WO2010072072A1 - Method, device and system for locking a mobile terminal with a subscriber identity module card - Google Patents

Method, device and system for locking a mobile terminal with a subscriber identity module card Download PDF

Info

Publication number
WO2010072072A1
WO2010072072A1 PCT/CN2009/073208 CN2009073208W WO2010072072A1 WO 2010072072 A1 WO2010072072 A1 WO 2010072072A1 CN 2009073208 W CN2009073208 W CN 2009073208W WO 2010072072 A1 WO2010072072 A1 WO 2010072072A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile terminal
card
personal identification
default
pin code
Prior art date
Application number
PCT/CN2009/073208
Other languages
French (fr)
Chinese (zh)
Inventor
孙东
Original Assignee
华为终端有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为终端有限公司 filed Critical 华为终端有限公司
Publication of WO2010072072A1 publication Critical patent/WO2010072072A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • H04M1/673Preventing unauthorised calls from a telephone set by electronic means the user being required to key in a code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to the field of network communication technologies, and in particular, to a method, device and system for locking a mobile terminal and a user identity card.
  • the existing mobile phones lock the mobile phone and the SIM (Subscriber Identity Module lock) card by means of a SIM lock (Subscriber Identity Module lock).
  • Customized handsets lock the public carrier mobile network (PLMN) of a particular carrier, and other carriers' numbers cannot be used to lock custom mobile phones.
  • PLMN public carrier mobile network
  • China Mobile's PLMN number is 460-00, and 460-00 is pre-saved to the mobile phone.
  • booting the PLMN number of the SIM card is read. If the PLMN number of the SIM card is also 460-00, the boot is allowed; otherwise , booting is not allowed. This achieves the effect that a customized mobile phone can only use China Mobile's SIM card.
  • the above SIM lock can only lock one type of card, such as a card that locks China Mobile or a card of China »0 Unicom, which cannot achieve the purpose of locking a specific card.
  • the operator wants to achieve one-to-one locking between the mobile phone and the SIM card, that is, the mobile phone locks a specific SIM card.
  • Embodiments of the present invention provide a method, device, and system for locking a mobile terminal and a user identity card, so as to enable the mobile terminal to lock a specific user identity card.
  • the embodiment of the present invention provides a method for locking a mobile terminal and a user identity card, including: matching a default personal identification code in the mobile terminal and a default personal identification in the user identification card when the mobile terminal is powered on for the first time.
  • the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time; after the first power on, a new personal identification code is generated; the mobile terminal and the mobile terminal are Rewriting the personal identification number in the user identification card to the new individual Identifier.
  • the embodiment of the present invention further provides a mobile terminal, including a matching unit, a generating unit, and an updating unit.
  • the matching unit is configured to match a default personal identification code and a user identification card in the mobile terminal when the mobile terminal is powered on for the first time.
  • the default personal identification number when the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time; the generating unit is used after the mobile terminal is powered on for the first time.
  • the updating unit configured to update a default personal identification code in the mobile terminal and a default personal identification code in the user identification card to the new personal identification code.
  • the embodiment of the invention further provides a system for locking a mobile terminal and a user identification card, comprising the mobile terminal and the user identification card described in the above embodiments.
  • the default personal identification number (PIN) provided by the operator is encrypted and stored in the mobile terminal.
  • the default PIN code in the matching mobile terminal is the same as the default PIN code in the SIM card, and the power is turned on successfully.
  • the phone After the phone is successfully turned on, the phone generates a new PIN code, and the new PIN code updates the default PIN code in the mobile terminal.
  • the new PIN code updates the default PIN code in the SIM card.
  • the SIM card is a specific card that the mobile terminal locks. The invention realizes that the mobile terminal locks a specific card by verifying the PIN code.
  • FIG. 1 is a flow chart of a first embodiment of a method based on the present invention
  • Figure 2 is a flow chart of a second embodiment of the method according to the present invention.
  • FIG. 3 is a structural diagram of a first embodiment of a mobile terminal based on the present invention.
  • FIG. 4 is a structural diagram of a second embodiment of a mobile terminal based on the present invention.
  • Figure 5 is a structural view of a first embodiment of the system based on the present invention.
  • Figure 6 is a structural view of a second embodiment of the system based on the present invention.
  • Figure 7 is a block diagram showing a third embodiment of the system based on the present invention. detailed description
  • a method for locking a mobile terminal and a user identification card is described in the embodiment of the present invention.
  • the method includes: when the mobile terminal is powered on for the first time, matching a default personal identification code in the user identification card and saving in the mobile
  • the default personal identification code of the terminal if the two are the same, the booting is successful; after the booting is successful, a new personal identification code is generated, and the default in the mobile terminal and the user identification card is updated respectively by using the new personal identification code.
  • Personal identification number may be a mobile phone or a data card. For convenience of description, the following embodiments all describe a specific solution by using a mobile phone as an example.
  • this figure is a flow chart based on a first embodiment of the method of the present invention.
  • the phone When the PIN code in the SIM card is different from the default PIN code stored in the EFS of the mobile phone, the phone will not be activated if it is directly turned off.
  • the PIN code in the mobile phone may not be saved in the EFS, or may be saved in other files of the mobile phone.
  • S103 Update the default PIN stored in the EFS of the mobile phone with the new PIN code, and update the default PIN code stored in the SIM card.
  • the new PIN code is randomly generated by the mobile phone platform, and the purpose is to realize the locking of the specific card by the mobile phone, that is, the locking of the mobile phone and the SIM-to-one.
  • the salesperson can use any SIM card with the default PIN code and the mobile phone to lock.
  • the generated new PIN code updates the original default PIN code in the mobile phone and SIM to realize the mobile phone. Lock this particular card.
  • the method for locking the mobile terminal and the user identification card encrypts the default PIN provided by the operator in the EFS of the mobile phone.
  • the phone When the phone is turned on for the first time, it is allowed to boot when the PIN code in the matching EFS is the same as the PIN in the SIM card. After booting up, a new PIN code is generated and the new PIN updates the PIN code in the SIM card in EFS.
  • the booting is allowed; at the same time, the opening is not allowed, thereby realizing the interlocking of the card through the PIN code.
  • the interlocking of the machine card in the embodiment of the invention realizes locking a specific card, and the operator can realize a special service through the specific interlock of the mobile phone and the card, for example, launching some experimental mobile phones, special tariffs, etc. for the user. use.
  • China Mobile launched a new business for entertainment websites. Users can use this entertainment website to get a free mobile phone. The connection to this entertainment site is prefabricated on this phone. In order to encourage users to use this entertainment website, the Internet traffic fee of this SIM card is particularly favorable. Therefore, China Mobile does not want other mobile phones to use this SIM card. In this way, China Mobile needs to lock the phone to this specific SIM card, which cannot be used on other mobile phones.
  • FIG. 2 there is shown a flow chart of a second embodiment of the method based on the present invention.
  • S201 The mobile phone saves the default PIN code encrypted by the operator through the encryption algorithm in the EFS.
  • the default PIN code provided by the operator is stored in the EFS of the mobile phone through an encryption algorithm, which is called a default seed file.
  • S204 After encrypting the new PIN code by using the encryption algorithm, the mobile phone updates the default PIN code in the EFS and updates the default PIN code in the SIM card.
  • S205 When the mobile phone is turned on again, when the PIN code stored in the EFS of the mobile phone is verified to be the same as the PIN code saved in the SIM, the booting is successful, and vice versa, the booting fails.
  • the PIN code stored in the mobile phone is encrypted and saved. Therefore, when the PIN code in the EFS matching phone is the same as the PIN code in the SIM card, the PIN code saved in the EFS is first decrypted.
  • the mobile phone Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
  • the interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code.
  • the PIN code on the phone is not visible to the user.
  • Some mobile phone security features that require a PIN are accessed directly, without prompting the user to enter a PIN.
  • the embodiment of the invention further provides a mobile terminal. It should be noted that the mobile terminal in the embodiment of the present invention may be a mobile phone or a data card. For convenience of description, the following embodiments all use a mobile phone as an example to describe a specific solution.
  • this figure is a structural diagram of a first embodiment of a mobile terminal based on the present invention.
  • a mobile terminal provided by the present invention includes a matching unit 301, a generating unit 302, and an updating unit.
  • the matching unit 301 is configured to: when the mobile phone is first turned on, the default PIN code in the matching SIM card is the same as the default PIN code stored in the EFS of the mobile phone, and the booting succeeds; when the PIN code in the SIM card is related to the mobile phone When the default PIN code saved in EFS is different, it will be shut down directly and the phone will not start.
  • the generating unit 302 is configured to generate a new PIN code after the mobile phone is successfully booted.
  • the updating unit 303 is configured to update the default PIN code in the EFS of the mobile phone with the new PIN code; and update the default PIN code of the user identity authentication module card at the same time.
  • the new PIN code is randomly generated in order to enable the handset to lock a particular card.
  • the salesperson can use any SIM card with the default PIN code and the mobile phone to lock.
  • the generated new PIN code is saved in the mobile phone and SIM through the encryption algorithm and decryption algorithm, and updated.
  • the original default PIN code enables the phone to lock the particular card.
  • the mobile terminal provided by the embodiment of the present invention encrypts the default PIN provided by the operator.
  • the PIN code in the matching EFS is the same as the PIN in the SIM card.
  • a new PIN code is generated, and the new PIN updates the PIN code in the SIM card in the EFS.
  • the booting is successful; at the same time, the booting fails, thereby realizing the interlocking of the card through the PIN.
  • FIG. 4 the figure is a structural diagram of Embodiment 2 of a mobile terminal based on the present invention.
  • the second embodiment of the apparatus of the present invention differs from the first embodiment of the apparatus in that a verification unit 401 and a rejection unit 402 are added.
  • the verification unit 401 is configured to: when the mobile phone is turned on again, when the personal identification code stored in the embedded file system of the mobile phone is the same as the personal identification code stored in the user identity authentication module card, the booting is successful, and vice versa, the booting fails.
  • the mobile phone Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
  • the reject unit 402 is configured to reject the user to modify the PIN code.
  • the interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code.
  • the PIN code on the phone is not visible to the user.
  • Some mobile phone security features that require a PIN are accessed directly, without prompting the user to enter a PIN.
  • the embodiment of the invention further provides a system for locking a mobile terminal and a user identification card.
  • the system of the embodiments of the present invention includes a mobile terminal and a subscriber identity card.
  • the mobile terminal according to the embodiment of the present invention may be a mobile phone or a data card. For convenience of description, the following embodiments all describe a specific solution by using a mobile phone as an example.
  • FIG. 5 there is shown a block diagram of a first embodiment of a system based on the present invention.
  • the first embodiment of the system of the present invention includes a handset 501 and a SIM card 502.
  • the mobile phone 501 is configured to save the default PIN code provided by the operator to itself.
  • the PIN code can be saved in the EFS of the mobile phone.
  • the default PIN code provided by the operator can be stored in the EFS of the mobile phone 501 by an encryption algorithm, which is called a default seed file. Since the default PIN code uses an encryption algorithm, the attacker cannot see the plaintext of the PIN code, thereby ensuring the security of the PIN code.
  • the default PIN code in the matching SIM card 502 is the same as the default PIN code stored in the EFS of the mobile phone 501, and the power is turned on successfully.
  • the PIN code in the SIM card 502 is different from the default PIN code stored in the EFS of the mobile phone 501, it is directly turned off, and the mobile phone 501 cannot be started.
  • the mobile phone 501 After the first boot is successful, the mobile phone 501 generates a new PIN code, updates the default PIN code stored in the EFS of the mobile phone 501 with the generated new PIN code, and updates the default PIN code in the SIM card 502.
  • the mobile phone 501 verifies that the PIN code stored in the EFS is the same as the PIN code saved in the SIM card 502, and the booting succeeds, otherwise, the boot fails.
  • the new PIN code is randomly generated by the mobile phone 501 platform, and the purpose is to enable the mobile phone to lock a specific SIM card 502.
  • the mobile phone can refuse the user to modify the PIN code.
  • the salesperson can use any SIM card with the default PIN code and the mobile phone to lock.
  • the generated new PIN code is saved in the mobile phone and SIM through the encryption algorithm, and the original default is updated.
  • the PIN code that enables the phone to lock the particular card.
  • the system for locking the mobile terminal and the user identification card provided by the embodiment of the present invention encrypts the default PIN provided by the operator in the EFS of the mobile phone 501.
  • the PIN code in the matching EFS is the same as the PIN in the SIM card 502, and the power is turned on successfully.
  • the mobile phone 501 After the boot is successful, the mobile phone 501 generates a new PIN code, and the new PIN updates the PIN code in the SIM card 502 in the EFS.
  • the interlocked mobile phone 501 does not include an interface for the user to modify the PIN code and an interface related to the PIN code.
  • the PIN code on the phone is not visible to the user.
  • the mobile phone 501 may include the mobile terminal according to Embodiment 1 of the foregoing mobile terminal or Embodiment 2 of the mobile terminal.
  • System Embodiment 2 :
  • this figure is a block diagram of a second embodiment of a system based on the present invention.
  • the mobile phone 501 in this embodiment includes a matching unit 301, a generating unit 302, and an updating unit 303.
  • the matching unit 301 is configured to: when the mobile phone is first turned on, the default PIN code in the matching SIM card is the same as the default PIN code stored in the EFS of the mobile phone, and the booting succeeds; when the PIN code in the SIM card is related to the mobile phone When the default PIN code saved in EFS is different, it will be shut down directly and the phone will not start.
  • the generating unit 302 is configured to generate a new PIN code after the mobile phone is successfully booted.
  • the updating unit 303 is configured to update the default PIN code in the EFS of the mobile phone with the new PIN code; and update the default PIN code of the user identity authentication module card at the same time.
  • FIG. 7 there is shown a block diagram of a third embodiment of the system in accordance with the present invention.
  • the mobile phone 501 adds a verification unit 401 and a rejection unit 402.
  • the verification unit 401 is configured to: when the mobile phone is turned on again, when the personal identification code stored in the embedded file system of the mobile phone is the same as the personal identification code stored in the user identity authentication module card, the booting is successful, and vice versa, the booting fails.
  • the mobile phone Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
  • the reject unit 402 is configured to reject the user to modify the PIN code.
  • the interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code.
  • the PIN code on the phone is not visible to the user.
  • a method for locking a mobile terminal and a user identity card is provided in the embodiment of the present invention, and the default PIN code provided by the operator is encrypted and stored in the mobile terminal.
  • the default PIN code in the matching mobile terminal is the same as the default PIN code in the SIM card, and the power is turned on successfully.
  • the phone After the first boot is successful, the phone generates a new PIN code, and the new PIN code updates the default PIN code in the mobile terminal. At the same time, the new PIN code updates the default PIN code in the SIM card.
  • the SIM card is a specific card that is locked by the mobile terminal.
  • the invention realizes that the mobile terminal locks a specific card by verifying the PIN code, and the operator can realize a certain special through the specific interlock of the mobile terminal and the card. Business. Since the PIN encryption is stored in the EFS, the attacker cannot see the PIN code and steal the PIN code.
  • the storage medium referred to herein is, for example, a ROM/RAM, a magnetic disk, an optical disk, or the like.
  • the method includes the following steps: when the mobile terminal is powered on for the first time, the default personal identification code in the matching user identification card is the same as the default personal identification code stored in the mobile terminal, and the power is successfully turned on; A new personal identification number, and the default personal identification code in the mobile terminal and the user identification card are respectively updated with the new personal identification code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephone Function (AREA)

Abstract

A method, a device and a system for locking a mobile terminal with a Subscriber Identity Module (SIM) card. The method involves: when a mobile terminal is started firstly, successful startup is achieved when the default personal identification number (PIN) of the SIM card is the same as the default PIN stored in the mobile terminal by matching(S101); and a new PIN is generated after the successful startup (S102). The default PINs in the mobile terminal and the SIM card are updated respectively according to the new PIN (S103). The SIM card is the special card that the mobile terminal locks. The method achieves that the mobile terminal locks a special card by verifying a PIN, and achieves the special service by specially interlocking of the mobile terminal and the card.

Description

一种移动终端与用户身份识别卡锁定的方法、 设备及系统  Method, device and system for locking mobile terminal and user identification card
本申请要求于 2008年 12月 26日 提交中 国专利局、 申请号为 200810188821.7、 发明名称为"一种移动终端与用户身份识别卡锁定的方法、 设备及系统"的中国专利申请的优先权,其全部内容通过引用结合在本申请中。 5 技术领域  This application claims priority to Chinese Patent Application No. 200810188821.7, entitled "A Method, Apparatus and System for Locking Mobile Terminals and User Identification Cards", which is filed on December 26, 2008. The entire contents are incorporated herein by reference. 5 Technical fields
本发明涉及网络通信技术领域,特别涉及一种移动终端与用户身份识别卡 锁定的方法、 设备及系统。  The present invention relates to the field of network communication technologies, and in particular, to a method, device and system for locking a mobile terminal and a user identity card.
背景技术  Background technique
最早的手机是机卡合一的,随着技术的发展,现在的手机都是机卡分离的。 0 但是对于运营商的某些定制业务, 运营商希望能够实现机卡合一。  The earliest mobile phones were machine-card-integrated. With the development of technology, the current mobile phones are separated by machine cards. 0 However, for some customized services of operators, operators hope to achieve machine and card integration.
现有的手机都是通过协议规定的用户身份鉴别模件锁 (SIM lock , Subscriber Identity Module lock )将手机和 SIM (用户身份鉴别模件, Subscriber Identity Module lock )卡进行锁定。 定制手机锁定特定的运营商的公众陆地移 动电话网 (PLMN, Public Land Mobile Network ) , 其他运营商的号码无法使 5 用锁定的定制手机。 例如, 中国移动的 PLMN号码是 460-00, 将 460-00预先保 存到手机中, 当开机时,读取 SIM卡的 PLMN号码, 如果 SIM卡的 PLMN号码也 是 460-00, 则允许开机; 否则, 不允许开机。 这样达到了定制手机只能使用中 国移动的 SIM卡的效果。  The existing mobile phones lock the mobile phone and the SIM (Subscriber Identity Module lock) card by means of a SIM lock (Subscriber Identity Module lock). Customized handsets lock the public carrier mobile network (PLMN) of a particular carrier, and other carriers' numbers cannot be used to lock custom mobile phones. For example, China Mobile's PLMN number is 460-00, and 460-00 is pre-saved to the mobile phone. When booting, the PLMN number of the SIM card is read. If the PLMN number of the SIM card is also 460-00, the boot is allowed; otherwise , booting is not allowed. This achieves the effect that a customized mobile phone can only use China Mobile's SIM card.
但是, 上述的 SIM lock只能锁定一类卡, 例如锁定中国移动的卡或者中国 »0 联通的卡, 无法实现锁定一张特定的卡的目的。 例如, 运营商为了推出某种特 定业务, 希望手机和 SIM卡实现一对一的锁定, 即该手机锁定特定的 SIM卡。 发明内容  However, the above SIM lock can only lock one type of card, such as a card that locks China Mobile or a card of China »0 Unicom, which cannot achieve the purpose of locking a specific card. For example, in order to launch a specific service, the operator wants to achieve one-to-one locking between the mobile phone and the SIM card, that is, the mobile phone locks a specific SIM card. Summary of the invention
本发明实施例提供一种移动终端与用户身份识别卡锁定的方法、设备及系 统, 以实现移动终端锁定特定用户身份识别卡。  Embodiments of the present invention provide a method, device, and system for locking a mobile terminal and a user identity card, so as to enable the mobile terminal to lock a specific user identity card.
»5 本发明实施例提供一种移动终端与用户身份识别卡锁定的方法, 包括: 在 移动终端首次开机时,匹配移动终端中缺省的个人识别码与用户身份识别卡中 缺省的个人识别码;当移动终端中缺省的个人识别码与用户身份识别卡中缺省 的个人识别码相同时,移动终端首次开机;首次开机后,生成新的个人识别码; 将所述移动终端及所述用户身份识别卡中的个人识别码更新为所述新的个人 识别码。 The embodiment of the present invention provides a method for locking a mobile terminal and a user identity card, including: matching a default personal identification code in the mobile terminal and a default personal identification in the user identification card when the mobile terminal is powered on for the first time. When the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time; after the first power on, a new personal identification code is generated; the mobile terminal and the mobile terminal are Rewriting the personal identification number in the user identification card to the new individual Identifier.
本发明实施例还提供一种移动终端,包括匹配单元、生成单元和更新单元; 所述匹配单元, 用于在移动终端首次开机时, 匹配移动终端中缺省的个人识别 码与用户身份识别卡中缺省的个人识别码;当移动终端中缺省的个人识别码与 用户身份识别卡中缺省的个人识别码相同时,移动终端首次开机; 所述生成单 元, 用于移动终端首次开机后, 生成新的个人识别码; 所述更新单元, 用于将 移动终端中缺省的个人识别码和用户身份识别卡中缺省的个人识别码更新为 所述新的个人识别码。  The embodiment of the present invention further provides a mobile terminal, including a matching unit, a generating unit, and an updating unit. The matching unit is configured to match a default personal identification code and a user identification card in the mobile terminal when the mobile terminal is powered on for the first time. The default personal identification number; when the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time; the generating unit is used after the mobile terminal is powered on for the first time. And generating a new personal identification code; the updating unit, configured to update a default personal identification code in the mobile terminal and a default personal identification code in the user identification card to the new personal identification code.
本发明实施例还提供一种移动终端与用户身份识别卡锁定的系统,包括上 述实施例所述的移动终端和用户身份识别卡。  The embodiment of the invention further provides a system for locking a mobile terminal and a user identification card, comprising the mobile terminal and the user identification card described in the above embodiments.
本发明实施例, 将运营商提供的缺省的个人识别码 ( PIN , Personal Identification Number )经过加密保存在移动终端中。 移动终端首次开机时, 匹 配移动终端中缺省的 PIN码与 SIM卡中缺省的 PIN码相同时, 开机成功。 开 机成功后,手机生成一个新的 PIN码,新的 PIN码更新移动终端中缺省的 PIN 码。 同时, 新的 PIN码更新 SIM卡中缺省的 PIN码。 该 SIM卡就是移动终端 锁定的特定的卡。本发明通过验证 PIN码实现移动终端锁定一张特定的卡,运 附图说明  In the embodiment of the present invention, the default personal identification number (PIN) provided by the operator is encrypted and stored in the mobile terminal. When the mobile terminal is powered on for the first time, the default PIN code in the matching mobile terminal is the same as the default PIN code in the SIM card, and the power is turned on successfully. After the phone is successfully turned on, the phone generates a new PIN code, and the new PIN code updates the default PIN code in the mobile terminal. At the same time, the new PIN code updates the default PIN code in the SIM card. The SIM card is a specific card that the mobile terminal locks. The invention realizes that the mobile terminal locks a specific card by verifying the PIN code.
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施 例或现有技术描述中所需要使用的附图作筒单地介绍,显而易见地, 下面描述 中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲, 在不付 出创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description For some embodiments of the present invention, other drawings may be obtained from those skilled in the art without departing from the drawings.
图 1是基于本发明方法第一实施例流程图;  1 is a flow chart of a first embodiment of a method based on the present invention;
图 2是基于本发明方法第二实施例流程图;  Figure 2 is a flow chart of a second embodiment of the method according to the present invention;
图 3是基于本发明移动终端第一实施例结构图;  3 is a structural diagram of a first embodiment of a mobile terminal based on the present invention;
图 4是基于本发明移动终端第二实施例结构图;  4 is a structural diagram of a second embodiment of a mobile terminal based on the present invention;
图 5是基于本发明系统第一实施例结构图;  Figure 5 is a structural view of a first embodiment of the system based on the present invention;
图 6是基于本发明系统第二实施例结构图;  Figure 6 is a structural view of a second embodiment of the system based on the present invention;
图 7是基于本发明系统第三实施例结构图。 具体实施方式 Figure 7 is a block diagram showing a third embodiment of the system based on the present invention. detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清 楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实施例, 而不是 全部的实施例。基于本发明中的实施例, 本领域普通技术人员在没有作出创造 性劳动前提下所获得的所有其他实施例, 都属于本发明保护的范围。  BRIEF DESCRIPTION OF THE DRAWINGS The technical solutions in the embodiments of the present invention will be described in detail below with reference to the accompanying drawings. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative work are within the scope of the present invention.
首先对本发明实施例实现一种移动终端与用户身份识别卡锁定的方法进 行说明, 该方法包括: 移动终端首次开机时, 匹配用户身份识别卡中的缺省的 个人识别码与保存在所述移动终端的缺省的个人识别码, 若两者相同, 则开机 成功; 开机成功后, 生成新的个人识别码, 并以所述新的个人识别码分别更新 移动终端及用户识别卡中的缺省的个人识别码。 需要说明的是, 本发明实施例 所述的移动终端可以为手机或数据卡, 为了叙述方便, 下面的实施例均以手机 为例对具体方案进行描述。  First, a method for locking a mobile terminal and a user identification card is described in the embodiment of the present invention. The method includes: when the mobile terminal is powered on for the first time, matching a default personal identification code in the user identification card and saving in the mobile The default personal identification code of the terminal, if the two are the same, the booting is successful; after the booting is successful, a new personal identification code is generated, and the default in the mobile terminal and the user identification card is updated respectively by using the new personal identification code. Personal identification number. It should be noted that the mobile terminal in the embodiment of the present invention may be a mobile phone or a data card. For convenience of description, the following embodiments all describe a specific solution by using a mobile phone as an example.
下面结合附图, 对本发明的实施例进行详细描述。  The embodiments of the present invention are described in detail below with reference to the accompanying drawings.
方法实施例一:  Method embodiment one:
参见图 1 , 该图为基于本发明方法第一实施例的流程图。  Referring to Figure 1, this figure is a flow chart based on a first embodiment of the method of the present invention.
本发明一种移动终端与用户身份识别卡锁定的方法第一实施例包括以下 步骤:  A first embodiment of a method for locking a mobile terminal and a user identification card according to the present invention comprises the following steps:
S101 : 手机首次开机时, 如果匹配到 SIM卡中缺省的 PIN码与保存在手 机的嵌入式文件(EFS, Embedded File System )中的缺省 PIN码相同, 则开机 成功。  S101: When the mobile phone is turned on for the first time, if the default PIN code matched to the SIM card is the same as the default PIN code stored in the embedded file (EFS, Embedded File System) of the mobile phone, the boot is successful.
当 SIM卡中的 PIN码与手机的 EFS中保存的缺省 PIN码不相同时, 直接 关机, 手机无法启动。  When the PIN code in the SIM card is different from the default PIN code stored in the EFS of the mobile phone, the phone will not be activated if it is directly turned off.
需要说明的是, 所述手机中的 PIN码可以不保存在 EFS中, 也可以保存 在手机的其他文件中。  It should be noted that the PIN code in the mobile phone may not be saved in the EFS, or may be saved in other files of the mobile phone.
S102: 手机开机成功后, 生成一个新的 PIN码。  S102: After the mobile phone is successfully booted, a new PIN code is generated.
S103: 用新的 PIN码更新保存在手机的 EFS中缺省的 PIN, 同时更新保 存在 SIM卡中缺省的 PIN码。  S103: Update the default PIN stored in the EFS of the mobile phone with the new PIN code, and update the default PIN code stored in the SIM card.
新的 PIN码是手机平台随机生成的, 目的是为了实现手机锁定特定的卡, 即实现手机与 SIM—对一的锁定。 手机出厂进行销售时,销售人员可以使用任意一张含有缺省 PIN码的 SIM 卡和手机进行锁定, 当锁定后, 生成的新的 PIN码更新手机和 SIM中原来缺 省的 PIN码, 实现手机锁定该特定的卡。 The new PIN code is randomly generated by the mobile phone platform, and the purpose is to realize the locking of the specific card by the mobile phone, that is, the locking of the mobile phone and the SIM-to-one. When the mobile phone is shipped from the factory, the salesperson can use any SIM card with the default PIN code and the mobile phone to lock. When locked, the generated new PIN code updates the original default PIN code in the mobile phone and SIM to realize the mobile phone. Lock this particular card.
本发明实施例提供的移动终端与用户身份识别卡锁定的方法,将运营商提 供的缺省的 PIN经过加密保存在手机的 EFS中。手机第一次开机时, 匹配 EFS 中的 PIN码与 SIM卡中的 PIN相同时,允许开机。开机后,生成一个新的 PIN 码, 新的 PIN更新 EFS中 SIM卡中的 PIN码。 以后手机开机时, 验证手机的 EFS中的 PIN码和 SIM卡中的 PIN码相同时, 允许开机; 不同时, 不允许开 机, 从而通过 PIN码实现机卡互锁。  The method for locking the mobile terminal and the user identification card provided by the embodiment of the present invention encrypts the default PIN provided by the operator in the EFS of the mobile phone. When the phone is turned on for the first time, it is allowed to boot when the PIN code in the matching EFS is the same as the PIN in the SIM card. After booting up, a new PIN code is generated and the new PIN updates the PIN code in the SIM card in EFS. When the mobile phone is turned on later, when the PIN code in the EFS of the mobile phone is verified to be the same as the PIN code in the SIM card, the booting is allowed; at the same time, the opening is not allowed, thereby realizing the interlocking of the card through the PIN code.
本发明实施例所述机卡互锁实现了锁定一张特定的卡,运营商可以通过手 机与卡的这种特定互锁实现某种特殊业务, 例如推出一些实验手机,特别的资 费等供用户使用。  The interlocking of the machine card in the embodiment of the invention realizes locking a specific card, and the operator can realize a special service through the specific interlock of the mobile phone and the card, for example, launching some experimental mobile phones, special tariffs, etc. for the user. use.
例如, 中国移动推出一个娱乐网站新业务。 用户使用这个娱乐网站可以免 费获得手机。这个手机上预制了这个娱乐网站的连接。 为了鼓励用户使用这个 娱乐网站, 这个 SIM卡的上网流量费用是特别优惠的, 因此, 中国移动不希 望其他手机使用这个 SIM卡。 这样, 中国移动就需要将这个手机锁定这个特 定的 SIM卡, 该 SIM卡无法拿到其他手机上使用。  For example, China Mobile launched a new business for entertainment websites. Users can use this entertainment website to get a free mobile phone. The connection to this entertainment site is prefabricated on this phone. In order to encourage users to use this entertainment website, the Internet traffic fee of this SIM card is particularly favorable. Therefore, China Mobile does not want other mobile phones to use this SIM card. In this way, China Mobile needs to lock the phone to this specific SIM card, which cannot be used on other mobile phones.
方法实施例二:  Method Embodiment 2:
参见图 2, 该图为基于本发明方法第二实施例流程图。  Referring to Figure 2, there is shown a flow chart of a second embodiment of the method based on the present invention.
S201 : 手机保存运营商经过加密算法加密的缺省 PIN码于 EFS中。  S201: The mobile phone saves the default PIN code encrypted by the operator through the encryption algorithm in the EFS.
将运营商提供的缺省 PIN码经过加密算法保存在手机的 EFS中, 称为缺 省种子 (seed )文件。  The default PIN code provided by the operator is stored in the EFS of the mobile phone through an encryption algorithm, which is called a default seed file.
由于缺省 PIN码使用了加密算法, 因此攻击者无法看到 PIN码的明文,从 而保证了 PIN码的安全。  Since the default PIN code uses an encryption algorithm, the attacker cannot see the plain text of the PIN code, thus ensuring the security of the PIN code.
S202: 手机首次开机时, 解密 EFS中保存的缺省 PIN码, 匹配 SIM卡中 缺省的 PIN码与 EFS中的 PIN码相同时, 开机成功。  S202: When the mobile phone is powered on for the first time, the default PIN code saved in the EFS is decrypted, and the default PIN code in the matching SIM card is the same as the PIN code in the EFS, and the booting is successful.
S203: 手机开机后, 生成一个新的 PIN码。  S203: After the phone is turned on, a new PIN code is generated.
S204: 手机使用加密算法将新的 PIN码加密后, 更新 EFS中缺省的 PIN 码, 同时更新 SIM卡中缺省的 PIN码。 S205: 手机再次开机时, 验证手机的 EFS中保存的 PIN码与 SIM中保存 的 PIN相同时, 开机成功, 反之, 开机失败。 S204: After encrypting the new PIN code by using the encryption algorithm, the mobile phone updates the default PIN code in the EFS and updates the default PIN code in the SIM card. S205: When the mobile phone is turned on again, when the PIN code stored in the EFS of the mobile phone is verified to be the same as the PIN code saved in the SIM, the booting is successful, and vice versa, the booting fails.
需要说明的是, 手机中保存的 PIN码均经过加密保存, 因此, 手机匹配 EFS中的 PIN码与 SIM卡中的 PIN码是否相同时, 首先要解密 EFS中保存的 PIN码。  It should be noted that the PIN code stored in the mobile phone is encrypted and saved. Therefore, when the PIN code in the EFS matching phone is the same as the PIN code in the SIM card, the PIN code saved in the EFS is first decrypted.
由于手机已经与 SIM卡进行了互锁,所以如果手机中保存的 PIN码与 SIM 卡中保存的 PIN码不相同, 则不允许开机使用。  Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
所述经过互锁的手机里面不含有用户修改 PIN码的界面以及与 PIN码有关 的界面。 手机里的 PIN码对用户是不可见的。 有些需要 PIN的手机安全功能 则直接进入, 不需要提示用户输入 PIN码。 本发明实施例还提供了一种移动终端。 需要说明的是, 本发明实施例所述 的移动终端可以为手机或数据卡, 为了叙述方便, 下面的实施例均以手机为例 对具体方案进行描述。  The interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code. The PIN code on the phone is not visible to the user. Some mobile phone security features that require a PIN are accessed directly, without prompting the user to enter a PIN. The embodiment of the invention further provides a mobile terminal. It should be noted that the mobile terminal in the embodiment of the present invention may be a mobile phone or a data card. For convenience of description, the following embodiments all use a mobile phone as an example to describe a specific solution.
移动终端实施例一:  Mobile terminal embodiment 1:
参见图 3 , 该图为基于本发明移动终端第一实施例结构图。  Referring to FIG. 3, this figure is a structural diagram of a first embodiment of a mobile terminal based on the present invention.
本发明提供的一种移动终端包括匹配单元 301、 生成单元 302和更新单元 A mobile terminal provided by the present invention includes a matching unit 301, a generating unit 302, and an updating unit.
303。 303.
所述匹配单元 301 , 用于手机首次开机时, 匹配 SIM卡中缺省的 PIN码 与保存在手机的 EFS中缺省的 PIN码相同时,开机成功; 当 SIM卡中的 PIN 码与手机的 EFS中保存的缺省 PIN码不相同时, 直接关机, 手机无法启动。  The matching unit 301 is configured to: when the mobile phone is first turned on, the default PIN code in the matching SIM card is the same as the default PIN code stored in the EFS of the mobile phone, and the booting succeeds; when the PIN code in the SIM card is related to the mobile phone When the default PIN code saved in EFS is different, it will be shut down directly and the phone will not start.
所述生成单元 302, 用于手机开机成功后, 生成一个新的 PIN码。  The generating unit 302 is configured to generate a new PIN code after the mobile phone is successfully booted.
所述更新单元 303 , 用于用新的 PIN码更新手机的 EFS中缺省的 PIN码; 同时更新用户身份鉴别模件卡缺省的 PIN码。  The updating unit 303 is configured to update the default PIN code in the EFS of the mobile phone with the new PIN code; and update the default PIN code of the user identity authentication module card at the same time.
所述新的 PIN码是随机生成的, 目的是为了实现手机锁定特定的卡。 手机 出厂进行销售时, 销售人员可以使用任意一张含有缺省 PIN码的 SIM卡和手 机进行锁定, 当锁定后,生成的新的 PIN码经过加密算法和解密算法保存在手 机和 SIM中, 更新原来缺省的 PIN码, 实现手机锁定该特定的卡。  The new PIN code is randomly generated in order to enable the handset to lock a particular card. When the mobile phone is shipped from the factory, the salesperson can use any SIM card with the default PIN code and the mobile phone to lock. When locked, the generated new PIN code is saved in the mobile phone and SIM through the encryption algorithm and decryption algorithm, and updated. The original default PIN code enables the phone to lock the particular card.
本发明实施例提供的移动终端,将运营商提供的缺省的 PIN经过加密保存 在手机的 EFS中。 手机首次开机时, 匹配 EFS中的 PIN码与 SIM卡中的 PIN 相同时, 开机成功。 开机成功后, 生成一个新的 PIN码, 新的 PIN更新 EFS 中 SIM卡中的 PIN码。 手机再次开机时, 验证手机的 EFS中的 PIN码和 SIM 卡中的 PIN码相同时, 开机成功; 不同时, 开机失败, 从而通过 PIN实现机 卡互锁。 移动终端实施例二: The mobile terminal provided by the embodiment of the present invention encrypts the default PIN provided by the operator. In the EFS of the phone. When the phone is turned on for the first time, the PIN code in the matching EFS is the same as the PIN in the SIM card. After the boot is successful, a new PIN code is generated, and the new PIN updates the PIN code in the SIM card in the EFS. When the mobile phone is turned on again, when the PIN code in the EFS of the mobile phone is verified to be the same as the PIN code in the SIM card, the booting is successful; at the same time, the booting fails, thereby realizing the interlocking of the card through the PIN. Mobile terminal embodiment 2:
参见图 4, 该图为基于本发明移动终端实施例二的结构图。  Referring to FIG. 4, the figure is a structural diagram of Embodiment 2 of a mobile terminal based on the present invention.
本发明设备第二实施例与设备第一实施例的区别是增加了验证单元 401 和拒绝单元 402。  The second embodiment of the apparatus of the present invention differs from the first embodiment of the apparatus in that a verification unit 401 and a rejection unit 402 are added.
验证单元 401 , 用于手机再次开机时, 验证手机的嵌入式文件系统中保存 的个人识别码与用户身份鉴别模件卡中保存的个人识别码相同时, 开机成功, 反之, 开机失败。  The verification unit 401 is configured to: when the mobile phone is turned on again, when the personal identification code stored in the embedded file system of the mobile phone is the same as the personal identification code stored in the user identity authentication module card, the booting is successful, and vice versa, the booting fails.
由于手机已经与 SIM卡进行了互锁,所以如果手机中保存的 PIN码与 SIM 卡中保存的 PIN码不相同, 则不允许开机使用。  Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
拒绝单元 402, 用于拒绝用户修改 PIN码。  The reject unit 402 is configured to reject the user to modify the PIN code.
所述经过互锁的手机里面不含有用户修改 PIN码的界面以及与 PIN码有关 的界面。 手机里的 PIN码对用户是不可见的。 有些需要 PIN的手机安全功能 则直接进入, 不需要提示用户输入 PIN码。 本发明实施例还提供了一种移动终端与用户身份识别卡锁定的系统。本发 明实施例所述系统包括移动终端和用户身份识别卡。 需要说明的是, 本发明实 施例所述的移动终端可以为手机或数据卡, 为了叙述方便, 下面的实施例均以 手机为例对具体方案进行描述。  The interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code. The PIN code on the phone is not visible to the user. Some mobile phone security features that require a PIN are accessed directly, without prompting the user to enter a PIN. The embodiment of the invention further provides a system for locking a mobile terminal and a user identification card. The system of the embodiments of the present invention includes a mobile terminal and a subscriber identity card. It should be noted that the mobile terminal according to the embodiment of the present invention may be a mobile phone or a data card. For convenience of description, the following embodiments all describe a specific solution by using a mobile phone as an example.
系统实施例一:  System embodiment one:
参见图 5 , 该图为基于本发明系统第一实施例结构图。  Referring to Figure 5, there is shown a block diagram of a first embodiment of a system based on the present invention.
本发明系统第一实施例包括手机 501和 SIM卡 502。  The first embodiment of the system of the present invention includes a handset 501 and a SIM card 502.
所述手机 501 , 用于保存运营商提供的缺省 PIN码至自身中。  The mobile phone 501 is configured to save the default PIN code provided by the operator to itself.
例如, 所述 PIN码可以保存在手机的 EFS中。 运营商提供的缺省 PIN码可以经过加密算法保存在手机 501的 EFS中, 称为缺省种子(seed )文件。 由于缺省 PIN码使用了加密算法, 因此攻击者无 法看到 PIN码的明文, 从而保证了 PIN码的安全。 For example, the PIN code can be saved in the EFS of the mobile phone. The default PIN code provided by the operator can be stored in the EFS of the mobile phone 501 by an encryption algorithm, which is called a default seed file. Since the default PIN code uses an encryption algorithm, the attacker cannot see the plaintext of the PIN code, thereby ensuring the security of the PIN code.
手机 501首次开机时,匹配 SIM卡 502中缺省的 PIN码与保存在手机 501 的 EFS中缺省的 PIN码相同时, 开机成功。 当 SIM卡 502中的 PIN码与手机 501的 EFS中保存的缺省 PIN码不相同时, 直接关机, 手机 501无法启动。  When the mobile phone 501 is turned on for the first time, the default PIN code in the matching SIM card 502 is the same as the default PIN code stored in the EFS of the mobile phone 501, and the power is turned on successfully. When the PIN code in the SIM card 502 is different from the default PIN code stored in the EFS of the mobile phone 501, it is directly turned off, and the mobile phone 501 cannot be started.
首次开机成功后,手机 501生成一个新的 PIN码,用生成的新的 PIN码更 新保存在手机 501的 EFS中缺省的 PIN码;同时更新 SIM卡 502中的缺省 PIN 码。  After the first boot is successful, the mobile phone 501 generates a new PIN code, updates the default PIN code stored in the EFS of the mobile phone 501 with the generated new PIN code, and updates the default PIN code in the SIM card 502.
手机再次开机时, 手机 501验证 EFS中保存的 PIN码与 SIM卡 502中保 存的 PIN码相同时, 开机成功, 反之, 开机失败。  When the mobile phone is turned on again, the mobile phone 501 verifies that the PIN code stored in the EFS is the same as the PIN code saved in the SIM card 502, and the booting succeeds, otherwise, the boot fails.
所述新的 PIN码是手机 501平台随机生成的, 目的是为了实现手机锁定特 定的 SIM卡 502。  The new PIN code is randomly generated by the mobile phone 501 platform, and the purpose is to enable the mobile phone to lock a specific SIM card 502.
需要说明的是, 手机可以拒绝用户修改 PIN码。  It should be noted that the mobile phone can refuse the user to modify the PIN code.
手机出厂进行销售时,销售人员可以使用任意一张含有缺省 PIN码的 SIM 卡和手机进行锁定, 当锁定后,生成的新的 PIN码经过加密算法保存在手机和 SIM中, 更新原来缺省的 PIN码, 实现手机锁定该特定的卡。  When the mobile phone is shipped from the factory, the salesperson can use any SIM card with the default PIN code and the mobile phone to lock. When locked, the generated new PIN code is saved in the mobile phone and SIM through the encryption algorithm, and the original default is updated. The PIN code that enables the phone to lock the particular card.
本发明实施例提供的移动终端与用户身份识别卡锁定的系统,将运营商提 供的缺省的 PIN经过加密保存在手机 501的 EFS中。 手机 501首次开机时, 匹配 EFS中的 PIN码与 SIM卡 502中的 PIN相同时,开机成功。开机成功后, 手机 501生成一个新的 PIN码,新的 PIN更新 EFS中 SIM卡 502中的 PIN码。 手机再次开机时, 验证手机 501的 EFS中的 PIN码和 SIM卡 502中的 PIN码 相同时, 开机成功; 不同时, 开机失败, 从而通过 PIN码实现机卡互锁。  The system for locking the mobile terminal and the user identification card provided by the embodiment of the present invention encrypts the default PIN provided by the operator in the EFS of the mobile phone 501. When the mobile phone 501 is turned on for the first time, the PIN code in the matching EFS is the same as the PIN in the SIM card 502, and the power is turned on successfully. After the boot is successful, the mobile phone 501 generates a new PIN code, and the new PIN updates the PIN code in the SIM card 502 in the EFS. When the mobile phone is turned on again, when the PIN code in the EFS of the mobile phone 501 is verified to be the same as the PIN code in the SIM card 502, the power-on is successful; at the same time, the power-on fails, thereby realizing the interlocking of the machine card through the PIN code.
所述经过互锁的手机 501里面不含有用户修改 PIN码的界面以及与 PIN码 有关的界面。 手机里的 PIN码对用户是不可见的。 有些需要 PIN的手机安全 功能则直接进入, 不需要提示用户输入 PIN码。  The interlocked mobile phone 501 does not include an interface for the user to modify the PIN code and an interface related to the PIN code. The PIN code on the phone is not visible to the user. Some mobile phone security features that require a PIN are accessed directly, without prompting the user for a PIN.
需要说明的是,所述手机 501可以包含上述移动终端实施例一或移动终端 实施例二所述的移动终端。 系统实施例二: It should be noted that the mobile phone 501 may include the mobile terminal according to Embodiment 1 of the foregoing mobile terminal or Embodiment 2 of the mobile terminal. System Embodiment 2:
参见图 6, 该图为基于本发明系统第二实施例结构图。  Referring to Figure 6, this figure is a block diagram of a second embodiment of a system based on the present invention.
本实施例中手机 501包括匹配单元 301、 生成单元 302和更新单元 303。 所述匹配单元 301 , 用于手机首次开机时, 匹配 SIM卡中缺省的 PIN码 与保存在手机的 EFS中缺省的 PIN码相同时,开机成功; 当 SIM卡中的 PIN 码与手机的 EFS中保存的缺省 PIN码不相同时, 直接关机, 手机无法启动。  The mobile phone 501 in this embodiment includes a matching unit 301, a generating unit 302, and an updating unit 303. The matching unit 301 is configured to: when the mobile phone is first turned on, the default PIN code in the matching SIM card is the same as the default PIN code stored in the EFS of the mobile phone, and the booting succeeds; when the PIN code in the SIM card is related to the mobile phone When the default PIN code saved in EFS is different, it will be shut down directly and the phone will not start.
所述生成单元 302, 用于手机开机成功后, 生成一个新的 PIN码。  The generating unit 302 is configured to generate a new PIN code after the mobile phone is successfully booted.
所述更新单元 303 , 用于用新的 PIN码更新手机的 EFS中缺省的 PIN码; 同时更新用户身份鉴别模件卡缺省的 PIN码。 系统实施例三:  The updating unit 303 is configured to update the default PIN code in the EFS of the mobile phone with the new PIN code; and update the default PIN code of the user identity authentication module card at the same time. System Embodiment 3:
参见图 7, 该图为基于本发明系统第三实施例结构图。  Referring to Figure 7, there is shown a block diagram of a third embodiment of the system in accordance with the present invention.
本实施例中手机 501增加了验证单元 401和拒绝单元 402。  In this embodiment, the mobile phone 501 adds a verification unit 401 and a rejection unit 402.
验证单元 401 , 用于手机再次开机时, 验证手机的嵌入式文件系统中保存 的个人识别码与用户身份鉴别模件卡中保存的个人识别码相同时, 开机成功, 反之, 开机失败。  The verification unit 401 is configured to: when the mobile phone is turned on again, when the personal identification code stored in the embedded file system of the mobile phone is the same as the personal identification code stored in the user identity authentication module card, the booting is successful, and vice versa, the booting fails.
由于手机已经与 SIM卡进行了互锁,所以如果手机中保存的 PIN码与 SIM 卡中保存的 PIN码不相同, 则不允许开机使用。  Since the mobile phone has been interlocked with the SIM card, if the PIN code stored in the mobile phone is not the same as the PIN code stored in the SIM card, it is not allowed to be powered on.
拒绝单元 402, 用于拒绝用户修改 PIN码。  The reject unit 402 is configured to reject the user to modify the PIN code.
所述经过互锁的手机里面不含有用户修改 PIN码的界面以及与 PIN码有关 的界面。 手机里的 PIN码对用户是不可见的。 有些需要 PIN的手机安全功能 则直接进入, 不需要提示用户输入 PIN码。  The interlocked mobile phone does not include an interface for the user to modify the PIN code and an interface related to the PIN code. The PIN code on the phone is not visible to the user. Some mobile phone security features that require a PIN are accessed directly, without prompting the user to enter a PIN.
综上所述,本发明实施例所提供的一种移动终端与用户身份识别卡锁定的 方法,将运营商提供的缺省的 PIN码经过加密保存在移动终端中。移动终端首 次开机时, 匹配移动终端中缺省的 PIN码与 SIM卡中缺省的 PIN码相同时, 开机成功。 首次开机成功后, 手机生成一个新的 PIN码, 新的 PIN码更新移 动终端中缺省的 PIN码。 同时, 新的 PIN码更新 SIM卡中缺省的 PIN码。 该 SIM卡就是移动终端锁定的特定的卡。 本发明通过验证 PIN码实现移动终端 锁定一张特定的卡,运营商可以通过移动终端与卡的这种特定互锁实现某种特 定业务。 由于 PIN加密保存在 EFS中, 因此攻击者无法看到 PIN码, 从而盗 取 PIN码。 In summary, a method for locking a mobile terminal and a user identity card is provided in the embodiment of the present invention, and the default PIN code provided by the operator is encrypted and stored in the mobile terminal. When the mobile terminal is powered on for the first time, the default PIN code in the matching mobile terminal is the same as the default PIN code in the SIM card, and the power is turned on successfully. After the first boot is successful, the phone generates a new PIN code, and the new PIN code updates the default PIN code in the mobile terminal. At the same time, the new PIN code updates the default PIN code in the SIM card. The SIM card is a specific card that is locked by the mobile terminal. The invention realizes that the mobile terminal locks a specific card by verifying the PIN code, and the operator can realize a certain special through the specific interlock of the mobile terminal and the card. Business. Since the PIN encryption is stored in the EFS, the attacker cannot see the PIN code and steal the PIN code.
本领域普通技术人员可以理解实现上述方法实施方式中的全部或部分步 骤是可以通过程序来指令相关的硬件来完成, 所述的程序可以存储于计算机 可读取存储介质中, 该程序在执行时, 可以包括前述的通信方法各个实施方 式的内容。 这里所称得的存储介质, 如: ROM/RAM、 磁碟、 光盘等。  A person skilled in the art can understand that all or part of the steps in implementing the above method embodiments can be completed by a program instructing related hardware, and the program can be stored in a computer readable storage medium. The content of each embodiment of the aforementioned communication method may be included. The storage medium referred to herein is, for example, a ROM/RAM, a magnetic disk, an optical disk, or the like.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤 是可以通过程序来指令相关的硬件来完成,所述的程序可以存储于一计算机可 读取存储介质中, 该程序在执行时, 包括如下步骤: 移动终端首次开机时, 匹 配用户身份识别卡中的缺省的个人识别码与保存在所述移动终端的缺省的个 人识别码相同时, 开机成功; 开机成功后, 生成新的个人识别码, 并以所述新 的个人识别码分别更新移动终端及用户识别卡中的缺省的个人识别码。  A person skilled in the art can understand that all or part of the steps of implementing the above embodiments can be completed by a program to instruct related hardware, and the program can be stored in a computer readable storage medium, and the program is executed. The method includes the following steps: when the mobile terminal is powered on for the first time, the default personal identification code in the matching user identification card is the same as the default personal identification code stored in the mobile terminal, and the power is successfully turned on; A new personal identification number, and the default personal identification code in the mobile terminal and the user identification card are respectively updated with the new personal identification code.

Claims

权 利 要 求 Rights request
1、 一种移动终端与用户身份识别卡锁定的方法, 其特征在于, 包括: 在移动终端首次开机时,匹配移动终端中缺省的个人识别码与用户身份识 别卡中缺省的个人识别码;  A method for locking a mobile terminal and a user identity card, comprising: matching a default personal identification code in the mobile terminal and a default personal identification code in the user identification card when the mobile terminal is powered on for the first time; ;
5 当移动终端中缺省的个人识别码与用户身份识别卡中缺省的个人识别码 相同时, 移动终端首次开机;  5 When the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time;
首次开机后, 生成新的个人识别码;  After the first boot, generate a new PIN;
将所述移动终端及所述用户身份识别卡中的个人识别码更新为所述新的 个人识别码。  Updating the personal identification code in the mobile terminal and the user identification card to the new personal identification code.
0 2、 根据权利要求 1所述的移动终端与用户身份识别卡锁定的方法, 其特 征在于, 所述方法还包括:  The method for locking a mobile terminal and a user identity card according to claim 1, wherein the method further comprises:
在移动终端再次开机时,验证移动终端中保存的个人识别码与用户身份识 别卡中保存的个人识别码;  When the mobile terminal is powered on again, verify the personal identification code saved in the mobile terminal and the personal identification code stored in the user identification card;
当移动终端中保存的个人识别码与用户身份识别卡中保存的个人识别码 5 相同时, 移动终端再次开机, 否则, 移动终端开机失败。  When the personal identification code stored in the mobile terminal is the same as the personal identification code 5 stored in the user identification card, the mobile terminal is powered on again, otherwise, the mobile terminal fails to boot.
3、 根据权利要求 1或 2所述的移动终端与用户身份识别卡锁定的方法, 其特征在于,所述移动终端中缺省的个人识别码使用加密算法保存在移动终端 的嵌入式文件系统中。  The method for locking a mobile terminal and a user identity card according to claim 1 or 2, wherein the default personal identification code in the mobile terminal is stored in an embedded file system of the mobile terminal using an encryption algorithm. .
4、 根据权利要求 1或 2所述的移动终端与用户身份识别卡锁定的方法, »0 其特征在于,所述新的个人识别码使用加密算法保存在所述移动终端和用户身 份识别卡中。  4. The method for locking a mobile terminal and a user identity card according to claim 1 or 2, characterized in that the new personal identification code is stored in the mobile terminal and the user identification card using an encryption algorithm. .
5、 根据权利要求 1或 2所述的移动终端与用户身份识别卡锁定的方法, 其特征在于, 所述方法还包括所述移动终端上设置拒绝用户修改个人识别码。  The method for locking a mobile terminal and a user identity card according to claim 1 or 2, wherein the method further comprises: setting, on the mobile terminal, rejecting the user to modify the personal identification code.
6、 一种移动终端, 其特征在于, 包括匹配单元、 生成单元和更新单元; »5 所述匹配单元, 用于在移动终端首次开机时, 匹配移动终端中缺省的个人 识别码与用户身份识别卡中缺省的个人识别码;当移动终端中缺省的个人识别 码与用户身份识别卡中缺省的个人识别码相同时, 移动终端首次开机;  A mobile terminal, comprising: a matching unit, a generating unit, and an updating unit; » 5 the matching unit, configured to match a default personal identifier and a user identity in the mobile terminal when the mobile terminal is powered on for the first time Identifying the default personal identification number in the card; when the default personal identification code in the mobile terminal is the same as the default personal identification number in the user identification card, the mobile terminal is powered on for the first time;
所述生成单元, 用于移动终端首次开机后, 生成新的个人识别码; 所述更新单元,用于将移动终端中缺省的个人识别码和用户身份识别卡中 缺省的个人识别码更新为所述新的个人识别码。 The generating unit is configured to generate a new personal identification code after the mobile terminal is powered on for the first time; the updating unit is configured to use a default personal identification code and a user identification card in the mobile terminal. The default PIN is updated to the new PIN.
7、 根据权利要求 6所述的移动终端, 其特征在于, 所述设备还包括验证 单元, 用于在移动终端再次开机时,验证移动终端中保存的个人识别码与用户 身份识别卡中保存的个人识别码;当移动终端中保存的个人识别码与用户身份 识别卡中保存的个人识别码相同时, 移动终端再次开机, 反之, 移动终端开机 失败。  The mobile terminal according to claim 6, wherein the device further comprises a verification unit, configured to verify, when the mobile terminal is powered on again, the personal identification code saved in the mobile terminal and the user identification card saved in the user identity card Personal identification code; when the personal identification code stored in the mobile terminal is the same as the personal identification code stored in the user identification card, the mobile terminal is powered on again, and vice versa, the mobile terminal fails to boot.
8、 根据权利要求 6所述的移动终端, 其特征在于, 所述设备还包括拒绝 修改单元, 用于拒绝用户修改个人识别码。  The mobile terminal according to claim 6, wherein the device further comprises a reject modification unit, configured to reject the user to modify the personal identification code.
9、 一种移动终端与用户身份识别卡锁定的系统, 其特征在于, 包括权利 要求 6至 8任一项所述的移动终端和用户身份识别卡。  A system for locking a mobile terminal and a user identity card, comprising the mobile terminal and the user identity card according to any one of claims 6 to 8.
PCT/CN2009/073208 2008-12-26 2009-08-12 Method, device and system for locking a mobile terminal with a subscriber identity module card WO2010072072A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2008101888217A CN101448261A (en) 2008-12-26 2008-12-26 Method for locking mobile terminal with user identification card, equipment and system
CN200810188821.7 2008-12-26

Publications (1)

Publication Number Publication Date
WO2010072072A1 true WO2010072072A1 (en) 2010-07-01

Family

ID=40743588

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/073208 WO2010072072A1 (en) 2008-12-26 2009-08-12 Method, device and system for locking a mobile terminal with a subscriber identity module card

Country Status (2)

Country Link
CN (1) CN101448261A (en)
WO (1) WO2010072072A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106686573A (en) * 2016-12-14 2017-05-17 深圳普创天信科技发展有限公司 Method of interlocking SIM card with device

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101448261A (en) * 2008-12-26 2009-06-03 深圳华为通信技术有限公司 Method for locking mobile terminal with user identification card, equipment and system
CN101610497B (en) * 2009-07-08 2012-09-26 中兴通讯股份有限公司 Method for implementing phone-card interlock of home gateway and home gateway for implementing phone-card interlock
CN101621790B (en) * 2009-07-08 2012-10-10 中兴通讯股份有限公司 Lock-card locking method and device for wireless communication
CN103002431A (en) * 2011-09-15 2013-03-27 中兴通讯股份有限公司 Method and device for automatic identification of PIN (personal identification number) codes
CN102438221B (en) * 2011-11-01 2018-03-20 康佳集团股份有限公司 The method of self-destruction mobile phone and the mobile phone of self-destroying function is realized during hand-set from stolen
CN103297236B (en) * 2013-05-10 2016-09-14 季亚琴科·安德烈 Subscriber authentication authoring system
JP6828960B2 (en) * 2018-02-28 2021-02-10 Necプラットフォームズ株式会社 Communication devices, management servers, security systems, control methods and programs

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444414A (en) * 2002-03-12 2003-09-24 斯伦贝谢神码(北京)信息技术有限公司 User identification module card, method for activating user identification module card in sky and its system
CN1992939A (en) * 2005-12-30 2007-07-04 中兴通讯股份有限公司 Method of locking user identification card and mobile phone
CN101026834A (en) * 2007-01-17 2007-08-29 中兴通讯股份有限公司 Locking method and unlocking method
CN101163290A (en) * 2006-10-09 2008-04-16 中兴通讯股份有限公司 Method of limiting use of mobile terminal through machine-card mutual authentication
CN101448261A (en) * 2008-12-26 2009-06-03 深圳华为通信技术有限公司 Method for locking mobile terminal with user identification card, equipment and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1444414A (en) * 2002-03-12 2003-09-24 斯伦贝谢神码(北京)信息技术有限公司 User identification module card, method for activating user identification module card in sky and its system
CN1992939A (en) * 2005-12-30 2007-07-04 中兴通讯股份有限公司 Method of locking user identification card and mobile phone
CN101163290A (en) * 2006-10-09 2008-04-16 中兴通讯股份有限公司 Method of limiting use of mobile terminal through machine-card mutual authentication
CN101026834A (en) * 2007-01-17 2007-08-29 中兴通讯股份有限公司 Locking method and unlocking method
CN101448261A (en) * 2008-12-26 2009-06-03 深圳华为通信技术有限公司 Method for locking mobile terminal with user identification card, equipment and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106686573A (en) * 2016-12-14 2017-05-17 深圳普创天信科技发展有限公司 Method of interlocking SIM card with device

Also Published As

Publication number Publication date
CN101448261A (en) 2009-06-03

Similar Documents

Publication Publication Date Title
JP6262278B2 (en) Method and apparatus for storage and computation of access control client
US9843585B2 (en) Methods and apparatus for large scale distribution of electronic access clients
US9788209B2 (en) Apparatus and methods for controlling distribution of electronic access clients
WO2010072072A1 (en) Method, device and system for locking a mobile terminal with a subscriber identity module card
US8984592B1 (en) Enablement of a trusted security zone authentication for remote mobile device management systems and methods
US8966262B2 (en) Methods and apparatus for delivering electronic identification components over a wireless network
US8913992B2 (en) Methods and apparatus for access data recovery from a malfunctioning device
US8756706B2 (en) Method for securing credentials in a remote repository
US8296567B2 (en) System and method for exchanging key generation parameters for secure communications
CA2721890C (en) Method of securely transferring services between mobile devices
US20080003980A1 (en) Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
US8880894B2 (en) Public key infrastructure-based first inserted subscriber identity module subsidy lock
KR20100106471A (en) Method and system for managing a software application on a mobile computing device
CN104205891A (en) Virtual sim card cloud platform
EP2815553B1 (en) Mobile apparatus supporting a plurality of access control clients, and corresponding methods
CA2813765C (en) A method for securing credentials in a remote repository
US20220232387A1 (en) Method for setting up a subscription profile, method for providing a subscription profile, subscriber identity module
CN112805702A (en) Counterfeit APP identification method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09834025

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09834025

Country of ref document: EP

Kind code of ref document: A1