WO2013056522A1 - Device and method for realizing network-locking of mobile terminal - Google Patents

Device and method for realizing network-locking of mobile terminal Download PDF

Info

Publication number
WO2013056522A1
WO2013056522A1 PCT/CN2012/070498 CN2012070498W WO2013056522A1 WO 2013056522 A1 WO2013056522 A1 WO 2013056522A1 CN 2012070498 W CN2012070498 W CN 2012070498W WO 2013056522 A1 WO2013056522 A1 WO 2013056522A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile terminal
network
chip
encryption chip
function module
Prior art date
Application number
PCT/CN2012/070498
Other languages
French (fr)
Chinese (zh)
Inventor
林华
何经纬
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013056522A1 publication Critical patent/WO2013056522A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present invention relates to security technologies in the field of communications, and in particular, to an apparatus and method for implementing a mobile terminal lock network. Background technique
  • the methods of adopting software protection and locking network mainly include two types.
  • One method is that the mobile phone manufacturer adopts software encryption, for example, using some encryption algorithm pairs similar to Message Digest Algorithm MD5 (MD5). The program encrypts. This kind of algorithm consumes more resources and needs to be encrypted and decrypted every time. This will take too long.
  • Another method is: Combine with mobile platforms such as Qualcomm platform to carry out software.
  • Protection and lock network specifically, the chip serial number (chipid) of the main chip and the chipid of the flash memory (Flash) are bound, and a ciphertext is encrypted and placed in the flash. This method needs to be verified every time the computer is turned on. Similarly, it can also take too long. Regarding the method of software protection and lock network, no matter how powerful the software encryption algorithm is, there will be loopholes, and if there are loopholes, it will be cracked by hackers.
  • the main object of the present invention is to provide an apparatus and method for implementing a mobile terminal lock network, which can effectively implement a lock network and improve the security of the mobile terminal.
  • the present invention provides a device for implementing a network lock of a mobile terminal, the device comprising: a main chip of the mobile terminal and a function module of the mobile terminal, the device further comprising: an encryption chip;
  • the encryption chip is connected to the main chip of the mobile terminal, and is configured to cut off a function of the main chip of the mobile terminal and the mobile terminal when the network currently used by the mobile terminal is different from the network saved by the mobile terminal. Communication between.
  • the encryption chip is further configured to perform a network lock operation when determining that the network currently used by the mobile terminal is different from the network that is saved by itself.
  • the main chip of the mobile terminal is further configured to provide the encryption chip with the network currently used by the mobile terminal.
  • the device further includes: a SIM card;
  • the main chip of the mobile terminal is further configured to provide a network for the encryption chip to be used by the mobile terminal;
  • the SIM card is configured to provide the encryption chip with a network currently used by the mobile terminal.
  • the device further includes: a switch disposed between the main chip of the mobile terminal and a functional module of the mobile terminal, wherein a control end of the switch is connected to a pin of the encryption chip;
  • the encryption chip is specifically configured to: close the switch.
  • the switch is: a field effect transistor, or a triode, or an analog switch, or a relay.
  • the pin of the encryption chip is connected to the function module of the mobile terminal; when the communication between the main chip of the mobile terminal and the function module of the mobile terminal is disconnected, the encryption chip is specifically used for: The function module of the mobile terminal is closed.
  • the present invention also provides a method for implementing a mobile terminal lock network, the method comprising: adding an encryption chip to the mobile terminal;
  • the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
  • the method when determining that the network currently used by the mobile terminal is not the same as the network that is saved by itself, the method further includes:
  • the encryption chip performs a lock network operation.
  • the method before determining that the network currently used by the mobile terminal is different from the network saved by itself, the method further includes:
  • the encryption chip acquires a network currently used by the mobile terminal to the SIM card of the mobile terminal or the SIM card of the mobile terminal.
  • the determining that the network currently used by the mobile terminal is different from the network saved by itself is:
  • the encryption chip determines that the current mobile country code (MCC, Mobile Country Code) of the mobile terminal is different from the MCC saved by itself; or
  • the encryption chip determines that the current mobile network code (MNC, Mobile Network Code) of the mobile terminal is different from the MNC saved by itself; or
  • the encryption chip determines that the current Mobile Subscriber Identification Number (IMSI) of the mobile terminal is different from the IMSI saved by itself.
  • IMSI Mobile Subscriber Identification Number
  • the encryption chip turns off a switch disposed between a main chip of the mobile terminal and a function module of the mobile terminal;
  • the encryption chip turns off a functional module of the mobile terminal.
  • the switch that is disposed between the main chip of the mobile terminal and the functional module of the mobile terminal is:
  • the function module for turning off the mobile terminal is:
  • the encryption chip determines that the network currently used by the mobile terminal is different from the network saved by itself, and disconnects the communication between the main chip of the mobile terminal and the functional module of the mobile terminal, and cuts off After the communication between the main chip of the mobile terminal and the functional module of the mobile terminal, the user can no longer use the mobile terminal, so that the lock network can be effectively implemented, the security of the mobile terminal is improved, and the rights of the operator are protected.
  • the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal, the lock operation is further performed, so that the lock network can be further effectively realized.
  • FIG. 1 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to the present invention
  • FIG. 2 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to Embodiment 1;
  • FIG. 3 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to Embodiment 2;
  • FIG. 4 is a schematic flowchart of a method for implementing a mobile terminal lock network according to the present invention. detailed description
  • the device for implementing the mobile terminal lock network is as shown in FIG. 1.
  • the device includes: a main chip 11 of the mobile terminal, an encryption chip 12, and a function module 13 of the mobile terminal;
  • the encryption chip 12 is connected to the main chip 11 of the mobile terminal, and is configured to cut off communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal when the network currently used by the mobile terminal is different from the network saved by itself. .
  • the encryption chip 12 is further configured to perform a network lock operation when determining that the network currently used by the mobile terminal is different from the network that is saved by itself.
  • the encryption chip 12 can communicate with the main chip 11 of the mobile terminal by using an interface existing on the mobile terminal to acquire the network currently used by the mobile terminal; the encryption chip 12 can also be disposed on the main chip of the mobile terminal. 11 and the SIM card of the mobile terminal, if necessary, the network currently used by the mobile terminal can be obtained from the main chip 11 of the mobile terminal or the network currently used by the mobile terminal can be obtained from the SIM card; Yes: General Purpose Input/Output (GPIO), 2-wire serial bus (I2C, Inter-Integrated Circuit), parallel port, or serial port.
  • GPIO General Purpose Input/Output
  • I2C 2-wire serial bus
  • I2C Inter-Integrated Circuit
  • a switch may be added to the mobile terminal, the switch being disposed between the main chip 11 of the mobile terminal and the functional module 13 of the mobile terminal.
  • the control terminal of the switch is connected to the pin of the encryption chip 12. In this case, when the encryption chip 12 determines that the network currently used by the mobile terminal is different from the network saved by itself, the switch is turned off, thereby cutting off the master of the mobile terminal.
  • the communication between the chip 11 and the function module 13 of the mobile terminal in particular, the encryption chip 12 can be turned off by a power line or a control line, that is, to stop powering the switch, or output a control signal to turn off the switch; or, the encryption can be performed
  • the pin of the chip 13 is connected to the functional module 13 of the mobile terminal, in which case
  • the encryption chip 12 determines that the network currently used by the mobile terminal is different from the network saved by itself, the function module 13 of the mobile terminal is closed, thereby disconnecting the communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal, specifically
  • the encryption module 12 can be used to shut down the function module 13 of the mobile terminal through a power line or a control line, that is, to stop powering the function module 13 of the mobile terminal, or output a control signal to turn off the function module 13 of the mobile terminal; wherein, the switch Specifically, it can be: a field effect transistor, a triode, an analog switch, or a relay.
  • the encryption chip 12 of the present invention has a function of outputting power and an interface in addition to the function of the lock network.
  • the interface may specifically be a GPIO or the like.
  • the motherboard of the mobile terminal is required to provide power supply for the encryption chip 12.
  • the power supply it is necessary to ensure that the function of the encryption chip 12 is implemented earlier than the time of implementation of other modules of the mobile terminal. In other words, it is necessary to ensure that the power output of the encryption chip 12 is earlier than the power output of other modules of the mobile terminal, so that the normal operation timing of the mobile terminal can be ensured. Therefore, the power supply for the encryption chip is required to be powered on.
  • the power supply may be a power supply that supplies power to the Flash.
  • the function module 13 of the mobile terminal includes: Flash, liquid crystal display (LCD), keyboard, audio module, etc.; the specific composition of the function module 13 of the mobile terminal is common knowledge of those skilled in the art, and is not listed here. .
  • the device for implementing the mobile terminal lock network is as shown in FIG. 2.
  • the device includes: a main chip 11 of the mobile terminal, an encryption chip 12, a function module 13 of the mobile terminal, and an analog switch 24;
  • the main chip 11 of the mobile terminal is connected to the encryption chip 12, and the connection line between the two comprises: a data line, an address line and a control line; the main chip 11 of the mobile terminal is connected to the function module 13 of the mobile terminal through the analog switch 24. , how many functional modules are there, and how many simulations are there?
  • the connection line between the main chip 11 of the mobile terminal and the analog switch 24 includes: a data line, an address line, and a control line.
  • connection line between the switch 24 includes: a data line, an address line, and a control line.
  • connection line between the main chip 11 and the analog switch 24 of the mobile terminal includes: a row and column scan line, and for the audio module, the main body of the mobile terminal.
  • the connection line between the chip 11 and the analog switch 24 includes: an audio line, an address line, and a control line;
  • the control line and the power line of the encryption chip 12 are connected to the analog switch 24 for supplying power to the analog switch 24, and controlling the opening and closing of the analog switch 24;
  • the functional modules of the mobile terminal 13 include: i3 ⁇ 4sh, LCD, keyboard, audio module and other functional modules.
  • the mobile terminal system After the mobile terminal is powered on, the mobile terminal system is initialized, and the encryption chip 12 starts to work.
  • the encryption chip 12 communicates with the main chip 11 of the mobile terminal to acquire the network currently used by the mobile terminal, and saves the network currently used by the mobile terminal and itself.
  • the network compares, when it is determined that the network currently used by the mobile terminal is the same as the network saved by itself, the analog switch 24 is powered, and the analog switch 24 is turned on, so that the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal communicate normally.
  • the user normally uses the mobile terminal; when it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip 12 stops supplying power to the analog switch, or outputs a control signal to the analog switch to turn off the analog switch 24 or stop as an analog switch.
  • the power is supplied 24, thereby disconnecting the communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal, and the user can no longer use the mobile terminal.
  • the analog switch 24 cannot work normally, so that the master chip 11 of the mobile terminal and the function module 13 of the mobile terminal cannot be performed. Communication, the user can no longer use the mobile terminal, thereby achieving the purpose of locking the network more effectively and protecting the rights and interests of the operator.
  • the switch is a field effect transistor, a triode or a relay, etc.
  • the specific connection of the switch to the respective components is a conventional technical means by those skilled in the art.
  • the device for locking the network of the mobile terminal is implemented.
  • the device includes: a main chip 11 of the mobile terminal, an encryption chip 12, and a function module 13 of the mobile terminal;
  • the main chip 11 of the mobile terminal is connected to the encryption chip 12, and the connection line between the two comprises: a data line, an address line and a control line; the main chip 11 of the mobile terminal is connected with the function module 13 of the mobile terminal, according to the function module
  • the connection between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal is also different.
  • connection line between the main chip 11 and the flash of the mobile terminal includes: a data line, an address The line and the control line
  • the connection line between the main chip 11 and the LCD of the mobile terminal includes: a data line, an address line, and a control line
  • the connection line between the main chip 11 of the mobile terminal and the keyboard module includes: a row and column scan line
  • the connection line between the main chip 11 and the audio module of the mobile terminal includes: an audio line, an address line, and a control line
  • the control line and the power line of the encryption chip 12 are both connected to the function module 13 of the mobile terminal, and are used for moving
  • the function module 13 of the terminal supplies power and controls the opening and closing of the function module 13 of the mobile terminal.
  • the mobile terminal system After the mobile terminal is powered on, the mobile terminal system is initialized, and the encryption chip 12 starts to work.
  • the encryption chip 12 communicates with the main chip 11 of the mobile terminal to acquire the network currently used by the mobile terminal, and saves the network currently used by the mobile terminal and itself.
  • the network compares, when it is determined that the network currently used by the mobile terminal is the same as the network saved by itself, the power module 13 of the mobile terminal is powered, and the function module 13 of the mobile terminal is opened, so that the main chip 11 of the mobile terminal and the mobile terminal
  • the function module 13 communicates normally, the user normally uses the mobile terminal; when it is determined to move
  • the encryption chip 12 stops supplying power to the function module 13 of the mobile terminal, or outputs a control signal to the function module 13 of the mobile terminal to close the function module 13 of the mobile terminal or stop
  • the function module 13 of the mobile terminal supplies power, thereby disconnecting the communication between the master chip 11 of the mobile terminal and the function module 13 of the mobile terminal, and the user can no longer use the mobile terminal.
  • the function module 13 of the mobile terminal cannot work normally, so that communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal is impossible, and the user can no longer use the mobile terminal. Therefore, the purpose of the lock network is more effectively achieved, and the rights and interests of the operators are protected.
  • the present invention further provides a method for implementing a network lock of a mobile terminal. As shown in FIG. 4, the method includes the following steps:
  • Step 400 Add an encryption chip to the mobile terminal
  • Step 401 When it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
  • the method may further include: when determining that the network currently used by the mobile terminal is different from the network that is saved by itself;
  • the encryption chip performs a lock network operation.
  • the method may further include:
  • the encryption chip acquires a network currently used by the mobile terminal to the SIM card of the master chip or the mobile terminal.
  • the determining that the network currently used by the mobile terminal is different from the network that is saved by the mobile terminal is specifically: the encryption chip determines that the current MCC of the mobile terminal is different from the MCC saved by itself; or
  • the encryption chip determines that the current MNC of the mobile terminal is different from the MNC saved by itself; or,
  • the encryption chip determines that the current IMSI of the mobile terminal is different from the IMSI saved by itself.
  • the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is specifically:
  • the encryption chip turns off a switch disposed between a main chip of the mobile terminal and a function module of the mobile terminal;
  • the encryption chip turns off a functional module of the mobile terminal.
  • the switch that is disposed between the main chip of the mobile terminal and the function module of the mobile terminal is specifically:
  • the function module for turning off the mobile terminal is specifically:
  • the software of the mobile terminal cannot modify the information in the encryption chip.
  • the main chip and the computer of the encryption chip or the mobile terminal need to be passed.
  • the communication interface is connected, and the computer can obtain the information in the encrypted information after being authenticated by the dongle; further, when it is required to write information in the encryption chip, or when the information in the encryption chip needs to be erased Authorization is required.
  • the encryption chip can be erased and written to the information under the premise of authorization.
  • the communication interface may specifically be: a universal serial bus (USB, Universal Serial BUS), or RS232, etc., and the dongle can be connected to the computer through the USB.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

Provided is a device for realizing network-locking of a mobile terminal. The device includes: a main chip of a mobile terminal, an encrypted chip and a function module of the mobile terminal. The encrypted chip is connected to the main chip of the mobile terminal and used for determining to cut off the communication between the main chip of the mobile terminal and the function module of the mobile terminal when the network currently used by the mobile terminal and the network stored thereby are different. At the same time disclosed is a method for realizing network-locking of a mobile terminal. By employing the device and method in the present invention, after the communication between the main chip of the mobile terminal and the function module of the mobile terminal is cut off, the user cannot use the mobile terminal again, whereby network-locking can be realized effectively, improving the security of the mobile terminal and protecting the rights and interests of the operators.

Description

一种实现移动终端锁网的装置及方法 技术领域  Device and method for realizing mobile terminal lock network
本发明涉及通信领域的安全技术, 特别涉及一种实现移动终端锁网的 装置及方法。 背景技术  The present invention relates to security technologies in the field of communications, and in particular, to an apparatus and method for implementing a mobile terminal lock network. Background technique
目前, 随着移动终端市场的迅速发展, 手机终端已经成为大部分人不 可或缺的生活工具, 手机终端的市场蓬勃发展。  At present, with the rapid development of the mobile terminal market, mobile terminals have become an indispensable tool for most people, and the market for mobile terminals is booming.
在市场竟争中, 各个运营商为了吸引更多的客户, 一般多采用补贴甚 至送手机终端的方式来争取客户, 在这种情况下, 为了最终保护运营商自 身的利益, 一般会采用软件保护及锁网的方式, 使手机用户不能用在其它 运营商的网络上。 其中, 采用软件保护及锁网的方法主要包括两种, 一种 方法是手机厂家采用软件加密的方式, 比如利用一些类似于消息摘要算法 第五版(MD5 , Message Digest Algorithm MD5 ) 的加密算法对程序进行加 密, 这类算法耗费的资源比较多, 并且每次都需要进行加密和解密, 如此, 会造成耗时过长; 另一种方法是: 与手机平台比如高通平台等结合起来, 进行软件保护及锁网, 具体地, 将主芯片的芯片序列号 (chipid )及闪存 ( Flash )的 chipid, 绑定后加密出一个密文放置到 Flash中, 这种方法每次 开机都需要做校验, 同样, 也会造成耗时过长。 对于采用软件保护及锁网 的方法, 无论软件加密的算法多么强大, 都会存在漏洞, 只要有漏洞, 就 会被黑客破解。  In the market competition, in order to attract more customers, each operator generally uses subsidies or even sends mobile terminals to win customers. In this case, in order to ultimately protect the interests of operators, software protection is generally adopted. And the way of locking the network, so that mobile phone users can not be used on the network of other operators. Among them, the methods of adopting software protection and locking network mainly include two types. One method is that the mobile phone manufacturer adopts software encryption, for example, using some encryption algorithm pairs similar to Message Digest Algorithm MD5 (MD5). The program encrypts. This kind of algorithm consumes more resources and needs to be encrypted and decrypted every time. This will take too long. Another method is: Combine with mobile platforms such as Qualcomm platform to carry out software. Protection and lock network, specifically, the chip serial number (chipid) of the main chip and the chipid of the flash memory (Flash) are bound, and a ciphertext is encrypted and placed in the flash. This method needs to be verified every time the computer is turned on. Similarly, it can also take too long. Regarding the method of software protection and lock network, no matter how powerful the software encryption algorithm is, there will be loopholes, and if there are loopholes, it will be cracked by hackers.
因此, 为了解决上述问题, 提出了一种采用硬件锁网的技术方案, 具 体地, 在手机主板上增加一个加密芯片, 以监控手机的中央处理器(CPU, Central Processing Unit )和用户识另 ll模块 ( SIM, Subscriber Identity Module ) 卡通讯, 从而保证锁网的实现。 但是, 这种硬件锁网的方法依然存在着一 定的风险, 比如: 黑客可以直接将加密芯片去除, 这样, 会造成整个锁网 系统失效, 从而不能实现有效地锁网。 发明内容 Therefore, in order to solve the above problem, a technical solution using a hardware lock network is proposed. Specifically, an encryption chip is added to the mobile phone motherboard to monitor the central processing unit (CPU, Central Processing Unit) of the mobile phone and the user. Module (SIM, Subscriber Identity Module) Card communication, thus ensuring the realization of the lock network. However, this method of hardware lock network still has certain risks, for example: The hacker can directly remove the encryption chip, which will cause the entire lock network system to fail, thereby failing to effectively lock the network. Summary of the invention
有鉴于此, 本发明的主要目的在于提供一种实现移动终端锁网的装置 及方法, 能够有效地实现锁网, 提高了移动终端的安全性。  In view of this, the main object of the present invention is to provide an apparatus and method for implementing a mobile terminal lock network, which can effectively implement a lock network and improve the security of the mobile terminal.
为达到上述目的, 本发明的技术方案是这样实现的:  In order to achieve the above object, the technical solution of the present invention is achieved as follows:
本发明提供了一种实现移动终端锁网的装置, 该装置包括: 移动终端 的主芯片及移动终端的功能模块, 该装置还包括: 加密芯片; 其中,  The present invention provides a device for implementing a network lock of a mobile terminal, the device comprising: a main chip of the mobile terminal and a function module of the mobile terminal, the device further comprising: an encryption chip;
所述加密芯片, 与所述移动终端的主芯片相连接, 用于确定移动终端 当前使用的网络与自身保存的网络不相同时, 切断所述移动终端的主芯片 与所述移动终端的功能模块之间的通信。  The encryption chip is connected to the main chip of the mobile terminal, and is configured to cut off a function of the main chip of the mobile terminal and the mobile terminal when the network currently used by the mobile terminal is different from the network saved by the mobile terminal. Communication between.
上述方案中, 所述加密芯片, 在确定移动终端当前使用的网络与自身 保存的网络不相同时, 还用于进行锁网操作。  In the above solution, the encryption chip is further configured to perform a network lock operation when determining that the network currently used by the mobile terminal is different from the network that is saved by itself.
上述方案中, 所述移动终端的主芯片, 还用于为加密芯片提供所述移 动终端当前使用的网络。  In the above solution, the main chip of the mobile terminal is further configured to provide the encryption chip with the network currently used by the mobile terminal.
上述方案中, 该装置进一步包括: SIM卡;  In the above solution, the device further includes: a SIM card;
所述移动终端的主芯片, 还用于为加密芯片提供所述移动终端当前使 用的网络; 或者,  The main chip of the mobile terminal is further configured to provide a network for the encryption chip to be used by the mobile terminal; or
SIM卡, 用于为加密芯片提供所述移动终端当前使用的网络。  The SIM card is configured to provide the encryption chip with a network currently used by the mobile terminal.
上述方案中, 该装置进一步包括: 开关, 设置于所述移动终端的主芯 片与所述移动终端的功能模块之间, 所述开关的控制端与所述加密芯片的 引脚相连接;  In the above solution, the device further includes: a switch disposed between the main chip of the mobile terminal and a functional module of the mobile terminal, wherein a control end of the switch is connected to a pin of the encryption chip;
在切断移动终端的主芯片与移动终端的功能模块之间的通信时, 所述 加密芯片, 具体用于: 关闭开关。 上述方案中, 所述开关为: 场效应晶体管、 或为三极管、 或为模拟开 关、 或为继电器。 When the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is cut off, the encryption chip is specifically configured to: close the switch. In the above solution, the switch is: a field effect transistor, or a triode, or an analog switch, or a relay.
上述方案中, 所述加密芯片的引脚与所述移动终端的功能模块相连接; 在切断移动终端的主芯片与移动终端的功能模块之间的通信时, 所述 加密芯片, 具体用于: 关闭所述移动终端的功能模块。  In the above solution, the pin of the encryption chip is connected to the function module of the mobile terminal; when the communication between the main chip of the mobile terminal and the function module of the mobile terminal is disconnected, the encryption chip is specifically used for: The function module of the mobile terminal is closed.
本发明还提供了一种实现移动终端锁网的方法, 该方法包括: 在移动终端中增设加密芯片;  The present invention also provides a method for implementing a mobile terminal lock network, the method comprising: adding an encryption chip to the mobile terminal;
确定所述移动终端当前使用的网络与自身保存的网络不相同时, 加密 芯片切断移动终端的主芯片与移动终端的功能模块之间的通信。  When it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
上述方案中, 在确定移动终端当前使用的网络与自身保存的网络不相 同时, 该方法进一步包括:  In the above solution, when determining that the network currently used by the mobile terminal is not the same as the network that is saved by itself, the method further includes:
所述加密芯片进行锁网操作。  The encryption chip performs a lock network operation.
上述方案中, 在确定移动终端当前使用的网络与自身保存的网络不相 同之前, 该方法进一步包括:  In the foregoing solution, before determining that the network currently used by the mobile terminal is different from the network saved by itself, the method further includes:
所述加密芯片向所述移动终端的主芯片或移动终端的 SIM卡获取移动 终端当前使用的网络。  The encryption chip acquires a network currently used by the mobile terminal to the SIM card of the mobile terminal or the SIM card of the mobile terminal.
上述方案中, 所述确定所述移动终端当前使用的网络与自身保存的网 络不相同, 为:  In the above solution, the determining that the network currently used by the mobile terminal is different from the network saved by itself is:
所述加密芯片确定所述移动终端当前的移动国家号码(MCC, Mobile Country Code )与自身保存的 MCC不相同; 或者,  The encryption chip determines that the current mobile country code (MCC, Mobile Country Code) of the mobile terminal is different from the MCC saved by itself; or
所述加密芯片确定所述移动终端当前的移动网络号码( MNC, Mobile Network Code )与自身保存的 MNC不相同; 或者,  The encryption chip determines that the current mobile network code (MNC, Mobile Network Code) of the mobile terminal is different from the MNC saved by itself; or
加密芯片确定所述移动终端当前的国际移动用户识别码 ( IMSI , International Mobile Subscriber Identification Number )与自身保存的 IMSI不 相同。 上述方案中, 所述切断移动终端的主芯片与移动终端的功能模块之间 的通信, 为: The encryption chip determines that the current Mobile Subscriber Identification Number (IMSI) of the mobile terminal is different from the IMSI saved by itself. In the above solution, the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is:
所述加密芯片关闭设置于所述移动终端的主芯片与所述移动终端的功 能模块之间的开关; 或者,  The encryption chip turns off a switch disposed between a main chip of the mobile terminal and a function module of the mobile terminal; or
所述加密芯片关闭所述移动终端的功能模块。  The encryption chip turns off a functional module of the mobile terminal.
上述方案中, 所述关闭设置于所述移动终端的主芯片与所述移动终端 的功能模块之间的开关, 为:  In the above solution, the switch that is disposed between the main chip of the mobile terminal and the functional module of the mobile terminal is:
停止为所述开关供电、 或向所述开关输出控制信号, 以关闭所述开关; 所述关闭所述移动终端的功能模块, 为:  Stopping powering the switch, or outputting a control signal to the switch to turn off the switch; the function module for turning off the mobile terminal is:
停止为所述移动终端的功能模块供电、 或向所述移动终端的功能模块 输出控制信号, 以关闭所述移动终端的功能模块。  Stopping powering the function module of the mobile terminal or outputting a control signal to the function module of the mobile terminal to close the function module of the mobile terminal.
本发明提供的实现移动终端锁网的装置及方法, 加密芯片确定移动终 端当前使用的网络与自身保存的网络不相同时, 切断移动终端的主芯片与 移动终端的功能模块之间的通信, 切断移动终端的主芯片与移动终端的功 能模块之间的通信后, 用户无法再使用移动终端, 如此, 能有效地实现锁 网, 提高了移动终端的安全性, 保护了运营商的权益。  The device and the method for implementing the mobile terminal lock network provided by the present invention, the encryption chip determines that the network currently used by the mobile terminal is different from the network saved by itself, and disconnects the communication between the main chip of the mobile terminal and the functional module of the mobile terminal, and cuts off After the communication between the main chip of the mobile terminal and the functional module of the mobile terminal, the user can no longer use the mobile terminal, so that the lock network can be effectively implemented, the security of the mobile terminal is improved, and the rights of the operator are protected.
另外, 加密芯片在切断移动终端的主芯片与移动终端的功能模块之间 的通信时, 进一步进行锁网操作, 如此, 能进一步有效地实现锁网。  Further, when the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal, the lock operation is further performed, so that the lock network can be further effectively realized.
当加密芯片被拆除或关闭电源后, 由于移动终端的主芯片与移动终端 的功能模块之间的通信同样会被切断, 移动终端无法正常工作, 如此, 能 进一步有效地实现锁网。 附图说明  After the encryption chip is removed or the power is turned off, since the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is also cut off, the mobile terminal cannot work normally, and thus the lock network can be further effectively realized. DRAWINGS
图 1为本发明实现移动终端锁网的装置结构示意图;  1 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to the present invention;
图 2为实施例一实现移动终端锁网的装置结构示意图;  2 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to Embodiment 1;
图 3为实施例二实现移动终端锁网的装置结构示意图; 图 4为本发明实现移动终端锁网的方法流程示意图。 具体实施方式 3 is a schematic structural diagram of an apparatus for implementing a mobile terminal lock network according to Embodiment 2; FIG. 4 is a schematic flowchart of a method for implementing a mobile terminal lock network according to the present invention. detailed description
下面结合附图及具体实施例对本发明再作进一步详细的说明。  The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.
本发明实现移动终端锁网的装置, 如图 1所示, 该装置包括: 移动终 端的主芯片 11、 加密芯片 12、 以及移动终端的功能模块 13; 其中,  The device for implementing the mobile terminal lock network is as shown in FIG. 1. The device includes: a main chip 11 of the mobile terminal, an encryption chip 12, and a function module 13 of the mobile terminal;
加密芯片 12, 与移动终端的主芯片 11相连接, 用于确定移动终端当前 使用的网络与自身保存的网络不相同时, 切断移动终端的主芯片 11与移动 终端的功能模块 13之间的通信。  The encryption chip 12 is connected to the main chip 11 of the mobile terminal, and is configured to cut off communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal when the network currently used by the mobile terminal is different from the network saved by itself. .
其中, 所述加密芯片 12, 在确定移动终端当前使用的网络与自身保存 的网络不相同时, 还用于进行锁网操作。  The encryption chip 12 is further configured to perform a network lock operation when determining that the network currently used by the mobile terminal is different from the network that is saved by itself.
在进行锁网操作之前, 加密芯片 12可以利用移动终端上已有的接口与 移动终端的主芯片 11进行通信, 以获取移动终端当前使用的网络; 加密芯 片 12还可以设置在移动终端的主芯片 11及移动终端的 SIM卡之间, 根据 需要, 可以向移动终端的主芯片 11获取移动终端当前使用的网络或向 SIM 卡获取移动终端当前使用的网络; 这里, 所述已有的接口具体可以是: 通 用输入 /输出( GPIO , General Purpose Input Output )、 两线式串行总线( I2C , Inter-Integrated Circuit )、 并口、 或串口等。  Before performing the lock operation, the encryption chip 12 can communicate with the main chip 11 of the mobile terminal by using an interface existing on the mobile terminal to acquire the network currently used by the mobile terminal; the encryption chip 12 can also be disposed on the main chip of the mobile terminal. 11 and the SIM card of the mobile terminal, if necessary, the network currently used by the mobile terminal can be obtained from the main chip 11 of the mobile terminal or the network currently used by the mobile terminal can be obtained from the SIM card; Yes: General Purpose Input/Output (GPIO), 2-wire serial bus (I2C, Inter-Integrated Circuit), parallel port, or serial port.
为了切换移动终端的主芯片 11与移动终端的功能模块 13之间的通信, 可以在移动终端中增设开关, 所述开关设置于移动终端的主芯片 11与移动 终端的功能模块 13之间, 所述开关的控制端与加密芯片 12的引脚相连接, 在这种情况下, 当加密芯片 12确定移动终端当前使用的网络与自身保存的 网络不相同时, 关闭开关, 从而切断移动终端的主芯片 11与移动终端的功 能模块 13之间的通信, 具体地, 加密芯片 12可以通过电源线或控制线关 闭开关, 即: 停止为开关供电、 或输出控制信号以关闭开关; 或者, 可以 将加密芯片 13的引脚与移动终端的功能模块 13相连接, 在这种情况下, 当加密芯片 12确定移动终端当前使用的网络与自身保存的网络不相同时, 会关闭移动终端的功能模块 13,从而切断移动终端的主芯片 11与移动终端 的功能模块 13之间的通信, 具体地, 加密芯片 12可以通过电源线或控制 线关闭移动终端的功能模块 13, 即: 停止为移动终端的功能模块 13供电、 或输出控制信号以关闭移动终端的功能模块 13; 其中, 所述开关具体可以 是: 场效应晶体管、 三极管、 模拟开关、 或继电器等。 In order to switch the communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal, a switch may be added to the mobile terminal, the switch being disposed between the main chip 11 of the mobile terminal and the functional module 13 of the mobile terminal. The control terminal of the switch is connected to the pin of the encryption chip 12. In this case, when the encryption chip 12 determines that the network currently used by the mobile terminal is different from the network saved by itself, the switch is turned off, thereby cutting off the master of the mobile terminal. The communication between the chip 11 and the function module 13 of the mobile terminal, in particular, the encryption chip 12 can be turned off by a power line or a control line, that is, to stop powering the switch, or output a control signal to turn off the switch; or, the encryption can be performed The pin of the chip 13 is connected to the functional module 13 of the mobile terminal, in which case When the encryption chip 12 determines that the network currently used by the mobile terminal is different from the network saved by itself, the function module 13 of the mobile terminal is closed, thereby disconnecting the communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal, specifically The encryption module 12 can be used to shut down the function module 13 of the mobile terminal through a power line or a control line, that is, to stop powering the function module 13 of the mobile terminal, or output a control signal to turn off the function module 13 of the mobile terminal; wherein, the switch Specifically, it can be: a field effect transistor, a triode, an analog switch, or a relay.
从上面的描述中可以看出,本发明的加密芯片 12除了具有锁网功能夕卜, 还具有输出电源及接口的功能; 其中, 所述接口具体可以是 GPIO等。  As can be seen from the above description, the encryption chip 12 of the present invention has a function of outputting power and an interface in addition to the function of the lock network. The interface may specifically be a GPIO or the like.
为了实现加密芯片 12的功能, 需要移动终端的主板为加密芯片 12提 供供电电源, 在选择供电电源时, 要保证加密芯片 12的功能实现的时间早 于移动终端的其它模块的功能实现的时间, 换句话说, 要保证加密芯片 12 的电源输出早于移动终端的其它模块的电源输出, 这样, 才能保证移动终 端的正常的工作时序, 因此, 就要求为加密芯片供电的电源在开机时就能 供电; 所述供电电源具体可以是为 Flash提供电源的电源。  In order to realize the function of the encryption chip 12, the motherboard of the mobile terminal is required to provide power supply for the encryption chip 12. When the power supply is selected, it is necessary to ensure that the function of the encryption chip 12 is implemented earlier than the time of implementation of other modules of the mobile terminal. In other words, it is necessary to ensure that the power output of the encryption chip 12 is earlier than the power output of other modules of the mobile terminal, so that the normal operation timing of the mobile terminal can be ensured. Therefore, the power supply for the encryption chip is required to be powered on. The power supply may be a power supply that supplies power to the Flash.
移动终端的功能模块 13包括: Flash、液晶显示器(LCD, Liquid Crystal Display ), 键盘、 音频模块等; 移动终端的功能模块 13的具体组成为本领 域技术人员的公知常识, 这里不再——列举。  The function module 13 of the mobile terminal includes: Flash, liquid crystal display (LCD), keyboard, audio module, etc.; the specific composition of the function module 13 of the mobile terminal is common knowledge of those skilled in the art, and is not listed here. .
下面结合实施例对本发明再作进一步详细的描述。  The present invention will be further described in detail below with reference to the embodiments.
实施例一  Embodiment 1
本实施例实现移动终端锁网的装置, 如图 2所示, 该装置包括: 移动 终端的主芯片 11、 加密芯片 12、 移动终端的功能模块 13、 以及模拟开关 24; 其中,  The device for implementing the mobile terminal lock network is as shown in FIG. 2. The device includes: a main chip 11 of the mobile terminal, an encryption chip 12, a function module 13 of the mobile terminal, and an analog switch 24;
移动终端的主芯片 11与加密芯片 12相连接, 二者之间的连接线包括: 数据线、 地址线以及控制线; 移动终端的主芯片 11通过模拟开关 24与移 动终端的功能模块 13相连接, 有多少个功能模块, 则相应的有多少个模拟 开关 24,换句话说,每个功能模块均通过一个模拟开关 24与移动终端的主 芯片 11相连接, 在移动终端的主芯片 11与模拟开关 24的连接侧, 根据功 能模块的不同, 连接线也有所不同, 举个例子来说, 对于 Flash, 移动终端 的主芯片 11与模拟开关 24之间的连接线包括: 数据线、 地址线以及控制 线, 对于 LCD, 移动终端的主芯片 11与模拟开关 24之间的连接线包括: 数据线、 地址线以及控制线, 对于键盘, 移动终端的主芯片 11与模拟开关 24之间的连接线包括: 行列扫描线, 对于音频模块, 移动终端的主芯片 11 与模拟开关 24之间的连接线包括: 音频线、 地址线以及控制线; The main chip 11 of the mobile terminal is connected to the encryption chip 12, and the connection line between the two comprises: a data line, an address line and a control line; the main chip 11 of the mobile terminal is connected to the function module 13 of the mobile terminal through the analog switch 24. , how many functional modules are there, and how many simulations are there? The switch 24, in other words, each functional module is connected to the main chip 11 of the mobile terminal through an analog switch 24, on the connection side of the main chip 11 and the analog switch 24 of the mobile terminal, according to different functional modules, the connecting line For example, for Flash, the connection line between the main chip 11 of the mobile terminal and the analog switch 24 includes: a data line, an address line, and a control line. For the LCD, the main chip 11 of the mobile terminal and the simulation The connection line between the switch 24 includes: a data line, an address line, and a control line. For the keyboard, the connection line between the main chip 11 and the analog switch 24 of the mobile terminal includes: a row and column scan line, and for the audio module, the main body of the mobile terminal The connection line between the chip 11 and the analog switch 24 includes: an audio line, an address line, and a control line;
加密芯片 12的控制线及电源线均与模拟开关 24相连接, 用于为模拟 开关 24供电, 并控制模拟开关 24的开启及关闭;  The control line and the power line of the encryption chip 12 are connected to the analog switch 24 for supplying power to the analog switch 24, and controlling the opening and closing of the analog switch 24;
移动终端的功能模块 13包括: i¾sh、 LCD, 键盘、 音频模块以及其它 功能模块。  The functional modules of the mobile terminal 13 include: i3⁄4sh, LCD, keyboard, audio module and other functional modules.
下面详述本实施例提供的装置的工作流程。  The workflow of the apparatus provided in this embodiment will be described in detail below.
移动终端开机后, 初始化移动终端系统, 加密芯片 12开始工作, 加密 芯片 12通过与移动终端的主芯片 11进行通信, 获取到移动终端当前使用 的网络, 将移动终端当前使用的网络与自身保存的网络进行比较, 当确定 移动终端当前使用的网络与自身保存的网络相同时,则为模拟开关 24供电, 并打开模拟开关 24, 使得移动终端的主芯片 11与移动终端的功能模块 13 正常通信, 用户正常使用移动终端; 当确定移动终端当前使用的网络与自 身保存的网络不相同时, 加密芯片 12停止为模拟开关供电、 或向模拟开关 输出控制信号, 以关闭模拟开关 24或停止为模拟开关 24供电, 从而切断 移动终端的主芯片 11与移动终端的功能模块 13之间的通信, 用户无法再 使用移动终端。  After the mobile terminal is powered on, the mobile terminal system is initialized, and the encryption chip 12 starts to work. The encryption chip 12 communicates with the main chip 11 of the mobile terminal to acquire the network currently used by the mobile terminal, and saves the network currently used by the mobile terminal and itself. The network compares, when it is determined that the network currently used by the mobile terminal is the same as the network saved by itself, the analog switch 24 is powered, and the analog switch 24 is turned on, so that the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal communicate normally. The user normally uses the mobile terminal; when it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip 12 stops supplying power to the analog switch, or outputs a control signal to the analog switch to turn off the analog switch 24 or stop as an analog switch. The power is supplied 24, thereby disconnecting the communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal, and the user can no longer use the mobile terminal.
另外, 当加密芯片 12被拆除或关闭电源后, 则模拟开关 24无法正常 工作, 使得移动终端的主芯片 11与移动终端的功能模块 13之间无法进行 通信, 用户无法再使用移动终端, 从而更加有效地达到了锁网的目的, 保 护了运营商的权益。 In addition, after the encryption chip 12 is removed or the power is turned off, the analog switch 24 cannot work normally, so that the master chip 11 of the mobile terminal and the function module 13 of the mobile terminal cannot be performed. Communication, the user can no longer use the mobile terminal, thereby achieving the purpose of locking the network more effectively and protecting the rights and interests of the operator.
这里, 应当理解: 当开关为场效应晶体管、 三极管或继电器等时, 开关与各个部件的具体连接属于本领域技术人员的惯用技术手段。  Here, it should be understood that when the switch is a field effect transistor, a triode or a relay, etc., the specific connection of the switch to the respective components is a conventional technical means by those skilled in the art.
实施例二  Embodiment 2
本实施例实现移动终端锁网的装置, 如图 3 所示, 该装置包括: 移动 终端的主芯片 11、 加密芯片 12、 以及移动终端的功能模块 13; 其中,  In this embodiment, the device for locking the network of the mobile terminal is implemented. As shown in FIG. 3, the device includes: a main chip 11 of the mobile terminal, an encryption chip 12, and a function module 13 of the mobile terminal;
移动终端的主芯片 11与加密芯片 12相连接, 二者之间的连接线包括: 数据线、 地址线以及控制线; 移动终端的主芯片 11与移动终端的功能模块 13相连接, 根据功能模块的不同, 移动终端的主芯片 11与移动终端的功能 模块 13之间的连接线也有所不同, 举个例子来说, 移动终端的主芯片 11 与 Flash之间的连接线包括: 数据线、 地址线以及控制线, 移动终端的主芯 片 11与 LCD之间的连接线包括: 数据线、 地址线以及控制线, 移动终端 的主芯片 11与键盘模之间的连接线包括: 行列扫描线, 对于, 移动终端的 主芯片 11与音频模块之间的连接线包括: 音频线、 地址线以及控制线; 加密芯片 12的控制线及电源线均与移动终端的功能模块 13相连接, 用于为移动终端的功能模块 13供电, 并控制移动终端的功能模块 13的 开启及关闭。  The main chip 11 of the mobile terminal is connected to the encryption chip 12, and the connection line between the two comprises: a data line, an address line and a control line; the main chip 11 of the mobile terminal is connected with the function module 13 of the mobile terminal, according to the function module The connection between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal is also different. For example, the connection line between the main chip 11 and the flash of the mobile terminal includes: a data line, an address The line and the control line, the connection line between the main chip 11 and the LCD of the mobile terminal includes: a data line, an address line, and a control line, and the connection line between the main chip 11 of the mobile terminal and the keyboard module includes: a row and column scan line, The connection line between the main chip 11 and the audio module of the mobile terminal includes: an audio line, an address line, and a control line; the control line and the power line of the encryption chip 12 are both connected to the function module 13 of the mobile terminal, and are used for moving The function module 13 of the terminal supplies power and controls the opening and closing of the function module 13 of the mobile terminal.
下面详述本实施例提供的装置的工作流程。  The workflow of the apparatus provided in this embodiment will be described in detail below.
移动终端开机后, 初始化移动终端系统, 加密芯片 12开始工作, 加密 芯片 12通过与移动终端的主芯片 11进行通信, 获取到移动终端当前使用 的网络, 将移动终端当前使用的网络与自身保存的网络进行比较, 当确定 移动终端当前使用的网络与自身保存的网络相同时, 则为移动终端的功能 模块 13供电, 并打开移动终端的功能模块 13, 使得移动终端的主芯片 11 与移动终端的功能模块 13正常通信, 用户正常使用移动终端; 当确定移动 终端当前使用的网络与自身保存的网络不相同时, 加密芯片 12停止为移动 终端的功能模块 13供电、 或向移动终端的功能模块 13输出控制信号, 以 关闭移动终端的功能模块 13或停止为移动终端的功能模块 13供电, 从而 切断移动终端的主芯片 11与移动终端的功能模块 13之间的通信, 用户无 法再使用移动终端。 After the mobile terminal is powered on, the mobile terminal system is initialized, and the encryption chip 12 starts to work. The encryption chip 12 communicates with the main chip 11 of the mobile terminal to acquire the network currently used by the mobile terminal, and saves the network currently used by the mobile terminal and itself. The network compares, when it is determined that the network currently used by the mobile terminal is the same as the network saved by itself, the power module 13 of the mobile terminal is powered, and the function module 13 of the mobile terminal is opened, so that the main chip 11 of the mobile terminal and the mobile terminal The function module 13 communicates normally, the user normally uses the mobile terminal; when it is determined to move When the network currently used by the terminal is different from the network saved by itself, the encryption chip 12 stops supplying power to the function module 13 of the mobile terminal, or outputs a control signal to the function module 13 of the mobile terminal to close the function module 13 of the mobile terminal or stop The function module 13 of the mobile terminal supplies power, thereby disconnecting the communication between the master chip 11 of the mobile terminal and the function module 13 of the mobile terminal, and the user can no longer use the mobile terminal.
另外, 当加密芯片 12被拆除或关闭电源后, 则移动终端的功能模块 13 无法正常工作, 使得移动终端的主芯片 11与移动终端的功能模块 13之间 无法进行通信, 用户无法再使用移动终端, 从而更加有效地达到了锁网的 目的, 保护了运营商的权益。  In addition, after the encryption chip 12 is removed or powered off, the function module 13 of the mobile terminal cannot work normally, so that communication between the main chip 11 of the mobile terminal and the function module 13 of the mobile terminal is impossible, and the user can no longer use the mobile terminal. Therefore, the purpose of the lock network is more effectively achieved, and the rights and interests of the operators are protected.
基于上述装置, 本发明还提供了一种实现移动终端锁网的方法,如图 4 所示, 该方法包括以下步驟:  Based on the foregoing apparatus, the present invention further provides a method for implementing a network lock of a mobile terminal. As shown in FIG. 4, the method includes the following steps:
步驟 400: 在移动终端中增设加密芯片;  Step 400: Add an encryption chip to the mobile terminal;
步驟 401: 确定移动终端当前使用的网络与自身保存的网络不相同时, 加密芯片切断移动终端的主芯片与移动终端的功能模块之间的通信。  Step 401: When it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
其中, 在确定移动终端当前使用的网络与自身保存的网络不相同时, 该方法还可以进一步包括:  The method may further include: when determining that the network currently used by the mobile terminal is different from the network that is saved by itself;
所述加密芯片进行锁网操作。  The encryption chip performs a lock network operation.
在确定移动终端当前使用的网络与自身保存的网络不相同之前, 该方 法还可以进一步包括:  Before determining that the network currently used by the mobile terminal is different from the network saved by itself, the method may further include:
所述加密芯片向所述主芯片或移动终端的 SIM卡获取移动终端当前使 用的网络。  The encryption chip acquires a network currently used by the mobile terminal to the SIM card of the master chip or the mobile terminal.
所述确定移动终端当前使用的网络与自身保存的网络不相同, 具体为: 所述加密芯片确定移动终端当前的 MCC与自身保存的 MCC不相同; 或者,  The determining that the network currently used by the mobile terminal is different from the network that is saved by the mobile terminal is specifically: the encryption chip determines that the current MCC of the mobile terminal is different from the MCC saved by itself; or
所述加密芯片确定移动终端当前的 MNC与自身保存的 MNC不相同; 或者, The encryption chip determines that the current MNC of the mobile terminal is different from the MNC saved by itself; or,
加密芯片确定移动终端当前的 IMSI与自身保存的 IMSI不相同。  The encryption chip determines that the current IMSI of the mobile terminal is different from the IMSI saved by itself.
所述切断移动终端的主芯片与移动终端的功能模块之间的通信, 具体 为:  The communication between the main chip of the mobile terminal and the functional module of the mobile terminal is specifically:
所述加密芯片关闭设置于移动终端的主芯片与移动终端的功能模块之 间的开关; 或者,  The encryption chip turns off a switch disposed between a main chip of the mobile terminal and a function module of the mobile terminal; or
所述加密芯片关闭移动终端的功能模块。  The encryption chip turns off a functional module of the mobile terminal.
其中, 所述关闭设置于移动终端的主芯片与移动终端的功能模块之间 的开关, 具体为:  The switch that is disposed between the main chip of the mobile terminal and the function module of the mobile terminal is specifically:
停止为所述开关供电、 或向所述开关输出控制信号, 以关闭所述开关; 所述关闭移动终端的功能模块, 具体为:  Stopping power supply to the switch, or outputting a control signal to the switch to turn off the switch; the function module for turning off the mobile terminal is specifically:
停止为所述移动终端的功能模块供电、 或向所述移动终端的功能模块 输出控制信号, 以关闭所述移动终端的功能模块。  Stopping powering the function module of the mobile terminal or outputting a control signal to the function module of the mobile terminal to close the function module of the mobile terminal.
这里, 输出控制信号, 以关闭所述开关及移动终端的功能模块的具体 处理过程为本领域技术人员的管用技术手段, 这里不再赘述。  Here, the specific processing for outputting the control signal to close the function module of the switch and the mobile terminal is a technical means for those skilled in the art, and details are not described herein again.
移动终端的软件无法修改所述加密芯片中的信息, 当需要获取所述加 密芯片中的信息或移动终端的主芯片中的信息时, 需要将所述加密芯片或 移动终端的主芯片与计算机通过通信接口相连接, 计算机经过加密狗的认 证后, 才能获取所述加密信息中的信息; 进一步地, 当需要在所述加密芯 片中写入信息、 或需要擦除所述加密芯片中的信息时, 需要进行授权, 换 句话说, 在授权的前提下, 才能对所述加密芯片进行擦除和写入信息的操 作。其中, 所述通信接口具体可以是: 通用串行总线(USB, Universal Serial BUS ), 或 RS232等, 加密狗可以通过 USB与所述计算机向连接。  The software of the mobile terminal cannot modify the information in the encryption chip. When it is required to acquire the information in the encryption chip or the information in the main chip of the mobile terminal, the main chip and the computer of the encryption chip or the mobile terminal need to be passed. The communication interface is connected, and the computer can obtain the information in the encrypted information after being authenticated by the dongle; further, when it is required to write information in the encryption chip, or when the information in the encryption chip needs to be erased Authorization is required. In other words, the encryption chip can be erased and written to the information under the premise of authorization. The communication interface may specifically be: a universal serial bus (USB, Universal Serial BUS), or RS232, etc., and the dongle can be connected to the computer through the USB.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 Claim
1、 一种实现移动终端锁网的装置, 该装置包括: 移动终端的主芯片及 移动终端的功能模块, 其特征在于, 该装置还包括: 加密芯片; 其中, 所述加密芯片, 与所述移动终端的主芯片相连接, 用于确定移动终端 当前使用的网络与自身保存的网络不相同时, 切断所述移动终端的主芯片 与所述移动终端的功能模块之间的通信。  A device for implementing a mobile terminal lock network, the device comprising: a main chip of the mobile terminal and a function module of the mobile terminal, the device further comprising: an encryption chip; wherein the encryption chip, The main chip of the mobile terminal is connected to determine that the network currently used by the mobile terminal is different from the network saved by itself, and disconnects the communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
2、 根据权利要求 1所述的装置, 其特征在于, 所述加密芯片, 在确定 移动终端当前使用的网络与自身保存的网络不相同时, 还用于进行锁网操 作。  The device according to claim 1, wherein the encryption chip is further configured to perform a network lock operation when determining that the network currently used by the mobile terminal is different from the network that is saved by itself.
3、根据权利要求 1所述的装置,其特征在于, 所述移动终端的主芯片, 还用于为加密芯片提供所述移动终端当前使用的网络。  The device according to claim 1, wherein the main chip of the mobile terminal is further configured to provide a network for the encryption chip to be used by the mobile terminal.
4、 根据权利要求 1所述的装置, 其特征在于, 该装置进一步包括: 用 户识别模块(SIM )卡;  4. The apparatus according to claim 1, wherein the apparatus further comprises: a subscriber identity module (SIM) card;
所述移动终端的主芯片, 还用于为加密芯片提供所述移动终端当前使 用的网络; 或者,  The main chip of the mobile terminal is further configured to provide a network for the encryption chip to be used by the mobile terminal; or
SIM卡, 用于为加密芯片提供所述移动终端当前使用的网络。  The SIM card is configured to provide the encryption chip with a network currently used by the mobile terminal.
5、 根据权利要求 1至 4任一项所述的装置, 其特征在于, 该装置进一 步包括: 开关, 设置于所述移动终端的主芯片与所述移动终端的功能模块 之间, 所述开关的控制端与所述加密芯片的引脚相连接;  The device according to any one of claims 1 to 4, further comprising: a switch disposed between a main chip of the mobile terminal and a functional module of the mobile terminal, the switch The control terminal is connected to the pin of the encryption chip;
在切断移动终端的主芯片与移动终端的功能模块之间的通信时, 所述 加密芯片, 具体用于: 关闭开关。  When the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is cut off, the encryption chip is specifically configured to: close the switch.
6、 根据权利要求 5所述的装置, 其特征在于, 所述开关为: 场效应晶 体管、 或为三极管、 或为模拟开关、 或为继电器。  6. Apparatus according to claim 5, wherein the switch is: a field effect transistor, or a triode, or an analog switch, or a relay.
7、 根据权利要求 1至 4任一项所述的装置, 其特征在于, 所述加密芯 片的引脚与所述移动终端的功能模块相连接; 在切断移动终端的主芯片与移动终端的功能模块之间的通信时, 所述 加密芯片, 具体用于: 关闭所述移动终端的功能模块。 The device according to any one of claims 1 to 4, wherein a pin of the encryption chip is connected to a function module of the mobile terminal; When the communication between the main chip of the mobile terminal and the function module of the mobile terminal is cut off, the encryption chip is specifically configured to: close the function module of the mobile terminal.
8、 一种实现移动终端锁网的方法, 其特征在于, 该方法包括: 在移动终端中增设加密芯片;  A method for implementing a mobile terminal lock network, the method comprising: adding an encryption chip to the mobile terminal;
确定所述移动终端当前使用的网络与自身保存的网络不相同时, 加密 芯片切断移动终端的主芯片与移动终端的功能模块之间的通信。  When it is determined that the network currently used by the mobile terminal is different from the network saved by itself, the encryption chip cuts off communication between the main chip of the mobile terminal and the functional module of the mobile terminal.
9、 根据权利要求 8所述的方法, 其特征在于, 在确定移动终端当前使 用的网络与自身保存的网络不相同时, 该方法进一步包括:  The method according to claim 8, wherein when determining that the network currently used by the mobile terminal is different from the network that is saved by itself, the method further includes:
所述加密芯片进行锁网操作。  The encryption chip performs a lock network operation.
10、 根据权利要求 8所述的方法, 其特征在于, 在确定移动终端当前 使用的网络与自身保存的网络不相同之前, 该方法进一步包括:  The method according to claim 8, wherein before determining that the network currently used by the mobile terminal is different from the network saved by itself, the method further includes:
所述加密芯片向所述移动终端的主芯片或移动终端的 SIM卡获取移动 终端当前使用的网络。  The encryption chip acquires a network currently used by the mobile terminal to the SIM card of the mobile terminal or the SIM card of the mobile terminal.
11、 根据权利要求 8、 9或 10所述的方法, 其特征在于, 所述确定所 述移动终端当前使用的网络与自身保存的网络不相同, 为:  The method according to claim 8, 9 or 10, wherein the determining that the network currently used by the mobile terminal is different from the network that is saved by itself is:
所述加密芯片确定所述移动终端当前的移动国家号码(MCC ) 与自身 保存的 MCC不相同; 或者,  The encryption chip determines that the current mobile country number (MCC) of the mobile terminal is different from the MCC saved by itself; or
所述加密芯片确定所述移动终端当前的移动网络号码(MNC ) 与自身 保存的 MNC不相同; 或者,  The encryption chip determines that the current mobile network number (MNC) of the mobile terminal is different from the MNC saved by itself; or
加密芯片确定所述移动终端当前的国际移动用户识别码(IMSI )与自 身保存的 IMSI不相同。  The encryption chip determines that the current International Mobile Subscriber Identity (IMSI) of the mobile terminal is different from the IMSI saved by itself.
12、 根据权利要求 8、 9或 10所述的方法, 其特征在于, 所述切断移 动终端的主芯片与移动终端的功能模块之间的通信, 为:  The method according to claim 8, 9 or 10, wherein the communication between the main chip of the mobile terminal and the functional module of the mobile terminal is:
所述加密芯片关闭设置于所述移动终端的主芯片与所述移动终端的功 能模块之间的开关; 或者, 所述加密芯片关闭所述移动终端的功能模块。 The encryption chip turns off a switch disposed between a main chip of the mobile terminal and a functional module of the mobile terminal; or The encryption chip turns off a functional module of the mobile terminal.
13、 根据权利要求 12所述的方法, 其特征在于, 所述关闭设置于所述 移动终端的主芯片与所述移动终端的功能模块之间的开关, 为:  The method according to claim 12, wherein the switching between the main chip of the mobile terminal and the functional module of the mobile terminal is:
停止为所述开关供电、 或向所述开关输出控制信号, 以关闭所述开关; 所述关闭所述移动终端的功能模块, 为:  Stopping powering the switch, or outputting a control signal to the switch to turn off the switch; the function module for turning off the mobile terminal is:
停止为所述移动终端的功能模块供电、 或向所述移动终端的功能模块 输出控制信号, 以关闭所述移动终端的功能模块。  Stopping powering the function module of the mobile terminal or outputting a control signal to the function module of the mobile terminal to close the function module of the mobile terminal.
PCT/CN2012/070498 2011-10-20 2012-01-17 Device and method for realizing network-locking of mobile terminal WO2013056522A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2011103203377A CN102340768A (en) 2011-10-20 2011-10-20 Device and method for realizing network locking of mobile terminal
CN201110320337.7 2011-10-20

Publications (1)

Publication Number Publication Date
WO2013056522A1 true WO2013056522A1 (en) 2013-04-25

Family

ID=45516228

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/070498 WO2013056522A1 (en) 2011-10-20 2012-01-17 Device and method for realizing network-locking of mobile terminal

Country Status (2)

Country Link
CN (1) CN102340768A (en)
WO (1) WO2013056522A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109587111A (en) * 2018-10-24 2019-04-05 江苏税软软件科技有限公司 A kind of protecting information safety method using USB softdog

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101098540A (en) * 2006-06-27 2008-01-02 深圳市中兴集成电路设计有限责任公司 Encrypting chip based mobile terminal network-locking device
CN101668286A (en) * 2009-09-16 2010-03-10 中兴通讯股份有限公司 Network locking method and system thereof
CN102075608A (en) * 2009-11-20 2011-05-25 中兴通讯股份有限公司 Method and encryption chip used for encrypting mobile terminals, and mobile terminal
CN102158846A (en) * 2011-03-30 2011-08-17 中兴通讯股份有限公司 Mobile terminal and network locking method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101098540A (en) * 2006-06-27 2008-01-02 深圳市中兴集成电路设计有限责任公司 Encrypting chip based mobile terminal network-locking device
CN101668286A (en) * 2009-09-16 2010-03-10 中兴通讯股份有限公司 Network locking method and system thereof
CN102075608A (en) * 2009-11-20 2011-05-25 中兴通讯股份有限公司 Method and encryption chip used for encrypting mobile terminals, and mobile terminal
CN102158846A (en) * 2011-03-30 2011-08-17 中兴通讯股份有限公司 Mobile terminal and network locking method thereof

Also Published As

Publication number Publication date
CN102340768A (en) 2012-02-01

Similar Documents

Publication Publication Date Title
US8751824B2 (en) Method and apparatus for protecting software of mobile terminal
US9501652B2 (en) Validating sensitive data from an application processor to modem processor
US9560693B2 (en) Methods and apparatus for access data recovery from a malfunctioning device
US7987374B2 (en) Security chip
CN108681677B (en) Method, device and system for safely isolating dual-network computer based on USB interface
US20130340069A1 (en) Security switch
EP3001351A1 (en) User identity authentication method, terminal and service terminal
EP3706019B1 (en) Hardware-enforced access protection
EP2485512B1 (en) Encryption device and method for controlling download and access operations performed to a mobile terminal
US10511578B2 (en) Technologies for secure content display with panel self-refresh
EP3319032A1 (en) Method for processing data, wearable electronic equipment and system
CN102255109A (en) Authentication method for mobile terminal battery, and mobile terminal thereof
KR20130031435A (en) Method and apparatus for generating and managing of encryption key portable terminal
WO2013155790A9 (en) Control method and device of mobile terminal, and mobile terminal
CN102360407A (en) Communication method for mobile phone and computer
WO2013056522A1 (en) Device and method for realizing network-locking of mobile terminal
CN202085191U (en) Data safe storage and transmission system
CN107480545B (en) Data protection method and electronic equipment
CN103020509A (en) Terminal equipment encryption and decryption method, device and terminal equipment
WO2012126197A1 (en) Device for restoring download path of mobile treminal
WO2009010919A2 (en) Dongle for functionally testing an electronic device
US20190311110A1 (en) Method, first device and system for authenticating to a second device
CN101782950B (en) System for communication control between motherboard and onboard equipment and method thereof
KR101513435B1 (en) Method for Protecting Key Input, and Device for Key Input Protection
WO2023148557A1 (en) Method and apparatus for securing power delivery side channel

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12842612

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12842612

Country of ref document: EP

Kind code of ref document: A1