WO2016201732A1 - Virtual sim card parameter management method, mobile terminal, and server - Google Patents

Virtual sim card parameter management method, mobile terminal, and server Download PDF

Info

Publication number
WO2016201732A1
WO2016201732A1 PCT/CN2015/082921 CN2015082921W WO2016201732A1 WO 2016201732 A1 WO2016201732 A1 WO 2016201732A1 CN 2015082921 W CN2015082921 W CN 2015082921W WO 2016201732 A1 WO2016201732 A1 WO 2016201732A1
Authority
WO
WIPO (PCT)
Prior art keywords
sim card
mobile terminal
public key
device identification
identification information
Prior art date
Application number
PCT/CN2015/082921
Other languages
French (fr)
Chinese (zh)
Inventor
罗茂清
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2016201732A1 publication Critical patent/WO2016201732A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/351Virtual cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/354Card activation or deactivation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3558Preliminary personalisation for transfer to user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/383Anonymous user system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning

Definitions

  • the present invention relates to the field of electronic technologies, and in particular, to a virtual SIM card parameter management method, a mobile terminal, and a server.
  • the objects connected and processed by the Internet of Things are mainly machines or objects and their associated large amounts of data.
  • the "ownership" characteristics of these processing objects lead to the Internet of Things.
  • the requirements for data security are higher than those for the Internet that handles "text" information.
  • the information that needs to be protected includes the service data transmitted and processed in the network, as well as the identity information of each node in the network, that is, private information.
  • the mobile terminal has the identity tag in the Internet of Things network because it needs to be interconnected with the entire Internet of Things.
  • it has a wireless access network because it needs to access the traditional wireless network.
  • the identity tag, the release of these identity tag information and the storage process should be protected against information leakage.
  • the file parameters of the virtual SIM card can be directly stored in the mobile terminal. Compared with the traditional SIM card, it has the advantages of convenient centralized management, wide operating temperature range and low cost.
  • the file parameters of the virtual SIM card can be used as the identity label of the mobile terminal. Network registration to join the Internet of Things network.
  • the mobile terminal makes a request to the server to request the server to authorize the SIM card parameters, but the security is low during the request process.
  • the embodiment of the invention provides a virtual SIM card parameter management method, a mobile terminal and a server.
  • the method of obtaining encrypted SIM card parameters from the server through HTTP request is more efficient and secure.
  • the embodiment of the invention provides a virtual SIM card parameter management method, including:
  • the management server allocates a SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key;
  • the method further includes:
  • the method further includes:
  • an update request of the SIM card parameter is sent to the management server, so that the management server updates the SIM card parameter in the mobile terminal.
  • the embodiment of the present invention provides another virtual SIM card parameter management method, including:
  • the SIM card parameters are network registered to establish a mobile internetwork.
  • an embodiment of the present invention provides a mobile terminal, including:
  • a request sending module configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key pair
  • the SIM card parameters are encrypted
  • An information receiving module configured to receive the encrypted SIM card parameter sent by the management server
  • a decryption registration module configured to decrypt the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and perform network registration by decrypting the obtained SIM card parameter to establish a mobile internet network.
  • the mobile terminal further includes:
  • An information acquiring module configured to acquire the device identification information and the algorithm public key
  • a request generating module configured to generate the HTTP request according to the device identification information and the algorithm public key.
  • the mobile terminal further includes:
  • a parameter update module configured to send an update request of the SIM card parameter to the management server when the usage time of the SIM card parameter is detected to exceed an expiration date, so that the management server is configured to the SIM in the mobile terminal
  • the card parameters are updated.
  • an embodiment of the present invention provides a management server, including:
  • a request receiving module configured to receive an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key
  • An information processing module configured to allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key;
  • An information sending module configured to send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal uses an algorithm private key pair corresponding to the algorithm public key to the encrypted device
  • the SIM card parameters are decrypted and the SIM card parameters obtained by decrypting are used for network registration to establish a mobile internet.
  • the request receiving module is further configured to receive an update request sent by the mobile terminal;
  • the information sending module is further configured to update the SIM card parameter in the mobile terminal according to the update request.
  • the embodiment of the present invention firstly sends an HTTP request carrying the device identification information and the algorithm public key to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key. And then receiving the encrypted SIM card parameters sent by the management server; finally decrypting the encrypted SIM card parameters using the algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet connection
  • the network which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
  • FIG. 1 is a flowchart of a first embodiment of a virtual SIM card parameter management method according to the present invention
  • FIG. 2 is a flow chart of a second embodiment of a virtual SIM card parameter management method according to the present invention.
  • FIG. 3 is a flowchart of a third embodiment of a virtual SIM card parameter management method according to the present invention.
  • FIG. 4 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a management server according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a virtual SIM card parameter management system according to an embodiment of the present invention.
  • FIG. 1 is a flowchart of a first embodiment of a virtual SIM card parameter management method according to the present invention.
  • the executor of the embodiment of the present invention is a mobile terminal, and the method in the embodiment of the present invention includes:
  • S101 Send an HTTP request carrying the device identification information and the algorithm public key to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to the SIM card.
  • the parameters are encrypted.
  • the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key.
  • the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key.
  • the device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
  • the management server After receiving the HTTP request, the management server first parses the HTTP request to obtain device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement, when the device When the identification information does not meet the requirements of the terminal device identification, the device returns a message indicating that the device identification information is incorrect, and prompts the user to resubmit the device identification information.
  • the device identification information meets the terminal device identification requirement, the device The mobile terminal allocates SIM card parameters, encrypts the SIM card parameters using the algorithm public key, and transmits the encrypted SIM card parameters to the mobile terminal.
  • the SIM card parameters can include the country International Mobile Subscriber Identification Number (IMSI).
  • S103 Decrypt the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and perform network registration by using the decrypted SIM card parameter to establish a mobile internet.
  • the SIM card parameter may further include a registration password, and after decrypting the international mobile subscriber identity and the registration password, the network registration may be performed by using an international mobile subscriber identity and a registration password, and when the network registration is successful, the prompt is prompted. Users can perform mobile internet operations.
  • the management server when detecting that the usage time of the SIM card parameter exceeds an expiration date, sending an update request of the SIM card parameter to the management server, so that the management server uses the SIM card parameter in the mobile terminal Update.
  • the expiration date may be one month or half a month, or may be determined by the user in consultation with the mobile network operator.
  • the update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the operation may be repeatedly performed on the SIM.
  • the card parameters are updated.
  • the mobile terminal and the management server in the embodiment of the present invention may use other network resources to perform information transmission. After the network registration is successfully performed by using the requested SIM card parameter, the network resource registered by the SIM card parameter may be used. Information transfer.
  • an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter.
  • the Internet which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
  • FIG. 2 is a flowchart of a second embodiment of a virtual SIM card parameter management method according to the present invention.
  • the execution subject of the embodiment of the present invention is a management server, and the method in the embodiment of the present invention includes:
  • the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key.
  • the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key.
  • the device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
  • S202 Allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key.
  • the management server after receiving the TTTP request, the management server first parses the HTTP request, and then obtains device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement. Returning, to the mobile terminal, the message that the device identification information is incorrect, and prompting the user to resubmit the device identification information, where the device identification information meets the terminal device identification requirement, when the device identification information does not meet the terminal device identification requirement.
  • the SIM card parameters are assigned to the mobile terminal, and the SIM card parameters are encrypted using the algorithm public key, and the encrypted SIM card parameters are transmitted to the mobile terminal.
  • the SIM card parameter may include an International Mobile Subscriber Identification Number (IMSI).
  • S203 Send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal decrypts and encrypts the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key.
  • the obtained SIM card parameters are network registered to establish a mobile internet network.
  • an update request sent by the mobile terminal may be received; and the SIM card parameter in the mobile terminal is updated according to the update request.
  • the update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the above operations may be repeatedly performed to update the SIM card parameters in the mobile terminal.
  • the management server first receives an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key. Then, according to the device identification information in the HTTP request, the SIM card parameter is finally allocated to the mobile terminal and the algorithm is used.
  • the key encrypts the SIM card parameters. Sending the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal decrypts the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performs network registration through the decrypted SIM card parameters to establish a mobile internet connection.
  • the network thereby realizing the method for the mobile terminal to obtain the encrypted SIM card parameters from the server through the HTTP request, is more efficient and secure.
  • FIG. 3 is a flowchart of a third embodiment of a virtual SIM card parameter management method according to the present invention. As shown in the figure, the method in the embodiment of the present invention includes:
  • the mobile terminal acquires the device identification information and the algorithm public key.
  • the mobile terminal may first determine the width of the encryption key and two randomly selected prime numbers, and calculate an encryption key by using an RSA encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key; when the mobile terminal detects When the SIM card parameter needs to be applied to the management server, the algorithm public key in the encryption key is obtained and the device identification information on the mobile terminal is identified.
  • the mobile terminal generates the HTTP request according to the device identifier information and the algorithm public key.
  • the mobile terminal sends an HTTP request carrying the device identification information and the algorithm public key to the management server.
  • the management server allocates a SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key.
  • the management server sends the encrypted SIM card parameter to the mobile terminal.
  • the mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the
  • the SIM card parameters are decrypted and network registration is performed by decrypting the obtained SIM card parameters to establish a mobile internet.
  • the mobile terminal sends an update request of the SIM card parameter to the management server when detecting that the usage time of the SIM card parameter exceeds an expiration date.
  • the management server updates the SIM card parameter in the mobile terminal according to the update request.
  • an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter.
  • the Internet which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
  • FIG. 4 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
  • the mobile terminal 40 in the embodiment of the present invention includes:
  • the request sending module 401 is configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key. Encrypting the SIM card parameters.
  • the device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
  • the management server After receiving the HTTP request, the management server first parses the HTTP request to obtain device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement, when the device When the identification information does not meet the requirements of the terminal device identification, the device returns a message indicating that the device identification information is incorrect, and prompts the user to resubmit the device identification information.
  • the device identification information meets the terminal device identification requirement, the device The mobile terminal allocates a SIM card parameter, and encrypts the SIM card parameter by using an algorithm public key.
  • the encrypted SIM card parameters are sent to the mobile terminal.
  • the SIM card parameter may include an International Mobile Subscriber Identification Number (IMSI).
  • the information receiving module 402 is configured to receive the encrypted SIM card parameter sent by the management server.
  • the decryption registration module 403 is configured to decrypt the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and perform network registration by decrypting the obtained SIM card parameters to establish a mobile internet.
  • the SIM card parameter may further include a registration password, and after decrypting the international mobile subscriber identity and the registration password, the network registration may be performed by using an international mobile subscriber identity and a registration password, and when the network registration is successful, the prompt is prompted. Users can perform mobile internet operations.
  • the mobile terminal 40 in the embodiment of the present invention may further include:
  • the information obtaining module 405 is configured to obtain the device identification information and the algorithm public key.
  • the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key.
  • the mobile terminal needs to apply for a SIM card parameter to the management server, the device identification information and the algorithm public key may be acquired.
  • the request generating module 406 is configured to generate the HTTP request according to the device identification information and the algorithm public key.
  • the mobile terminal 40 in the embodiment of the present invention may further include:
  • the parameter update module 404 is configured to: when detecting that the usage time of the SIM card parameter exceeds an expiration date, send an update request of the SIM card parameter to the management server, so that the management server refers to the mobile terminal
  • the SIM card parameters are updated.
  • the expiration date may be one month or half a month, or may be determined by the user in consultation with the mobile network operator.
  • the update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the operation may be repeatedly performed on the SIM.
  • the card parameters are updated.
  • the mobile terminal and the management server in the embodiment of the present invention may use other The network resource performs information transmission. After the network card registration is successfully performed by using the requested SIM card parameter, the network resource registered by the SIM card parameter may be used for information transmission.
  • an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter.
  • the Internet which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
  • FIG. 5 is a schematic structural diagram of a management server according to an embodiment of the present invention.
  • the management server 50 in the embodiment of the present invention includes:
  • the request receiving module 501 is configured to receive an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key.
  • the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key.
  • the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key.
  • the device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
  • the information processing module 502 is configured to allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key.
  • the management server after receiving the TTTP request, the management server first parses the HTTP request, and then obtains device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement. When the device identification information does not match And returning the message that the device identification information is incorrect to the mobile terminal, and prompting the user to resubmit the device identification information, and when the device identification information meets the terminal device identification requirement, to the mobile terminal.
  • the SIM card parameters are assigned, and the SIM card parameters are encrypted using the algorithm public key, and the encrypted SIM card parameters are transmitted to the mobile terminal.
  • the SIM card parameter may be an International Mobile Subscriber Identification Number (IMSI).
  • the information sending module 503 is configured to send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the SIM card parameter. Decrypting and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet network.
  • an update request sent by the mobile terminal may be received; and the SIM card parameter in the mobile terminal is updated according to the update request.
  • the update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the above operations may be repeatedly performed to update the SIM card parameters in the mobile terminal.
  • the management server first receives an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key. Then, according to the device identification information in the HTTP request, the SIM card parameter is finally allocated to the mobile terminal and the algorithm is used.
  • the key encrypts the SIM card parameters. Sending the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal decrypts the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performs network registration through the decrypted SIM card parameters to establish a mobile internet connection.
  • the network thereby realizing the method for the mobile terminal to obtain the encrypted SIM card parameters from the server through the HTTP request, is more efficient and secure.
  • FIG. 6 is a schematic structural diagram of a SIM card parameter management system according to an embodiment of the present invention. As shown in the figure, the system in the embodiment of the present invention includes:
  • the mobile terminal 40 is configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key pair. Encrypting the SIM card parameters; receiving the management The encrypted SIM card parameter sent by the server; decrypting the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameter Establish a mobile internet.
  • the management server 50 is configured to receive an HTTP request that is sent by the mobile terminal and that carries the device identification information and the algorithm public key. According to the device identification information in the HTTP request, the SIM card parameter is allocated to the mobile terminal, and the algorithm is used. The key encrypts the SIM card parameter; the encrypted SIM card parameter is sent to the mobile terminal, so that the mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the The SIM card parameters are decrypted and network registration is performed by decrypting the obtained SIM card parameters to establish a mobile internet.
  • the program may be stored in a computer readable storage medium, and the storage medium may include: Flash disk, read-only memory (English: Read-Only Memory, referred to as: ROM), random accessor (English: Random Access Memory, referred to as: RAM), disk or optical disk.
  • ROM Read-Only Memory
  • RAM Random Access Memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Disclosed are a virtual SIM card parameter management method, a mobile terminal, and a server. The method comprises: sending an HTTP request carrying device identification information and an algorithm public key, to a management server so that the management server allocates an SIM card parameter to a mobile terminal according to the device identification information and encrypts the SIM card parameter by using the algorithm public key; receiving the encrypted SIM card parameter sent by the management server; and decrypting the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and performing network registration by means of the decrypted SIM card parameter, so as to establish a mobile internet. By using embodiments of the present invention, the method in which an encrypted SIM card parameter is acquired from a server by means of an HTTP request is more efficient and securer.

Description

一种虚拟SIM卡参数管理方法、移动终端及服务器Virtual SIM card parameter management method, mobile terminal and server
本申请要求于2015年06月19日提交中国专利局,申请号为201510344953.4、发明名称为“一种虚拟SIM卡参数管理方法、移动终端及服务器”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application filed on June 19, 2015, the Chinese Patent Office, the application number is 201510344953.4, and the invention name is "a virtual SIM card parameter management method, mobile terminal and server". The citations are incorporated herein by reference.
技术领域Technical field
本发明涉及电子技术领域,尤其涉及一种虚拟SIM卡参数管理方法、移动终端及服务器。The present invention relates to the field of electronic technologies, and in particular, to a virtual SIM card parameter management method, a mobile terminal, and a server.
背景技术Background technique
随着物联网技术的发展,对物联网网络安全也提出了新的要求,物联网连接和处理的对象主要是机器或物以及其相关的大量数据,这些处理对象的“所有权”特性导致物联网对数据安全的要求要比以处理“文本”信息为主的互联网要高,这些需要保护的信息包括网络中传输处理的业务数据,也包括网络中各个节点身份信息,即隐私信息。移动终端作为物联网的一类终端节点,一方面由于需要和整个物联网互联互通,因此具有物联网网络中的身份标签;另一方面由于需要接入传统的无线网络,因此具有无线接入网络的身份标签,这些身份标签信息的发放以及存储过程都应该受到安全保护,防止信息泄露。With the development of the Internet of Things technology, new requirements are also put forward for the security of the Internet of Things. The objects connected and processed by the Internet of Things are mainly machines or objects and their associated large amounts of data. The "ownership" characteristics of these processing objects lead to the Internet of Things. The requirements for data security are higher than those for the Internet that handles "text" information. The information that needs to be protected includes the service data transmitted and processed in the network, as well as the identity information of each node in the network, that is, private information. As a kind of terminal node of the Internet of Things, the mobile terminal has the identity tag in the Internet of Things network because it needs to be interconnected with the entire Internet of Things. On the other hand, it has a wireless access network because it needs to access the traditional wireless network. The identity tag, the release of these identity tag information and the storage process should be protected against information leakage.
虚拟SIM卡的文件参数可以直接存储在移动终端中,相较于传统的SIM卡,具有方便集中管理、工作温度范围广、成本低等优点,虚拟SIM卡的文件参数可以作为移动终端的身份标签进行网络注册进而加入物联网网络。在现有技术方案中,移动终端向服务器提出请求,请求服务器授权SIM卡参数,但是,在请求过程中安全性低。The file parameters of the virtual SIM card can be directly stored in the mobile terminal. Compared with the traditional SIM card, it has the advantages of convenient centralized management, wide operating temperature range and low cost. The file parameters of the virtual SIM card can be used as the identity label of the mobile terminal. Network registration to join the Internet of Things network. In the prior art solution, the mobile terminal makes a request to the server to request the server to authorize the SIM card parameters, but the security is low during the request process.
发明内容Summary of the invention
本发明实施例提供一种虚拟SIM卡参数管理方法、移动终端及服务器。通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。The embodiment of the invention provides a virtual SIM card parameter management method, a mobile terminal and a server. The method of obtaining encrypted SIM card parameters from the server through HTTP request is more efficient and secure.
本发明实施例提供了一种虚拟SIM卡参数管理方法,包括:The embodiment of the invention provides a virtual SIM card parameter management method, including:
所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;The management server allocates a SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key;
接收所述管理服务器发送的经过加密的所述SIM卡参数;Receiving the encrypted SIM card parameter sent by the management server;
使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。Decrypting the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet network.
其中,所述向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求之前还包括:Before the sending, by the management server, the HTTP request carrying the device identification information and the algorithm public key, the method further includes:
获取所述设备标识信息以及所述算法公钥;Obtaining the device identification information and the algorithm public key;
根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。And generating the HTTP request according to the device identification information and the algorithm public key.
其中,所述通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络之后,还包括:After the network card registration is performed by using the SIM card parameter obtained by the decryption to establish a mobile internet, the method further includes:
当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。When it is detected that the usage time of the SIM card parameter exceeds the expiration date, an update request of the SIM card parameter is sent to the management server, so that the management server updates the SIM card parameter in the mobile terminal.
相应地,本发明实施例提供了另一种虚拟SIM卡参数管理方法,包括:Correspondingly, the embodiment of the present invention provides another virtual SIM card parameter management method, including:
接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;Receiving an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key;
根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;Assigning a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypting the SIM card parameter by using the algorithm public key;
将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。Transmitting the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal decrypts the encrypted SIM card parameters and decrypts them by using an algorithm private key corresponding to the algorithm public key The SIM card parameters are network registered to establish a mobile internetwork.
其中,所述将经过加密的所述SIM卡参数发送至所述移动终端之后,还 包括:Wherein after the encrypted SIM card parameter is sent to the mobile terminal, include:
接收所述移动终端发送的更新请求;Receiving an update request sent by the mobile terminal;
根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。Updating the SIM card parameters in the mobile terminal according to the update request.
相应地,本发明实施例提供了一种移动终端,包括:Correspondingly, an embodiment of the present invention provides a mobile terminal, including:
请求发送模块,用于向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;a request sending module, configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key pair The SIM card parameters are encrypted;
信息接收模块,用于接收所述管理服务器发送的经过加密的所述SIM卡参数;An information receiving module, configured to receive the encrypted SIM card parameter sent by the management server;
解密注册模块,用于使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。And a decryption registration module, configured to decrypt the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and perform network registration by decrypting the obtained SIM card parameter to establish a mobile internet network.
其中,所述移动终端还包括:The mobile terminal further includes:
信息获取模块,用于获取所述设备标识信息以及所述算法公钥;An information acquiring module, configured to acquire the device identification information and the algorithm public key;
请求生成模块,用于根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。And a request generating module, configured to generate the HTTP request according to the device identification information and the algorithm public key.
其中,所述移动终端还包括:The mobile terminal further includes:
参数更新模块,用于当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。a parameter update module, configured to send an update request of the SIM card parameter to the management server when the usage time of the SIM card parameter is detected to exceed an expiration date, so that the management server is configured to the SIM in the mobile terminal The card parameters are updated.
相应地,本发明实施例提供了一种管理服务器,包括:Correspondingly, an embodiment of the present invention provides a management server, including:
请求接收模块,用于接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;a request receiving module, configured to receive an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key;
信息处理模块,用于根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;An information processing module, configured to allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key;
信息发送模块,用于将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所 述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。An information sending module, configured to send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal uses an algorithm private key pair corresponding to the algorithm public key to the encrypted device The SIM card parameters are decrypted and the SIM card parameters obtained by decrypting are used for network registration to establish a mobile internet.
其中,所述请求接收模块,还用于接收所述移动终端发送的更新请求;The request receiving module is further configured to receive an update request sent by the mobile terminal;
所述信息发送模块,还用于根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。The information sending module is further configured to update the SIM card parameter in the mobile terminal according to the update request.
实施本发明实施例,首先向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使管理服务器根据设备标识信息向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密;然后接收管理服务器发送的经过加密的SIM卡参数;最后使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密,并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。The embodiment of the present invention firstly sends an HTTP request carrying the device identification information and the algorithm public key to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key. And then receiving the encrypted SIM card parameters sent by the management server; finally decrypting the encrypted SIM card parameters using the algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet connection The network, which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
附图说明DRAWINGS
为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without paying any creative work.
图1是本发明提出的一种虚拟SIM卡参数管理方法的第一实施例的流程图;1 is a flowchart of a first embodiment of a virtual SIM card parameter management method according to the present invention;
图2是本发明提出的一种虚拟SIM卡参数管理方法的第二实施例的流程图;2 is a flow chart of a second embodiment of a virtual SIM card parameter management method according to the present invention;
图3是本发明提出的一种虚拟SIM卡参数管理方法的第三实施例的流程图;3 is a flowchart of a third embodiment of a virtual SIM card parameter management method according to the present invention;
图4是本发明实施例提出的一种移动终端的结构示意图;4 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention;
图5是本发明实施例提出的一种管理服务器的结构示意图;FIG. 5 is a schematic structural diagram of a management server according to an embodiment of the present invention; FIG.
图6是本发明实施例提出的一种虚拟SIM卡参数管理系统的结构示意 图。FIG. 6 is a schematic structural diagram of a virtual SIM card parameter management system according to an embodiment of the present invention; FIG. Figure.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
请参考图1,图1是本发明提出的一种虚拟SIM卡参数管理方法的第一实施例的流程图。如图所示,本发明实施例的执行主体为移动终端,本发明实施例中的方法包括:Please refer to FIG. 1. FIG. 1 is a flowchart of a first embodiment of a virtual SIM card parameter management method according to the present invention. As shown in the figure, the executor of the embodiment of the present invention is a mobile terminal, and the method in the embodiment of the present invention includes:
S101,向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密。S101. Send an HTTP request carrying the device identification information and the algorithm public key to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to the SIM card. The parameters are encrypted.
具体实现中,移动终端可以预先通过加密算法计算出加密密钥,所述加密密钥包括算法公钥和算法私钥。当移动终端需要向管理服务器申请SIM卡参数时,可以获取所述设备标识信息以及所述算法公钥;根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求;然后向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求。其中,设备标识信息可以为移动终端标识号(MEID,Mobile Equipment Identifier)、国际移动设备身份码(IMEI,International Mobile Equipment Identity)等等。In a specific implementation, the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key. When the mobile terminal needs to apply for the SIM card parameter to the management server, the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key. The device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
管理服务器接收到所述HTTP请求之后,首先对所述HTTP请求进行解析进而从所述HTTP请求中获取设备标识信息以及算法公钥,然后确认设备标识信息是否符合终端设备标识要求,当所述设备标识信息不符合终端设备标识要求时,向所述移动终端返回所述设备标识信息错误的消息并提示用户重新提交所述设备标识信息,当所述设备标识信息符合终端设备标识要求时,向所述移动终端分配SIM卡参数,并使用算法公钥对SIM卡参数进行加密,并将经过加密的SIM卡参数发送至移动终端。其中,SIM卡参数可以包括国 际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。After receiving the HTTP request, the management server first parses the HTTP request to obtain device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement, when the device When the identification information does not meet the requirements of the terminal device identification, the device returns a message indicating that the device identification information is incorrect, and prompts the user to resubmit the device identification information. When the device identification information meets the terminal device identification requirement, the device The mobile terminal allocates SIM card parameters, encrypts the SIM card parameters using the algorithm public key, and transmits the encrypted SIM card parameters to the mobile terminal. Among them, the SIM card parameters can include the country International Mobile Subscriber Identification Number (IMSI).
S102,接收所述管理服务器发送的经过加密的所述SIM卡参数。S102. Receive the encrypted SIM card parameter sent by the management server.
S103,使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。S103: Decrypt the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and perform network registration by using the decrypted SIM card parameter to establish a mobile internet.
具体实现中,所述SIM卡参数还可以包括注册密码,在解密得到国际移动用户识别码和注册密码之后,可以使用国际移动用户识别码和注册密码进行网络注册,当确认网络注册成功时,提示用户可以进行移动互联网络操作。In a specific implementation, the SIM card parameter may further include a registration password, and after decrypting the international mobile subscriber identity and the registration password, the network registration may be performed by using an international mobile subscriber identity and a registration password, and when the network registration is successful, the prompt is prompted. Users can perform mobile internet operations.
可选的,当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。其中,有效期限可以是一个月或半个月,也可以由用户与移动网络运营商协商确定,更新请求也可以为携带有设备标识信息以及算法公钥的HTTP请求,可以重复执行上述操作对SIM卡参数进行更新。Optionally, when detecting that the usage time of the SIM card parameter exceeds an expiration date, sending an update request of the SIM card parameter to the management server, so that the management server uses the SIM card parameter in the mobile terminal Update. The expiration date may be one month or half a month, or may be determined by the user in consultation with the mobile network operator. The update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the operation may be repeatedly performed on the SIM. The card parameters are updated.
需要说明的是,本发明实施例中的移动终端和管理服务器可以使用其他网络资源进行信息传输,当使用请求得到的SIM卡参数进行网络注册成功之后,可以使用该SIM卡参数注册的网络资源进行信息传输。It should be noted that the mobile terminal and the management server in the embodiment of the present invention may use other network resources to perform information transmission. After the network registration is successfully performed by using the requested SIM card parameter, the network resource registered by the SIM card parameter may be used. Information transfer.
在本发明实施例中,首先向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使管理服务器根据设备标识信息向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密;然后接收管理服务器发送的经过加密的SIM卡参数;最后使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密,并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。 In the embodiment of the present invention, an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter. Encrypting; then receiving the encrypted SIM card parameters sent by the management server; finally decrypting the encrypted SIM card parameters using the algorithm private key corresponding to the algorithm public key, and performing network registration by the decrypted SIM card parameters to establish the mobile The Internet, which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
请参考图2,图2是本发明提出的一种虚拟SIM卡参数管理方法的第二实施例的流程图。如图所示,本发明实施例的执行主体为管理服务器,本发明实施例中的方法包括:Please refer to FIG. 2. FIG. 2 is a flowchart of a second embodiment of a virtual SIM card parameter management method according to the present invention. As shown in the figure, the execution subject of the embodiment of the present invention is a management server, and the method in the embodiment of the present invention includes:
S201,接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求。S201. Receive an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key.
具体实现中,移动终端可以预先通过加密算法计算出加密密钥,所述加密密钥包括算法公钥和算法私钥。当移动终端需要向管理服务器申请SIM卡参数时,可以获取所述设备标识信息以及所述算法公钥;根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求;然后向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求。其中,设备标识信息可以为移动终端标识号(MEID,Mobile Equipment Identifier)、国际移动设备身份码(IMEI,International Mobile Equipment Identity)等等。In a specific implementation, the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key. When the mobile terminal needs to apply for the SIM card parameter to the management server, the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key. The device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
S202,根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密。S202. Allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key.
具体实现中,管理服务器接收到所述TTTP请求之后,首先对所述HTTP请求进行解析进而从所述HTTP请求中获取设备标识信息以及算法公钥,然后确认设备标识信息是否符合终端设备标识要求,当所述设备标识信息不符合终端设备标识要求时,向所述移动终端返回所述设备标识信息错误的消息并提示用户重新提交所述设备标识信息,当所述设备标识信息符合终端设备标识要求时,向所述移动终端分配SIM卡参数,并使用算法公钥对SIM卡参数进行加密,并将经过加密的SIM卡参数发送至移动终端。其中,SIM卡参数可以包括国际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。In a specific implementation, after receiving the TTTP request, the management server first parses the HTTP request, and then obtains device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement. Returning, to the mobile terminal, the message that the device identification information is incorrect, and prompting the user to resubmit the device identification information, where the device identification information meets the terminal device identification requirement, when the device identification information does not meet the terminal device identification requirement. At the time, the SIM card parameters are assigned to the mobile terminal, and the SIM card parameters are encrypted using the algorithm public key, and the encrypted SIM card parameters are transmitted to the mobile terminal. The SIM card parameter may include an International Mobile Subscriber Identification Number (IMSI).
S203,将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。 S203. Send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal decrypts and encrypts the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key. The obtained SIM card parameters are network registered to establish a mobile internet network.
可选的,可以接收所述移动终端发送的更新请求;根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。其中,更新请求也可以为携带有设备标识信息以及算法公钥的HTTP请求,可以重复执行上述操作对移动终端中的SIM卡参数进行更新。Optionally, an update request sent by the mobile terminal may be received; and the SIM card parameter in the mobile terminal is updated according to the update request. The update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the above operations may be repeatedly performed to update the SIM card parameters in the mobile terminal.
在本发明实施例中,管理服务器首先接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;然后根据HTTP请求中的设备标识信息,最后向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密。将经过加密的SIM卡参数发送至移动终端,以使移动终端使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了移动终端通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。In the embodiment of the present invention, the management server first receives an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key. Then, according to the device identification information in the HTTP request, the SIM card parameter is finally allocated to the mobile terminal and the algorithm is used. The key encrypts the SIM card parameters. Sending the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal decrypts the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performs network registration through the decrypted SIM card parameters to establish a mobile internet connection. The network, thereby realizing the method for the mobile terminal to obtain the encrypted SIM card parameters from the server through the HTTP request, is more efficient and secure.
请参考图3,图3是本发明提出的一种虚拟SIM卡参数管理方法的第三实施例的流程图。如图所示,本发明实施例中的方法包括:Please refer to FIG. 3. FIG. 3 is a flowchart of a third embodiment of a virtual SIM card parameter management method according to the present invention. As shown in the figure, the method in the embodiment of the present invention includes:
S301,移动终端获取所述设备标识信息以及所述算法公钥。S301. The mobile terminal acquires the device identification information and the algorithm public key.
具体实现中,移动终端可以首先确定加密密钥的宽度以及随机选择的两个素数,通过RSA加密算法计算得到加密密钥,所述加密密钥包括算法公钥和算法私钥;当移动终端检测到需要向管理服务器申请SIM卡参数时,获取所述加密密钥中的算法公钥以及识别出移动终端上的设备标识信息。In a specific implementation, the mobile terminal may first determine the width of the encryption key and two randomly selected prime numbers, and calculate an encryption key by using an RSA encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key; when the mobile terminal detects When the SIM card parameter needs to be applied to the management server, the algorithm public key in the encryption key is obtained and the device identification information on the mobile terminal is identified.
S302,移动终端根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。S302. The mobile terminal generates the HTTP request according to the device identifier information and the algorithm public key.
S303,移动终端向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求。S303. The mobile terminal sends an HTTP request carrying the device identification information and the algorithm public key to the management server.
S304,管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密。S304. The management server allocates a SIM card parameter to the mobile terminal according to the device identification information, and encrypts the SIM card parameter by using the algorithm public key.
S305,管理服务器将经过加密的所述SIM卡参数发送至所述移动终端。S305. The management server sends the encrypted SIM card parameter to the mobile terminal.
S306,移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述 SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。S306. The mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the The SIM card parameters are decrypted and network registration is performed by decrypting the obtained SIM card parameters to establish a mobile internet.
S307,移动终端当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求。S307. The mobile terminal sends an update request of the SIM card parameter to the management server when detecting that the usage time of the SIM card parameter exceeds an expiration date.
S308,管理服务器根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。S308. The management server updates the SIM card parameter in the mobile terminal according to the update request.
在本发明实施例中,首先向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使管理服务器根据设备标识信息向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密;然后接收管理服务器发送的经过加密的SIM卡参数;最后使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密,并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。In the embodiment of the present invention, an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter. Encrypting; then receiving the encrypted SIM card parameters sent by the management server; finally decrypting the encrypted SIM card parameters using the algorithm private key corresponding to the algorithm public key, and performing network registration by the decrypted SIM card parameters to establish the mobile The Internet, which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
请参考图4,图4是本发明实施例提出的一种移动终端的结构示意图。如图所示,本发明实施例中的移动终端40包括:Please refer to FIG. 4. FIG. 4 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention. As shown in the figure, the mobile terminal 40 in the embodiment of the present invention includes:
请求发送模块401,用于向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密。其中,设备标识信息可以为移动终端标识号(MEID,Mobile Equipment Identifier)、国际移动设备身份码(IMEI,International Mobile Equipment Identity)等等。The request sending module 401 is configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key. Encrypting the SIM card parameters. The device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
管理服务器接收到所述HTTP请求之后,首先对所述HTTP请求进行解析进而从所述HTTP请求中获取设备标识信息以及算法公钥,然后确认设备标识信息是否符合终端设备标识要求,当所述设备标识信息不符合终端设备标识要求时,向所述移动终端返回所述设备标识信息错误的消息并提示用户重新提交所述设备标识信息,当所述设备标识信息符合终端设备标识要求时,向所述移动终端分配SIM卡参数,并使用算法公钥对SIM卡参数进行加密, 并将经过加密的SIM卡参数发送至移动终端。其中,SIM卡参数可以包括国际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。After receiving the HTTP request, the management server first parses the HTTP request to obtain device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement, when the device When the identification information does not meet the requirements of the terminal device identification, the device returns a message indicating that the device identification information is incorrect, and prompts the user to resubmit the device identification information. When the device identification information meets the terminal device identification requirement, the device The mobile terminal allocates a SIM card parameter, and encrypts the SIM card parameter by using an algorithm public key. The encrypted SIM card parameters are sent to the mobile terminal. The SIM card parameter may include an International Mobile Subscriber Identification Number (IMSI).
信息接收模块402,用于接收所述管理服务器发送的经过加密的所述SIM卡参数。The information receiving module 402 is configured to receive the encrypted SIM card parameter sent by the management server.
解密注册模块403,用于使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。The decryption registration module 403 is configured to decrypt the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and perform network registration by decrypting the obtained SIM card parameters to establish a mobile internet.
具体实现中,所述SIM卡参数还可以包括注册密码,在解密得到国际移动用户识别码和注册密码之后,可以使用国际移动用户识别码和注册密码进行网络注册,当确认网络注册成功时,提示用户可以进行移动互联网络操作。In a specific implementation, the SIM card parameter may further include a registration password, and after decrypting the international mobile subscriber identity and the registration password, the network registration may be performed by using an international mobile subscriber identity and a registration password, and when the network registration is successful, the prompt is prompted. Users can perform mobile internet operations.
可选的,如图4所示,本发明实施例中的移动终端40还可以包括:Optionally, as shown in FIG. 4, the mobile terminal 40 in the embodiment of the present invention may further include:
信息获取模块405,用于获取所述设备标识信息以及所述算法公钥。The information obtaining module 405 is configured to obtain the device identification information and the algorithm public key.
具体实现中,移动终端可以预先通过加密算法计算出加密密钥,所述加密密钥包括算法公钥和算法私钥。当移动终端需要向管理服务器申请SIM卡参数时,可以获取所述设备标识信息以及所述算法公钥。In a specific implementation, the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key. When the mobile terminal needs to apply for a SIM card parameter to the management server, the device identification information and the algorithm public key may be acquired.
请求生成模块406,用于根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。The request generating module 406 is configured to generate the HTTP request according to the device identification information and the algorithm public key.
可选的,如图4所示,本发明实施例中的移动终端40还可以包括:Optionally, as shown in FIG. 4, the mobile terminal 40 in the embodiment of the present invention may further include:
参数更新模块404,用于当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。其中,有效期限可以是一个月或半个月,也可以由用户与移动网络运营商协商确定,更新请求也可以为携带有设备标识信息以及算法公钥的HTTP请求,可以重复执行上述操作对SIM卡参数进行更新。The parameter update module 404 is configured to: when detecting that the usage time of the SIM card parameter exceeds an expiration date, send an update request of the SIM card parameter to the management server, so that the management server refers to the mobile terminal The SIM card parameters are updated. The expiration date may be one month or half a month, or may be determined by the user in consultation with the mobile network operator. The update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the operation may be repeatedly performed on the SIM. The card parameters are updated.
需要说明的是,本发明实施例中的移动终端和管理服务器可以使用其他 网络资源进行信息传输,当使用请求得到的SIM卡参数进行网络注册成功之后,可以使用该SIM卡参数注册的网络资源进行信息传输。It should be noted that the mobile terminal and the management server in the embodiment of the present invention may use other The network resource performs information transmission. After the network card registration is successfully performed by using the requested SIM card parameter, the network resource registered by the SIM card parameter may be used for information transmission.
在本发明实施例中,首先向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使管理服务器根据设备标识信息向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密;然后接收管理服务器发送的经过加密的SIM卡参数;最后使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密,并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。In the embodiment of the present invention, an HTTP request carrying the device identification information and the algorithm public key is first sent to the management server, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter. Encrypting; then receiving the encrypted SIM card parameters sent by the management server; finally decrypting the encrypted SIM card parameters using the algorithm private key corresponding to the algorithm public key, and performing network registration by the decrypted SIM card parameters to establish the mobile The Internet, which implements the method of obtaining encrypted SIM card parameters from the server through HTTP request, is more efficient and secure.
请参考图5,图5是本发明实施例提出的一种管理服务器的结构示意图。如图所示,本发明实施例中的管理服务器50包括:Please refer to FIG. 5. FIG. 5 is a schematic structural diagram of a management server according to an embodiment of the present invention. As shown in the figure, the management server 50 in the embodiment of the present invention includes:
请求接收模块501,用于接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求。The request receiving module 501 is configured to receive an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key.
具体实现中,移动终端可以预先通过加密算法计算出加密密钥,所述加密密钥包括算法公钥和算法私钥。当移动终端需要向管理服务器申请SIM卡参数时,可以获取所述设备标识信息以及所述算法公钥;根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求;然后向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求。其中,设备标识信息可以为移动终端标识号(MEID,Mobile Equipment Identifier)、国际移动设备身份码(IMEI,International Mobile Equipment Identity)等等。In a specific implementation, the mobile terminal may calculate an encryption key by using an encryption algorithm, where the encryption key includes an algorithm public key and an algorithm private key. When the mobile terminal needs to apply for the SIM card parameter to the management server, the device identification information and the algorithm public key may be acquired; and the HTTP request is generated according to the device identification information and the algorithm public key; and then The server sends an HTTP request carrying the device identification information and the algorithm public key. The device identification information may be a Mobile Equipment Identifier (MEID), an International Mobile Equipment Identity (IMEI), or the like.
信息处理模块502,用于根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密。The information processing module 502 is configured to allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key.
具体实现中,管理服务器接收到所述TTTP请求之后,首先对所述HTTP请求进行解析进而从所述HTTP请求中获取设备标识信息以及算法公钥,然后确认设备标识信息是否符合终端设备标识要求,当所述设备标识信息不符 合终端设备标识要求时,向所述移动终端返回所述设备标识信息错误的消息并提示用户重新提交所述设备标识信息,当所述设备标识信息符合终端设备标识要求时,向所述移动终端分配SIM卡参数,并使用算法公钥对SIM卡参数进行加密,并将经过加密的SIM卡参数发送至移动终端。其中,SIM卡参数可以为国际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。In a specific implementation, after receiving the TTTP request, the management server first parses the HTTP request, and then obtains device identification information and an algorithm public key from the HTTP request, and then confirms whether the device identification information meets the terminal device identification requirement. When the device identification information does not match And returning the message that the device identification information is incorrect to the mobile terminal, and prompting the user to resubmit the device identification information, and when the device identification information meets the terminal device identification requirement, to the mobile terminal The SIM card parameters are assigned, and the SIM card parameters are encrypted using the algorithm public key, and the encrypted SIM card parameters are transmitted to the mobile terminal. The SIM card parameter may be an International Mobile Subscriber Identification Number (IMSI).
信息发送模块503,用于将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。The information sending module 503 is configured to send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the SIM card parameter. Decrypting and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet network.
可选的,可以接收所述移动终端发送的更新请求;根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。其中,更新请求也可以为携带有设备标识信息以及算法公钥的HTTP请求,可以重复执行上述操作对移动终端中的SIM卡参数进行更新。Optionally, an update request sent by the mobile terminal may be received; and the SIM card parameter in the mobile terminal is updated according to the update request. The update request may also be an HTTP request carrying the device identification information and the algorithm public key, and the above operations may be repeatedly performed to update the SIM card parameters in the mobile terminal.
在本发明实施例中,管理服务器首先接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;然后根据HTTP请求中的设备标识信息,最后向移动终端分配SIM卡参数并使用算法公钥对SIM卡参数进行加密。将经过加密的SIM卡参数发送至移动终端,以使移动终端使用与算法公钥对应的算法私钥对经过加密的SIM卡参数进行解密并通过解密得到的SIM卡参数进行网络注册以建立移动互联网络,从而实现了移动终端通过HTTP请求从服务器中获取经过加密的SIM卡参数的方法更为高效安全。In the embodiment of the present invention, the management server first receives an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key. Then, according to the device identification information in the HTTP request, the SIM card parameter is finally allocated to the mobile terminal and the algorithm is used. The key encrypts the SIM card parameters. Sending the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal decrypts the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performs network registration through the decrypted SIM card parameters to establish a mobile internet connection. The network, thereby realizing the method for the mobile terminal to obtain the encrypted SIM card parameters from the server through the HTTP request, is more efficient and secure.
请参考图6,图6是本发明实施例提出的一种SIM卡参数管理系统的结构示意图。如图所示,本发明实施例中的系统包括:Please refer to FIG. 6. FIG. 6 is a schematic structural diagram of a SIM card parameter management system according to an embodiment of the present invention. As shown in the figure, the system in the embodiment of the present invention includes:
移动终端40,用于向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;接收所述管理 服务器发送的经过加密的所述SIM卡参数;使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。The mobile terminal 40 is configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key pair. Encrypting the SIM card parameters; receiving the management The encrypted SIM card parameter sent by the server; decrypting the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameter Establish a mobile internet.
管理服务器50,用于接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。The management server 50 is configured to receive an HTTP request that is sent by the mobile terminal and that carries the device identification information and the algorithm public key. According to the device identification information in the HTTP request, the SIM card parameter is allocated to the mobile terminal, and the algorithm is used. The key encrypts the SIM card parameter; the encrypted SIM card parameter is sent to the mobile terminal, so that the mobile terminal uses the algorithm private key pair corresponding to the algorithm public key to encrypt the The SIM card parameters are decrypted and network registration is performed by decrypting the obtained SIM card parameters to establish a mobile internet.
需要说明的是,对于前述的各个方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某一些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing various method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详细描述的部分,可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the parts that are not described in detail in a certain embodiment can be referred to the related descriptions of other embodiments.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括:闪存盘、只读存储器(英文:Read-Only Memory,简称:ROM)、随机存取器(英文:Random Access Memory,简称:RAM)、磁盘或光盘等。A person skilled in the art may understand that all or part of the various steps of the foregoing embodiments may be performed by a program to instruct related hardware. The program may be stored in a computer readable storage medium, and the storage medium may include: Flash disk, read-only memory (English: Read-Only Memory, referred to as: ROM), random accessor (English: Random Access Memory, referred to as: RAM), disk or optical disk.
以上对本发明实施例所提供的内容下载方法及相关设备、系统进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。 The content downloading method and the related device and system provided by the embodiments of the present invention are described in detail above. The principles and implementation manners of the present invention are described in the specific examples. The description of the above embodiments is only used to help understand the present invention. The method of the invention and its core idea; at the same time, for the person of ordinary skill in the art, according to the idea of the present invention, there are some changes in the specific embodiment and the scope of application. In summary, the content of the specification should not be understood. To limit the invention.

Claims (10)

  1. 一种虚拟SIM卡参数管理方法,其特征在于,所述方法包括:A virtual SIM card parameter management method, the method comprising:
    向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;Sending, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key to perform the SIM card parameter encryption;
    接收所述管理服务器发送的经过加密的所述SIM卡参数;Receiving the encrypted SIM card parameter sent by the management server;
    使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。Decrypting the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key, and performing network registration by decrypting the obtained SIM card parameters to establish a mobile internet network.
  2. 如权利要求1所述的方法,其特征在于,所述向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求之前还包括:The method of claim 1, wherein before the sending, by the management server, the HTTP request carrying the device identification information and the algorithm public key, the method further comprises:
    获取所述设备标识信息以及所述算法公钥;Obtaining the device identification information and the algorithm public key;
    根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。And generating the HTTP request according to the device identification information and the algorithm public key.
  3. 如权利要求1所述的方法,其特征在于,所述通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络之后,还包括:The method according to claim 1, wherein after the network registration is performed by decrypting the SIM card parameters to establish a mobile internet, the method further includes:
    当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。When it is detected that the usage time of the SIM card parameter exceeds the expiration date, an update request of the SIM card parameter is sent to the management server, so that the management server updates the SIM card parameter in the mobile terminal.
  4. 一种虚拟SIM卡参数管理方法,其特征在于,所述方法包括:A virtual SIM card parameter management method, the method comprising:
    接收移动终端发送的携带有设备标识信息以及算法公钥的HTTP请求;Receiving an HTTP request that is sent by the mobile terminal and carries the device identification information and the algorithm public key;
    根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;Assigning a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypting the SIM card parameter by using the algorithm public key;
    将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解 密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。Transmitting the encrypted SIM card parameters to the mobile terminal, so that the mobile terminal solves the encrypted SIM card parameters by using an algorithm private key corresponding to the algorithm public key The network registration is performed by decrypting the obtained SIM card parameters to establish a mobile internet.
  5. 如权利要求4所述的方法,其特征在于,所述将经过加密的所述SIM卡参数发送至所述移动终端之后,还包括:The method of claim 4, after the transmitting the encrypted SIM card parameters to the mobile terminal, further comprising:
    接收所述移动终端发送的更新请求;Receiving an update request sent by the mobile terminal;
    根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。Updating the SIM card parameters in the mobile terminal according to the update request.
  6. 一种移动终端,其特征在于,所述移动终端包括:A mobile terminal, characterized in that the mobile terminal comprises:
    请求发送模块,用于向管理服务器发送携带有设备标识信息以及算法公钥的HTTP请求,以使所述管理服务器根据所述设备标识信息向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;a request sending module, configured to send, to the management server, an HTTP request carrying the device identification information and the algorithm public key, so that the management server allocates the SIM card parameter to the mobile terminal according to the device identification information, and uses the algorithm public key pair The SIM card parameters are encrypted;
    信息接收模块,用于接收所述管理服务器发送的经过加密的所述SIM卡参数;An information receiving module, configured to receive the encrypted SIM card parameter sent by the management server;
    解密注册模块,用于使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密,并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。And a decryption registration module, configured to decrypt the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key, and perform network registration by decrypting the obtained SIM card parameter to establish a mobile internet network.
  7. 如权利要求6所述的移动终端,其特征在于,所述移动终端还包括:The mobile terminal of claim 6, wherein the mobile terminal further comprises:
    信息获取模块,用于获取所述设备标识信息以及所述算法公钥;An information acquiring module, configured to acquire the device identification information and the algorithm public key;
    请求生成模块,用于根据所述设备标识信息以及所述算法公钥,生成得到所述HTTP请求。And a request generating module, configured to generate the HTTP request according to the device identification information and the algorithm public key.
  8. 如权利要求6所述的移动终端,其特征在于,所述移动终端还包括:The mobile terminal of claim 6, wherein the mobile terminal further comprises:
    参数更新模块,用于当检测到所述SIM卡参数的使用时间超过有效期限时,向所述管理服务器发送SIM卡参数的更新请求,以使所述管理服务器对所述移动终端中的所述SIM卡参数进行更新。a parameter update module, configured to send an update request of the SIM card parameter to the management server when the usage time of the SIM card parameter is detected to exceed an expiration date, so that the management server is configured to the SIM in the mobile terminal The card parameters are updated.
  9. 一种管理服务器,其特征在于,所述管理服务器包括:A management server, wherein the management server comprises:
    请求接收模块,用于接收移动终端发送的携带有设备标识信息以及算法 公钥的HTTP请求;a request receiving module, configured to receive a device identification information and an algorithm sent by the mobile terminal HTTP request for public key;
    信息处理模块,用于根据所述HTTP请求中的所述设备标识信息,向移动终端分配SIM卡参数并使用所述算法公钥对所述SIM卡参数进行加密;An information processing module, configured to allocate a SIM card parameter to the mobile terminal according to the device identification information in the HTTP request, and encrypt the SIM card parameter by using the algorithm public key;
    信息发送模块,用于将经过加密的所述SIM卡参数发送至所述移动终端,以使所述移动终端使用与所述算法公钥对应的算法私钥对经过加密的所述SIM卡参数进行解密并通过解密得到的所述SIM卡参数进行网络注册以建立移动互联网络。An information sending module, configured to send the encrypted SIM card parameter to the mobile terminal, so that the mobile terminal performs the encrypted SIM card parameter by using an algorithm private key corresponding to the algorithm public key Decrypting and decrypting the obtained SIM card parameters for network registration to establish a mobile internet network.
  10. 如权利要求9所述的管理服务器,其特征在于,A management server according to claim 9, wherein:
    所述请求接收模块,还用于接收所述移动终端发送的更新请求;The request receiving module is further configured to receive an update request sent by the mobile terminal;
    所述信息发送模块,还用于根据所述更新请求,对所述移动终端中的所述SIM卡参数进行更新。 The information sending module is further configured to update the SIM card parameter in the mobile terminal according to the update request.
PCT/CN2015/082921 2015-06-19 2015-06-30 Virtual sim card parameter management method, mobile terminal, and server WO2016201732A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510344953.4 2015-06-19
CN201510344953.4A CN105007577B (en) 2015-06-19 2015-06-19 A kind of virtual SIM card parameter management method, mobile terminal and server

Publications (1)

Publication Number Publication Date
WO2016201732A1 true WO2016201732A1 (en) 2016-12-22

Family

ID=54380056

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/082921 WO2016201732A1 (en) 2015-06-19 2015-06-30 Virtual sim card parameter management method, mobile terminal, and server

Country Status (2)

Country Link
CN (1) CN105007577B (en)
WO (1) WO2016201732A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111786778A (en) * 2020-06-12 2020-10-16 视联动力信息技术股份有限公司 Method and device for updating key

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376233A (en) * 2015-11-20 2016-03-02 宇龙计算机通信科技(深圳)有限公司 Soft SIM parameter management method, soft SIM parameter management device, terminal and network side server
CN105657688B (en) * 2015-11-30 2019-10-11 东莞酷派软件技术有限公司 A kind of communication means and device based on virtual client identification module
CN105813060B (en) * 2016-03-11 2019-06-28 珠海市魅族科技有限公司 A kind of method and device obtaining Virtual User identity
CN105636017A (en) * 2016-03-14 2016-06-01 努比亚技术有限公司 Data service enablement device and method
CN105828324A (en) * 2016-03-21 2016-08-03 珠海市魅族科技有限公司 Method and device of obtaining virtual subscriber identity
CN105933890A (en) * 2016-03-31 2016-09-07 宇龙计算机通信科技(深圳)有限公司 Embedded SIM card realizing method and system, user terminal and server
CN105744495A (en) * 2016-04-01 2016-07-06 青岛海信移动通信技术股份有限公司 Method for mobile terminal to obtain card information and mobile terminal
CN105792177A (en) * 2016-04-29 2016-07-20 广东欧珀移动通信有限公司 Virtual SIM card registration method, system, terminal equipment and server thereof
CN105848153A (en) * 2016-06-07 2016-08-10 宇龙计算机通信科技(深圳)有限公司 Embedded type SIM card registration method, embedded type SIM card authentication method and corresponding systems
CN107104964B (en) * 2017-04-25 2020-03-24 商洛学院 Network security terminal and use method
CN107567012A (en) * 2017-09-26 2018-01-09 深圳普创天信科技发展有限公司 A kind of production of soft SIM card, use, processing method and processing device
CN108769978A (en) * 2018-04-13 2018-11-06 深圳市优克联新技术有限公司 SIM card management server, binding device, management method, binding method and system
CN113196811B (en) * 2018-12-19 2024-10-29 高通股份有限公司 Modem assisted network attach procedure without default SIM profile
CN109831775B (en) * 2019-02-02 2021-12-03 华为数字技术(苏州)有限公司 Processor, baseband chip and SIM card information transmission method
CN110868460B (en) * 2019-11-04 2022-09-06 深圳市泰信通信息技术有限公司 Terminal, registration server, and method and system for configuring networking parameters of terminal
CN112995982B (en) * 2019-12-18 2023-05-23 深圳优克云联科技有限公司 Method, device, server and storage medium for scheduling cloud SIM card

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103533539A (en) * 2013-11-01 2014-01-22 深圳市中兴物联科技有限公司 Virtual SIM (subscriber identity module) card parameter management method and device
EP2749003A1 (en) * 2011-08-24 2014-07-02 Deutsche Telekom AG Method for authenticating a telecommunication terminal comprising an identity module on a server device in a telecommunication network, use of an identity module, identity module and computer program
CN104185176A (en) * 2014-08-28 2014-12-03 中国联合网络通信集团有限公司 Method and system for remote initialization of Internet of Things virtual subscriber identity module card
US20150121066A1 (en) * 2013-09-10 2015-04-30 John A. Nix Set of Servers for "Machine-to-Machine" Communications using Public Key Infrastructure

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2749003A1 (en) * 2011-08-24 2014-07-02 Deutsche Telekom AG Method for authenticating a telecommunication terminal comprising an identity module on a server device in a telecommunication network, use of an identity module, identity module and computer program
US20150121066A1 (en) * 2013-09-10 2015-04-30 John A. Nix Set of Servers for "Machine-to-Machine" Communications using Public Key Infrastructure
CN103533539A (en) * 2013-11-01 2014-01-22 深圳市中兴物联科技有限公司 Virtual SIM (subscriber identity module) card parameter management method and device
CN104185176A (en) * 2014-08-28 2014-12-03 中国联合网络通信集团有限公司 Method and system for remote initialization of Internet of Things virtual subscriber identity module card

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111786778A (en) * 2020-06-12 2020-10-16 视联动力信息技术股份有限公司 Method and device for updating key
CN111786778B (en) * 2020-06-12 2024-11-08 视联动力信息技术股份有限公司 Method and device for updating secret key

Also Published As

Publication number Publication date
CN105007577A (en) 2015-10-28
CN105007577B (en) 2019-01-11

Similar Documents

Publication Publication Date Title
WO2016201732A1 (en) Virtual sim card parameter management method, mobile terminal, and server
US10601801B2 (en) Identity authentication method and apparatus
US9294274B2 (en) Technologies for synchronizing and restoring reference templates
WO2019109852A1 (en) Data transmission method and system
TWI636373B (en) Method and device for authorizing between devices
CN104836784B (en) A kind of information processing method, client and server
JP2008099267A (en) Method for securing session between wireless terminal and equipment in network
US20140126723A1 (en) Method, apparatus, and system for protecting cloud data security
CN107196919B (en) Data matching method and device
US10063655B2 (en) Information processing method, trusted server, and cloud server
JP2020533853A (en) Methods and equipment for managing digital certificates
WO2008006312A1 (en) A realizing method for push service of gaa and a device
CN107635227B (en) Group message encryption method and device
CN106161363B (en) SSL connection establishment method and system
WO2014180431A1 (en) Network management security authentication method, device and system, and computer storage medium
CN106911628A (en) A kind of user registers the method and device of application software on the client
EP2930962B1 (en) Encryption/decryption method, system and device
CN114173328A (en) Key exchange method and device and electronic equipment
CN108234401B (en) Method and device for authorizing service system
CN108259428B (en) System and method for realizing data transmission
CN110830240B (en) Communication method and device of terminal and server
CN113163399A (en) Communication method and device of terminal and server
WO2017206185A1 (en) Method, apparatus and system for verifying legitimacy of application program
JP6527576B2 (en) Method, apparatus and system for acquiring local information
WO2023231817A1 (en) Data processing method and apparatus, and computer device and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15895305

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15895305

Country of ref document: EP

Kind code of ref document: A1