structure of the not successful log-on data table of terminal is identical with the endpoint registration tables of data.
Said method is characterized in: can only write down the communicating number of last registration in the used communicating number tabulation of the terminal software and hardware in the data submodule; Accordingly, the endpoint registration tables of data of management center server can be removed, and adds the communicating number field of a last registration in Basic Information Table; After management center server is received register requirement, after having passed through the communicating number checking of last registration, whether the current state field value that detects in the essential information record of this terminal software and hardware is normal, be normal, then management center server upgrades the communicating number and the current characteristic field value of the last registration in the essential information record; Be not normal, then this log-on message with this terminal software and hardware is recorded in the illegal log-on data table of terminal.
Said method, be characterized in: if the communicating number of terminal software and hardware is changeless, data submodule in the legitimate verification module of terminal software and hardware can not have the used communicating number tabulation of terminal software and hardware, the communicating number that in the communication information of terminal software and hardware and management center server, does not comprise last registration, and the communicating number inspection of when whether the checking communication information is legal, also not registering at last.
Said method, be characterized in: whether the indicated country /region of the designated sale area field value during the essential information of this terminal software and hardware writes down in use country /region that can be by relatively log-on message communicating number indication and the management center server terminal essential information tables of data is consistent, judges whether this terminal software and hardware is smuggled goods.
Said method, be characterized in: can be the information in the terminal essential information tables of data, feature by the terminal software and hardware, scope, terminal models/version number, the place of production, designated sale zone as Termination ID number, be organized in a plurality of terminal essential information data sublists, and come these terminal essential information data sublists of unified management by a terminal essential information concordance list; Field in the terminal essential information tables of data is divided into two parts, deposits in terminal essential information data sublist and the terminal essential information concordance list; Field in the terminal essential information concordance list has: the specific field of the starting symbol of terminal essential information data sublist name, Termination ID feature string, Termination ID scope, the termination of Termination ID scope number and expression terminal further feature, as terminal models/version number field, designated sale area field; When searching terminal software and hardware essential information, earlier number in terminal essential information concordance list, find corresponding terminal essential information data sublist name, in the terminal essential information data sublist that checks in, search the record at this Termination ID place again according to the Termination ID that will look into; Each terminal essential information data sublist all has own corresponding illegal log-on data table of endpoint registration tables of data, terminal and the not successful log-on data table of terminal.
The invention has the beneficial effects as follows, can prevent from effectively to cheat communication equipment buyer, can recover and lose communication equipment, can supervise dealer's sales behavior by renovation or personation mode, the communication equipment smuggling can be prevented, the software pirate version of communication condition can be prevented to have.When the terminal that will protect was hardware device, the operation on the terminal can realize with hardware mode, also can the pure software mode realize fully; When the terminal that will protect was software, the legitimate verification module on the terminal was realized by the pure software mode.In addition, this technology is difficult to be cracked by illegal user.Thereby protect the legitimate rights and interests of user and producer to greatest extent.
Description of drawings
The present invention is further described below in conjunction with drawings and Examples.
Fig. 1 is the system topological figure of embodiment one.
Fig. 2 is the mobile phone legitimate verification module flow chart of embodiment one.
Fig. 3 is " registration " submodule flow chart of the mobile phone legitimate verification module of embodiment one.
Fig. 4 is " mobile telephone registration " module flow chart of the management center server of embodiment one.
Embodiment
Embodiment one
Present embodiment provides the implementation of the system and method for a kind of antitheft mobile phone, false proof, anti-smuggling.
System is made of mobile phone 1, GSM net 2, SMS service centre 3, communication link 4, INTERNET net 5, PC 6, management center server 7 and WEB server 8, and its topological structure as shown in Figure 1.
Mobile phone 1 links to each other with management center server 7 by the short message channel that GSM net 2, SMS service centre 3, SMS gateway, INTERNET net 5 constitute, and realizes the information interaction of mobile phone and management center server.WEB server 8 links to each other with management center server 7 by local area network (LAN).User and after-sale service personnel can operate PC 6 by INTERNET net 5 and WEB server access management center server, can report the loss, remove the operations such as card number information of reporting the loss and inquiring about its essential information and registered to mobile phone.This system has formed an antitheft mobile phone, Antiforge system total solution with mobile phone, communication network, management center server and PC.
In this scheme, the user can report the loss, remove and report the loss and various query requests to the management center server transmission by sending SMS or online.The user with mobile phone short messages when management center server sends request, should write the SMS content by form on request, and send to the service specified number.
" mobile phone essential information tables of data " arranged in the database of management center server; wherein preserve the essential information of all mobile phones that will protect, the field of this tables of data has: mobile phone ID number, mobile phone numbering, password, mobile phone model/version number, date of manufacture, the place of production, current state, color, current characteristic and designated sale zone.Mobile phone ID number is the major key of this tables of data.The current state field value is an enumeration type, have not enabled, normal, report the loss locking and limit four kinds, and can add new value as required, the acquiescence initial value is a not enabled.The codomain of current state field is by " state codomain table " in management center server database management, and the field in " state codomain table " has: status number, state name, Status Type, information, restriction useful life.Current characteristic field initial value is empty.Consistent on password field selection values and the mobile phone packing box.Also have in the database of management center server " mobile telephone registration tables of data ", be used to write down the log-on message of mobile phone, the field of this tables of data has: mobile phone numbering, mobile phone card number and hour of log-on.Also have in the database of management center server by " the illegal log-on data table of mobile phone ", be used to write down illegal log-on message, the field of this tables of data has: mobile phone ID number, mobile phone card number, hour of log-on, log-on message content.Also have in the database of management center server " the not successful log-on message table of mobile phone ", being used to write down and not obtaining the log-on message confirmed, the field of this tables of data has: mobile phone numbering, mobile phone card number and hour of log-on.Also have in the database of management center server " reporting the loss the record data table " and " the record data table is reported the loss in releasing ", information is reported the loss in the information of reporting the loss and the corresponding releasing that are respectively applied for the record mobile phone.Wherein, field in " reporting the loss the record data table " has: report the loss Record ID, mobile phone numbering, report the loss preceding mobile phone state, owner of lost property's contact details, remove and report the loss password, drop-out time, report the loss the time, remove and report the loss Record ID, remove report the loss the Record ID field initial value for empty; Field in " the record data table is reported the loss in releasing " has: remove and report the loss Record ID, remove and report the loss the time." mobile telephone registration tables of data ", " reporting the loss the record data table " and " mobile phone essential information tables of data " are associated by the mobile phone number field." report the loss the record data table " and " the record data table is reported the loss in releasing " reported the loss the Record ID field by releasing and be associated.
Add a legitimate verification module in mobile phone, this module has 1 data file and " data consistent check ", " registration ", " status checkout ", " management center server order detection ", " management center server command process ", " locking " and " checking data consistency to server " 7 subroutine modules.Under the situation of specified otherwise not, the operated data of the subroutine module of legitimate verification module are the corresponding data in the data file.The legitimate verification module is after mobile phone is enabled, called to monopolize the system process mode, its workflow is: call the data consistent check submodule, if return value is false, then display reminding information " secure data is inconsistent; please with after service department's door link " is called " locking " submodule then or is closed this mobile phone; If return value is true, then call " registration " submodule.Then, call " status checkout " submodule.If the return value of " status checkout " submodule is not normal, then call " locking " submodule; If the return value of " status checkout " submodule is normal, then withdraw from the legitimate verification module, allow the user to use mobile phone.
Need make following modification to the control flow that mobile phone receives SMS module: after receiving note, call " management center server order detection " submodule earlier, if this submodule the 1st return value is " very ", then call " management center server command process " submodule, other operation after finishing this then and receiving note; If the 1st return value of " management center server order detection " submodule is " vacation ", then get back in the existing control flow.
The cell phone system control flow is made amendment, or add the core resident monitoring program module, whether the condition of calling of monitoring " checking data consistency to server " submodule satisfies, if satisfy, then calls this submodule.
Mobile phone can adopt SMS or data packet form with communicating by letter of management center server.Adopt the SMS form in the present embodiment.The transmitting-receiving SMS of legitimate verification module invokes mobile phone is communicated by letter with management center server.After-sale service client and management center server communicate by the communication function that calls communication protocol on this machine of being installed in, standard communication, operating system.
The data of preserving in the data file of mobile phone legitimate verification module have: protected data, mobile phone ID number; server contact number number, acquiescence management center server contact number, the tabulation of management center server contact number; the current state state; information, characteristic, the card number number of using, card number tabulation, specific communication list of numbers, the owner of lost property's contact number used.Wherein, mobile phone ID number with administrative center's database " mobile phone essential information tables of data " in mobile phone ID field value corresponding one by one; Current user mode is an enumeration type, its value have normally (represent), lock (representing), report the loss locking (representing) with LOSS with LOCK with NORM, initial value is locking; Protected data, characteristic and owner of lost property's contact number initial value all are null character string; The tabulation of management center server contact number is the 2D string array, and wherein one dimension is deposited the card number feature string, and another dimension is deposited corresponding management center server number; With the communicating number tabulation of crossing is the character string array, and initial value is 1 null character string; Information is a character string, and initial value is " not enabled still ".The specific communication list of numbers is the character string array, is used to preserve some special numbers, as 110,120 of China, and 911 etc. of the U.S..
" data consistent check " submodule is used for checking whether the data of data file are illegally modified, and its return value is a Boolean variable, and workflow is:
Aa) check whether the characteristic and the protected data of preserving in the data file all are null character string, if all be null character string, then carry out Ab), otherwise, carry out Ac);
Ab) the used communicating number tabulation of mobile phone is set to null character string, returns " very ", withdraws from this submodule.
Ac) card number tabulation and the current state information of tabulating, using according to acquiescence management center server contact number, management center server contact number by the rule of appointment calculates protected data; as represent these information (each directory is shown as a character string) with character string forms; then the character on their corresponding positions is taken out; they are converted into integer type; summation then; again will with mould 255, then result of calculation is converted into character type, as the character on the corresponding position of protected data.Protected data that relatively calculates and the protected data of taking out from data file if two character strings are identical, are then returned " very ", withdraw from this submodule; If two character string differences are then returned " vacation ", withdraw from this submodule.
The workflow of " registration " submodule is:
Step 100 reads the card number of current use, checks with in the card number tabulation of crossing the card number that does not have current use being arranged, if having, does not then need registration, withdraws from this submodule.If no, then carry out next step;
Step 105, whether the value that detects the current state information in the data file is normal, if normal, then execution in step 110, otherwise, execution in step 115;
Step 110, current state information value are set to locking, and the value of information character string is set to " registering, please after a while ", calculate protected data by the rule of appointment again, replace current protected data with the new protected data of calculating.
Step 115 produces new characteristic by specified rule, from the card number tabulation of use, take out again last registration card number (as, this tabulation is organized as formation, that card number of tail of the queue is exactly the card number of registering at last);
Step 120, with try card number feature string in the match management central server contact number tabulation of the card number of current use, if find the card number feature string that is complementary, then take out the management center server communicating number of its correspondence, if be not complementary, then get acquiescence management center server communicating number.
Step 125 is write the registration note, and the short message content form is: sign-on ID character string+mobile phone ID number+at last the registration communicating number+current characteristic+new feature data; Other data beyond sign-on ID character string and the new feature data are the corresponding data in the data file.
Step 130, search network is till having network;
Step 135 is provided with and sends time counter I, and initial value is I=0;
Step 140, I=I+1; Check whether counter I surpasses designated value, surpasses then display reminding information " server does not respond, registration failure ", closes mobile phone then; Do not surpass, then the transmission SMS of calling mobile phone sends the registration note to the management center server communicating number.
Step 145, the calling system function detects the registration note and whether sends success, if do not have success, waits for the fixed time, execution in step 140; If send successfully, then execution in step 150;
Step 150 is provided with cycle counter J, and initial value is 0, i.e. J=0;
Step 155, J=J+1; Check whether J surpasses designated value, surpasses then display reminding information " server does not respond, registration failure ", closes mobile phone then; Do not surpass, then carry out next step; Whether the calling system Function detection receives note, if confiscate, then execution in step 155, receives then execution in step 160;
Step 160 is called " management center server order detection " submodule, and whether detect " management center server order detection " submodule the 1st return value is " very ", is execution in step 165 then; Otherwise execution in step 155;
Step 165, whether what detect that " management center server order detections " submodule the 2nd return value represents is to confirm to order, and is execution in step 170 then; Otherwise carry out 175;
Step 170 detects with the current characteristic in the new feature data replacement data file;
Step 175 is called " management center server command process " submodule; At last, withdraw from " registration " submodule.
" management center server order detection " submodule returns 3 values: the 1st return value is Boolean variable, and whether the information that expression detects is the management center server order; The 2nd return value is the enumeration type variable, the type of expression management center server order; The 3rd return value is character string, represents corresponding remark information.Have only when the 1st return value is " very ", latter two value is just meaningful.After mobile phone is received note, before handling, call " management center server order detection " submodule earlier.Information in the management center server order note has: communicating number, the remark information of command id character string, mobile phone ID number, characteristic, registration at last.The workflow of this submodule is:
Ba) whether the transmission number that detects the note receive is the management center server communicating number.Be then to carry out Bb); Not then to carry out Bf);
Bb) form by the management center server order extracts corresponding data from the note of receiving;
Bc) checking whether the command id character string is the legal sign of regulation, is then to carry out Bd); Not then to carry out Bf);
Whether the communicating number of the mobile phone ID that Bd) relatively extracts number, characteristic, registration at last is identical with the corresponding data in the data file; If have 1 group of data inequality, then carry out Bf); Carry out Be if 3 groups of data are all identical);
Be) delete the original note of receiving; The 1st return value is set to " very ", the command id character string that extracts is transformed to the enumeration type management center server order of appointment by specified rule, the 2nd return value is set to this enumeration type management center server order, again the 3rd remark information that return value is set to extract; Withdraw from this submodule.
Bf) the 1st return value is set to " vacation ", withdraws from this submodule.
" management center server command process " submodule, two parameters are arranged, no return value is in the program except that " registration " and " checking data consistency to server " submodule, when the 1st return value of " management center server order detection " submodule is that true time calls.Two parameters are respectively the 2nd, 3 return value that " management center server order detection " submodule returns.The workflow of this submodule is:
Ca) check the bid value that the 1st parameter value indicated, if this module is then withdrawed from the data consistent order.If revise the order of management center server communicating number, then carry out Cb); If confirm order, then carry out Cc); If Cd is then carried out in locking class order and the inconsistent order of data); If remove the class lock command, then carry out Cf);
Cb) according to the rules, with the 2nd parameter value the management center server contact number in data file tabulation is made amendment; Carry out Cg);
Cc) the current state information value in the data file is set to normally, and the card number with current use joins in the card number tabulation of using again; Carry out Cg);
Cd) value of the current state information in the data file is set to corresponding lock value, and with the value of information character string in the 2nd the parameter value updated data file;
Ce) whether the bid value of checking the 1st parameter indication is to report the loss lock command, is then to extract owner of lost property's contact number from the 2nd parameter value, and with owner of lost property's contact number of owner of lost property's contact number updated data file of extracting, is not then to carry out next step; Carry out Cg);
Cf) check whether the value of the current state information in this unlock order and data file is corresponding, if it is not corresponding, then withdraw from this submodule, if corresponding, then the value of the current state information in the data file is set to the definite analog value of the 3rd return value that returned by " management center server order detections " submodule; Carry out Cg);
Cg) calculate protected data by the rule of appointment,, withdraw from this submodule with current protected data in the new protected data replacement data file that calculates.
The return value of " status checkout " submodule is an enumeration type, workflow: the current state information value in the return data file.
" locking " submodule does not have return value, and its workflow is:
Da) call " status checkout " submodule,, then withdraw from this submodule if return value is normal; Otherwise carry out next step; The value of the information character string in the video data file.
Db) whether the calling system Function detection receives note, if confiscate, then carries out Db), receive and then carry out next step;
Dc) call " management center server order detection " submodule, if " management center server order detection " submodule the 1st return value be " very " carry out Dd); Otherwise carry out Db);
Dd) call " management center server command process " submodule.
De) calling mobile phone system related functions, monitor the input operation of mobile phone, if input operation is the special number with appointment, as the numeral in the number be no more than 3 110,120,911, or the number communication in the specific communication list of numbers, or owner of lost property's contact number, then allow operation to carry out, otherwise forbid the execution of this operation; Carry out Da);
Submodule does not have return value " to check data consistency to server ", at specified requirements, equals to specify numerical value as the numerical value that produces at random, calls when being satisfied, and its workflow is:
Ea) send request to management center server and check the data consistency note, information in this weak point breath has: card number, the current characteristic of checking request mark character string, mobile phone ID number, registration at last, wherein, check the request mark character string and produce by specified rule, other data are the corresponding data in the data file;
Eb) whether the calling system Function detection receives note, confiscates and then carries out Eb), received and then carried out next step;
Ec) call " management center server order detection " submodule,, then carry out Ed) if " management center server order detection " submodule the 1st return value is that " very " and the 2nd return value are data consistent/inconsistent order/locking class order; Otherwise carry out Eb);
Ed) check " management center server order detection " submodule the 2nd return value, if be the data consistent order, then withdraw from this submodule, otherwise call " locking " submodule.
Modules such as " mobile phone request response ", " mobile telephone registration ", " mobile phone is reported the loss ", " releasing is reported the loss ", " mobile phones enquiring response ", " user's service ", " analysis of mobile phone sales situation ", " checking data consistency ", " mobile telephone registration information monitoring " are arranged in the software of management center server.
" mobile telephone registration " module is responsible for handling the registration note that mobile phone is issued management center server, and its workflow is:
Step 200, record send the mobile phone card number of this registration note and the time of receiving this registration note, and according to the form of registering note, extract corresponding character string from this registration note;
Step 205 is searched the essential information record of this mobile phone according to the mobile phone ID that extracts number in " mobile phone essential information tables of data ", if do not find corresponding record, then execution in step 210, otherwise execution in step 215;
Step 210, in " the illegal log-on data table of mobile phone ", add a record, registration extract mobile phone ID number, send this registration note the mobile phone card number, receive the time of this registration note and register short message content, and to the mobile phone card number transmission warning note " the ID mistake in the registration note can't be registered " that sends this registration note; Then, finishing this calls.
Step 215, whether the current characteristic that relatively extracts is consistent with the current characteristic field value of the essential information of this mobile phone record.Inconsistent, then execution in step 220; Unanimity is execution in step 225 then;
Step 220, in " the illegal log-on data table of mobile phone ", add a record, registration extract mobile phone ID number, send this registration note the mobile phone card number, receive the time of this registration note and register short message content, and to the inconsistent order note of mobile phone card number transmission data that sends this registration note, the card number of characteristic in this order note and last registration is the respective symbols string that extracts from this registration note, remark information is " secure data and server are inconsistent, please with after service department's door link "; Then, finishing this calls.
Step 225, according to mobile phone number field value in the essential information record of this mobile phone in " mobile phone essential information tables of data " and the hour of log-on field value in " mobile telephone registration tables of data ", in " mobile telephone registration tables of data ", search the record of the last registration of this mobile phone, if the card number of the last registration of not finding and extracting is not a null character string, if the value of the mobile phone card number field of the record that perhaps finds is inconsistent with the card number of the last registration that extracts, then execution in step 220; Otherwise execution in step 230;
Step 230 is checked the current state field value in this mobile phone essential information record.If the current state field value is normal, then execution in step 235; If the current state field value is a not enabled, then execution in step 240; If the current state field value is restriction, then execution in step 245; If the current state field value is for reporting the loss locking, then execution in step 255;
Step 235 sends affirmation order note to the mobile phone card number that sends this registration note; Execution in step 260;
Step 240 changes the current state field value into restriction; Execution in step 245;
Step 245, analyze to send the indicated country /region of mobile phone card number of this registration note, and whether the indicated country /region of designated sale area field value was consistent during the essential information of this mobile phone write down in comparative analysis result and " the mobile phone essential information tables of data "; If consistent, then execution in step 235; If inconsistent, then execution in step 250;
Step 250 sends smuggling lock command note to the mobile phone card number that sends this registration note; Execution in step 265;
Step 255 is reported the loss the lock command note to the mobile phone card number transmission that sends this registration note; Execution in step 265;
The current characteristic in the order note and the card number of last registration are the corresponding data that extracts from this registration note.Confirm that the remark information in the order note is a null character string; Remark information in the locking class order note is the information field value of " state codomain table " respective record, if report the loss the lock command note, also the owner of lost property's contact information field value that should from " reporting the loss the record data table " this mobile phone be reported the loss in the record is for the last time added in the remark information of this order note.
Step 260 is revised as the new feature data that extract with current characteristic field value in the essential information record of this mobile phone in " mobile phone essential information tables of data " from the registration note; In " mobile telephone registration tables of data ", add a record, mobile phone ID number of from this registration note, extracting of registration, send the mobile phone card number of this registration note, the time of receiving this registration note; Execution in step 270;
Step 265, " the not successful log-on message table of mobile phone " and in add a record, mobile phone ID number of from this registration note, extracting of registration, send the mobile phone card number of this registration note, the time of receiving this registration note;
Step 270 finishes this and calls.
" analysis of mobile phone sales situation " module of management center server, the workflow of this module is: the zone of analyzing the communicating number place that mobile phone is registered for the first time in " mobile telephone registration tables of data ", zone that the communicating number that the at the appointed time interior every kind of model mobile phone in each designated sale zone of statistic of classification is registered for the first time is indicated and the quantity of registering for the first time show statistics.
Reporting the loss solicited message comprises: report the loss password, owner of lost property's contact details, drop-out time, the card number when losing that solicited message sign, will report the loss mobile phone ID number, password, releasing are reported the loss.Releasing is reported the loss solicited message and is comprised: remove the password report the loss solicited message sign, reported the loss mobile phone ID number, password, releasing and to report the loss, the card number of current use.Report the loss solicited message and releasing report the loss solicited message can mobile phone short messages or send to management center server by the after-sale service client.
The workflow of " mobile phone is reported the loss " module of management center server is:
Fa) record sends this and reports the loss mobile phone card number of request note and receive that this reports the loss the time of request note.According to the form of reporting the loss the request note, report the loss the corresponding character string of extraction the request note from this;
Fb) in " mobile phone essential information tables of data ", search the essential information record of this mobile phone according to the mobile phone ID that will report the loss number of extracting.If do not find, then carry out Ff); If found, then carry out Fc);
Fc) check the current state field value of this record, if value is then carried out Fd for reporting the loss locking); Otherwise carry out Fe);
Fd) return bomp information note " this mobile phone is reported the loss, and this asks failure " to sending this mobile phone card number of reporting the loss the request note, finish this and call.
Fe) check in the essential information record of this mobile phone password field selection values with ask the password that reads the note whether identical from reporting the loss, the identical Fg that then carries out); Difference is then carried out Ff);
Ff) return bomp information note to sending this mobile phone card number of reporting the loss the request note, finish this and call.
Fg) in " reporting the loss the record data table ", add a record, the Record ID field value of reporting the loss of this record is generated automatically by system, mobile phone number field value is got the mobile phone number field value in the essential information record of this mobile phone, mobile phone mode field value is got the current state field value in the essential information record of this mobile phone before reporting the loss, releasing is reported the loss password field selection values and is got the password that the releasing that extracts the note from the request of reporting the loss is reported the loss, the drop-out time field value is got the drop-out time that extracts from report the loss the request note, report the loss the time word segment value and be and receive that this reports the loss the time of request note, the owner of lost property contact details of owner of lost property's contact information field value for extracting from report the loss the request note are removed and are reported the loss the Record ID field value for empty; Current state field value in the essential information of this mobile phone record changed into report the loss locking, this mobile phone of search is lost all mobile phone card numbers of post-registration in " mobile telephone registration tables of data ", reports the loss the lock command note to these card numbers transmissions; The contact details that include the owner of lost property in the remark information of lock command note;
Whether the card number when Fh) checking losing of extracting from report the loss the request note is null character string, is not that null character string is then reported the loss the lock command note to its transmission;
Fi) this mobile phone card number of reporting the loss the request note returns and reports the loss the successful information note to transmission.At last, finishing this calls.
The workflow of " releasing is reported the loss " module of management center server is:
Ga) record sends this releasing and reports the loss the mobile phone card number of request note and receive that this releasing reports the loss the time of request note.Report the loss the form of request note according to releasing, report the loss the request note from this releasing and extract corresponding character string.
Gb) the essential information record of reporting the loss according to will removing of extracting of in " mobile phone essential information tables of data ", searching this mobile phone for mobile phone ID number; Found, then carried out Gc); Do not find, then carry out Gj);
Gc) whether the current state field value of checking this record is to report the loss locking, is not then to carry out Gd); Be then to carry out Ge);
Gd) report the loss the mobile phone card number of asking note to this releasing of transmission and return bomp information note " this mobile phone is not reported the loss, and this asks failure ", finish this and call.
Ge) check that the password field selection values in the essential information record of this mobile phone asks the password that reads the note whether identical with reporting the loss from this releasing, the identical Gf that then carries out); Difference is then carried out Gj);
Gf) according to reporting the loss the time word segment value in the mobile phone number field value in the essential information of this mobile phone record and " reporting the loss the record data table ", in " reporting the loss the record data table ", search this mobile phone and report the loss record for the last time, if the record number that returns is 0, then carry out Gj); Otherwise carry out Gg);
Gg) check this mobile phone report the loss for the last time in the record remove report the loss password field selection values whether with report the loss the request note from releasing the releasing that extracts to report the loss password identical, the identical Gh that then carries out); Difference is then carried out Gj);
Gh) check whether the Record ID field value is reported the loss in the releasing of reporting the loss record for the last time is empty, for sky is then carried out Gi); Then do not carry out Gj) for sky;
Gi) add a record in " the record data table is reported the loss in releasing ", the releasing of this record is reported the loss the Record ID field value and is generated automatically by system, removes the time of reporting the loss and is and receive that this releasing reports the loss the time of request note; This mobile phone is reported the loss releasing in the record for the last time and is reported the loss the Record ID field value and be set to the releasing that the new releasing of adding reports the loss in the record and report the loss the Record ID field value again; Next, the current state field value that this mobile phone essential information is write down changes into and reports the loss the preceding mobile phone mode field value of reporting the loss of record for the last time; Carry out Gk);
Gj) report the loss the mobile phone card number of request note and return bomp information note to sending this releasing, finish this and call.
Gk) detect and to report the loss the current card number that uses that extracts the request note from releasing and whether be null character string,, then send to remove and report the loss the order note to this card number if not null character string; The current state field value that the remark information in the order note writes down for this mobile phone essential information is reported the loss in releasing;
Gl) report the loss the mobile phone card number of request note and return success to remove and report the loss the information note to sending this releasing, finish this and call.
" checking data consistency " module workflow of management center server is:
Ha) record sends this and checks the mobile phone card number of data consistency request note.According to the form of checking data consistency request note, check the corresponding character string of extraction the data consistency request note from this.
Hb) in " mobile phone essential information tables of data ", search the record of this mobile phone according to mobile phone ID number that extracts,, then carry out Hc) if do not find; If found, then carry out Hd);
Hc) return bomp information note to sending this mobile phone card number of checking data consistency request note, finish this and call.
Hd) whether the current characteristic field value of the essential information of this mobile phone record is consistent in the current characteristic that relatively extracts and " the mobile phone essential information tables of data ", and unanimity is then carried out He); The inconsistent Hf that then carries out);
He) according to mobile phone number field value in the essential information record of this mobile phone in " mobile phone essential information tables of data ", in " mobile telephone registration tables of data ", search the record of the last registration of this mobile phone, if the card number of the last registration of not finding and extracting is not a null character string, if the mobile phone card number field value of the record that perhaps finds is inconsistent with the card number of the last registration that extracts, then carry out Hf); Otherwise carry out Hg);
Hf) send the inconsistent order note of data to sending this mobile phone card number of checking data consistency request note, and finish this and call.
Hg) check the current state field value of this record, if the current state field value is the value of locking class, send corresponding lock command note to sending this mobile phone card number of checking data consistency request note, if the current state field value is not the value of locking class, send data consistent order note to sending this mobile phone card number of checking data consistency request note; Finishing this calls.
" mobile telephone registration information monitoring " module is used for the log-on message arrangement mobile phone essential information according to mobile phone, time (as 23 o'clock sharps of every day) in appointment calls, workflow is: inquiry " mobile phone essential information tables of data ", the record of current state information field value in this tables of data for restriction extracted, " mobile phone numbering " field value according to every essential information record is searched the record of " hour of log-on " field value minimum in " mobile telephone registration tables of data ", the i.e. registration first time of this mobile phone, take out the hour of log-on field value, the difference of the hour of log-on field value that calculates the current time and extract, if surpassing, difference specifies numerical value, as 90 days, then the current state field value in this mobile phone essential information record is changed into normally; Otherwise, carry out next step.Handle next bar essential information record with the same manner, all handle up to all essential information records; Finishing this calls.
The information that comprises in the mobile phones enquiring request note has: inquiry sign, will inquire about mobile phone ID number, password, remark information.The mobile phones enquiring request has inquiry of mobile phone essential information and mobile telephone registration to inquire about two kinds.In the trade mark enquiries request, include the hour of log-on scope of the registration number that returns, the record that will inquire about in the remark information.Mobile phones enquiring request note is write by user oneself.
The workflow of " mobile phones enquiring response " module of management center server is:
Ia) record sends the mobile phone card number of this short message enquiry; According to the form of query requests note, from this short message enquiry, extract corresponding character string;
Ib) in " mobile phone essential information tables of data ", search the record of waiting to look into mobile phone according to mobile phone ID number that extracts,, then carry out Ic) if found; If do not find, then carry out Id);
Ic) check whether the password field selection values in the essential information record wait to look into mobile phone is identical with the password that reads, and difference is then carried out Id from this short message enquiry), the identical Ie that then carries out);
Id) return bomp information note to the mobile phone card number that sends this short message enquiry, finish this and call.
Ie) according to the mobile phone number field value in the essential information record of waiting to look into mobile phone, the hour of log-on field value in " mobile telephone registration tables of data ", in " mobile telephone registration tables of data ", search the registration of waiting to look into mobile phone;
If) check the query requests sign that from the short message enquiry of receiving, extracts, if Ig is then carried out in the essential information inquiry); If Ih is then carried out in the log-on message inquiry);
Ig) will wait to look into mobile phone ID number of mobile phone essential information record, mobile phone model/version number, date of manufacture, the place of production, current state and the time of designated sale area field value and registration for the first time and the communicating number of last registration and write a return string, again this return string be sent to the mobile phone card number that sends this short message enquiry with mobile phone short messages by specified rule; Carry out Ii);
Ih) in " the not successful log-on message table of mobile phone ", search the registration of waiting to look into mobile phone according to the mobile phone number field value in the essential information record of waiting to look into mobile phone; According to the parameter of from the remark information that extracts, extracting, with waiting to look into mobile phone message composition return string in the designated recorder in " mobile telephone registration tables of data " and " the not successful log-on message table of mobile phone ", again this return string is sent to the mobile phone card number that sends this short message enquiry with mobile phone short messages; Carry out Ii);
Ii) finishing this calls.
" mobile phone request response " module of management center server is called when system start-up, memory-resident, up to system closing, workflow is: whether call operation system and standard communication interface Function detection receive SMS, if detect SMS, then press the general format of mobile phone request, from the note of receiving, extract the request mark character string, detect the indicated request type of request mark character string, if the register requirement sign is then called " mobile telephone registration " module; If report the loss request mark, then call " mobile phone is reported the loss " module; Report the loss request mark if remove, then call " releasing is reported the loss " module; If mobile phones enquiring class sign is then called " mobile phones enquiring response " module; Above step is carried out in circulation.
" user's service " module is moved on WEB server 8, is responsible for the after-sale service client corresponding service is provided, the workflow that various concrete whens service are provided to provide corresponding service procedure similar for mobile phone.
The after-sale service client is a browser model, provide service by WEB server 8, all communicating numbers, the request management center server that has inquiry mobile phone current state and essential information, inquiry mobile telephone registration to cross reported the loss mobile phone, the request management center server is removed mobile phone and reported the loss state.In browser, require information that the user provides identical with the SMS request time.
In order more effectively to guarantee the safety of data, in " checking data consistency " submodule, also can produce new characteristic to server, after receiving the order of management center server data consistent, the characteristic data value in the updated data file.In checking the data consistency note, add the new feature data.Accordingly, also " checking data consistency " module of management center server is done corresponding modify: after management center server sends data consistent order note, use the current characteristic field value in this mobile phone essential information record in the new feature Data Update mobile phone essential information tables of data that from check the data consistency note, extracts.
For the ease of management, can be with the information in the mobile phone essential information tables of data in the management center server database, press mobile phone model and designated sale zone, be organized in a plurality of mobile phone essential information data sublists, and come these mobile phone essential information data sublists of unified management by a mobile phone essential information concordance list; Field in the mobile phone essential information tables of data is divided into two parts, deposits in mobile phone essential information data sublist and the mobile phone essential information concordance list; Field in the mobile phone essential information concordance list has: mobile phone essential information data sublist name, mobile phone ID feature string, mobile phone model, designated sale zone; When searching the mobile phone essential information, in mobile phone essential information concordance list, search the record of mobile phone ID feature string field value and ID number coupling of this mobile phone according to mobile phone ID number that will look into earlier, find corresponding mobile phone essential information data sublist name, in the mobile phone essential information data sublist that checks in, search the record of this mobile phone ID number again; Each mobile phone essential information data sublist all has own corresponding illegal log-on data table of mobile telephone registration tables of data, mobile phone and the not successful log-on data table of mobile phone.Also the illegal log-on data table of mobile telephone registration tables of data, mobile phone of mobile phone essential information data sublist and its correspondence and the not successful log-on data table of mobile phone can be placed in the subdata base and manage.
Embodiment two
Present embodiment provides a kind of system and method that prevents that the mobile phone SIM card number is stolen.
Present embodiment adds corresponding function on existing SIM cards of mobile phones and mobile operator server realizes.Do not change the communication mode of existing SIM cards of mobile phones and mobile operator server.
In the database of mobile operator server, will there be antitheft card number essential information tables of data to be organized in the new subdata base, or in former tables of data, add " whether being antitheft card number " field with function.In card number essential information tables of data, add " telephone number of successfully transfering to last time " field again.
Utilize the STK technology that SIM cards of mobile phones is developed, assigned address is thereon preserved a character string, and the telephone number that its value was successfully transferred to for last time also can be the appointment substring in the telephone number of successfully transfering to last time.Telephone number that success is transferred to be meant put through or the air time be no less than the telephone number of fixed time, must be the number of this machine caller.The request mobile operator server is set up and is conversed when connecting before the each conversation of mobile phone, send appointment substring in the telephone number of successfully transfering to last time with the normal data packet form to mobile operator server, as send back 4 (with character string or 16 integer forms) in the telephone number of successfully transfering to last time, or back 7 (with character string or 24 integer forms) numeral sends to mobile operator server as condition code.Also condition code is sent to mobile operator server when sending note.Condition code can be added on the beginning or the end of short message text.
Mobile operator server receive that the talk channel request is set up in the requirement of mobile phone card number or the note sent after, whether differentiate this card number earlier is antitheft card number, if, whether the appointment substring that then contrasts the telephone number of successfully transfering to last time of writing down on tag number that this card number sends and the mobile operator server is consistent, if inconsistent, refuse this service request; Finish checking.
Behind inferior end of conversation, program on the SIM cards of mobile phones and the program on the mobile operator server check all whether this conversation is mobile phone success caller, if then upgrade " telephone number of successfully transfering to last time " information of oneself preserving respectively.
In addition, can also encrypt mobile operator server and communicating by letter of SIM cards of mobile phones according to " telephone number of successfully transfering to last time " preserved.Can One-Way Encryption, also can bidirectional encipher.Present embodiment provides a kind of One-Way Encryption method.One-Way Encryption is meant that data encrypt when mobile operator server is sent to SIM cards of mobile phones, decipher when SIM cards of mobile phones is received data, and SIM cards of mobile phones is not encrypted to the data that mobile operator server sends.Method of encrypting is when mobile operator server is transmitted the opposing party's data, with the data in each packet is unit with the character, according to sequence number and the size order of numeral in substring of the appointment substring in the telephone number of successfully transfering to last time the data in the packet is resequenced.SIM cards of mobile phones is decrypted by relative rule after receiving data.
The anti-technology of usurping of the SIM card that present embodiment provides can prevent effectively that the lawless person from utilizing illegality equipment manufacturing SIM card such as SIM card reproducer, and then the behavior of usurping the rate in the card.
Embodiment three
Present embodiment provides a kind of method for preventing piracy that needs server to improve the software of certain service.
System is made of protected software, management center server and INTERNET net.
Be connected by the INTERNET net between protected software and management center server.Protected software, management center server communicate by the Internet by the communication function that calls communication protocol on this machine of being installed in, standard communication, operating system.
A software classification tables of data and one group of software copy information data table are arranged in the database of management center server.The software classification tables of data is preserved the version classified information at all the protected software copy places that will protect, and its field has: classify ID number, characteristic of division sign indicating number, version number, software copy information data table name.The characteristic of division sign indicating number is the substring of appointment in software I D number.Corresponding software copy information data table of every record in the software classification tables of data, corresponding relation is indicated by the software copy information data table name segment value in the software classification tables of data.All copy customized informations of the corresponding version number of each software copy information data table record, the field of this kind tables of data has: software I D number, the IP address of password, current characteristic, registration last time, user's electronic mailbox.Get the sequence number of software software I D number, also desirable other designated character string, each software copy that will protect all have a unique software I D number.
The form of management center server order is: the mailing address of command identifier+software I D number+current characteristic+software registration last time.The form of server requirement is: require identifier+text message.The form of server message is: message identifier+information.Comprise in the log-on message: the mailing address+current characteristic+new feature data of sign-on ID character string+software I D number+software registration last time.
Add a legitimate verification module in protected software, this module has 1 secure data file and 3 program submodules of data consistent check, registration and service command detection and processing.The legitimate verification module is called after protected software copy is enabled, and its workflow is: call the data consistent check submodule; If return value is true, then call the registration submodule; Withdraw from the legitimate verification module, carry out other operation of protected software copy.
The data of preserving in the secure data file have: 1 software I D number, 1 management center server contact number character string, access times counter after 1 registration, communicating number character string and 2 groups of protected datas of 1 set of feature data, 1 registration software last time.Wherein, software I D number its corresponding record must be arranged in the management center server database.Initial value of current characteristic field in should copy in the software copy information data table in the initial value of characteristic and the management center server database corresponding record is consistent; Registration back access times counter initial value is 0; The initial value of the communicating number character string of software registration last time is a null character string; There is not the 2nd group of protected data in the legitimate verification module when initial; The deposit position of the 1st group of protected data is the secure data file head, and the deposit position of the 2nd group of protected data is determined by the numerical value of appointment in the 1st group of data.
The data consistent check submodule is used for checking whether the data of secure data file are illegally modified, and its return value is a Boolean variable, returns when needs are registered very, otherwise returns vacation.Its workflow is:
Aa) read data in the secure data file, check whether the 1st group of protected data and the characteristic of wherein preserving all be corresponding appointment initial value, as null character string, if all be the initial value of appointment, then carry out Ab), otherwise execution Ac);
Ab) call operation system api function, read the sequence number of protected software copy place hard disk, according to the hard disk sequence number that reads, producing the 1st group of protected data by specified rule again, is as the 1st group of protected data with the designated character substring in the hard disk sequence number as the simplest method; And the random number that adding produces by specified rule in the 1st group of protected data, as after the 1st group of protected data, inserting 1~3 random integers, generation rule is to produce 1 random integers earlier, with its mould 3, again according to asking the result of mould to insert 0~2 random integers in the back; Calculate the deposit position of the 2nd group of protected data by pre-defined rule according to the character of appointment in the 1st group of protected data, select 1 random integers as the result who asked mould according to the last step, as the result is 0, select the 1st, the result is the 2nd of 1 selection, the result 2 selects the 3rd, the digital-to-analogue at random 6 that will select again, the result who tries to achieve be the 2nd group of protected data in secure data file with the relative position relation of other 5 groups of non-protected datas; And at this position adding appointment initial value, as null character string; Then, the communicating number of software registration last time is set to null character string, registers back access times Counter Value and is set to 0; Return " very ", withdraw from this submodule.
Ac) calculate due nonrandom character in the 1st group of data by specified rule, check whether corresponding character is consistent in the 1st group of protected data in result of calculation and the secure data file, the inconsistent Ad that then carries out), unanimity is then carried out Ae);
Ad) display reminding information " secure data is inconsistent, please reinstall this software ", call operation system api function is closed this protected software copy then;
Ae) by the rule of appointment according to the 1st group of protected data, characteristic and registration after the value of access times counter calculate the 2nd group of protected data and deposit position thereof, the computation rule of the 2nd group of protected data character on each is as (in the 1st group of protected data in group protected data of corresponding character+2nd corresponding character) * (registration back access times+7), again with mould 255 as a result; Deposit position according to the 2nd group of protected data of calculating takes out corresponding character string from secure data file, and relatively whether this character string is consistent with the 2nd group of protected data that calculates, and unanimity is then carried out Af), the inconsistent Ad that then carries out);
Af) detect the value of registration back access times counter,, then return true if be 0 or specify numerical value; If be-1, display reminding information " this software is piracy software, please buy copyrighted product " then, call operation system api function is closed this protected software copy then; If be other value, return vacation; Finishing this calls.
The workflow of registration submodule is:
Ba) read data in the secure data file; Produce new characteristic by specified rule, as producing the random number of specifying number at random; The communication function of calling system sends log-on message to the management center server communicating number then.Sign-on ID character string in the log-on message produces by specified rule, and other data except that the new feature data are the corresponding data in the secure data file.
Bb) call operation system api function detects the communication network UNICOM whether between this machine and management center server; If UNICOM not, then display reminding information " is obstructed with server communication, please be checked that network connects ", then carries out Bb); Otherwise, carry out next step; Timer I is set;
Bc) detect timer I and whether surpass the fixed time, if confiscate the management center server order at the appointed time, display reminding information " server does not respond, registration failure " is closed protected software copy then; Otherwise, carry out next step; Call service order and detect and processing sub, what whether the return value of detection of detection service order and processing sub was represented is the management center server order; Being then to carry out next step, is not then to carry out Bc); Detect the management center server command type, if lock command is then carried out Bd); If confirm order, then carry out Be);
Bd) registering afterwards, the value of access times counter is set to-1; Recomputate the 2nd group of protected data; Display message " this software is piracy software, please buy copyrighted product ", call operation system api function is closed this protected software copy then.
Be) with the current characteristic in the new feature data replacement secure data file; With current mailing address, promptly the mailing address of software registration last time in the secure data file is replaced in the IP address, and the value of registering back access times counter is added 1; Recomputate the 2nd group of protected data; Then, withdraw from the registration submodule.
Service order detects and processing sub, and return type is an enumeration type, the instruction type that expression is received.Its workflow is:
Ca) calling system communication function detects the information that whether has from management center server; Extract first character string from the information of receiving, it is identical with the identification strings of which class instruction of regulation to detect this character string, if identical with the identification strings of confirming order, then carries out Cb); If identical, then carry out Cb) with the identification strings of lock command; If identical, then carry out Cc with the identification strings of server message), if identical, then carry out Cd) with the identification strings of server requirement; Otherwise, carry out Ce);
Cb) according to the management center server command format, from this order, extract the mailing address of software I D number, current characteristic and software registration last time, whether all consistent, if all consistent, then carry out Cf if detecting the corresponding data of preserving in these three character strings and the secure data file); Otherwise, carry out Ce);
Cc) from this message, extract text message, and show its content, carry out Cf again) to the user;
Cd) from this requirement, extract information, and with the dialog box display reminding information on tape input hurdle, press the affirmation button of dialog box as the user after, the calling system communication function sends to management center server with the information of user's input; Carry out Cf again);
Ce) returning this information of expression is not the designated value of server instruction, finishes this and calls.
Cf) return the designated value of representing this instruction type, finish this and call.
Log-on message detection module, software registration module are arranged in the software of management center server and send the mail module.
The log-on message detection module is responsible for detecting whether the information of receiving is the register requirement that the protected software copy is sent.This module is called when system start-up, and memory-resident is up to system closing.Its workflow is:
Da) whether the calling system Function detection receives the information that protected software copy is sent, if confiscate, then carries out Da); If received, then carry out next step;
Whether be registration information, if then call the software registration module if Db) detecting the information of receiving; If not, then in accordance with regulations this information is handed to other resume module; Carry out Da);
The software registration module is responsible for responding the register requirement of software copy.Its workflow is:
Ea) record sends the mailing address of this information; According to the form of log-on message, from this log-on message, extract corresponding character string; From software I D number, extract the characteristic of division sign indicating number of its correspondence by specified rule.In the software classification tables of data, search D number pairing book of final entry of this software I according to the characteristic of division sign indicating number that extracts again.If do not find, then finish this and call; Otherwise, carry out next step;
Eb) from the D number pairing book of final entry of this software I that finds, take out software copy information data table name segment value, as the table name of the pairing software copy information data table of software copy of D number representative of this software I; In the software copy information data table of correspondence, search the record of this software copy according to software I D number that extracts again,, then finish this and call if do not find corresponding record; Otherwise, carry out next step;
Whether the current characteristic field value of the record of this software copy and the mailing address field value registered last time be all consistent in the mailing address of current characteristic that Ec) relatively extracts and registration software last time and the software copy information data table.If all consistent, then carry out Ed), otherwise carry out Ee);
Ed) with the current characteristic field value of the record of this software copy and the mailing address field value of registration last time in the mailing address update software copy information tables of data of this log-on message of the new feature data that extract and record; The communication function of calling system is confirmed order to the mailing address transmission of this log-on message that writes down again, and the mailing address of current characteristic in this order and registration last time is got the analog value that extracts from this log-on message; Whether the mailing address of current characteristic that detection extracts from this log-on message and registration last time all is to specify initial value, if all be to specify initial value, then carries out Ee), call otherwise finish this.
Whether Ee) detect current characteristic that extracts and the mailing address of registering last time from this log-on message all is the appointment initial value, specify initial value if all be, the communication function of calling system to the requirement of protected software copy send server, requires to provide password again; The calling system function detects protected software copy and whether sends password, if confiscate at the appointed time or the password received and software copy information data table in the password field selection values of record of this software copy inconsistent, then finish this and call; Otherwise, carry out Ed);
Ef) produce a random string at random by specified rule,, upgrade the password field selection values of the record of this software copy in the update software copy information tables of data with this character string as the random string of fixed length; The communication function of calling system again, to protected software copy send server message, the information in this message is for new password and require the user that the information of E-mail address is provided; The calling system function detects protected software copy and whether sends E-mail address, if confiscate at the appointed time or what receive is not legal E-mail address, then finishes this and calls; Otherwise, call and send the mail module, new password is sent to the E-mail address of receiving; Finishing this calls.
Send the mail module and be used for sending specified message, use the correlation technique or the source code that disclose to get final product to the E-mail address of appointment.

Claims (10)

1. stolen system and method for software and hardware that prevents communication condition/function, constitute by the communication network between terminal software and hardware, management center server, WEB server, after-sale service client and terminal software and hardware, after-sale service client and management center server, the WEB server, it is characterized in that:
Terminal essential information tables of data is arranged in the database of management center server, wherein preserve the essential information of all the terminal software and hardwares that will protect, the field of this tables of data has: Termination ID number, terminal number, password, terminal models/version number, date of manufacture, the place of production, current state, current characteristic and designated sale zone; If shielded terminal is a hardware, then terminal essential information tables of data also has color field; Termination ID number is the major key of this table; The current state field value is an enumeration type, have not enabled, normal, report the loss locking, smuggling locks and limit five kinds, and can add new value as required, the acquiescence initial value is a not enabled; The codomain of current state field is by the management of the state codomain table in the database of management center server, and the field in the state codomain table has: status number, state name, Status Type, information, restriction useful life; Also have the endpoint registration tables of data in the database of management center server, the field of this tables of data has: terminal number, terminal communication number and hour of log-on; Also have the illegal log-on data table of terminal in the database of management center server, the field of this tables of data has: Termination ID number, terminal communication number, hour of log-on, log-on message content; Report the loss the record data table in addition in the database of management center server and the record data table is reported the loss in releasing; The field of reporting the loss in the record data table has: report the loss Record ID, terminal number, report the loss preceding SOT state of termination, owner of lost property's contact details, remove and report the loss password, drop-out time, report the loss the time, remove and report the loss Record ID, remove report the loss the Record ID field initial value for empty; The field that releasing is reported the loss in the record data table has: remove and report the loss Record ID, remove and report the loss the time; The endpoint registration tables of data, report the loss the record data table and terminal essential information tables of data is associated by the terminal number field; Releasing is reported the loss the record data table and is reported the loss the record data table and report the loss the Record ID field by releasing and be associated;
Add a legitimate verification module in the terminal software and hardware, this module has 1 data submodule and data consistent check submodule, registration submodule, status checkout submodule, management center server order detection sub-module, management center server command process submodule, locks submodule and check 7 subroutine modules of data consistency submodule to server; Under the situation of specified otherwise not, the operated data of the subroutine module of legitimate verification module are the corresponding data in the data submodule; The legitimate verification module is after the terminal software and hardware is enabled, called to monopolize the system process mode, its workflow is: call the data consistent check submodule, if return value is false, then display reminding information " secure data is inconsistent; please with after service department's door link " is called the locking submodule then; If return value is true, then call the registration submodule; Then, call the status checkout submodule; If the return value of status checkout submodule is not normal, then call the locking submodule; If the return value of status checkout submodule is normal, then withdraw from the legitimate verification module, allow the user to use the terminal software and hardware;
The data of preserving in the data submodule have: 1 terminal software and hardware ID number, 1 management center server contact number tabulation, the item of information of 1~2 command id tabulation, 1 expression terminal software and hardware current state, 1 character string of representing the information under the abnormal condition, 1 set of feature data, 1 used communicating number tabulation of terminal software and hardware, 1 specific communication list of numbers and 2 groups of protected datas; Wherein, the Termination ID field value in the terminal essential information tables of data in terminal software hardware ID number and the management center server database is corresponding one by one; The current state information value is an enumeration type, and its value has normally, locks, reports the loss locking, smuggling locking, and initial value is locking; The initial value of current characteristic field is consistent in the terminal essential information tables of data in the initial value of characteristic and the management center server database; The initial value of the used communicating number tabulation of terminal software and hardware is a null character string; The initial value of the information character string under the abnormal condition is not enabled still; Preserve urgency communication number and owner of lost property's contact number in the specific communication list of numbers; There is not the 2nd group of protected data in the legitimate verification module when initial; The deposit position of the 1st group of protected data is the fixed position, and the deposit position of the 2nd group of protected data is determined by the numerical value of appointment in the 1st group of protected data;
The return value of data consistent check submodule is a Boolean variable, and its workflow is:
Aa) check whether the characteristic and the 1st group of protected data of preserving in the data submodule all are the corresponding initial value of specifying, and as null character string, if all be the initial value of appointment, then carry out Ab), otherwise carry out Ac);
Ab) according to the individuation data beyond the data submodule of being kept at of appointment, as be kept at the sequence number of given hardware device on the random number, terminal of the appointment beyond the data submodule, produce the 1st group of protected data by specified rule, and in the 1st group of protected data, add the random number that produces by specified rule; Calculate the deposit position of the 2nd group of protected data according to the 1st group of protected data by pre-defined rule, and add in this position and to specify initial value, as null character string; Then, the used communicating number tabulation of terminal software and hardware is set to null character string, returns " very ", withdraws from this submodule;
Ac) calculate due nonrandom numerical value in the 1st group of data by the rule of the 1st group of protected data of calculating of appointment, check whether corresponding numerical value is consistent in result of calculation and the 1st group of protected data, the inconsistent Ad that then carries out), unanimity is then carried out Ae);
Ad) return " vacation ", withdraw from this submodule;
Ae) press the rule of appointment according to the used communicating number tabulation calculating of the 1st group of protected data, the tabulation of management center server contact number, current state information and terminal software and hardware the 2nd group of protected data and deposit position thereof, deposit position according to the 2nd group of protected data of calculating takes out corresponding value from the data submodule, and compare with the 2nd group of protected data that calculates, if the two is identical, then return " very ", withdraw from this submodule; If different, then return " vacation ", withdraw from this submodule;
The workflow of registration submodule is:
Ba) according to specified rule, if as not having current communicating number in the used communicating number tabulation of registration terminal software and hardware earlier before each and the server communication would register, each initiatively communicate by letter with other software and hardware before registration earlier, accept to register earlier before the specified services at every turn, need to judge whether registration, do not need registration then to carry out Bb), need registration then to carry out Bc);
Bb) withdraw from this submodule;
Bc) whether the current state information value that detects in the data submodule is normal, if normal, then carries out next step, otherwise execution in step Be);
Bd) the current state information value is set to locking, and the value of the information character string under the abnormal condition is set to " registering; please after a while ", and the rule by appointment recomputates the 2nd group of protected data again, replaces the 2nd group of current protected data with new the 2nd group of protected data of calculating;
Be) produce new characteristic by specified rule, as generating the character string of a designated length at random, from the used communicating number tabulation of terminal software and hardware, take out the communicating number of last registration again, and by specified rule taking-up management center server communicating number from the tabulation of management center server contact number, the communication function that calls terminal then sends log-on message to the management center server communicating number; The communicating number, current characteristic, the new feature data that comprise sign-on ID character string, terminal software and hardware ID number, registration at last in the log-on message, wherein, the sign-on ID character string produces by specified rule, and other data except that the new feature data are the corresponding data in the data submodule; An initial value be set be 0 cycle counter;
Bf) cycle counter is from adding 1; Detect the value of cycle counter, if surpass predetermined number of times, display reminding information " server does not respond, registration failure ", the software and hardware of closing a terminal then; The calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Bf); Call management center server order detection sub-module, detect whether management center server order detection sub-module the 1st return value is " very ", if for very carry out Bg); Otherwise, carry out Bf);
Bg) carry out Bh);
Bh) with the current characteristic in the new feature data replacement data submodule; Call management center server command process submodule; Current communicating number is joined in the used communicating number tabulation of this terminal software and hardware; Withdraw from the registration submodule;
Management center server order detection sub-module is returned 3 values: the 1st return value is Boolean variable, and whether the information that expression detects is the management center server order; The 2nd return value is the enumeration type variable, the type of expression management center server order; The 3rd return value is character string, represents corresponding remark information; Have only when the 1st return value is " very ", latter two value is just meaningful; When shielded software and hardware is received with the similar information of management center server order, call management center server order detection sub-module; Information in the management center server order has: communicating number, the remark information of command id character string, terminal software and hardware ID number, characteristic, registration at last; The workflow of this submodule is:
Ca) whether the transmission number that detects the information receive is the management center server communicating number, is not then to carry out Cb), be then to carry out Cc);
Cb) the 1st return value is set to " vacation ", withdraws from this submodule;
Cc) form by the management center server order extracts corresponding data from the information of receiving; Checking whether the command id character string is the legal sign of regulation, is then to carry out Cd), be not then to carry out Cb);
Cd) the terminal software and hardware that relatively extracts ID number, characteristic, whether the communicating number of registration is consistent with the corresponding data in the data submodule at last, if there is 1 group of data inconsistent, then carries out Cb), otherwise execution Ce);
Ce) delete the raw information of receiving; The 1st return value is set to " very ", the command id character string that extracts is transformed to the enumeration type management center server order of appointment by specified rule, the 2nd return value is set to this enumeration type management center server order, again the 3rd remark information that return value is set to extract; Withdraw from this submodule;
Management center server command process submodule has two parameters, and no return parameters is in registration and program to server is checked the data consistency submodule, when the 1st return value of management center server order detection sub-module is that true time calls; Two parameters are respectively the 2nd, 3 return value that management center server order detection sub-module is returned; The workflow of this submodule is:
Da) check the bid value that the 1st parameter indicated; If Dh is carried out in the data consistent order); If revise the management center server communicating number, carry out Db); If confirm order, carry out Dc); If Dd is carried out in locking class order and the inconsistent order of data); If remove the class lock command, carry out Df);
Db) press specified rule, according to the 2nd parameter value the management center server contact number in the data submodule is tabulated and make amendment, withdraw from this module then;
Dc) the current state information value in the data submodule is set to normally; Carry out Dg);
Dd) value of the current state information in the data submodule is set to corresponding lock value, and with the value of the information character string under the abnormal condition in the 2nd the parameter update data submodule; Whether the bid value of checking the 1st parameter indication is to report the loss lock command, is then to carry out De), be not then to carry out Dg);
De) from the 2nd parameter, extract owner of lost property's contact number, and the owner of lost property's contact number that extracts is added in the specific communication list of numbers of data submodule; Carry out Dg);
Df) check that whether the value of the current state information in this unlock order and data submodule is corresponding, if not corresponding, then carries out Dh); If corresponding, then the value of current state information is set to the analog value that the 2nd parameter indicated in the data submodule; Carry out Dg);
Dg) rule by appointment recomputates the 2nd group of protected data, and replaces currency with new value;
Dh) withdraw from this module;
The return value of status checkout submodule is an enumeration type, its workflow: the value of returning current state information;
The locking submodule does not have return value, and its workflow is:
Ea) call the status checkout submodule,, then withdraw from this submodule if return value is normal; Otherwise, carry out next step;
Eb) value of the information character string under the abnormal condition in the video data submodule; The calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Eb); Calling management center server order detection sub-module, detect whether management center server order detection sub-module the 1st return value is " very ", is then to call management center server command process submodule, is not then to carry out next step; The calling system function, the input operation of monitoring terminal software and hardware, if input operation be with the specific communication list of numbers in number communication, then allow operation to carry out, otherwise forbid the execution of this operation; Carry out Ea);
Checking the data consistency submodule to server does not have return value, at specified requirements, as software and hardware start the back at every turn, ask before the specified services at every turn, the numerical value that produces at random equals to specify numerical value, calls when being satisfied, its workflow is:
Fa) calling system communication function, send request to management center server and check data consistency information, this information comprises communicating number, the current characteristic of checking request mark character string, terminal software and hardware ID number, registration at last, wherein, check the request mark character string and produce by specified rule, other data are the corresponding data in the data submodule;
Fb) calling system function detects whether receive specified input information, if received, carries out next step, otherwise, carry out Fb); Call management center server order detection sub-module, detect the 1st, 2 return values of management center server order detection sub-module, if be respectively true and data consistent/inconsistent order/locking class order then carry out Fc); Otherwise, carry out Bb);
Fc) check management center server order detection sub-module the 2nd return value,, then withdraw from this submodule if the 2nd return value is the data consistent order, otherwise, the locking submodule called;
There are terminal request respond module, endpoint registration module, terminal to report the loss module, remove and to report the loss module, terminal inquiry respond module, user's service module, terminal software and hardware sales situation analysis module, check data consistency module, terminal software and hardware log-on message monitoring module in the software of management center server;
The workflow of endpoint registration module is:
Ga) record sends the communicating number of this log-on message and the time of receiving this log-on message, and according to the form of log-on message, extracts corresponding character string from this log-on message; In terminal essential information tables of data, search the essential information record of this terminal software and hardware ID number according to the terminal software and hardware that extracts again,, then carry out Gb) if do not find corresponding record; Otherwise carry out Gc);
Gb) in the illegal log-on data table of terminal, add a record, terminal software and hardware ID number, the communicating number that sends this log-on message, the time of receiving this log-on message and log-on message content that registration extracts, and to the communicating number transmission warning message that sends this log-on message, the warning message content is " the ID mistake in the log-on message can't be registered "; Then, finishing this calls;
Gc) whether the current characteristic field value of the essential information of this terminal software and hardware record is consistent in the current characteristic that relatively extracts and the terminal essential information tables of data, the inconsistent Gd that then carries out); Unanimity is then carried out Ge);
Gd) carry out Gf);
Ge) according to terminal number field value in the essential information record of this terminal software and hardware in the terminal essential information tables of data and the hour of log-on field value in the endpoint registration tables of data, in the endpoint registration tables of data, search the record of the last registration of this terminal software and hardware, if the communicating number of the last registration of not finding and extracting is not a null character string, if the value of the terminal communication number field of the record that perhaps finds is inconsistent with the communicating number of the last registration that extracts, then carry out Gf); Otherwise, carry out Gg);
Gf) in the illegal log-on data table of terminal, add a record, terminal software and hardware ID number, the communicating number that sends this log-on message, the time of receiving this log-on message and log-on message content that registration extracts, and to the inconsistent order of communicating number transmission data that sends this log-on message, the communicating number of characteristic in this order and last registration is the respective symbols string that extracts from this log-on message, remark information is " secure data and server are inconsistent, please with after service department's door link "; Then, finishing this calls;
Gg) analyze to send the indicated country /region of communicating number of this log-on message, and whether the indicated country /region of designated sale area field value was consistent during the essential information of this terminal software and hardware write down in comparative analysis result and the terminal essential information tables of data; If consistent, then carry out Gh), otherwise, carry out Gi);
Gh) current state field value during the essential information of this terminal software and hardware writes down in the inspection terminal essential information tables of data, it is upgraded by specified rule according to the current state field value, and write corresponding management center server order, the command id character string of this order is pressed the specified rule setting according to the current state field value, the communicating number of current characteristic in this order and last registration is the corresponding data that extracts from this log-on message, remark information in this order be in the state codomain table with terminal essential information tables of data in the information field value of the corresponding record of current state field value of this terminal software and hardware essential information record, if this order is to report the loss lock command, also the owner of lost property's contact information field value that should from report the loss the record data table this terminal software and hardware be reported the loss in the record is for the last time added in the remark information of this order; Send the management center server order that has write to the communicating number that sends this log-on message; Carry out Gj);
Gi) revise the current state field value, send the management center server order of appointment to the communicating number that sends this log-on message according to corresponding specified rule;
Gj) carry out Gk);
Gk) in the endpoint registration tables of data, add a record, terminal software and hardware ID number that registration extracts, send the communicating number of this log-on message, the time of receiving this log-on message from this log-on message; Current characteristic field value in the essential information record of this terminal software and hardware in the terminal essential information tables of data is revised as the new feature data that extract from log-on message; Finishing this calls;
The terminal software and hardware sales situation analysis module of management center server, the workflow of this module is: the zone at the communicating number place that the terminal software and hardware is registered for the first time in the analysing terminal log-on data table, each designated sale zone of statistic of classification at the appointed time in the zone at the terminal software and hardware of the every kind of model/version communicating number place of registering for the first time, show statistics;
Reporting the loss solicited message comprises: password, owner of lost property's contact details, drop-out time, the communicating number when losing that terminal software and hardware ID number, password, the releasing that report the loss the solicited message sign, will report the loss reported the loss; Releasing is reported the loss solicited message and is comprised: remove the password that terminal software and hardware ID number, password, the releasing report the loss the solicited message sign, to have reported the loss report the loss, the communicating number of current use;
The workflow that the terminal software and hardware of management center server is reported the loss module is:
Ha) record sends this and reports the loss communicating number of solicited message and receive that this reports the loss the time of solicited message; According to the form of reporting the loss solicited message, report the loss the corresponding character string of extraction the solicited message from this, in terminal essential information tables of data, search the essential information record of this terminal software and hardware according to the terminal software and hardware ID sign character string that will report the loss that extracts, do not find and then carry out Hf), found and then carried out Hb);
Hb) whether the current state field value of checking this record is then to carry out Hc for reporting the loss locking), otherwise carry out Hd);
Hc) return bomp information " this terminal is reported the loss, and this asks failure " to sending this communicating number of reporting the loss solicited message, finish this and call;
Hd) check whether the password field selection values in the essential information record of this terminal software and hardware is identical with the password that reads from report the loss solicited message, the identical He that then carries out); Difference is then carried out Hf);
He) in reporting the loss the record data table, add a record, the Record ID field value of reporting the loss of this record is generated automatically by system, the terminal number field value is got the terminal number field value in the essential information record of this terminal software and hardware, the SOT state of termination field value is got the current state field value in the essential information record of this terminal software and hardware before reporting the loss, releasing is reported the loss password field selection values and get the password that the releasing that extracts is reported the loss from is reported the loss solicited message, the drop-out time field value is got the drop-out time that extracts from report the loss solicited message, report the loss the time word segment value and be and receive that this reports the loss the time of solicited message, the owner of lost property contact details of owner of lost property's contact information field value for extracting from report the loss solicited message are removed and are reported the loss the Record ID field value for empty; Current state field value in the essential information of this terminal software and hardware record changed into report the loss locking, this terminal software and hardware of search is lost all communicating numbers of post-registration in the endpoint registration tables of data, sends to these communicating numbers and reports the loss lock command; Whether the communicating number that inspection extracts from solicited message when losing is null character string, if be not null character string, then to extract lose the time communicating number send and report the loss lock command; The contact details that include the owner of lost property in the remark information of lock command; Return and report the loss successful information to sending this communicating number of reporting the loss solicited message; Finishing this calls;
Hf) return bomp information to sending this communicating number of reporting the loss solicited message, finish this and call;
The workflow that module is reported the loss in the releasing of management center server is:
Ia) record sends this releasing and reports the loss the communicating number of solicited message and receive that this releasing reports the loss the time of solicited message; Report the loss the form of solicited message according to releasing, report the loss from this releasing and extract corresponding character string the solicited message; In terminal essential information tables of data, search the essential information record of this terminal software and hardware according to the terminal software and hardware ID sign character string of reporting the loss of will removing that extracts,, that is, do not find, then carry out Ii) if the record number that returns is 0; Otherwise, carry out Ib);
Ib) whether the current state field value of checking this record is to report the loss locking, is then to carry out Ic); Otherwise carry out Ih);
Ic) check password field selection values in the essential information record of this terminal software and hardware with whether report the loss the password that reads the solicited message from this releasing identical, the identical Id that then carries out); Difference is then carried out Ii);
Id) according to the terminal number field value in the essential information of this terminal software and hardware record with report the loss and report the loss the time word segment value in the record data table, in reporting the loss the record data table, search this terminal and report the loss record for the last time, if the record number that returns is 0, then carry out Ii); Otherwise, carry out Ie);
Ie) checking that this terminal software and hardware is reported the loss in the record to remove for the last time reports the loss password field selection values to report the loss password identical with report the loss the releasing that extracts the solicited message from releasing, the identical If that then carries out); The Ii that then carries out inequality);
If) check whether the Record ID field value is reported the loss in the releasing of reporting the loss record for the last time is empty, for sky is then carried out Ig); Then do not carry out Ii) for sky;
Ig) report the loss in the record data table in releasing and add a record, the releasing of this record is reported the loss the Record ID field value and is generated automatically by system, removes the time of reporting the loss and is and receive that this releasing reports the loss the time of solicited message; This terminal is reported the loss releasing in the record for the last time and is reported the loss the Record ID field value and be set to the releasing that the new releasing of adding reports the loss in the record and report the loss the Record ID field value again; Next, the current state field value that this terminal software and hardware essential information is write down changes into and reports the loss the preceding SOT state of termination field value of reporting the loss of record for the last time; Detect then and report the loss the current communicating number that uses that extracts the solicited message from releasing and whether be null character string, if not, then send to remove and report the loss order to this communicating number; The current state field value that the remark information in the order writes down for this terminal software and hardware essential information is reported the loss in releasing; Report the loss the communicating number of solicited message and return success to remove and report the loss information to sending this releasing, finish this and call;
Ih) report the loss the communicating number of solicited message and return bomp information " this terminal is not reported the loss, and this ask to fail " to sending this releasing, finish this and call;
Ii) report the loss the communicating number of solicited message and return bomp information to sending this releasing, finish this and call;
The data consistency module workflow of checking of management center server is:
Ja) record sends this and checks the communicating number of data consistency solicited message; According to the form of checking the data consistency solicited message, check the corresponding character string of extraction the data consistency solicited message from this; In terminal essential information tables of data, search the record of this terminal software and hardware according to the terminal software and hardware ID sign character string that extracts,, then carry out Jh) if the record number that returns is 0; Otherwise, carry out Jb);
Jb) whether the current characteristic field value of the essential information of this terminal software and hardware record is consistent in the current characteristic that relatively extracts and the terminal essential information tables of data, if unanimity is then carried out Jc); Otherwise, carry out Jd);
Jc) according to terminal number field value in the essential information record of this terminal software and hardware, in the endpoint registration tables of data, search the record of the last registration of this terminal software and hardware, if the communicating number of the last registration of not finding and extracting is not the initial value of appointment, if the terminal communication Number character segment value of the record that perhaps finds is inconsistent with the communicating number of the last registration that extracts, then carry out Jd); Otherwise, carry out Je);
Jd) send the inconsistent order of data to sending this communicating number of checking the data consistency solicited message, and finish this and call;
Je) whether the current state field value of checking this record is the value of locking class, is then to carry out Jf); Otherwise carry out Jg);
Jf) send corresponding lock command to sending this communicating number of checking the data consistency solicited message; Finishing this calls;
Jg) send the data consistent order to sending this communicating number of checking the data consistency solicited message; Finishing this calls;
Jh) return bomp information to sending this communicating number of checking the data consistency solicited message, finish this and call;
The information that comprises in the terminal inquiry solicited message has: query requests sign, terminal software and hardware ID number, password, the remark information that will inquire about; The terminal inquiry request has inquiry of terminal essential information and endpoint registration to inquire about two kinds; In the trade mark enquiries request, include the hour of log-on scope of the registration number that returns, the record that will inquire about in the remark information;
The workflow of the terminal inquiry respond module of management center server is:
Ka) record sends the communicating number of this Query Information; According to the form of Query Information, from this Query Information, extract corresponding character string; In terminal essential information tables of data, search the record of this terminal software and hardware according to the terminal software and hardware ID sign character string that extracts,, then carry out Kf) if the record number that returns is 0; Otherwise, carry out Kb);
Kb) check whether the password field selection values in the essential information record of this terminal software and hardware is identical with the password that reads from this Query Information, the identical Kc that then carries out); Difference is then carried out Kf);
Kc) according to the terminal number field value in the essential information record of this terminal software and hardware, the hour of log-on field value in the endpoint registration tables of data, the registration of in the endpoint registration tables of data, searching this terminal software and hardware; The type of the query requests sign that inspection extracts from the Query Information of receiving is if Kd is then carried out in the essential information inquiry); If Ke is then carried out in the log-on message inquiry);
Kd) Termination ID of this terminal software and hardware essential information record number, terminal models/version number, date of manufacture, the place of production, current state and the time of designated sale area field value and registration for the first time and the communicating number of last registration are write a return string by specified rule, again this return string is sent to the communicating number that sends this Query Information; Finishing this calls;
Ke) according to the parameter of from the remark information that extracts, extracting, write return string, again this return string is sent to the communicating number that sends this Query Information by specified rule; Finishing this calls;
Kf) return bomp information to the communicating number that sends this Query Information, finish this and call;
The terminal request respond module of management center server is called when system start-up, memory-resident, and up to system closing, workflow is:
La) appointed information sent of sense terminals software and hardware is if detect then carry out Lb); Otherwise, carry out La);
Lb) by the general format of terminal request, from the information of receiving, extract the request mark character string, detect the request type of request mark character string representative,, then call the endpoint registration module if represent register requirement; If request is reported the loss in representative, then call terminal and report the loss module; If representative is removed and reported the loss request, then module is reported the loss in call release; If the terminal inquiry respond module is then called in the request of GC group connector inquiry class; Otherwise, this information is handed to other corresponding module of system; Carry out La again);
All communicating number modules, the request management center server that the after-sale service client has inquiry terminal software and hardware current state and basic information module, inquiry terminal software and hardware to register reported the loss the terminal module of software and hardware, the request management center server is removed the terminal software and hardware and reported the loss block of state.
2. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: the workflow of the endpoint registration module of management center server can be made following modification;
With step Gd) be revised as: check whether the current characteristic that extracts is the initial value of appointment, and whether the communicating number of the last registration that extracts is null character string from log-on message; Specify initial value and null character string if be respectively, then carry out Gd1); Otherwise, carry out Gf);
Add step Gd1): send the information that requires to provide password to the communicating number that sends this log-on message, if receive at the appointed time that password that the communicating number of this log-on message sends and the password of receiving are consistent with the password field selection values in the essential information record, then carry out Gg); Otherwise, carry out Gf);
At step Gj) in, finish this and call the following operation of adding before; Whether the current characteristic that inspection extracts from log-on message is the initial value of appointment, if the initial value of appointment, then produce the new password character string at random by specified rule, change the password field selection values in this terminal software and hardware essential information record into the new password character string, send the new password character string to the communicating number that sends this log-on message and user's pre-specified address again.
3. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: for the terminal software and hardware that must provide service to work by server, the available specific personalized service that it is successfully asked is as characteristic; Before each request server provided service, the terminal software and hardware sent to management center server and checks the data consistency solicited message; Check the data consistency solicited message and comprise communicating number, the current characteristic of checking request mark character string, terminal software and hardware ID number, registration at last; The current characteristic of checking in the data consistency solicited message can be the part character of appointment in the characteristic; After management center server is received and checked the data consistency solicited message, check whether data corresponding in terminal software and hardware ID number extract, the communicating number of registration at last, current characteristic and the database are consistent, if inconsistent, then refuse to provide service; If consistent, then provide service; After serving successfully end, terminal software and hardware and management center server all upgrade the communicating number and the current characteristic of each self-recording last registration with this specific personalized service of serving used communicating number and appointment.
4. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1; it is characterized in that: the 2nd group of protected data in the data submodule of legitimate verification module also can generate at random by specified rule; press regular the 2nd group of new protected data that produces each the modification when tabulation of management center server contact number, current state information and the used communicating number of terminal software and hardware are tabulated, according to the 2nd group of protected data above-mentioned three groups of data are encrypted then.
5. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1; it is characterized in that: the customized information that can all preserve according to protected terminal software and hardware and management center server; as the communicating number of characteristic, the registration of terminal software and hardware, the communication between them is encrypted.
6. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: the workflow of the registration submodule of the legitimate verification module of terminal software and hardware can be made following modification;
With Bg) change into: what whether the 2nd return value of detection management center server order detection sub-module indicated is to confirm order, is then to carry out Bh); Not then to carry out Bh1);
Interpolation step Bh1) calls management center server command process submodule; Withdraw from the registration submodule;
Accordingly, in management center server software, also make following modification;
In the management center server database, increase the not successful log-on data table of terminal; Simultaneously, the endpoint registration module of management center server is also made following modification;
With Gj) be revised as: check whether the management center server order that sends out is to confirm order, is then to carry out Gk); Not then to carry out Gk1);
Add step: Gk1) in the not successful log-on data table of terminal, add a record, terminal software and hardware ID number that registration extracts, send the communicating number of this log-on message, the time of receiving this log-on message from this log-on message; Finishing this calls;
The structure of the not successful log-on data table of terminal is identical with the endpoint registration tables of data.
7. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1 is characterized in that: can only write down the communicating number of last registration in the used communicating number tabulation of the terminal software and hardware in the data submodule; Accordingly, the endpoint registration tables of data of management center server can be removed, and adds the communicating number field of a last registration in Basic Information Table; After management center server is received register requirement, after having passed through the communicating number checking of last registration, whether the current state field value that detects in the essential information record of this terminal software and hardware is normal, be normal, then management center server upgrades the communicating number and the current characteristic field value of the last registration in the essential information record; Be not normal, then this log-on message with this terminal software and hardware is recorded in the illegal log-on data table of terminal.
8. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: if the communicating number of terminal software and hardware is changeless, data submodule in the legitimate verification module of terminal software and hardware can not have the used communicating number tabulation of terminal software and hardware, the communicating number that in the communication information of terminal software and hardware and management center server, does not comprise last registration, and the communicating number inspection of when whether the checking communication information is legal, also not registering at last.
9. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: whether the indicated country /region of the designated sale area field value during the essential information of this terminal software and hardware writes down in use country /region that can be by relatively log-on message communicating number indication and the management center server terminal essential information tables of data is consistent, judges whether this terminal software and hardware is smuggled goods.
10. the stolen system and method for software and hardware that prevents communication condition/function according to claim 1, it is characterized in that: can be the information in the terminal essential information tables of data, feature by the terminal software and hardware, scope, terminal models/version number, the place of production, designated sale zone as Termination ID number, be organized in a plurality of terminal essential information data sublists, and come these terminal essential information data sublists of unified management by a terminal essential information concordance list; Field in the terminal essential information tables of data is divided into two parts, deposits in terminal essential information data sublist and the terminal essential information concordance list; Field in the terminal essential information concordance list has: the specific field of the starting symbol of terminal essential information data sublist name, Termination ID feature string, Termination ID scope, the termination of Termination ID scope number and expression terminal further feature, as terminal models/version number field, designated sale area field; When searching terminal software and hardware essential information, earlier number in terminal essential information concordance list, find corresponding terminal essential information data sublist name, in the terminal essential information data sublist that checks in, search the record at this Termination ID place again according to the Termination ID that will look into; Each terminal essential information data sublist all has own corresponding illegal log-on data table of endpoint registration tables of data, terminal and the not successful log-on data table of terminal.
CNA200510096358XA 2005-11-16 2005-11-16 System and method for preventing software and hardware with communication condition/function against embezzlement Pending CN1764106A (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CNA200510096358XA CN1764106A (en) 2005-11-16 2005-11-16 System and method for preventing software and hardware with communication condition/function against embezzlement
CNB2006102010963A CN100452908C (en) 2005-11-16 2006-11-16 System and method for preventing software and hardware with communication condition / function from being embezzled
PCT/CN2006/003087 WO2007056951A1 (en) 2005-11-16 2006-11-16 System and method for preventing the theft of software and hardware with communication condition/function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA200510096358XA CN1764106A (en) 2005-11-16 2005-11-16 System and method for preventing software and hardware with communication condition/function against embezzlement

Publications (1)

Publication Number Publication Date
CN1764106A true CN1764106A (en) 2006-04-26

Family

ID=36748076

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA200510096358XA Pending CN1764106A (en) 2005-11-16 2005-11-16 System and method for preventing software and hardware with communication condition/function against embezzlement

Country Status (2)

Country Link
CN (1) CN1764106A (en)
WO (1) WO2007056951A1 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102200987A (en) * 2011-01-27 2011-09-28 北京开心人信息技术有限公司 Method and system for searching sock puppet identification number based on behavioural analysis of user identification numbers
CN102291257A (en) * 2011-07-27 2011-12-21 奇智软件(北京)有限公司 Network-based terminal resource management method
CN101401103B (en) * 2006-06-09 2012-04-18 国际商业机器公司 System and method for secure boot across a plurality of processors
CN102467624A (en) * 2010-11-10 2012-05-23 金蝶软件(中国)有限公司 Method and system for software license recovery and automatic reapplication
WO2012068792A1 (en) * 2010-11-22 2012-05-31 中兴通讯股份有限公司 Mobile phone, registration method, system and device for implementing device management of the mobile phone
CN102780989A (en) * 2012-07-06 2012-11-14 北京小米科技有限责任公司 Method and system for preventing loss of mobile terminal
CN103164642A (en) * 2011-12-19 2013-06-19 比亚迪股份有限公司 Method and system for preventing software piracy
CN103935849A (en) * 2014-03-12 2014-07-23 深圳市海浦蒙特科技有限公司 Communication method of elevator master controller and calling board
WO2014135005A2 (en) * 2013-11-20 2014-09-12 中兴通讯股份有限公司 Terminal search method and system, and terminal and receiver
CN104219317A (en) * 2014-09-15 2014-12-17 浙江云微览网络科技股份有限公司 Router, system and method for anti-theft tracking for mobile terminal on basis of location positioning
CN104519479A (en) * 2013-09-27 2015-04-15 中兴通讯股份有限公司 Methods for terminal to lock net and unlock net
WO2015135305A1 (en) * 2014-03-12 2015-09-17 北京安兔兔科技有限公司 Method and device for verifying authenticity of a terminal
CN105836564A (en) * 2016-05-31 2016-08-10 广州日滨科技发展有限公司 Binding method and device of elevator hardware
CN106331337A (en) * 2016-08-22 2017-01-11 北京小米移动软件有限公司 Terminal peripheral starting method and device
US10019604B2 (en) 2014-10-31 2018-07-10 Xiaomi Inc. Method and apparatus of verifying terminal and medium
CN108566401A (en) * 2017-12-01 2018-09-21 深圳市新产业生物医学工程股份有限公司 Communication processing method, communication processing apparatus and electric terminal
CN110135130A (en) * 2019-04-25 2019-08-16 武汉虹信通信技术有限责任公司 A kind of embedded device software tamper-resistant method and system

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103685499A (en) * 2013-12-06 2014-03-26 深圳酷派技术有限公司 Terminal, server, application program management system and application program management method
CN108306957A (en) * 2018-01-26 2018-07-20 吉浦斯信息咨询(深圳)有限公司 The unique mark of Android smartphone and push recognition methods and system
CN108322529A (en) * 2018-01-26 2018-07-24 吉浦斯信息咨询(深圳)有限公司 The unique mark of apple smart mobile phone and push recognition methods and system
CN110135857B (en) * 2018-02-06 2023-12-05 深圳市大摩登科技有限公司 Apple equipment verification method, terminal, server and system
CN111091379B (en) * 2019-12-25 2023-04-18 飞天诚信科技股份有限公司 Method and system for realizing segmented operation of smart card
CN113971865A (en) * 2021-08-30 2022-01-25 珠海读书郎软件科技有限公司 Searching method for lost smart watch
CN115103055B (en) * 2022-06-17 2023-10-03 度小满科技(北京)有限公司 Loss processing method, loss processing device, mobile terminal and readable storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100502599C (en) * 2003-10-10 2009-06-17 高延飞 Security management method for mobile phone
CN1662028A (en) * 2005-01-01 2005-08-31 周文伟 System for tracking information of losing handset and tracking method

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101401103B (en) * 2006-06-09 2012-04-18 国际商业机器公司 System and method for secure boot across a plurality of processors
CN102467624A (en) * 2010-11-10 2012-05-23 金蝶软件(中国)有限公司 Method and system for software license recovery and automatic reapplication
CN102467624B (en) * 2010-11-10 2014-04-02 金蝶软件(中国)有限公司 Method and system for software license recovery and automatic reapplication
WO2012068792A1 (en) * 2010-11-22 2012-05-31 中兴通讯股份有限公司 Mobile phone, registration method, system and device for implementing device management of the mobile phone
CN102200987A (en) * 2011-01-27 2011-09-28 北京开心人信息技术有限公司 Method and system for searching sock puppet identification number based on behavioural analysis of user identification numbers
CN102291257B (en) * 2011-07-27 2013-09-04 奇智软件(北京)有限公司 Network-based terminal resource management method
CN102291257A (en) * 2011-07-27 2011-12-21 奇智软件(北京)有限公司 Network-based terminal resource management method
CN103164642A (en) * 2011-12-19 2013-06-19 比亚迪股份有限公司 Method and system for preventing software piracy
CN103164642B (en) * 2011-12-19 2016-11-23 比亚迪股份有限公司 A kind of method and system preventing software piracy
CN102780989A (en) * 2012-07-06 2012-11-14 北京小米科技有限责任公司 Method and system for preventing loss of mobile terminal
CN104519479A (en) * 2013-09-27 2015-04-15 中兴通讯股份有限公司 Methods for terminal to lock net and unlock net
CN104519479B (en) * 2013-09-27 2019-06-11 中兴通讯股份有限公司 A kind of method of terminal and its lock network and unlocking locked network
WO2014135005A3 (en) * 2013-11-20 2014-10-30 中兴通讯股份有限公司 Terminal search method and system, and terminal and receiver
WO2014135005A2 (en) * 2013-11-20 2014-09-12 中兴通讯股份有限公司 Terminal search method and system, and terminal and receiver
CN103935849A (en) * 2014-03-12 2014-07-23 深圳市海浦蒙特科技有限公司 Communication method of elevator master controller and calling board
WO2015135305A1 (en) * 2014-03-12 2015-09-17 北京安兔兔科技有限公司 Method and device for verifying authenticity of a terminal
CN103935849B (en) * 2014-03-12 2016-01-20 深圳市海浦蒙特科技有限公司 Elevator main controller and call the communication means of plate outward together
CN104219317A (en) * 2014-09-15 2014-12-17 浙江云微览网络科技股份有限公司 Router, system and method for anti-theft tracking for mobile terminal on basis of location positioning
US10019604B2 (en) 2014-10-31 2018-07-10 Xiaomi Inc. Method and apparatus of verifying terminal and medium
CN105836564A (en) * 2016-05-31 2016-08-10 广州日滨科技发展有限公司 Binding method and device of elevator hardware
CN106331337A (en) * 2016-08-22 2017-01-11 北京小米移动软件有限公司 Terminal peripheral starting method and device
CN106331337B (en) * 2016-08-22 2019-11-08 北京小米移动软件有限公司 The starting method and device of terminal peripheral hardware
CN108566401A (en) * 2017-12-01 2018-09-21 深圳市新产业生物医学工程股份有限公司 Communication processing method, communication processing apparatus and electric terminal
CN108566401B (en) * 2017-12-01 2021-07-20 深圳市新产业生物医学工程股份有限公司 Communication processing method, communication processing device and electronic terminal
CN110135130A (en) * 2019-04-25 2019-08-16 武汉虹信通信技术有限责任公司 A kind of embedded device software tamper-resistant method and system
CN110135130B (en) * 2019-04-25 2021-03-12 武汉虹信科技发展有限责任公司 Method and system for preventing embedded equipment software from being modified

Also Published As

Publication number Publication date
WO2007056951A1 (en) 2007-05-24

Similar Documents

Publication Publication Date Title
CN1764106A (en) System and method for preventing software and hardware with communication condition/function against embezzlement
CN1960553A (en) System and method for preventing software and hardware with communication condition / function from being embezzled
CN100339844C (en) Information management system
CN1173285C (en) Method and device for fixing display information, and related soft ware products and storage medium therefor
CN1171433C (en) Detecting possible fraudulent communication usage
CN1160616C (en) Anti-virus agent for use with database and mail servers
CN1571959A (en) Information processing device, information processing method, and computer program
CN1542584A (en) Program electronic watermark processing apparatus
CN1365472A (en) A shared registrations system for registration and using relative domain names
CN1274107C (en) Encrypted data delivery system
CN101039239A (en) System and method for remote image capture with centralized processing and storage
CN1518699A (en) Information image utilization system, information image management apparatus, information image management method, user information image, program, and recording medium
CN1430140A (en) Equipment and method for limitting contents access and storage
CN1855112A (en) Content information providing system, content information providing server, content reproduction apparatus, content information providing method, content reproduction method and computer program
CN1914591A (en) Secure device, terminal device, gate device, and device
CN1650274A (en) Operation managing method and operation managing server
CN1918865A (en) Method, system and computer program product for generating and processing a disposable email address
CN1618201A (en) System and method for facilitating electronic financial transactions using a mobile telecommunications device
CN1284190A (en) Push banking system and method
CN1522407A (en) Information image utilizing system, information image managing server, information image managing method, apparatus information image, program and recording medium
CN1783792A (en) Dynamic content change notification
CN1394312A (en) Authentication system, authentication agent apparatus, and terminal
CN1483278A (en) Contents directory service system
CN1957356A (en) Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method
CN1922600A (en) User authentication system and data providing system using the same

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication