WO2011009315A1 - Method for locking user number by wireless terminal, unlocking method and device thereof - Google Patents

Method for locking user number by wireless terminal, unlocking method and device thereof Download PDF

Info

Publication number
WO2011009315A1
WO2011009315A1 PCT/CN2010/072017 CN2010072017W WO2011009315A1 WO 2011009315 A1 WO2011009315 A1 WO 2011009315A1 CN 2010072017 W CN2010072017 W CN 2010072017W WO 2011009315 A1 WO2011009315 A1 WO 2011009315A1
Authority
WO
WIPO (PCT)
Prior art keywords
wireless terminal
terminal device
user number
imsi
mapping value
Prior art date
Application number
PCT/CN2010/072017
Other languages
French (fr)
Chinese (zh)
Inventor
王科平
车忠辉
宋欣
郑宏涛
胡乐申
段明艳
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2011009315A1 publication Critical patent/WO2011009315A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Definitions

  • the present invention relates to the field of communication security, and in particular, to a method, an unlocking method, and a device for implementing a wireless terminal device to lock a user number. Background technique
  • wireless terminal devices are more customized by operators.
  • the wireless terminals are considered.
  • the binding limit feature of the device is especially important.
  • Typical wireless terminal devices include wireless USB MODEMs, wireless data cards, mobile phones, and the like.
  • MCC Mobile Country Code
  • Mobile Network Code Mobile Network Code
  • the wireless terminal device has a one-to-many relationship with the SIM card. Even if the user loses the wireless terminal device, the wireless terminal device can cooperate with other SIM cards in the network, and the security is obviously not good. To guarantee.
  • the wireless terminal device In order to limit the scope of use of the wireless terminal device, there is also a method of binding the user cell (CELL ID) by the wireless terminal device. This method limits the scope of use of the terminal, and because the binding range is small, the advantage of mobility is lost. Inconvenience to the user. There is also a method of interlocking the machine card, and writing the international mobile device identity (IMEI) number of the device in the SIM card to implement the corresponding relationship between the wireless terminal device and the SIM card, but The lock card mechanism is easy to crack. If the user changes the SIM card, the wireless terminal device must re-lock the operation or it can no longer be used.
  • IMEI international mobile device identity
  • the method of locking the network lock card is performed by the operator to lock all the wireless terminals one by one before the wireless terminal is sold, and the unlocking code and the key, the key and the wireless terminal device are stored.
  • the unlocking code and the wireless terminal device are corresponding relationships, not only the lock network process is cumbersome, but also the security of key storage is not high, and it is easy to leak.
  • the technical problem to be solved by the embodiments of the present invention is as follows:
  • the embodiment of the present invention provides a locking method, an unlocking method, and a device thereof for a user terminal device with high security and convenientness.
  • a method for implementing a wireless terminal device to lock a subscriber number includes:
  • IMSI International Mobile Subscribe Identity
  • the wireless terminal device is allowed to be used.
  • the method of calculating the first mapping value and the second mapping value is: calculating a first mapping value and a second mapping value by using a preset hash algorithm.
  • the method further includes: determining whether the step of storing the encrypted file system EFS file in the wireless terminal device, the mapping value with the IMSI of the SIM card, and the SIM card IMSI;
  • the line terminal device locks with the user number, generates an EFS file and stores it, and allows the wireless terminal device to be used;
  • the locking the wireless terminal device and the user number to generate the EFS file includes: reading the user number pre-assigned to the wireless terminal device and the IMEI of the wireless terminal device stored in the currently inserted SIM card, according to the preset Calculating a mapping value of the user number and the IMEI, and storing the mapping value in a predefined first flag file;
  • Reading the IMSI of the currently inserted SIM card calculating a mapping value of the user number and the IMSI of the SIM card according to a preset hash algorithm, and storing the mapping value of the IMSI in a predefined second flag file; recording the current insertion
  • the IMSI of the SIM card is stored in a predefined third flag file; the first flag file, the second flag file, and the third flag file are set to read-only and non-deletable states.
  • the wireless terminal device When the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number, the wireless terminal device is prohibited from being used;
  • the IMSI in the EFS file stored by the wireless terminal device is used to initiate a registration request to the network to which the wireless terminal device belongs;
  • the network to which the wireless terminal device belongs refuses to register, and the reason for the rejection is that the IMSI is not in the home location register, replacing the IMSI in the third flag file of the EFS file with the IMSI of the currently inserted SIM card;
  • the first mapping value replaces the mapping value of the IMEI and the user number in the first flag file of the EFS file; and the mapping value of the IMSI and the user number in the second flag file of the EFS file is replaced by using the second mapping value, And allowing the wireless terminal device to be used;
  • the allowing the wireless terminal device to be used includes:
  • Adding a revision number indicating the normal use after the descriptor of the predefined port mapped by the wireless terminal device, informing the user interface of the wireless terminal device that the wireless terminal device is allowed to be used; the prohibiting the wireless terminal device being used includes:
  • a revision number indicating the prohibition of use is added after the descriptor of the serial port product identifier and the vendor identifier mapped by the wireless terminal device, thereby informing the user interface of the wireless terminal device that the user terminal is forbidden to use, and closing each port of the wireless terminal device.
  • the preset hash algorithm is an MD5 hash algorithm.
  • a method for unlocking a wireless terminal device includes:
  • mapping value of the IMEI and the user number pre-stored by the wireless terminal device the mapping value of the IMSI and the user number, and the IMSI;
  • a device for implementing a wireless terminal device to lock a user number comprising:
  • a reading unit configured to read an IMEI of the wireless terminal device, a user number pre-assigned to the wireless terminal device stored in the currently inserted SIM card, and an IMSI of the SIM card;
  • a calculating unit configured to calculate a first mapping value between the read user number and the IMEI, and calculate a second mapping value between the read user number and the IMSI;
  • a comparing unit the first mapping value and the second mapping value calculated by the calculating unit, and a mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and a mapping value between the IMSI and the user number respectively Compare;
  • the use/determination unit is allowed/disabled, and when the comparison result of the comparison unit is consistent, the wireless terminal device is allowed to be used.
  • the device further includes: a determining unit, a locking/unlocking determining unit, and a locking unit; the determining unit, configured to determine whether an EFS file, a number and a mapping value of the IMSI of the SIM card are pre-stored in the wireless terminal device Said IMSI of the SIM card;
  • the lock/unlock determination unit is configured to: when the determination result of the determining unit is negative, determine that the wireless terminal device is not locked with the user number; when the determination result of the determining unit is yes, notify the The reading unit performs a reading operation; locks the wireless terminal device with the user number, generates an EFS file, and stores the file;
  • the permission/inhibition use determining unit is further configured to allow the wireless terminal device to be used after the locking unit locks the wireless terminal device with the user number.
  • the locking unit specifically includes:
  • a first generating subunit configured to read a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculate the user number according to a preset hash algorithm And the mapping value of the IMEI, and stored in a predefined first flag file;
  • a second generation subunit configured to read an IMSI of the currently inserted SIM card, calculate a mapping value of the user number and the IMSI according to a preset hash algorithm, and store the second predefined value In the logo file;
  • a third generation subunit configured to record an IMSI of the currently inserted SIM card, and store the IMSI in a predefined third flag file;
  • the setting subunit is configured to set the first flag file, the second flag file, and the third flag file to be read-only and non-deletable.
  • the permission/inhibition use determining unit is further configured to: when the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number, prohibit the wireless terminal device from being used;
  • mapping value is different from the pre-stored mapping value of the IMSI and the user number, using the IMSI in the EFS file stored by the wireless terminal device to initiate a registration request to the network to which the wireless terminal device belongs;
  • the first mapping value replaces a mapping value of an IMEI and a user number in the first flag file of the EFS file; and replacing the mapping between the IMSI and the user number in the second flag file of the EFS file by using the second mapping value Value and allow the wireless terminal device to be used;
  • the wireless terminal device is prohibited from being used if the network to which the wireless terminal device belongs accepts registration, or if the reason for refusal to register is not that the IMSI is not in the home location register.
  • a wireless terminal device unlocking device includes:
  • An obtaining unit configured to obtain an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device
  • a reading unit configured to read a user number in the currently inserted SIM card; the numbers are compared;
  • Unlocking/rejecting the unlocking unit when the comparison result of the comparing unit is consistent, the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the mapping value of the IMSI and the user number of the currently inserted SIM card are deleted. And the IMSI; otherwise, the unlock is denied.
  • Advantages of the embodiments of the present invention include: a method and a device, the IMEI of the wireless terminal device and the user number in the currently inserted SIM card
  • the first mapping value between the first mapping value and the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the second mapping value between the IMSI and the user number of the currently inserted SIM card are stored with the wireless terminal device
  • the mapping between the IMSI and the subscriber number is compared, and the wireless terminal device is allowed to be used only when the comparison results are consistent.
  • the method, the unlocking method and the device for locking the user number of the wireless terminal device provided by the embodiment of the present invention establish a binding relationship between the wireless terminal device and the user number, and even if the user replaces the SIM card, the user number can be kept normal even if the user number is kept unchanged.
  • the implementation flexibility is strong.
  • the locking process is performed in the process of the user using the SIM card, the operator in the prior art is prevented from locking each wireless terminal device one by one before the wireless terminal device is sold, and the entire process does not need to use the secret. Key, so there is no problem of leaking and confidentiality that may result from the key custodian and distribution process.
  • the unlocking method provided by the embodiment of the present invention can be unlocked by verifying the user number locked by the wireless terminal device, deleting the mapping value of the IMEI and the user number stored by the wireless terminal device, the mapping value of the IMSI and the user number, and the IMSI.
  • the unlocking process is also very convenient.
  • the method, the unlocking method and the device are encrypted by an irreversible hash algorithm, and the cracking is difficult and the security is higher.
  • FIG. 2 is a flowchart of a method for unlocking a wireless terminal device according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of an apparatus for implementing a wireless terminal device to lock a user number according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a locking unit according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of an unlocking apparatus of a wireless terminal device according to an embodiment of the present invention.
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A specific implementation manner of a method and apparatus for implementing a wireless terminal device locking user number provided by the present invention will be described in detail below with reference to the accompanying drawings.
  • a method for implementing a method for locking a subscriber number of a wireless terminal device according to an embodiment of the present invention is described in detail.
  • a method for implementing a wireless terminal device to lock a user number is provided in the embodiment of the present invention. Before the wireless terminal device is powered on and enters an initialization state, the following steps are performed:
  • step S111 Determine whether the inserted SIM card is a SIM card for testing. If yes, go to step S111; otherwise, continue to step S103.
  • This step S102 is an optional step.
  • the step S102 is set for the testing needs of the SIM card.
  • the SIM card may be tested before or after the sale, and the MCC and the MNC of the SIM card used in the test and the users in the network may be tested. Differently used SIM cards are different.
  • the SIM card of the SIM card can be judged whether the SIM card belongs to the SIM card for testing, and if it is a SIM card for testing, the wireless terminal device is allowed to be used, and the wireless terminal device subsequently Enter the normal initialization process.
  • step S105 Determine whether an encrypted file system (EFS) file is stored in the wireless terminal device, if yes, determine that the wireless terminal device has locked the user number, and perform step S105; if not, determine the wireless The terminal device does not lock the user number, and step S104 is performed.
  • EFS encrypted file system
  • step S111 Lock the wireless terminal device and the user number, generate an EFS file, and store the file. Then, the process proceeds to step S111.
  • the user number may be allocated by the operator in advance to the SIM card, and specifically, the process of locking and generating the EFS file between the wireless terminal device and the user number is as follows:
  • the mapped value between the values is stored in a predefined first flag file;
  • the IMSI of the currently inserted SIM card is recorded and stored in a predefined third flag file; the first flag file, the second flag file, and the third flag file are set to read-only and non-deletable states.
  • the first flag file, the second flag file, and the third flag file constitute an EFS file.
  • the preset hash algorithm may adopt an MD5 hash algorithm.
  • the MD5 hash algorithm is an irreversible encryption algorithm.
  • the encryption process does not require the use of a key.
  • the plaintext is encrypted to form a ciphertext.
  • the encrypted ciphertext cannot be directly decrypted.
  • the decryption process must be encrypted again by inputting the plaintext. When the results are consistent, the plaintext that is input again can be considered as the plaintext after decryption.
  • the irreversible encryption algorithm is difficult to solve and easy to use, and there is no problem of key storage and distribution.
  • the calculation method adopts a preset hash algorithm, and the preset hash algorithm is adopted in step S104.
  • the algorithm is the same.
  • step S105 The first mapping value calculated in step S105 is sent to the EFS stored by the wireless terminal device, and step S107 is performed. Otherwise, step S112 is performed.
  • the user number in the currently inserted SIM card is the same as the user number locked by the wireless terminal device. Otherwise, it is considered that the user number in the currently inserted SIM does not match the wireless terminal device, and the use of the wireless terminal is prohibited.
  • the calculation method adopts a preset hash algorithm, and the preset hash algorithm is the same as the algorithm used in step S104.
  • step S107 The second mapping value calculated in step S107 is performed with the wireless terminal device to perform step S111. If the two do not match, the following step S109 is performed.
  • step S108 if the two are consistent, it indicates that the currently inserted SIM card and the then two situations occur, one is that the user legally exchanges the card (the user number has not changed, but the SIM card has been replaced), and One is an illegal card of the same number. In order to further distinguish, it is necessary to perform the following step S109.
  • step S112. Use the IMSI stored in the EFS file to initiate a registration request to the network to which the EFS file is stored. If the registration is successful, go to step S112. If the registration is unsuccessful, and the reason for rejecting the registration is that the IMSI is not in the home location register HLR, go to step S110. And step S111; if the registration is unsuccessful, but the reason for refusal of registration is other than the aforementioned "IMSI is not in the home location register", then the process proceeds to step S112.
  • the network refuses to register and the reason for the rejection is that the IMSI is not in the HLR, then the proof The user has legally replaced the SIM card, but the subscriber number in the SIM card is the same as the subscriber number locked by the wireless terminal. If the network accepts registration, or refuses to register for other reasons, it indicates that the SIM card used by the wireless terminal to lock the subscriber number is still valid, and the SIM card currently inserted into the wireless terminal device is an illegal same card.
  • a revision number indicating normal use is added after the descriptor of the predefined port mapped by the wireless terminal device to inform the wireless terminal device of the user interface (User Interface, UI) that the wireless terminal device is allowed to be use.
  • the user interface User Interface, UI
  • the wireless terminal device is prohibited from being used.
  • the binding with the wireless terminal device and the user number is realized, and the operator or the manufacturer does not need to perform the locking operation of the pair of wireless terminal devices one by one.
  • the wireless terminal device is bound to the user number, even if the user legally replaces the SIM card, the binding relationship between the new SIM card and the wireless terminal device can be conveniently realized, and the implementation process is convenient. .
  • the embodiment of the present invention further provides a method for unlocking a wireless terminal device, and wirelessly Insert the SIM card into the terminal device. After booting up, as shown in Figure 2, perform the following steps:
  • the wireless terminal device inputs the user number locked by the wireless terminal according to the prompt of the website by logging in, for example, a website authorized by the operator.
  • the website server downloads the LICENCE file authorized by the operator and carries the user number according to the input user number.
  • step S203 Read the user number in the SIM card inserted by the current wireless terminal device, and compare it with the user number in the LICENCE file. If the two are the same, go to step S203; otherwise, go to step S204.
  • the foregoing steps S202 to S204 may be completed by the wireless terminal downloading corresponding unlocking software from a website authorized by the operator.
  • an embodiment of the present invention further provides a device for implementing a wireless terminal device to lock a subscriber number.
  • the method for solving the problem is similar to the foregoing method for implementing a wireless terminal device to lock a subscriber number.
  • the implementation can refer to the implementation of the method, and the repetitions are not repeated.
  • an apparatus for implementing a wireless terminal device to lock a user number includes:
  • the reading unit 301 is configured to read an IMEI of the wireless terminal device, a user number pre-assigned to the wireless terminal device stored in the currently inserted SIM card, and an IMSI of the SIM card; and a calculating unit 302, configured to calculate and read a first mapping value between the user number and the IMEI, and calculating a second mapping value between the read user number and the IMSI;
  • the comparing unit 303 compares the first mapping value and the second mapping value calculated by the calculating unit 302 with the mapping value of the IMEI and the user number stored in advance by the wireless terminal device, and the mapping values of the IMSI and the user number, respectively;
  • the permission/inhibition use determining unit 304 allows the wireless terminal device to be used when the comparison results of the comparing unit 303 are all the same.
  • An apparatus for implementing a wireless terminal device to lock a subscriber number may further include: a determining unit 305, a lock/unlock determining unit 306, and a locking unit 307;
  • the determining unit 305 is configured to determine whether the mapping value of the encrypted file system number and the SIM card IMSI and the IMSI of the SIM card are pre-stored in the wireless terminal device;
  • the lock/unlock determination unit 306 is configured to: when the determination result is no, determine that the wireless terminal device is not locked with the user number; when the determination result is yes, the notification reading unit 301 performs a read operation; the terminal device and the user The number is locked, the EFS file is generated and stored;
  • the allow/disable use determining unit 304 is further configured to allow the wireless terminal device to be used after the locking unit 307 locks the wireless terminal device with the subscriber number.
  • the locking unit 307 as shown in FIG. 4, specifically includes:
  • a first generating subunit 3071 configured to read a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculate a user number according to a preset hash algorithm.
  • the mapping value of IMEI is stored in a predefined first flag file;
  • the second generation subunit 3072 is configured to read the IMSI of the currently inserted SIM card, calculate a mapping value of the user number and the IMSI according to a preset hash algorithm, and store the predefined second flag. In the file;
  • a third generation subunit 3073 configured to record an IMSI of the currently inserted SIM card, and store the IMSI in a predefined third flag file;
  • the setting subunit 3074 is configured to set the first flag file, the second flag file, and the third flag file to be read-only and non-deletable.
  • the permission/inhibition use determining unit 304 in the apparatus for implementing the wireless terminal device to lock the user number provided by the embodiment of the present invention is further configured to: when the mapping value between the first mapping value and the pre-stored IMEI and the user number is inconsistent, the wireless is prohibited.
  • the terminal device is used;
  • the second mapping value is inconsistent with the pre-stored mapping value of the IMSI and the user number, using the IMSI in the EFS file stored by the wireless terminal device to initiate a registration request to the network to which the wireless network device belongs; if the network to which it belongs refuses to register, and the reason for the rejection If the IMSI is not in the home location register, replace the IMSI in the third flag file of the EFS file with the read IMSI of the currently inserted SIM card; replace the IMEI in the first flag file of the EFS file with the first mapping value. a mapping value with the user number; and replacing the mapping value of the IMSI and the user number in the second flag file of the EFS file with the second mapping value, and allowing the wireless terminal device to be used;
  • the wireless terminal device If the network to which it belongs accepts registration, or if the reason for refusal to register is not that the IMSI is not in the home location register, then the wireless terminal device is prohibited from being used.
  • the embodiment of the present invention further provides a wireless terminal unlocking device, as shown in FIG. 5, including:
  • the obtaining unit 501 is configured to obtain, according to the user number locked by the wireless terminal device, an authorized license LICENCE file carrying the user number;
  • the reading unit 502 is configured to read a user number in the currently inserted SIM card
  • Unlock/reject the unlocking unit 504 when the comparison result is consistent, delete the wireless terminal setting Pre-stored mapping values of IMEI and user numbers, mapping values of IMSI and user numbers, and IMSI; otherwise, unlocking is denied.
  • the method the first mapping value between the IMEI of the wireless terminal device and the user number in the currently inserted SIM card is compared with the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the currently inserted.
  • the second mapping value between the IMSI and the subscriber number of the SIM card is compared with the mapping value between the IMSI and the subscriber number stored by the wireless terminal device, and the wireless terminal device is allowed to be used only when the comparison results are consistent.
  • the method, the unlocking method and the device for implementing the wireless terminal device locking the user number established a binding relationship between the wireless terminal device and the user number, and even if the user replaces the SIM card, the user number can still be maintained
  • the wireless terminal device is normally used, and the implementation is flexible. And because the locking process is performed in the process of the user using the SIM card, the operator in the prior art is prevented from locking each wireless terminal device one by one before the wireless terminal device is sold, and the entire process does not need to use the secret. Key, so there is no problem of leaking and confidentiality that may result from the key custodian and distribution process.
  • the certificate can be unlocked by deleting the mapped value of the stored IMEI and the user number, the mapping value of the IMSI and the user number, and the IMSI.
  • the unlocking process is also very convenient.
  • the method, the unlocking method and the device are encrypted by an irreversible hash algorithm, and the cracking is difficult and the security is higher.
  • the spirit and scope of the invention Thus, it is intended that the present invention cover the modifications and the modifications of the invention

Abstract

A method for locking a user terminal by a wireless terminal device, unlocking method and device thereof are provided. The locking method includes reading the international mobile equipment identity (IMEI) of the wireless terminal device and the pre-assigned user number of the wireless terminal device stored in the current inserted subscriber identity module(SIM) card; calculating a first map value between the IMEI and the user number; reading the international mobile subscriber identity (IMSI) in the SIM, and calculating a second map value between the user number and the IMSI; comparing the calculated first map value and the second map value with the pre-stored map value of the IMEI and the user number and the map value of the IMSI and the user number in the wireless terminal respectively; allowing the wireless terminal device to be used when the results of the comparison are consistent. The method for locking the user number by the wireless terminal device, unlocking method and device can bind the wireless terminal with the user number, and have high security and facility.

Description

无线终端锁定用户号码的方法、 解锁方法及设备 技术领域  Method, unlocking method and device for locking user number of wireless terminal
本发明涉及通信安全领域, 尤其涉及一种实现无线终端设备锁定用户 号码的方法、 解锁方法及其装置。 背景技术  The present invention relates to the field of communication security, and in particular, to a method, an unlocking method, and a device for implementing a wireless terminal device to lock a user number. Background technique
随着 3G网络在全球的普及以及运营商之间竟争的加剧,无线终端设备 ( Wireless Terminal Device )较多地由运营商定制, 出于运营商的需求以及 用户使用安全等考虑, 对无线终端设备的绑定限制功能就显得尤为重要。  With the popularity of 3G networks around the world and the intensification of competition among operators, wireless terminal devices are more customized by operators. For the needs of operators and users, the wireless terminals are considered. The binding limit feature of the device is especially important.
典型的无线终端设备有无线 USB MODEM、 无线数据卡、 手机等。 为 了实现对无线终端设备的使用绑定限制, 一般采用如下方式: 锁网的方式, 使用无线终端设备绑定移动国家码( Mobile Country Code, 以下筒称 MCC ) 和移动网络码(Mobile Network Code, 以下筒称 MNC ), 此无线终端设备 与 SIM卡是一对多的关系, 即使用户丟失了该无线终端设备后, 此无线终 端设备还可以配合网内其他的 SIM卡使用, 安全性显然得不到保证。  Typical wireless terminal devices include wireless USB MODEMs, wireless data cards, mobile phones, and the like. In order to implement the binding restrictions on the use of wireless terminal devices, the following methods are generally used: In the manner of locking the network, the mobile country code (Mobile Country Code, MCC) and the mobile network code (Mobile Network Code) are bound using the wireless terminal device. The following cartridge is called MNC. The wireless terminal device has a one-to-many relationship with the SIM card. Even if the user loses the wireless terminal device, the wireless terminal device can cooperate with other SIM cards in the network, and the security is obviously not good. To guarantee.
为了限制无线终端设备的使用范围, 还有采用无线终端设备绑定用户 小区(CELL ID )的方法, 此方法限制终端的使用范围, 由于绑定的范围比 较小, 失去了移动性的优点, 会给用户带来不便。 还有一种做法, 即机卡 互锁的方法, 在 SIM 卡中写入设备的国际移动设备身份码 ( International Mobile Equipment Identity, IMEI ) 号来实现无线终端设备与 SIM卡——对 应的关系, 但锁卡机制筒单易破解, 如果用户换了 SIM卡, 该无线终端设 备必须重新进行加锁的操作否则就不能再使用。  In order to limit the scope of use of the wireless terminal device, there is also a method of binding the user cell (CELL ID) by the wireless terminal device. This method limits the scope of use of the terminal, and because the binding range is small, the advantage of mobility is lost. Inconvenience to the user. There is also a method of interlocking the machine card, and writing the international mobile device identity (IMEI) number of the device in the SIM card to implement the corresponding relationship between the wireless terminal device and the SIM card, but The lock card mechanism is easy to crack. If the user changes the SIM card, the wireless terminal device must re-lock the operation or it can no longer be used.
还有的锁网锁卡的方法在无线终端售出前由运营商对所有的无线终端 都逐一进行加锁操作, 并且在无线终端设备中存储解锁码和密钥, 密钥和 解锁码和无线终端设备为——对应的关系, 不仅锁网过程比较繁瑣, 而且 密钥保管的安全性也不高, 容易泄密。 In addition, the method of locking the network lock card is performed by the operator to lock all the wireless terminals one by one before the wireless terminal is sold, and the unlocking code and the key, the key and the wireless terminal device are stored. The unlocking code and the wireless terminal device are corresponding relationships, not only the lock network process is cumbersome, but also the security of key storage is not high, and it is easy to leak.
上述方法或存在使用方法繁瑣, 不方便, 或存在容易破解安全性不高 的问题。 发明内容  The above method or the use method is cumbersome, inconvenient, or has the problem that the security is not easy to crack. Summary of the invention
本发明实施例所解决的技术问题在于: 本发明实施例提供了一种安全 性高、 筒单方便的用户终端设备的锁定方法、 解锁方法及其装置。  The technical problem to be solved by the embodiments of the present invention is as follows: The embodiment of the present invention provides a locking method, an unlocking method, and a device thereof for a user terminal device with high security and convenientness.
为了解决上述技术问题, 本发明的技术方案是这样实现的:  In order to solve the above technical problem, the technical solution of the present invention is implemented as follows:
一种实现无线终端设备锁定用户号码的方法, 包括:  A method for implementing a wireless terminal device to lock a subscriber number includes:
读取无线终端设备的 IMEI,以及当前插入的 SIM卡中存储的预先分配 给该无线终端设备的用户号码; 计算两者之间的第一映射值;  Reading an IMEI of the wireless terminal device, and a user number pre-assigned to the wireless terminal device stored in the currently inserted SIM card; calculating a first mapping value between the two;
读取所述 SIM卡的国际移动用户标识号( International Mobile Subscribe Identity, IMSI ) , 计算所述用户号码与所述 SIM卡的 IMSI之间的第二映射 值;  Reading an International Mobile Subscribe Identity (IMSI) of the SIM card, and calculating a second mapping value between the user number and an IMSI of the SIM card;
将计算出的第一映射值和第二映射值, 分别同所述无线终端设备预先 存储的 IMEI与用户号码的映射值、 以及 IMSI与用户号码的映射值分别进 行比较;  And comparing the calculated first mapping value and the second mapping value with the mapping value of the IMEI and the user number stored in advance by the wireless terminal device, and the mapping values of the IMSI and the user number, respectively;
当比较的结果都一致时, 允许该无线终端设备被使用。  When the results of the comparison are the same, the wireless terminal device is allowed to be used.
计算所述第一映射值和第二映射值的方法为: 使用预设的哈希算法计 算第一映射值和第二映射值。  The method of calculating the first mapping value and the second mapping value is: calculating a first mapping value and a second mapping value by using a preset hash algorithm.
在读取无线终端设备的 IMEI和 SIM卡中的用户号码之前, 该方法还 包括:判断无线终端设备中是否预先存储有加密文件系统 EFS文件的步骤, 与 SIM卡的 IMSI的映射值以及 SIM卡的 IMSI;  Before reading the IMEI of the wireless terminal device and the user number in the SIM card, the method further includes: determining whether the step of storing the encrypted file system EFS file in the wireless terminal device, the mapping value with the IMSI of the SIM card, and the SIM card IMSI;
当判断结果为否时, 确定无线终端设备未与所述用户号码锁定; 将无 线终端设备与所述用户号码进行锁定, 生成 EFS文件并存储, 允许该无线 终端设备被使用; When the determination result is no, it is determined that the wireless terminal device is not locked with the user number; The line terminal device locks with the user number, generates an EFS file and stores it, and allows the wireless terminal device to be used;
当判断结果为是时, 确定无线终端设备已与所述用户号码锁定, 转向 所述读取无线终端设备的 IMEI和 SIM卡中的用户号码的步骤。  When the result of the determination is YES, it is determined that the wireless terminal device has been locked with the subscriber number, and the step of reading the subscriber number in the IMEI and SIM card of the wireless terminal device is turned.
所述将无线终端设备与用户号码锁定, 生成 EFS文件, 包括: 读取当前插入的 SIM卡中存储的预先分配给该无线终端设备的用户号 码和该无线终端设备的 IMEI, 根据预设的哈希算法, 计算出所述用户号码 和所述 IMEI的映射值, 并存入预先定义的第一标志文件中;  The locking the wireless terminal device and the user number to generate the EFS file includes: reading the user number pre-assigned to the wireless terminal device and the IMEI of the wireless terminal device stored in the currently inserted SIM card, according to the preset Calculating a mapping value of the user number and the IMEI, and storing the mapping value in a predefined first flag file;
读取当前插入的 SIM卡的 IMSI, 根据预设的哈希算法, 计算出所述用 户号码和所述 SIM卡的 IMSI的映射值,并存入预先定义的第二标志文件中; 记录当前插入的 SIM卡的 IMSI, 存入预先定义的第三标志文件中; 设置第一标志文件、 第二标志文件和第三标志文件为只读和不可删除 状态。  Reading the IMSI of the currently inserted SIM card, calculating a mapping value of the user number and the IMSI of the SIM card according to a preset hash algorithm, and storing the mapping value of the IMSI in a predefined second flag file; recording the current insertion The IMSI of the SIM card is stored in a predefined third flag file; the first flag file, the second flag file, and the third flag file are set to read-only and non-deletable states.
当所述第一映射值同预先存储的 IMEI与用户号码的映射值不一致时, 禁止该无线终端设备被使用;  When the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number, the wireless terminal device is prohibited from being used;
当所述第二映射值同预先存储的 IMSI与用户号码的映射值不一致时, 使用无线终端设备存储的 EFS文件中的 IMSI, 向该无线终端设备所属网络 发起注册请求;  When the second mapping value is different from the pre-stored mapping value of the IMSI and the user number, the IMSI in the EFS file stored by the wireless terminal device is used to initiate a registration request to the network to which the wireless terminal device belongs;
若所述无线终端设备所属网络拒绝注册,且拒绝理由为所述 IMSI不在 归属位置寄存器中, 则使用当前插入的 SIM卡的 IMSI替换所述 EFS文件 的第三标志文件中的 IMSI; 使用所述第一映射值替换所述 EFS文件的第一 标志文件中 IMEI与用户号码的映射值; 以及使用所述第二映射值替换所述 EFS文件的第二标志文件中 IMSI与用户号码的映射值, 并允许该无线终端 设备被使用;  If the network to which the wireless terminal device belongs refuses to register, and the reason for the rejection is that the IMSI is not in the home location register, replacing the IMSI in the third flag file of the EFS file with the IMSI of the currently inserted SIM card; The first mapping value replaces the mapping value of the IMEI and the user number in the first flag file of the EFS file; and the mapping value of the IMSI and the user number in the second flag file of the EFS file is replaced by using the second mapping value, And allowing the wireless terminal device to be used;
若所述无线终端设备所属网络接受注册, 或者拒绝注册理由非所述 IMSI不在归属位置寄存器中, 则禁止该无线终端设备被使用。 所述允许无线终端设备被使用, 包括: If the network to which the wireless terminal device belongs is accepted for registration, or the reason for refusing to register is not the If the IMSI is not in the home location register, the wireless terminal device is prohibited from being used. The allowing the wireless terminal device to be used includes:
在无线终端设备映射的预定义端口的描述符之后添加指示正常使用的 修订数, 告知该无线终端设备的用户接口该无线终端设备允许被使用; 所述禁止无线终端设备被使用, 包括:  Adding a revision number indicating the normal use after the descriptor of the predefined port mapped by the wireless terminal device, informing the user interface of the wireless terminal device that the wireless terminal device is allowed to be used; the prohibiting the wireless terminal device being used includes:
在无线终端设备映射的串口产品标识和厂商标识的描述符之后添加指 示禁止使用的修订数, 以此告知该无线终端设备的用户接口该用户终端禁 止使用, 以及封闭该无线终端设备的各端口。  A revision number indicating the prohibition of use is added after the descriptor of the serial port product identifier and the vendor identifier mapped by the wireless terminal device, thereby informing the user interface of the wireless terminal device that the user terminal is forbidden to use, and closing each port of the wireless terminal device.
所述预设的哈希算法为 MD5哈希算法。  The preset hash algorithm is an MD5 hash algorithm.
一种无线终端设备解锁的方法, 包括:  A method for unlocking a wireless terminal device includes:
根据无线终端设备锁定的用户号码, 获取授权的携带有用户号码的许 可证 LICENCE文件;  Obtaining an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device;
读取当前插入的 SIM 卡中的用户号码, 并将该用户号码与所述 LICENCE文件中的用户号码相比较;  Reading the user number in the currently inserted SIM card and comparing the user number with the user number in the LICENCE file;
当两者一致时,删除所述无线终端设备预先存储的 IMEI与用户号码的 映射值、 IMSI与用户号码的映射值以及 IMSI;  When the two are consistent, deleting the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, the mapping value of the IMSI and the user number, and the IMSI;
当两者不一致时, 拒绝解锁。  When the two are inconsistent, the unlock is denied.
一种实现无线终端设备锁定用户号码的装置, 包括:  A device for implementing a wireless terminal device to lock a user number, comprising:
读取单元, 用于读取无线终端设备的 IMEI、 当前插入的 SIM卡中存储 的预先分配给该无线终端设备的用户号码以及所述 SIM卡的 IMSI;  a reading unit, configured to read an IMEI of the wireless terminal device, a user number pre-assigned to the wireless terminal device stored in the currently inserted SIM card, and an IMSI of the SIM card;
计算单元,用于计算读取的所述用户号码与所述 IMEI之间的第一映射 值, 以及计算读取的所述用户号码和所述 IMSI之间的第二映射值;  a calculating unit, configured to calculate a first mapping value between the read user number and the IMEI, and calculate a second mapping value between the read user number and the IMSI;
比较单元, 将所述计算单元计算出的第一映射值和第二映射值, 与所 述无线终端设备预先存储的 IMEI与所述用户号码的映射值以及 IMSI与所 述用户号码的映射值分别进行比较; 允许 /禁止使用确定单元, 当所述比较单元的比较结果都一致时, 允许 该无线终端设备被使用。 a comparing unit, the first mapping value and the second mapping value calculated by the calculating unit, and a mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and a mapping value between the IMSI and the user number respectively Compare; The use/determination unit is allowed/disabled, and when the comparison result of the comparison unit is consistent, the wireless terminal device is allowed to be used.
该装置还包括: 判断单元、 锁定 /未锁定确定单元和锁定单元; 所述判断单元, 用于判断无线终端设备中是否预先存储有 EFS文件, 号码与所述 SIM卡的 IMSI的映射值以及所述 SIM卡的 IMSI;  The device further includes: a determining unit, a locking/unlocking determining unit, and a locking unit; the determining unit, configured to determine whether an EFS file, a number and a mapping value of the IMSI of the SIM card are pre-stored in the wireless terminal device Said IMSI of the SIM card;
所述锁定 /未锁定确定单元, 用于当所述判断单元的判断结果为否时, 确定该无线终端设备未与所述用户号码锁定; 当所述判断单元的判断结果 为是时, 通知所述读取单元执行读取操作; 将无线终端设备与所述用户号码进行锁定, 生成 EFS文件并存储;  The lock/unlock determination unit is configured to: when the determination result of the determining unit is negative, determine that the wireless terminal device is not locked with the user number; when the determination result of the determining unit is yes, notify the The reading unit performs a reading operation; locks the wireless terminal device with the user number, generates an EFS file, and stores the file;
所述允许 /禁止使用确定单元, 还用于在锁定单元将无线终端设备与所 述用户号码进行锁定后, 允许该无线终端设备被使用。  The permission/inhibition use determining unit is further configured to allow the wireless terminal device to be used after the locking unit locks the wireless terminal device with the user number.
所述锁定单元, 具体包括:  The locking unit specifically includes:
第一生成子单元, 用于读取当前插入的 SIM卡中存储的预先分配给该 无线终端设备的用户号码和该无线终端设备的 IMEI,根据预设的哈希算法, 计算出所述用户号码和所述 IMEI的映射值,并存入预先定义的第一标志文 件中;  a first generating subunit, configured to read a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculate the user number according to a preset hash algorithm And the mapping value of the IMEI, and stored in a predefined first flag file;
第二生成子单元, 用于读取所述当前插入的 SIM卡的 IMSI, 根据预设 的哈希算法, 计算出所述用户号码和所述 IMSI的映射值, 并存入预先定义 的第二标志文件中;  a second generation subunit, configured to read an IMSI of the currently inserted SIM card, calculate a mapping value of the user number and the IMSI according to a preset hash algorithm, and store the second predefined value In the logo file;
第三生成子单元, 用于记录当前插入的 SIM卡的 IMSI, 存入预先定义 的第三标志文件中;  a third generation subunit, configured to record an IMSI of the currently inserted SIM card, and store the IMSI in a predefined third flag file;
设置子单元, 用于设置第一标志文件、 第二标志文件和第三标志文件 为只读和不可删除状态。 所述允许 /禁止使用确定单元,还用于当第一映射值同预先存储的 IMEI 与用户号码的映射值不一致时, 禁止无线终端设备被使用; The setting subunit is configured to set the first flag file, the second flag file, and the third flag file to be read-only and non-deletable. The permission/inhibition use determining unit is further configured to: when the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number, prohibit the wireless terminal device from being used;
还用于当所述第二映射值同预先存储的 IMSI 与用户号码的映射值不 一致时, 使用无线终端设备存储的 EFS文件中的 IMSI, 向该无线终端设备 所属网络发起注册请求;  And when the second mapping value is different from the pre-stored mapping value of the IMSI and the user number, using the IMSI in the EFS file stored by the wireless terminal device to initiate a registration request to the network to which the wireless terminal device belongs;
以及, 若无线终端设备所属网络拒绝注册, 且拒绝理由为所述 IMSI不 在归属位置寄存器中,则用于使用当前插入的 SIM卡的 IMSI替换所述 EFS 文件的第三标志文件中的 IMSI; 使用所述第一映射值替换所述 EFS文件的 第一标志文件中 IMEI与用户号码的映射值; 以及使用所述第二映射值替换 所述 EFS文件的第二标志文件中 IMSI与用户号码的映射值,并允许所述无 线终端设备被使用;  And, if the network to which the wireless terminal device belongs refuses to register, and the reason for the rejection is that the IMSI is not in the home location register, replacing the IMSI in the third flag file of the EFS file with the IMSI of the currently inserted SIM card; The first mapping value replaces a mapping value of an IMEI and a user number in the first flag file of the EFS file; and replacing the mapping between the IMSI and the user number in the second flag file of the EFS file by using the second mapping value Value and allow the wireless terminal device to be used;
若无线终端设备所属网络接受注册,或者拒绝注册理由非所述 IMSI不 在归属位置寄存器中, 则用于禁止所述无线终端设备被使用。  The wireless terminal device is prohibited from being used if the network to which the wireless terminal device belongs accepts registration, or if the reason for refusal to register is not that the IMSI is not in the home location register.
一种无线终端设备解锁装置, 包括:  A wireless terminal device unlocking device includes:
获取单元, 用于根据无线终端设备锁定的用户号码, 获取授权的携带 有用户号码的许可证 LICENCE文件;  An obtaining unit, configured to obtain an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device;
读取单元, 用于读取当前插入的 SIM卡中的用户号码; 号码相比较;  a reading unit, configured to read a user number in the currently inserted SIM card; the numbers are compared;
解锁 /拒绝解锁单元, 当所述比较单元的比较结果为一致时, 用于删除 所述无线终端设备预先存储的 IMEI与用户号码的映射值、当前插入的 SIM 卡的 IMSI与用户号码的映射值以及所述 IMSI; 否则, 拒绝解锁。  Unlocking/rejecting the unlocking unit, when the comparison result of the comparing unit is consistent, the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the mapping value of the IMSI and the user number of the currently inserted SIM card are deleted. And the IMSI; otherwise, the unlock is denied.
本发明实施例的有益效果包括: 法及装置, 将无线终端设备的 IMEI与当前插入的 SIM卡中的用户号码之 间的第一映射值,与该无线终端设备预先存储的 IMEI和用户号码的映射值 相比较,将当前插入的 SIM卡的 IMSI与用户号码之间的第二映射值,与该 无线终端设备存储的 IMSI与用户号码之间的映射值相比较,只有当比较的 结果都一致时, 允许该无线终端设备被使用。 本发明实施例提供的实现无 线终端设备锁定用户号码的方法、 解锁方法及装置, 将无线终端设备与用 户号码建立绑定关系, 即使用户更换了 SIM卡, 只要保持用户号码不变, 依然能够正常使用该无线终端设备, 实施灵活性强。 并且由于锁定的过程 在用户使用 SIM卡的过程中执行, 避免了现有技术中运营商在无线终端设 备售出之前即对各无线终端设备逐一进行加锁操作, 并且由于整个过程不 需要使用密钥, 所以不存在密钥保管和分发过程可能带来的泄密和保密性 不高的问题。 Advantages of the embodiments of the present invention include: a method and a device, the IMEI of the wireless terminal device and the user number in the currently inserted SIM card The first mapping value between the first mapping value and the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the second mapping value between the IMSI and the user number of the currently inserted SIM card are stored with the wireless terminal device The mapping between the IMSI and the subscriber number is compared, and the wireless terminal device is allowed to be used only when the comparison results are consistent. The method, the unlocking method and the device for locking the user number of the wireless terminal device provided by the embodiment of the present invention establish a binding relationship between the wireless terminal device and the user number, and even if the user replaces the SIM card, the user number can be kept normal even if the user number is kept unchanged. With this wireless terminal device, the implementation flexibility is strong. And because the locking process is performed in the process of the user using the SIM card, the operator in the prior art is prevented from locking each wireless terminal device one by one before the wireless terminal device is sold, and the entire process does not need to use the secret. Key, so there is no problem of leaking and confidentiality that may result from the key custodian and distribution process.
本发明实施例提供的解锁方法, 通过对无线终端设备锁定的用户号码 的验证, 删除无线终端设备存储的 IMEI与用户号码的映射值、 IMSI与用 户号码的映射值以及 IMSI, 即可实现解锁, 解锁过程也很筒单方便。 法、 解锁方法及装置, 通过不可逆的哈希算法进行加密, 破解难度大, 安 全性更高。 附图说明 流程图;  The unlocking method provided by the embodiment of the present invention can be unlocked by verifying the user number locked by the wireless terminal device, deleting the mapping value of the IMEI and the user number stored by the wireless terminal device, the mapping value of the IMSI and the user number, and the IMSI. The unlocking process is also very convenient. The method, the unlocking method and the device are encrypted by an irreversible hash algorithm, and the cracking is difficult and the security is higher. BRIEF DESCRIPTION OF THE DRAWINGS
图 2为本发明实施例提供的无线终端设备的解锁方法的流程图; 图 3 为本发明实施例提供的实现无线终端设备锁定用户号码的装置的 结构示意图;  2 is a flowchart of a method for unlocking a wireless terminal device according to an embodiment of the present invention; FIG. 3 is a schematic structural diagram of an apparatus for implementing a wireless terminal device to lock a user number according to an embodiment of the present invention;
图 4为本发明实施例提供的锁定单元的结构示意图;  4 is a schematic structural diagram of a locking unit according to an embodiment of the present invention;
图 5为本发明实施例提供的无线终端设备的解锁装置的结构示意图。 具体实施方式 下面结合附图, 对本发明提供的一种实现无线终端设备锁定用户号码 的方法及装置的具体实施方式进行详细的说明。 FIG. 5 is a schematic structural diagram of an unlocking apparatus of a wireless terminal device according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A specific implementation manner of a method and apparatus for implementing a wireless terminal device locking user number provided by the present invention will be described in detail below with reference to the accompanying drawings.
首先对本发明实施例提供的一种实现无线终端设备锁定用户号码的方 法进行详细的说明。  A method for implementing a method for locking a subscriber number of a wireless terminal device according to an embodiment of the present invention is described in detail.
如图 1 所示, 本发明实施例提供的一种实现无线终端设备锁定用户号 码的方法, 在无线终端设备通电开机, 进入初始化状态之前, 执行如下步 骤:  As shown in FIG. 1 , a method for implementing a wireless terminal device to lock a user number is provided in the embodiment of the present invention. Before the wireless terminal device is powered on and enters an initialization state, the following steps are performed:
5101、判断无线终端设备是否插入了 SIM卡, 若是,执行 S102, 若否, 执行步骤 S112。  5101. Determine whether the wireless terminal device inserts the SIM card. If yes, execute S102. If no, go to step S112.
5102、 判断插入的 SIM卡是否是测试用的 SIM卡, 若是, 执行步骤 S111 , 否则, 继续执行步骤 S103。  5102. Determine whether the inserted SIM card is a SIM card for testing. If yes, go to step S111; otherwise, continue to step S103.
本步骤 S102是可选步骤,本步骤 S102出于 SIM卡的测试需要而设定, SIM 卡在出售前或者出售后, 可能会进行测试, 测试所使用的 SIM 卡的 MCC和 MNC与网络中用户正常使用的 SIM卡不同, 本步骤中可以通过对 SIM卡的 MCC和 MNC判断该 SIM卡是否属于测试用 SIM卡, 如果是测 试用 SIM卡, 则准许无线终端设备被使用, 该无线终端设备随后进入正常 的初始化过程。  This step S102 is an optional step. The step S102 is set for the testing needs of the SIM card. The SIM card may be tested before or after the sale, and the MCC and the MNC of the SIM card used in the test and the users in the network may be tested. Differently used SIM cards are different. In this step, the SIM card of the SIM card can be judged whether the SIM card belongs to the SIM card for testing, and if it is a SIM card for testing, the wireless terminal device is allowed to be used, and the wireless terminal device subsequently Enter the normal initialization process.
5103、判断该无线终端设备中是否存储有加密文件系统( Encrypting File System, EFS )文件, 若存在, 则确定该无线终端设备已经锁定过用户号码, 执行步骤 S105; 若不存在, 则确定该无线终端设备没有锁定过该用户号码, 执行步骤 S104。 射值、 用户号码与 SIM卡的 IMSI的映射值以及 SIM卡的 IMSI。  5103. Determine whether an encrypted file system (EFS) file is stored in the wireless terminal device, if yes, determine that the wireless terminal device has locked the user number, and perform step S105; if not, determine the wireless The terminal device does not lock the user number, and step S104 is performed. The value of the shot, the user number and the IMSI of the SIM card and the IMSI of the SIM card.
5104、 将无线终端设备与用户号码进行锁定, 生成 EFS文件并存储。 然后转向执行步骤 Slll。 5104. Lock the wireless terminal device and the user number, generate an EFS file, and store the file. Then, the process proceeds to step S111.
在本发明实施例中, 用户号码可以由运营商预先写入 SIM卡中分配给 具体地, 在将无线终端设备与用户号码锁定和生成 EFS文件的过程如 下:  In the embodiment of the present invention, the user number may be allocated by the operator in advance to the SIM card, and specifically, the process of locking and generating the EFS file between the wireless terminal device and the user number is as follows:
读取当前无线终端设备插入的 SIM卡中存储的预先分配给该无线终端 设备的用户号码和该无线终端设备的 IMEI, 根据预设的哈希算法, 计算出 读取的用户号码和读取 IMEI之间的映射值并存入预先定义的第一标志文 件中;  Reading the user number pre-assigned to the wireless terminal device and the IMEI of the wireless terminal device stored in the SIM card inserted by the current wireless terminal device, calculating the read user number and reading the IMEI according to a preset hash algorithm. The mapped value between the values is stored in a predefined first flag file;
读取当前无线终端设备插入的 SIM卡的 IMSI, 根据预设的哈希算法, 计算出读取的用户号码和 IMSI 的映射值并存入预先定义的第二标志文件 中;  Reading the IMSI of the SIM card inserted by the current wireless terminal device, calculating the mapped user number and the IMSI mapping value according to a preset hash algorithm, and storing the value in the predefined second flag file;
记录当前插入的 SIM卡的 IMSI, 存入预先定义的第三标志文件中; 设置第一标志文件、 第二标志文件和第三标志文件为只读和不可删除 状态。  The IMSI of the currently inserted SIM card is recorded and stored in a predefined third flag file; the first flag file, the second flag file, and the third flag file are set to read-only and non-deletable states.
第一标志文件、 第二标志文件和第三标志文件组成了 EFS文件。  The first flag file, the second flag file, and the third flag file constitute an EFS file.
较佳地, 本发明实施例中, 预设的哈希算法可以采用 MD5哈希算法。  Preferably, in the embodiment of the present invention, the preset hash algorithm may adopt an MD5 hash algorithm.
MD5哈希算法属于不可逆加密算法, 其加密过程不需要使用密钥, 对明文 进行加密后形成密文, 加密后的密文无法直接解密, 解密过程必须经过输 入明文再次加密, 比较两次加密的结果一致时, 才可认为再次输入的明文 即为解密后的明文。 不可逆加密算法破解难度大, 且使用方便, 不存在密 钥保管和分发的问题。 The MD5 hash algorithm is an irreversible encryption algorithm. The encryption process does not require the use of a key. The plaintext is encrypted to form a ciphertext. The encrypted ciphertext cannot be directly decrypted. The decryption process must be encrypted again by inputting the plaintext. When the results are consistent, the plaintext that is input again can be considered as the plaintext after decryption. The irreversible encryption algorithm is difficult to solve and easy to use, and there is no problem of key storage and distribution.
S105、读取无线终端设备的 IMEI, 以及当前插入的 SIM卡中存储的预 先分配给该无线终端设备的用户号码; 计算两者之间的第一映射值;  S105, reading an IMEI of the wireless terminal device, and a user number stored in the SIM card currently inserted into the wireless terminal device, and calculating a first mapping value between the two;
计算方法采用预设的哈希算法, 该预设的哈希算法, 与步骤 S104采用 的算法相同。 The calculation method adopts a preset hash algorithm, and the preset hash algorithm is adopted in step S104. The algorithm is the same.
5106、 将步骤 S105计算出的第一映射值, 与无线终端设备存储的 EFS 致, 执行步骤 S107, 否则, 执行步骤 S112。  5106. The first mapping value calculated in step S105 is sent to the EFS stored by the wireless terminal device, and step S107 is performed. Otherwise, step S112 is performed.
在两者一致的情况下, 说明当前插入的 SIM卡中的用户号码, 与该无 线终端设备锁定的用户号码一致。 否则, 认为当前插入的 SIM中的用户号 码与该无线终端设备不匹配, 禁止该无线终端的使用。  If the two are consistent, the user number in the currently inserted SIM card is the same as the user number locked by the wireless terminal device. Otherwise, it is considered that the user number in the currently inserted SIM does not match the wireless terminal device, and the use of the wireless terminal is prohibited.
5107、 读取 SIM卡的 IMSI, 计算读取的用户号码与 IMSI之间的第二 映射值。  5107. Read the IMSI of the SIM card, and calculate a second mapping value between the read user number and the IMSI.
计算方法采用预设的哈希算法, 该预设的哈希算法, 与步骤 S104采用 的算法相同。  The calculation method adopts a preset hash algorithm, and the preset hash algorithm is the same as the algorithm used in step S104.
5108、 将步骤 S107 计算得到的第二映射值, 与无线终端设备存储的 执行步骤 S111 ; 如果两者不一致, 则执行下述步骤 S109。  5108. The second mapping value calculated in step S107 is performed with the wireless terminal device to perform step S111. If the two do not match, the following step S109 is performed.
在本步骤 S108中,在两者一致的情况下,说明当前插入的 SIM卡与该 那么会出现两种情况, 一种是用户合法换卡(用户号码未变, 但是 SIM卡 已经更换), 另一种是非法的同号卡。 为了进一步进行区分, 需要执行下述 步骤 S109。  In this step S108, if the two are consistent, it indicates that the currently inserted SIM card and the then two situations occur, one is that the user legally exchanges the card (the user number has not changed, but the SIM card has been replaced), and One is an illegal card of the same number. In order to further distinguish, it is necessary to perform the following step S109.
5109、 使用 EFS文件中存储的 IMSI, 向其所属网络发起注册请求; 如 果注册成功, 则执行步骤 S112; 如果注册不成功, 且拒绝注册的理由为该 IMSI不在归属位置寄存器 HLR中, 执行步骤 S110和步骤 S111 ; 如果注册 不成功, 但是拒绝注册的理由是除了前述 "IMSI不在归属位置寄存器中" 之外的其他理由, 那么也转向执行步骤 S112。  5109. Use the IMSI stored in the EFS file to initiate a registration request to the network to which the EFS file is stored. If the registration is successful, go to step S112. If the registration is unsuccessful, and the reason for rejecting the registration is that the IMSI is not in the home location register HLR, go to step S110. And step S111; if the registration is unsuccessful, but the reason for refusal of registration is other than the aforementioned "IMSI is not in the home location register", then the process proceeds to step S112.
如果网络拒绝注册, 且拒绝的理由为该 IMSI不在 HLR中, 那么证明 用户合法地更换了 SIM卡, 但是该 SIM卡中的用户号码与该无线终端锁定 的用户号码一致。 如果网络接受注册, 或者拒绝注册为其他原因, 则说明 该无线终端锁定用户号码时所使用的 SIM卡当前仍然有效, 当前插入无线 终端设备的 SIM卡是非法的同号卡。 If the network refuses to register and the reason for the rejection is that the IMSI is not in the HLR, then the proof The user has legally replaced the SIM card, but the subscriber number in the SIM card is the same as the subscriber number locked by the wireless terminal. If the network accepts registration, or refuses to register for other reasons, it indicates that the SIM card used by the wireless terminal to lock the subscriber number is still valid, and the SIM card currently inserted into the wireless terminal device is an illegal same card.
5110、 使用读取的当前插入的 SIM卡的 IMSI替换 EFS文件的第三标 志文件中的 IMSI; 使用第一映射值替换 EFS文件的第一标志文件中 IMEI 与用户号码的映射值; 以及使用第二映射值替换 EFS文件的第二标志文件 中 IMSI与用户号码的映射值。  5110. Replace the IMSI in the third flag file of the EFS file by using the read IMSI of the currently inserted SIM card; replace the mapping value of the IMEI and the user number in the first flag file of the EFS file by using the first mapping value; The second mapping value replaces the mapping value of the IMSI and the user number in the second flag file of the EFS file.
5111、 允许该无线终端设备被使用。  5111. Allow the wireless terminal device to be used.
本步骤 S111中, 在该无线终端设备映射的预定义端口的描述符之后添 加指示正常使用的修订数 revision number,以告知该无线终端设备的用户接 口 (User Interface, UI )该无线终端设备允许被使用。  In this step S111, a revision number indicating normal use is added after the descriptor of the predefined port mapped by the wireless terminal device to inform the wireless terminal device of the user interface (User Interface, UI) that the wireless terminal device is allowed to be use.
5112、 禁止该无线终端设备被使用。  5112. The wireless terminal device is prohibited from being used.
在该无线终端设备映射的串口产品标识(Product ID, PID )和厂商标 识(Vendor ID, VID )的描述符后添加指示禁止使用的 revision number, 以 告知该无线终端设备的 UI该无线终端设备禁止被使用, 同时, 该无线终端 的各端口也被封闭, 防止被非法破解。 码的方法中, 采用不可逆的哈希算法进行加密, 不存在密钥保管和分发问 题, 破解难度大, 安全性更高。 此外, 通过用户在第一次使用合法 SIM卡 时, 实现与无线终端设备与用户号码的绑定, 不需要运营商或者生产商预 先逐一对无线终端设备进行加锁的操作。 并且在实现无线终端设备与用户 号码绑定的情况下, 即使用户合法地更换了 SIM卡, 也同样能方便实现新 的 SIM卡与该无线终端设备之间的绑定关系, 实施过程筒单方便。  Adding a revision number indicating that the use is prohibited after the descriptor of the serial port product identifier (Product ID, PID) and the vendor identifier (Vendor ID, VID) mapped by the wireless terminal device, to notify the UI of the wireless terminal device that the wireless terminal device is prohibited. It is used, and at the same time, the ports of the wireless terminal are also blocked to prevent illegal cracking. In the code method, the irreversible hash algorithm is used for encryption, and there is no key storage and distribution problem, and the cracking is difficult and the security is higher. In addition, when the user uses the legal SIM card for the first time, the binding with the wireless terminal device and the user number is realized, and the operator or the manufacturer does not need to perform the locking operation of the pair of wireless terminal devices one by one. Moreover, in the case that the wireless terminal device is bound to the user number, even if the user legally replaces the SIM card, the binding relationship between the new SIM card and the wireless terminal device can be conveniently realized, and the implementation process is convenient. .
对应地, 本发明实施例还提供了一种无线终端设备的解锁方法, 无线 终端设备中插入 SIM卡, 开机后, 如图 2所示, 执行以下步骤:Correspondingly, the embodiment of the present invention further provides a method for unlocking a wireless terminal device, and wirelessly Insert the SIM card into the terminal device. After booting up, as shown in Figure 2, perform the following steps:
5201、 根据该无线终端设备锁定的用户号码, 获取授权的携带有用户 号码的许可证 LICENCE文件。 5201. Obtain an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device.
在本步骤 S201中, 无线终端设备通过登录例如运营商授权的网站, 根 据网站的提示, 输入该无线终端锁定的用户号码。  In this step S201, the wireless terminal device inputs the user number locked by the wireless terminal according to the prompt of the website by logging in, for example, a website authorized by the operator.
网站服务器根据输入的用户号码, 下载运营商授权的携带有用户号码 的 LICENCE文件。  The website server downloads the LICENCE file authorized by the operator and carries the user number according to the input user number.
5202、 读取当前无线终端设备插入的 SIM 卡中的用户号码, 将其与 LICENCE文件中的用户号码相比较, 当两者一致时,执行步骤 S203;否贝' J , 执行步骤 S204。  5202. Read the user number in the SIM card inserted by the current wireless terminal device, and compare it with the user number in the LICENCE file. If the two are the same, go to step S203; otherwise, go to step S204.
5203、允许该无线终端设备解锁,删除其存储的 EFS文件中包含的 IMEI 与用户号码的映射值、 IMSI与用户号码的映射值以及 IMSI。  5203. Allow the wireless terminal device to unlock, delete the mapping value of the IMEI and the user number, the mapping value of the IMSI and the user number, and the IMSI included in the EFS file stored therein.
5204、 拒绝该无线终端设备解锁, 发出告警信息后结束流程。  5204. Reject the wireless terminal device to be unlocked, and send an alarm message to end the process.
在具体实施时, 上述步骤 S202至步骤 S204可以由无线终端从运营商 授权的网站中下载相应的解锁软件来完成。  In a specific implementation, the foregoing steps S202 to S204 may be completed by the wireless terminal downloading corresponding unlocking software from a website authorized by the operator.
基于同一发明构思, 本发明实施例中还提供了一种实现无线终端设备 锁定用户号码的装置, 由于该装置解决问题的原理与前述一种实现无线终 端设备锁定用户号码的方法相似, 因此该装置的实施可以参见方法的实施, 重复之处不在赘述。  Based on the same inventive concept, an embodiment of the present invention further provides a device for implementing a wireless terminal device to lock a subscriber number. The method for solving the problem is similar to the foregoing method for implementing a wireless terminal device to lock a subscriber number. The implementation can refer to the implementation of the method, and the repetitions are not repeated.
如图 3 所示, 本发明实施例提供的一种实现无线终端设备锁定用户号 码的装置, 具体包括:  As shown in FIG. 3, an apparatus for implementing a wireless terminal device to lock a user number according to an embodiment of the present invention includes:
读取单元 301 , 用于读取无线终端设备的 IMEI、 当前插入的 SIM卡中 存储的预先分配给该无线终端设备的用户号码以及所述 SIM卡的 IMSI; 计算单元 302, 用于计算读取的用户号码与 IMEI之间的第一映射值, 以及计算读取的用户号码和 IMSI之间的第二映射值; 比较单元 303, 将计算单元 302计算出的第一映射值和第二映射值, 与 无线终端设备预先存储的 IMEI与用户号码的映射值以及 IMSI与用户号码 的映射值分别进行比较; The reading unit 301 is configured to read an IMEI of the wireless terminal device, a user number pre-assigned to the wireless terminal device stored in the currently inserted SIM card, and an IMSI of the SIM card; and a calculating unit 302, configured to calculate and read a first mapping value between the user number and the IMEI, and calculating a second mapping value between the read user number and the IMSI; The comparing unit 303 compares the first mapping value and the second mapping value calculated by the calculating unit 302 with the mapping value of the IMEI and the user number stored in advance by the wireless terminal device, and the mapping values of the IMSI and the user number, respectively;
允许 /禁止使用确定单元 304, 当比较单元 303的比较结果都一致时, 允许该无线终端设备被使用。  The permission/inhibition use determining unit 304 allows the wireless terminal device to be used when the comparison results of the comparing unit 303 are all the same.
本发明实施例提供的一种实现无线终端设备锁定用户号码的装置, 如 图 3所示, 还可以包括: 判断单元 305、 锁定 /未锁定确定单元 306和锁定 单元 307; 其中:  An apparatus for implementing a wireless terminal device to lock a subscriber number according to an embodiment of the present invention, as shown in FIG. 3, may further include: a determining unit 305, a lock/unlock determining unit 306, and a locking unit 307;
判断单元 305,用于判断无线终端设备中是否预先存储有加密文件系统 号码与 SIM卡 IMSI的映射值以及 SIM卡的 IMSI;  The determining unit 305 is configured to determine whether the mapping value of the encrypted file system number and the SIM card IMSI and the IMSI of the SIM card are pre-stored in the wireless terminal device;
锁定 /未锁定确定单元 306, 用于当判断结果为否时, 确定该无线终端 设备未与该用户号码锁定; 当判断结果为是时, 通知读取单元 301执行读 取操作; 终端设备与用户号码进行锁定, 生成 EFS文件并存储;  The lock/unlock determination unit 306 is configured to: when the determination result is no, determine that the wireless terminal device is not locked with the user number; when the determination result is yes, the notification reading unit 301 performs a read operation; the terminal device and the user The number is locked, the EFS file is generated and stored;
允许 /禁止使用确定单元 304, 还用于在锁定单元 307将无线终端设备 与用户号码进行锁定后, 允许该无线终端设备被使用。  The allow/disable use determining unit 304 is further configured to allow the wireless terminal device to be used after the locking unit 307 locks the wireless terminal device with the subscriber number.
进一步地, 锁定单元 307, 如图 4所示, 具体包括:  Further, the locking unit 307, as shown in FIG. 4, specifically includes:
第一生成子单元 3071 , 用于读取当前插入的 SIM卡中存储的预先分配 给该无线终端设备的用户号码和该无线终端设备的 IMEI, 根据预设的哈希 算法, 计算出用户号码和 IMEI 的映射值并存入预先定义的第一标志文件 中;  a first generating subunit 3071, configured to read a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculate a user number according to a preset hash algorithm. The mapping value of IMEI is stored in a predefined first flag file;
第二生成子单元 3072,用于读取当前插入的 SIM卡的 IMSI,根据预设 的哈希算法,计算出用户号码和 IMSI的映射值并存入预先定义的第二标志 文件中; The second generation subunit 3072 is configured to read the IMSI of the currently inserted SIM card, calculate a mapping value of the user number and the IMSI according to a preset hash algorithm, and store the predefined second flag. In the file;
第三生成子单元 3073,用于记录当前插入的 SIM卡的 IMSI,存入预先 定义的第三标志文件中;  a third generation subunit 3073, configured to record an IMSI of the currently inserted SIM card, and store the IMSI in a predefined third flag file;
设置子单元 3074, 用于设置第一标志文件、 第二标志文件和第三标志 文件为只读和不可删除状态。  The setting subunit 3074 is configured to set the first flag file, the second flag file, and the third flag file to be read-only and non-deletable.
本发明实施例提供的实现无线终端设备锁定用户号码的装置中的允许 / 禁止使用确定单元 304, 还用于当第一映射值与预先存储的 IMEI与用户号 码的映射值不一致时, 禁止该无线终端设备被使用;  The permission/inhibition use determining unit 304 in the apparatus for implementing the wireless terminal device to lock the user number provided by the embodiment of the present invention is further configured to: when the mapping value between the first mapping value and the pre-stored IMEI and the user number is inconsistent, the wireless is prohibited. The terminal device is used;
以及当第二映射值与预先存储的 IMSI与用户号码的映射值不一致时, 使用无线终端设备存储的 EFS文件中的 IMSI,向其所属网络发起注册请求; 若其所属网络拒绝注册,且拒绝理由为该 IMSI不在归属位置寄存器中, 则使用读取的当前插入的 SIM卡的 IMSI替换所述 EFS文件的第三标志文 件中的 IMSI; 使用第一映射值替换 EFS文件的第一标志文件中 IMEI与用 户号码的映射值; 以及使用第二映射值替换 EFS 文件的第二标志文件中 IMSI与用户号码的映射值, 并允许该无线终端设备被使用;  And when the second mapping value is inconsistent with the pre-stored mapping value of the IMSI and the user number, using the IMSI in the EFS file stored by the wireless terminal device to initiate a registration request to the network to which the wireless network device belongs; if the network to which it belongs refuses to register, and the reason for the rejection If the IMSI is not in the home location register, replace the IMSI in the third flag file of the EFS file with the read IMSI of the currently inserted SIM card; replace the IMEI in the first flag file of the EFS file with the first mapping value. a mapping value with the user number; and replacing the mapping value of the IMSI and the user number in the second flag file of the EFS file with the second mapping value, and allowing the wireless terminal device to be used;
若其所属网络接受注册,或者拒绝注册理由非该 IMSI不在归属位置寄 存器中, 则禁止该无线终端设备被使用。  If the network to which it belongs accepts registration, or if the reason for refusal to register is not that the IMSI is not in the home location register, then the wireless terminal device is prohibited from being used.
根据本发明实施例提供的无线终端设备解锁方法, 本发明实施例还提 供了一种无线终端解锁装置, 如图 5所示, 包括:  According to the wireless terminal device unlocking method provided by the embodiment of the present invention, the embodiment of the present invention further provides a wireless terminal unlocking device, as shown in FIG. 5, including:
获取单元 501 , 用于根据该无线终端设备锁定的用户号码, 获取授权的 携带有用户号码的许可证 LICENCE文件;  The obtaining unit 501 is configured to obtain, according to the user number locked by the wireless terminal device, an authorized license LICENCE file carrying the user number;
读取单元 502, 用于读取当前插入的 SIM卡中的用户号码; 相比较;  The reading unit 502 is configured to read a user number in the currently inserted SIM card;
解锁 /拒绝解锁单元 504, 当比较的结果为一致时, 删除该无线终端设 备预先存储的 IMEI与用户号码的映射值、 IMSI与用户号码的映射值以及 IMSI; 否则, 拒绝解锁。 法及装置, 将无线终端设备的 IMEI, 当前插入的 SIM卡中的用户号码之间 的第一映射值,与该无线终端设备预先存储的 IMEI和用户号码的映射值相 比较,将当前插入的 SIM卡的 IMSI与用户号码之间的第二映射值,与该无 线终端设备存储的 IMSI与用户号码之间的映射值相比较, 只有当比较的结 果都一致时, 允许该无线终端设备被使用, 本发明实施例提供的实现无线 终端设备锁定用户号码的方法、 解锁方法及装置, 将无线终端设备与用户 号码建立绑定关系, 即使用户更换了 SIM卡, 只要保持用户号码不变, 依 然能够正常使用该无线终端设备, 实施时灵活性强。 并且由于锁定的过程 在用户使用 SIM卡的过程中执行, 避免了现有技术中运营商在无线终端设 备售出之前即对各无线终端设备逐一进行加锁操作, 并且由于整个过程不 需要使用密钥, 所以不存在密钥保管和分发过程可能带来的泄密和保密性 不高的问题。 证, 删除其存储的 IMEI与用户号码的映射值、 IMSI与用户号码的映射值 以及 IMSI, 即可实现解锁, 解锁过程也很筒单方便。 法、 解锁方法及装置, 通过不可逆的哈希算法进行加密, 破解难度大, 安 全性更高。 本发明的精神和范围。 这样, 倘若本发明的这些修改和变型属于本发明权 利要求及其等同技术的范围之内, 则本发明也意图包含这些改动和变型在 内。 Unlock/reject the unlocking unit 504, when the comparison result is consistent, delete the wireless terminal setting Pre-stored mapping values of IMEI and user numbers, mapping values of IMSI and user numbers, and IMSI; otherwise, unlocking is denied. And the method, the first mapping value between the IMEI of the wireless terminal device and the user number in the currently inserted SIM card is compared with the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the currently inserted The second mapping value between the IMSI and the subscriber number of the SIM card is compared with the mapping value between the IMSI and the subscriber number stored by the wireless terminal device, and the wireless terminal device is allowed to be used only when the comparison results are consistent. The method, the unlocking method and the device for implementing the wireless terminal device locking the user number provided by the embodiment of the present invention establish a binding relationship between the wireless terminal device and the user number, and even if the user replaces the SIM card, the user number can still be maintained The wireless terminal device is normally used, and the implementation is flexible. And because the locking process is performed in the process of the user using the SIM card, the operator in the prior art is prevented from locking each wireless terminal device one by one before the wireless terminal device is sold, and the entire process does not need to use the secret. Key, so there is no problem of leaking and confidentiality that may result from the key custodian and distribution process. The certificate can be unlocked by deleting the mapped value of the stored IMEI and the user number, the mapping value of the IMSI and the user number, and the IMSI. The unlocking process is also very convenient. The method, the unlocking method and the device are encrypted by an irreversible hash algorithm, and the cracking is difficult and the security is higher. The spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and the modifications of the invention

Claims

权利要求书 Claim
1、 一种实现无线终端设备锁定用户号码的方法, 其特征在于, 包括: 读取无线终端设备的国际移动设备标识号 IMEI , 以及当前插入的 SIM 卡中存储的预先分配给该无线终端设备的用户号码; 计算两者之间的第一 映射值;  A method for implementing a wireless terminal device locking user number, comprising: reading an international mobile device identification number IMEI of a wireless terminal device, and pre-assigned to the wireless terminal device stored in the currently inserted SIM card User number; calculating a first mapping value between the two;
读取所述 SIM卡的国际移动用户标识号 IMSI,计算所述用户号码与所 述 SIM卡的 IMSI之间的第二映射值;  Reading an international mobile subscriber identity number IMSI of the SIM card, and calculating a second mapping value between the subscriber number and the IMSI of the SIM card;
将计算出的第一映射值和第二映射值, 分别同所述无线终端设备预先 存储的 IMEI与用户号码的映射值、 以及 IMSI与用户号码的映射值分别进 行比较;  And comparing the calculated first mapping value and the second mapping value with the mapping value of the IMEI and the user number stored in advance by the wireless terminal device, and the mapping values of the IMSI and the user number, respectively;
当比较的结果都一致时, 允许该无线终端设备被使用。  When the results of the comparison are the same, the wireless terminal device is allowed to be used.
2、 如权利要求 1所述的方法, 其特征在于, 计算所述第一映射值和第 二映射值的方法为: 使用预设的哈希算法计算第一映射值和第二映射值。  2. The method according to claim 1, wherein the calculating the first mapping value and the second mapping value is: calculating a first mapping value and a second mapping value by using a preset hash algorithm.
3、 如权利要求 1或 2所述的方法, 其特征在于, 在读取无线终端设备 的 IMEI和 SIM卡中的用户号码之前, 该方法还包括: 判断无线终端设备 中是否预先存储有加密文件系统 EFS文件的步骤, 所述 EFS文件包括用户 号码与无线终端设备 IMEI的映射值、 所述用户号码与 SIM卡的 IMSI的映 射值以及 SIM卡的 IMSI;  The method according to claim 1 or 2, wherein before the reading of the user number in the IMEI and the SIM card of the wireless terminal device, the method further comprises: determining whether the encrypted file is pre-stored in the wireless terminal device The step of the system EFS file, the EFS file includes a mapping value of the user number and the wireless terminal device IMEI, a mapping value of the user number and the IMSI of the SIM card, and an IMSI of the SIM card;
当判断结果为否时, 确定无线终端设备未与所述用户号码锁定; 将无 线终端设备与所述用户号码进行锁定, 生成 EFS文件并存储, 允许该无线 终端设备被使用;  When the determination result is no, determining that the wireless terminal device is not locked with the user number; locking the wireless terminal device with the user number, generating an EFS file and storing, allowing the wireless terminal device to be used;
当判断结果为是时, 确定无线终端设备已与所述用户号码锁定, 转向 所述读取无线终端设备的 IMEI和 SIM卡中的用户号码的步骤。  When the result of the determination is YES, it is determined that the wireless terminal device has been locked with the subscriber number, and the step of reading the subscriber number in the IMEI and SIM card of the wireless terminal device is turned.
4、 如权利要求 3所述的方法, 其特征在于, 所述将无线终端设备与用 户号码锁定, 生成 EFS文件, 包括: 读取当前插入的 SIM卡中存储的预先分配给该无线终端设备的用户号 码和该无线终端设备的 IMEI, 根据预设的哈希算法, 计算出所述用户号码 和所述 IMEI的映射值, 并存入预先定义的第一标志文件中; The method of claim 3, wherein the locking the wireless terminal device and the user number to generate an EFS file includes: Reading a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculating a mapping value of the user number and the IMEI according to a preset hash algorithm. And stored in a predefined first flag file;
读取当前插入的 SIM卡的 IMSI, 根据预设的哈希算法, 计算出所述用 户号码和所述 SIM卡的 IMSI的映射值,并存入预先定义的第二标志文件中; 记录当前插入的 SIM卡的 IMSI, 存入预先定义的第三标志文件中; 设置第一标志文件、 第二标志文件和第三标志文件为只读和不可删除 状态。  Reading the IMSI of the currently inserted SIM card, calculating a mapping value of the user number and the IMSI of the SIM card according to a preset hash algorithm, and storing the mapping value of the IMSI in a predefined second flag file; recording the current insertion The IMSI of the SIM card is stored in a predefined third flag file; the first flag file, the second flag file, and the third flag file are set to read-only and non-deletable states.
5、 如权利要求 4所述的方法, 其特征在于, 当所述第一映射值同预先 存储的 IMEI与用户号码的映射值不一致时, 禁止该无线终端设备被使用; 当所述第二映射值同预先存储的 IMSI与用户号码的映射值不一致时, 使用无线终端设备存储的 EFS文件中的 IMSI, 向该无线终端设备所属网络 发起注册请求;  The method according to claim 4, wherein when the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number, the wireless terminal device is prohibited from being used; when the second mapping is When the value is inconsistent with the pre-stored mapping value of the IMSI and the user number, the IMSI in the EFS file stored by the wireless terminal device is used to initiate a registration request to the network to which the wireless terminal device belongs;
若所述无线终端设备所属网络拒绝注册,且拒绝理由为所述 IMSI不在 归属位置寄存器中, 则使用当前插入的 SIM卡的 IMSI替换所述 EFS文件 的第三标志文件中的 IMSI; 使用所述第一映射值替换所述 EFS文件的第一 标志文件中 IMEI与用户号码的映射值; 以及使用所述第二映射值替换所述 EFS文件的第二标志文件中 IMSI与用户号码的映射值, 并允许该无线终端 设备被使用;  If the network to which the wireless terminal device belongs refuses to register, and the reason for the rejection is that the IMSI is not in the home location register, replacing the IMSI in the third flag file of the EFS file with the IMSI of the currently inserted SIM card; The first mapping value replaces the mapping value of the IMEI and the user number in the first flag file of the EFS file; and the mapping value of the IMSI and the user number in the second flag file of the EFS file is replaced by using the second mapping value, And allowing the wireless terminal device to be used;
若所述无线终端设备所属网络接受注册, 或者拒绝注册理由非所述 IMSI不在归属位置寄存器中, 则禁止该无线终端设备被使用。  If the network to which the wireless terminal device belongs accepts registration, or refuses to register for the reason that the IMSI is not in the home location register, the wireless terminal device is prohibited from being used.
6、 如权利要求 5所述的方法, 其特征在于, 所述允许无线终端设备被 使用, 包括:  The method of claim 5, wherein the allowing the wireless terminal device to be used comprises:
在无线终端设备映射的预定义端口的描述符之后添加指示正常使用的 修订数, 告知该无线终端设备的用户接口该无线终端设备允许被使用; 所述禁止无线终端设备被使用, 包括: Adding a revision number indicating a normal use after the descriptor of the predefined port mapped by the wireless terminal device, informing the user interface of the wireless terminal device that the wireless terminal device is allowed to be used; The prohibiting the wireless terminal device is used, including:
在无线终端设备映射的串口产品标识和厂商标识的描述符之后添加指 示禁止使用的修订数, 以此告知该无线终端设备的用户接口该用户终端禁 止使用, 以及封闭该无线终端设备的各端口。  A revision number indicating the prohibition of use is added after the descriptor of the serial port product identifier and the vendor identifier mapped by the wireless terminal device, thereby informing the user interface of the wireless terminal device that the user terminal is forbidden to use, and closing each port of the wireless terminal device.
7、 如权利要求 2或 4所述的方法, 其特征在于, 所述预设的哈希算法 为 MD5哈希算法。  The method according to claim 2 or 4, wherein the preset hash algorithm is an MD5 hash algorithm.
8、 一种无线终端设备解锁的方法, 其特征在于, 包括:  A method for unlocking a wireless terminal device, comprising:
根据无线终端设备锁定的用户号码, 获取授权的携带有用户号码的许 可证 LICENCE文件;  Obtaining an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device;
读取当前插入的 SIM 卡中的用户号码, 并将该用户号码与所述 LICENCE文件中的用户号码相比较;  Reading the user number in the currently inserted SIM card and comparing the user number with the user number in the LICENCE file;
当两者一致时,删除所述无线终端设备预先存储的 IMEI与用户号码的 映射值、 IMSI与用户号码的映射值以及 IMSI;  When the two are consistent, deleting the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, the mapping value of the IMSI and the user number, and the IMSI;
当两者不一致时, 拒绝解锁。  When the two are inconsistent, the unlock is denied.
9、 一种实现无线终端设备锁定用户号码的装置, 其特征在于, 包括: 读取单元, 用于读取无线终端设备的 IMEI、 当前插入的 SIM卡中存储 的预先分配给该无线终端设备的用户号码以及所述 SIM卡的 IMSI;  A device for implementing a wireless terminal device to lock a subscriber number, comprising: a reading unit, configured to read an IMEI of the wireless terminal device, and a pre-assigned to the wireless terminal device stored in the currently inserted SIM card a subscriber number and an IMSI of the SIM card;
计算单元,用于计算读取的所述用户号码与所述 IMEI之间的第一映射 值, 以及计算读取的所述用户号码和所述 IMSI之间的第二映射值;  a calculating unit, configured to calculate a first mapping value between the read user number and the IMEI, and calculate a second mapping value between the read user number and the IMSI;
比较单元, 将所述计算单元计算出的第一映射值和第二映射值, 与所 述无线终端设备预先存储的 IMEI与所述用户号码的映射值以及 IMSI与所 述用户号码的映射值分别进行比较;  a comparing unit, the first mapping value and the second mapping value calculated by the calculating unit, and a mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and a mapping value between the IMSI and the user number respectively Compare;
允许 /禁止使用确定单元, 当所述比较单元的比较结果都一致时, 允许 该无线终端设备被使用。  The use/determination unit is allowed/disabled, and when the comparison result of the comparison unit is consistent, the wireless terminal device is allowed to be used.
10、 如权利要求 9所述的装置, 其特征在于, 该装置还包括: 判断单 元、 锁定 /未锁定确定单元和锁定单元; 10. The apparatus according to claim 9, wherein the apparatus further comprises: a judgment sheet Element, locked/unlocked determining unit and locking unit;
所述判断单元, 用于判断无线终端设备中是否预先存储有 EFS文件, 号码与所述 SIM卡的 IMSI的映射值以及所述 SIM卡的 IMSI;  The determining unit is configured to determine whether an EFS file, a mapping value of the number and the IMSI of the SIM card, and an IMSI of the SIM card are pre-stored in the wireless terminal device;
所述锁定 /未锁定确定单元, 用于当所述判断单元的判断结果为否时, 确定该无线终端设备未与所述用户号码锁定; 当所述判断单元的判断结果 为是时, 通知所述读取单元执行读取操作; 将无线终端设备与所述用户号码进行锁定, 生成 EFS文件并存储;  The lock/unlock determination unit is configured to: when the determination result of the determining unit is negative, determine that the wireless terminal device is not locked with the user number; when the determination result of the determining unit is yes, notify the The reading unit performs a reading operation; locks the wireless terminal device with the user number, generates an EFS file, and stores the file;
所述允许 /禁止使用确定单元, 还用于在锁定单元将无线终端设备与所 述用户号码进行锁定后, 允许该无线终端设备被使用。  The permission/inhibition use determining unit is further configured to allow the wireless terminal device to be used after the locking unit locks the wireless terminal device with the user number.
11、 如权利要求 10所述的装置, 其特征在于, 所述锁定单元, 具体包 括:  The device according to claim 10, wherein the locking unit specifically includes:
第一生成子单元, 用于读取当前插入的 SIM卡中存储的预先分配给该 无线终端设备的用户号码和该无线终端设备的 IMEI,根据预设的哈希算法, 计算出所述用户号码和所述 IMEI的映射值,并存入预先定义的第一标志文 件中;  a first generating subunit, configured to read a user number pre-assigned to the wireless terminal device and an IMEI of the wireless terminal device stored in the currently inserted SIM card, and calculate the user number according to a preset hash algorithm And the mapping value of the IMEI, and stored in a predefined first flag file;
第二生成子单元, 用于读取所述当前插入的 SIM卡的 IMSI, 根据预设 的哈希算法, 计算出所述用户号码和所述 IMSI的映射值, 并存入预先定义 的第二标志文件中;  a second generation subunit, configured to read an IMSI of the currently inserted SIM card, calculate a mapping value of the user number and the IMSI according to a preset hash algorithm, and store the second predefined value In the logo file;
第三生成子单元, 用于记录当前插入的 SIM卡的 IMSI, 存入预先定义 的第三标志文件中;  a third generation subunit, configured to record an IMSI of the currently inserted SIM card, and store the IMSI in a predefined third flag file;
设置子单元, 用于设置第一标志文件、 第二标志文件和第三标志文件 为只读和不可删除状态。  The setting subunit is configured to set the first flag file, the second flag file, and the third flag file to be read-only and non-deletable.
12、 如权利要求 9至 11任一项所述的装置, 其特征在于, 所述允许 / 禁止使用确定单元,还用于当第一映射值同预先存储的 IMEI与用户号码的 映射值不一致时, 禁止无线终端设备被使用; 12. Apparatus according to any one of claims 9 to 11 wherein said permitting / The determining unit is prohibited, and is further configured to prohibit the wireless terminal device from being used when the first mapping value is inconsistent with the pre-stored mapping value of the IMEI and the user number;
还用于当所述第二映射值同预先存储的 IMSI 与用户号码的映射值不 一致时, 使用无线终端设备存储的 EFS文件中的 IMSI, 向该无线终端设备 所属网络发起注册请求;  And when the second mapping value is different from the pre-stored mapping value of the IMSI and the user number, using the IMSI in the EFS file stored by the wireless terminal device to initiate a registration request to the network to which the wireless terminal device belongs;
以及, 若无线终端设备所属网络拒绝注册, 且拒绝理由为所述 IMSI不 在归属位置寄存器中,则用于使用当前插入的 SIM卡的 IMSI替换所述 EFS 文件的第三标志文件中的 IMSI; 使用所述第一映射值替换所述 EFS文件的 第一标志文件中 IMEI与用户号码的映射值; 以及使用所述第二映射值替换 所述 EFS文件的第二标志文件中 IMSI与用户号码的映射值,并允许所述无 线终端设备被使用;  And, if the network to which the wireless terminal device belongs refuses to register, and the reason for the rejection is that the IMSI is not in the home location register, replacing the IMSI in the third flag file of the EFS file with the IMSI of the currently inserted SIM card; The first mapping value replaces a mapping value of an IMEI and a user number in the first flag file of the EFS file; and replacing the mapping between the IMSI and the user number in the second flag file of the EFS file by using the second mapping value Value and allow the wireless terminal device to be used;
若无线终端设备所属网络接受注册,或者拒绝注册理由非所述 IMSI不 在归属位置寄存器中, 则用于禁止所述无线终端设备被使用。  The wireless terminal device is prohibited from being used if the network to which the wireless terminal device belongs accepts registration, or if the reason for refusal to register is not that the IMSI is not in the home location register.
13、 一种无线终端设备解锁装置, 其特征在于, 包括:  A wireless terminal device unlocking device, comprising:
获取单元, 用于根据无线终端设备锁定的用户号码, 获取授权的携带 有用户号码的许可证 LICENCE文件;  An obtaining unit, configured to obtain an authorized license LICENCE file carrying the user number according to the user number locked by the wireless terminal device;
读取单元, 用于读取当前插入的 SIM卡中的用户号码; 号码相比较;  a reading unit, configured to read a user number in the currently inserted SIM card; the numbers are compared;
解锁 /拒绝解锁单元, 当所述比较单元的比较结果为一致时, 用于删除 所述无线终端设备预先存储的 IMEI与用户号码的映射值、当前插入的 SIM 卡的 IMSI与用户号码的映射值以及所述 IMSI; 否则, 拒绝解锁。  Unlocking/rejecting the unlocking unit, when the comparison result of the comparing unit is consistent, the mapping value of the IMEI and the user number pre-stored by the wireless terminal device, and the mapping value of the IMSI and the user number of the currently inserted SIM card are deleted. And the IMSI; otherwise, the unlock is denied.
PCT/CN2010/072017 2009-07-21 2010-04-21 Method for locking user number by wireless terminal, unlocking method and device thereof WO2011009315A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2009101599090A CN101616401B (en) 2009-07-21 2009-07-21 Method for realizing locking of user number by wireless terminal device, unlocking method and device
CN200910159909.0 2009-07-21

Publications (1)

Publication Number Publication Date
WO2011009315A1 true WO2011009315A1 (en) 2011-01-27

Family

ID=41495735

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/072017 WO2011009315A1 (en) 2009-07-21 2010-04-21 Method for locking user number by wireless terminal, unlocking method and device thereof

Country Status (2)

Country Link
CN (1) CN101616401B (en)
WO (1) WO2011009315A1 (en)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101616401B (en) * 2009-07-21 2011-12-07 中兴通讯股份有限公司 Method for realizing locking of user number by wireless terminal device, unlocking method and device
CN101820465A (en) * 2010-01-28 2010-09-01 中兴通讯股份有限公司 Terminal and method for binding SIM card
CN102469442B (en) * 2010-11-15 2014-05-07 中国移动通信集团山东有限公司 Method and device for determining service supported by user terminal
CN102594972B (en) * 2011-01-05 2015-01-28 中兴通讯股份有限公司 Method, device and system for card locking of mobile terminal
CN102088692B (en) * 2011-01-14 2013-09-11 华为终端有限公司 Method and equipment for locking subscriber identity module (SIM)
CN102149074B (en) * 2011-03-16 2015-10-28 中兴通讯股份有限公司 A kind of method that terminal and smart card are locked or unlock and device
CN103686706A (en) * 2012-09-14 2014-03-26 中兴通讯股份有限公司 User network information processing method and data card
CN103813314B (en) * 2012-11-09 2018-01-02 华为技术有限公司 Soft SIM card enables method and method of network entry and terminal and network access equipment
CN103856935B (en) * 2012-12-07 2017-11-21 中国移动通信集团公司 A kind of method for preventing soft SIM to be illegally used and its device
CN103577733A (en) * 2013-09-02 2014-02-12 小米科技有限责任公司 Safety protection method and device for terminal equipment and terminal equipment
CN104661211B (en) * 2013-11-18 2018-07-06 成都鼎桥通信技术有限公司 It is a kind of to automatically write the method for soft SIM information and terminal account-opening method in the terminal
CN104811969A (en) * 2014-01-28 2015-07-29 长城金点定位测控(北京)有限公司 Information handling method and data terminal
CN104469736B (en) * 2014-11-05 2018-01-19 中兴通讯股份有限公司 A kind of data processing method, server and terminal
CN104735251A (en) * 2015-03-17 2015-06-24 上海天奕达电子科技有限公司 Method and device for unlocking mobile terminals
CN105491554A (en) * 2015-12-10 2016-04-13 成都工百利自动化设备有限公司 Virtual SIM/USIM card security protection system
CN107666664B (en) * 2017-10-11 2021-04-20 深圳辉烨物联科技有限公司 Method, device, equipment and storage medium for machine-card binding
CN108040334B (en) * 2017-12-04 2020-04-07 Tcl移动通信科技(宁波)有限公司 Cell ID-based communication method, storage medium and mobile terminal
CN108024243B (en) * 2017-12-05 2019-06-21 恒宝股份有限公司 A kind of eSIM is caught in Network Communication method and its system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1469674A (en) * 2002-07-04 2004-01-21 ���Ͽع����޹�˾ Method for locking mobile telecommunication terminal
CN1717082A (en) * 2004-07-02 2006-01-04 乐金电子(中国)研究开发中心有限公司 Anti-theft method and system of mobile communication terminal
CN1750709A (en) * 2004-09-14 2006-03-22 乐金电子(中国)研究开发中心有限公司 Configuration information registration method for managing mobile communication terminal
CN1905604A (en) * 2005-05-20 2007-01-31 刘津立 Cell phone value increasing service scheme implemented by mutual coordination of cell phone interconnected services
CN101616401A (en) * 2009-07-21 2009-12-30 中兴通讯股份有限公司 Realize method, unlock method and the device of locking of user number by wireless terminal device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1469674A (en) * 2002-07-04 2004-01-21 ���Ͽع����޹�˾ Method for locking mobile telecommunication terminal
CN1717082A (en) * 2004-07-02 2006-01-04 乐金电子(中国)研究开发中心有限公司 Anti-theft method and system of mobile communication terminal
CN1750709A (en) * 2004-09-14 2006-03-22 乐金电子(中国)研究开发中心有限公司 Configuration information registration method for managing mobile communication terminal
CN1905604A (en) * 2005-05-20 2007-01-31 刘津立 Cell phone value increasing service scheme implemented by mutual coordination of cell phone interconnected services
CN101616401A (en) * 2009-07-21 2009-12-30 中兴通讯股份有限公司 Realize method, unlock method and the device of locking of user number by wireless terminal device

Also Published As

Publication number Publication date
CN101616401B (en) 2011-12-07
CN101616401A (en) 2009-12-30

Similar Documents

Publication Publication Date Title
WO2011009315A1 (en) Method for locking user number by wireless terminal, unlocking method and device thereof
US10149144B2 (en) Simulacrum of physical security device and methods
TWI416932B (en) Device bound flashing/booting for cloning prevention
US9686399B2 (en) Protection of a wireless communications device against unauthorized use
US20110271330A1 (en) Solutions for identifying legal user equipments in a communication network
US20070288752A1 (en) Secure removable memory element for mobile electronic device
EP2530964B1 (en) Method and device for terminal network locking
CN106230813B (en) Method for authenticating, authentication device and terminal
US20090007275A1 (en) Method and Apparatus for Protecting SIMLock Information in an Electronic Device
CN109895734B (en) Authorized Bluetooth key activation method and system, storage medium and T-BOX
WO2009094886A1 (en) Method for locking the application program
WO2012151785A1 (en) Built-in file encryption method for mobile terminal and mobile terminal
CN104519479B (en) A kind of method of terminal and its lock network and unlocking locked network
KR20090039684A (en) Portable telecommunication apparatus
WO2019109640A1 (en) Method and device for locking sim card
US20100299748A1 (en) Method for alteration of integrity protected data in a device, computer program product and device implementing the method
WO2010060242A1 (en) An authentication method for the mobile terminal and a system thereof
CN102075608A (en) Method and encryption chip used for encrypting mobile terminals, and mobile terminal
JP2011028522A (en) Host device, authentication method, and content processing method content processing system
WO2013182103A2 (en) Encryption and decryption terminal and encryption and decryption method applied to same
CN101860850A (en) Method for realizing mobile terminal to lock network or card by utilizing driver
WO2013185701A1 (en) Method and system for encrypting terminal using subscriber identity module card
WO2010133108A1 (en) Method, system and mobile terminal for retrieving flash data of a mobile terminal
KR100991658B1 (en) Door lock setting system using usim card and method thereof
US20060121882A1 (en) Desktop cellular phone having a SIM card with an encrypted SIM PIN

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10801875

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10801875

Country of ref document: EP

Kind code of ref document: A1