WO2017185461A1 - Method and system for recovering tampered key information of virtual subscriber identity module - Google Patents

Method and system for recovering tampered key information of virtual subscriber identity module Download PDF

Info

Publication number
WO2017185461A1
WO2017185461A1 PCT/CN2016/084079 CN2016084079W WO2017185461A1 WO 2017185461 A1 WO2017185461 A1 WO 2017185461A1 CN 2016084079 W CN2016084079 W CN 2016084079W WO 2017185461 A1 WO2017185461 A1 WO 2017185461A1
Authority
WO
WIPO (PCT)
Prior art keywords
esim
key information
information
secure
module
Prior art date
Application number
PCT/CN2016/084079
Other languages
French (fr)
Chinese (zh)
Inventor
邵刚
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2017185461A1 publication Critical patent/WO2017185461A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1471Saving, restoring, recovering or retrying involving logging of persistent data for recovery

Definitions

  • the embodiments of the present invention relate to the technical field of user identification modules, and in particular, to a method and system for recovering key information of a virtual subscriber identity module.
  • SIM Subscriber Identity Module
  • the communication device can effectively complete the connection and information exchange with the network operator, thereby implementing the communication function.
  • the SIM card stores the user's personal identification number and a corresponding key, which is generated in accordance with a certain security algorithm in case of confidentiality.
  • the user key and the security algorithm can not only identify the user, prevent illegal access to the network, but also prevent the user data transmitted on the wireless channel from being stolen.
  • the user can also store some fixed short messages, a directory and other personal information into the SIM card. in.
  • eSim virtual user identity module
  • the physical SIM card will be gradually replaced by a virtual user identity module called eSim, which is directly embedded in the system motherboard of the communication device, and can The eSim is repeatedly defined by a program, a client data is stored, an authentication algorithm and an encryption key are executed, and the communication device embedded in the eSim can access different network operators.
  • eSim makes it unnecessary to configure the receiving slot of the traditional physical SIM card in the communication device, so the communication device can be made thinner, and the eSim can be repeatedly defined, and the communication of the eSim is embedded.
  • the device does not have to be restricted by the network provider and can be replaced at any time.
  • eSim brings more flexibility to users, but also brings security problems. Because the eSim is implemented by writing programs, there is a risk of malicious tampering by criminals, so it is necessary to design an eSim. Tampering recovery methods to ensure the security of eSim's critical information.
  • the embodiment of the invention provides a method and a system for recovering the key information of the virtual subscriber identity module, so as to ensure the security of the key information of the eSim.
  • an embodiment of the present invention provides a method for recovering key information of a virtual subscriber identity module, where the method includes:
  • the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
  • the secure partition area receives a predetermined physical operation restore instruction
  • the eSim key information is restored using the secure backup information according to the physical operation restore instruction.
  • the method further includes:
  • the key information of eSim is modified; if the rejection modification instruction is received, the key information of eSim is not modified.
  • the predetermined physical operation restore instruction includes:
  • the key information includes one or more of user identity information, user authentication parameters, and operator parameters.
  • the method further includes: setting a preset regular flag at the time of eSim initialization to monitor the status of the eSim key information.
  • the embodiment of the present invention further provides a recovery system in which the key information of the virtual subscriber identity module is tampered with, and the system includes:
  • a detection module configured to detect that the key information of the eSim has been tampered with
  • the first prompt module is configured to issue a prompt for restoring the secure backup information of the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
  • a receiving module configured to receive a predetermined physical operation restoration instruction in the secure partition area
  • a restore module configured to perform eSim key information restoration by using the secure backup information according to the physical operation restore instruction.
  • system further includes:
  • a second prompting module configured to issue a prompt to allow the eSim key information to be modified before the eSim key information is modified
  • the response module is configured to modify the eSim key information if the consent modification instruction is received; if the rejection modification instruction is received, the eSim key information is not modified.
  • the predetermined physical operation restore instruction includes:
  • the key information includes: user identity information, user authentication parameters, and operator parameters. One or more of them.
  • system further includes: a setting module, configured to set a preset regular flag when the eSim is initialized, to monitor the status of the eSim key information.
  • the method for recovering the key information of the virtual subscriber identity module is tamper-removed by the embodiment of the present invention.
  • the user When detecting that the key information of the eSim is tampered with, the user is prompted to use the secure backup information of the secure partition area for restoration, wherein the security partition is
  • the secure backup information of the area is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction. It enables the user to know in real time whether the key information of eSim has been tampered with. If it is tampered with, the key information of eSim can be recovered in time through the secure backup information of the secure partition area, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
  • FIG. 1 is a schematic flowchart of a method for restoring key information of a virtual subscriber identity module according to a first embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a method for restoring key information of a virtual subscriber identity module according to Embodiment 2 of the present invention
  • FIG. 3 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 3 of the present invention
  • FIG. 4 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 4 of the present invention
  • FIG. 5 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 5 of the present invention.
  • FIG. 1 is a flowchart of a method for recovering key information of a virtual subscriber identity module according to a first embodiment of the present invention.
  • the method may be applicable to a situation in which eSim key information is tampered with timely recovery of correct information, and may be identified by a virtual user. Module critical information is tampered with the recovery system to perform.
  • the system can be implemented in hardware and/or software. The method specifically includes the following steps:
  • Step 110 It is detected that the key information of the eSim is tampered with.
  • the eSim key information may preferably include one or more of user identity information, user authentication parameters, and operator parameters. Of course, the eSim may also save the user's phone book or SMS data. Further, the method may further include: setting a preset regular flag when the eSim is initialized, to monitor the state of the eSim key information, that is, the eSim key information is set during the initialization process. Determining the correct state of the information according to a flag or a check code generated by a certain rule, the rule being confidential and not publicly disclosed, if the eSim key information is modified, causing the flag bit to no longer follow the rule It is considered to be a malicious tampering of the eSim key information.
  • the information that should be continuously stored is stored in a non-continuous manner, and specific flag bits are added between the information to form eSim key information.
  • Initialization information when the state of the information needs to be known, by reading the initialization information, and filtering the flag bit to compare with a flag bit added when the information is initialized, if the two are consistent, the information is In the correct state, it has not been tampered with, otherwise the information is considered to have been tampered with. Therefore, it can be detected whether the eSim key information has been tampered by judging the flag bit.
  • Step 120 Send a prompt for restoring using the secure backup information of the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized.
  • the user When it is detected that the eSim key information is tampered with, the user is prompted to use the secure backup information of the secure partition area to perform the restoration, and the prompting manner may be displayed on the terminal screen by using a pop-up window, or by voice prompting. Tips, of course, can also be other tips.
  • Step 130 The secure partition area receives a predetermined physical operation restore instruction.
  • the secure partition area can only be controlled by a specific physical operation restore command to ensure the security of the information in the secure partition area.
  • the physical operation restore command may be through a specific physical button or a physical button.
  • the specific physical button may specifically be a power button or a volume button, and the physical button combination may specifically be a combination of a power button and a volume button, such as pressing a power button and a volume up button, so that the power button and the power button are in the same time period.
  • the volume up button is pressed, or it can be
  • a small circular hole is disposed in the terminal, and the small circular hole is provided with an action component, and the action component in the small circular hole can be triggered by the thimble to issue a physical operation reduction command.
  • Step 140 Perform, according to the physical operation restore instruction, the eSim key information restoration by using the secure backup information.
  • the recovery method for the tampering of the key information of the virtual subscriber identity module provided by the embodiment, when detecting that the key information of the eSim is tampered with, prompting the user to restore the security backup information using the secure partition zone, wherein the secure partition zone
  • the secure backup information is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction.
  • FIG. 2 is a schematic flowchart of a method for recovering key information of a virtual subscriber identity module according to a second embodiment of the present invention.
  • the following steps are added: before the key information of the eSim is modified, Sending a prompt to allow eSim key information to be modified.
  • the advantage of this setting is that the user can know the current status of the key information of eSim in real time, and can choose to modify or reject the modification according to his own situation.
  • the method is The steps added on the basis of the first embodiment are as follows:
  • Step 210 Send a prompt to allow the eSim key information to be modified before the eSim key information is modified.
  • the method may further include: setting a preset regular flag bit during eSim initialization to monitor a state of the eSim key information, that is, the eSim key information is set in a process of initializing a flag or a rule generated according to a certain rule. Checking the code to characterize the correct state of the information. The rule is confidential and not publicly disclosed. If the eSim key information is to be modified, the flag bit will change accordingly, so the flag can be monitored by judging the flag. Whether the eSim key information will be modified.
  • the prompting manner may be displayed on the screen of the terminal by using a pop-up window, or may be prompted by a voice prompt, and may also be other prompting manners.
  • Step 220 If the consent modification instruction is received, the eSim key information is modified; if the rejection modification instruction is received, the eSim key information is not modified.
  • the method for recovering the key information of the virtual subscriber identity module is modified according to the embodiment, and the prompt for allowing the eSim key information to be modified is sent before the key information of the eSim is modified; if the consent modification command is received, the key information of the eSim is sent.
  • the modification is made; if the rejection modification instruction is received, the eSim key information is not modified.
  • FIG. 3 is a structural block diagram of a system for recovering key information of a virtual subscriber identity module according to a third embodiment of the present invention.
  • the system specifically includes the following:
  • the detecting module 310 is configured to detect that the eSim key information is tampered with; the first prompting module 320 is configured to issue a prompt for restoring the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is initialized by the eSim Key information of eSim backed up in the secure partition area;
  • the receiving module 330 is configured to receive a predetermined physical operation restore command for the secure partition area, and the restore module 340 is configured to use the secure backup information to perform eSim key information restoration according to the physical operation restore command.
  • a recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment of the present invention, when detecting that the key information of the eSim has been tampered with, prompting the user to use the secure backup information of the secure partition area for restoration, wherein the security partition
  • the secure backup information of the area is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction.
  • FIG. 4 is a structural block diagram of a system for recovering key information of a virtual subscriber identity module according to a fourth embodiment of the present invention.
  • the key information of the virtual subscriber identity module provided by the embodiment is tamper-recovered.
  • the second prompt module is added to the system.
  • the system specifically includes the following:
  • the prompt module is configured to modify the key information of the eSim if the consent modification instruction is received; if the rejection modification instruction is received, the key information of the eSim is not modified.
  • the predetermined physical operation restore instruction may include:
  • the key information may include one or more of user identity information, user authentication parameters, and operator parameters.
  • system may further include: a setting module, configured to set a preset regular flag when the eSim is initialized, to monitor the status of the eSim key information.
  • a setting module configured to set a preset regular flag when the eSim is initialized, to monitor the status of the eSim key information.
  • a recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment provides a prompt for allowing the eSim key information to be modified before the eSim key information is modified; if the consent modification instruction is received, the eSim key information is The modification is made; if the rejection modification instruction is received, the eSim key information is not modified. It enables the user to know the current status of the key information of eSim in real time, and can perform the modification operation or stop the modification operation according to the user's instruction, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
  • FIG. 5 is a structural block diagram of another system for recovering key information of a virtual subscriber identity module according to Embodiment 5 of the present invention.
  • the system 7 may include: at least one processor 71, such as a CPU, at least A communication bus 72 and a memory 73; the communication bus 72 is used to implement connection communication between these components; the memory 73 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • a set of program codes is stored in the memory 73, and the processor 71 is configured to call the program code stored in the memory 73 for performing the following operations:
  • the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
  • the secure partition area receives a predetermined physical operation restore instruction
  • the eSim key information is restored using the secure backup information according to the physical operation restore instruction.
  • processor 71 also performs the following operations:
  • the key information of eSim is modified; if the rejection modification instruction is received, the key information of eSim is not modified.
  • the predetermined physical operation restoration instruction includes:
  • a physical operation restore command issued by a specific physical button or combination of physical keys is issued by a specific physical button or combination of physical keys.
  • the key information includes one or more of user identity information, user authentication parameters, and operator parameters.
  • processor 71 also performs the following operations:
  • the preset regular flag is set during eSim initialization to monitor the status of eSim's critical information.
  • a recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment provides a prompt for allowing the eSim key information to be modified before the eSim key information is modified; if the consent modification instruction is received, the eSim key information is The modification is made; if the rejection modification instruction is received, the eSim key information is not modified. It enables the user to know the current status of the key information of eSim in real time, and can perform the modification operation or stop the modification operation according to the user's instruction, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
  • the above product can perform the method provided by any embodiment of the present invention, and has the corresponding functional modules and beneficial effects of the execution method.
  • a program instructing related hardware may be completed by a program instructing related hardware, and the program is stored in a storage medium, and includes a plurality of instructions for making a device (which may be a single chip microcomputer). , a chip, etc. or a processor performs all or part of the steps of the methods described in various embodiments of the present application.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

Abstract

A method and a system for recovering tampered key information of a virtual subscriber identity module eSim. The method comprises: detecting that eSim key information has been tampered with (110); sending a prompt to use secure backup information of a secure partition region to perform a restoration (120); the secure partition region receiving a predetermined physical operation restoration instruction (130); using, according to the physical operation restoration instruction, the secure backup information to restore the eSim key information (140). Further provided is a method for recovering tampered key information of a virtual subscriber identity module. When eSim key information is detected to have been tampered with, the eSim key information can be restored according to a physical operation restoration instruction, such that a user can learn, in real time, the current state information of the eSim, and the key information of the eSim can be recovered in time by means of secure backup information of a secure partition region, thereby guaranteeing the security of the eSim key information, ensuring the safe usage of the user.

Description

一种虚拟用户识别模块关键信息被篡改的恢复方法及系统Method and system for recovering key information of virtual subscriber identity module from being tampered with
本申请要求于2016年4月29日提交中国专利局,申请号为201610281020.X、发明名称为“一种虚拟用户识别模块关键信息被篡改的恢复方法及系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to the Chinese Patent Application submitted by the China Patent Office on April 29, 2016, with the application number 201610281020.X, and the invention titled “Recovering Method and System for the Identification of Key Information of Virtual User Identification Modules”. The entire contents of this application are incorporated herein by reference.
技术领域Technical field
本发明实施例涉及用户识别模块技术领域,尤其涉及一种虚拟用户识别模块关键信息被篡改的恢复方法及系统。The embodiments of the present invention relate to the technical field of user identification modules, and in particular, to a method and system for recovering key information of a virtual subscriber identity module.
背景技术Background technique
SIM(Subscriber Identity Module,用户身份识别模块)是“全球通”系统中不可缺少的一个重要组成部分,只有通过对SIM卡定义,即在SIM卡中存储客户数据,执行鉴权算法和加密密匙,通信设备才能有效地完成和网络运营商的连接和信息交换,进而实现通信功能。SIM卡中存储有用户的个人识别号码和与之对应的一个密钥,所述密钥在保密的情况下按一定的保密算法产生。用户密钥和保密算法既能鉴别用户身份,防止非法进入网络,又能使无线信道上传送的用户数据不会被窃取,用户还可以将一些固定短消息、号码簿等个人信息存入SIM卡中。目前,多数通信设备采用的是可移除的物理SIM卡,所述物理SIM卡被插入通信设备中的SIM卡接收槽中。随着通信技术的发展,所述物理SIM卡将逐渐被虚拟用户身份识别模块取代,所述虚拟用户身份识别模块被称为eSim,所述eSim被直接嵌入到通信设备的系统主板中,且可以通过编写程序的方法重复对所述eSim进行定义,存储客户数据,执行鉴权算法和加密密匙等,被嵌入了所述eSim的通信设备可以访问不同的网络运营商。SIM (Subscriber Identity Module) is an indispensable part of the "Global Access" system. It is only defined by the SIM card, that is, the client data is stored in the SIM card, and the authentication algorithm and encryption key are executed. The communication device can effectively complete the connection and information exchange with the network operator, thereby implementing the communication function. The SIM card stores the user's personal identification number and a corresponding key, which is generated in accordance with a certain security algorithm in case of confidentiality. The user key and the security algorithm can not only identify the user, prevent illegal access to the network, but also prevent the user data transmitted on the wireless channel from being stolen. The user can also store some fixed short messages, a directory and other personal information into the SIM card. in. Currently, most communication devices employ a removable physical SIM card that is inserted into a SIM card receiving slot in the communication device. With the development of communication technologies, the physical SIM card will be gradually replaced by a virtual user identity module called eSim, which is directly embedded in the system motherboard of the communication device, and can The eSim is repeatedly defined by a program, a client data is stored, an authentication algorithm and an encryption key are executed, and the communication device embedded in the eSim can access different network operators.
eSim的出现使得通信设备中不必再配置传统的物理SIM卡的接收槽,因此通信设备可以变的更薄,而且eSim可以被重复定义,被嵌入了所述eSim的通信 设备不必再受网络提供商的限制,可以随时更换网络提供商。The emergence of eSim makes it unnecessary to configure the receiving slot of the traditional physical SIM card in the communication device, so the communication device can be made thinner, and the eSim can be repeatedly defined, and the communication of the eSim is embedded. The device does not have to be restricted by the network provider and can be replaced at any time.
但eSim在给用户带来更大的灵活性的同时也带来了安全问题,因为所述eSim是通过编写程序实现的,因此存在被不法分子恶意篡改的风险,因此有必要设计一种eSim被篡改的恢复方法,以保证eSim关键信息的安全。However, eSim brings more flexibility to users, but also brings security problems. Because the eSim is implemented by writing programs, there is a risk of malicious tampering by criminals, so it is necessary to design an eSim. Tampering recovery methods to ensure the security of eSim's critical information.
发明内容Summary of the invention
本发明实施例提供了一种虚拟用户识别模块关键信息被篡改的恢复方法及系统,以保证eSim关键信息的安全。The embodiment of the invention provides a method and a system for recovering the key information of the virtual subscriber identity module, so as to ensure the security of the key information of the eSim.
第一方面,本发明实施例提供了一种虚拟用户识别模块关键信息被篡改的恢复方法,该方法包括:In a first aspect, an embodiment of the present invention provides a method for recovering key information of a virtual subscriber identity module, where the method includes:
检测到eSim关键信息被篡改;It was detected that the key information of eSim was tampered with;
发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;Issue a prompt to restore the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
安全分区区域接收到预定的物理操作还原指令;The secure partition area receives a predetermined physical operation restore instruction;
根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。The eSim key information is restored using the secure backup information according to the physical operation restore instruction.
进一步地,所述方法还包括:Further, the method further includes:
在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;Prompt whether to allow eSim key information to be modified before the eSim key information is modified;
若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。If the consent modification instruction is received, the key information of eSim is modified; if the rejection modification instruction is received, the key information of eSim is not modified.
示例性地,所述预定的物理操作还原指令包括:Illustratively, the predetermined physical operation restore instruction includes:
通过特定物理按键或物理按键组合发出的物理操作还原指令或者通过输入设定的还原密码发出的还原指令。 A physical operation restore command issued by a specific physical button or a combination of physical keys or a restore command issued by inputting a set restore password.
优选的,所述关键信息包括:用户身份信息、用户认证参数和运营商参数中的一项或多项。Preferably, the key information includes one or more of user identity information, user authentication parameters, and operator parameters.
进一步地,所述方法还包括:在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。Further, the method further includes: setting a preset regular flag at the time of eSim initialization to monitor the status of the eSim key information.
第二方面,本发明实施例还提供了一种虚拟用户识别模块关键信息被篡改的恢复系统,该系统包括:In a second aspect, the embodiment of the present invention further provides a recovery system in which the key information of the virtual subscriber identity module is tampered with, and the system includes:
检测模块,用于检测出eSim关键信息被篡改;a detection module, configured to detect that the key information of the eSim has been tampered with;
第一提示模块,用于发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;The first prompt module is configured to issue a prompt for restoring the secure backup information of the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
接收模块,用于安全分区区域接收预定的物理操作还原指令;a receiving module, configured to receive a predetermined physical operation restoration instruction in the secure partition area;
还原模块,用于根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。And a restore module, configured to perform eSim key information restoration by using the secure backup information according to the physical operation restore instruction.
进一步地,所述系统,还包括:Further, the system further includes:
第二提示模块,用于在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;a second prompting module, configured to issue a prompt to allow the eSim key information to be modified before the eSim key information is modified;
响应模块,用于若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。The response module is configured to modify the eSim key information if the consent modification instruction is received; if the rejection modification instruction is received, the eSim key information is not modified.
示例性地,所述预定的物理操作还原指令包括:Illustratively, the predetermined physical operation restore instruction includes:
用户通过特定物理按键或物理按键组合发出的物理操作还原指令或者通过输入设定的还原密码发出的还原指令。A physical operation restore command issued by a user through a specific physical button or combination of physical keys or a restore command issued by inputting a set restore password.
优选的,所述关键信息包括:用户身份信息、用户认证参数和运营商参数 中的一项或多项。Preferably, the key information includes: user identity information, user authentication parameters, and operator parameters. One or more of them.
进一步地,所述系统还包括:设置模块,用于在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。Further, the system further includes: a setting module, configured to set a preset regular flag when the eSim is initialized, to monitor the status of the eSim key information.
本发明实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复方法,当检测到eSim关键信息被篡改,则向用户发出使用安全分区区域的安全备份信息进行还原的提示,其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;安全分区区域接收到预定的物理操作还原指令后,根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原,实现了让用户实时获知eSim关键信息有无被篡改,如果被篡改则可以通过安全分区区域的安全备份信息及时将eSim关键信息恢复,从而保证了eSim关键信息的安全,确保用户的安全使用。The method for recovering the key information of the virtual subscriber identity module is tamper-removed by the embodiment of the present invention. When detecting that the key information of the eSim is tampered with, the user is prompted to use the secure backup information of the secure partition area for restoration, wherein the security partition is The secure backup information of the area is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction. It enables the user to know in real time whether the key information of eSim has been tampered with. If it is tampered with, the key information of eSim can be recovered in time through the secure backup information of the secure partition area, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
附图说明DRAWINGS
图1是本发明实施例一提供的一种虚拟用户识别模块关键信息被篡改的恢复方法流程示意图;1 is a schematic flowchart of a method for restoring key information of a virtual subscriber identity module according to a first embodiment of the present invention;
图2是本发明实施例二提供的一种虚拟用户识别模块关键信息被篡改的恢复方法流程示意图;2 is a schematic flowchart of a method for restoring key information of a virtual subscriber identity module according to Embodiment 2 of the present invention;
图3是本发明实施例三提供的一种虚拟用户识别模块关键信息被篡改的恢复系统结构示意图;3 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 3 of the present invention;
图4是本发明实施例四提供的一种虚拟用户识别模块关键信息被篡改的恢复系统结构示意图;4 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 4 of the present invention;
图5是本发明实施例五提供的另一种虚拟用户识别模块关键信息被篡改的恢复系统结构示意图。 FIG. 5 is a schematic structural diagram of a recovery system in which key information of a virtual subscriber identity module is tampered with according to Embodiment 5 of the present invention.
具体实施方式detailed description
下面结合附图和实施例对本发明作进一步的详细说明。可以理解的是,此处所描述的具体实施例仅仅用于解释本发明,而非对本发明的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与本发明相关的部分而非全部结构。The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. It should also be noted that, for ease of description, only some, but not all, of the structures related to the present invention are shown in the drawings.
在更加详细地讨论示例性实施例之前应当提到的是,一些示例性实施例被描述成作为流程图描绘的处理或方法。虽然流程图将各项步骤描述成顺序的处理,但是其中的许多步骤可以被并行地、并发地或者同时实施。此外,各项步骤的顺序可以被重新安排。当其步骤完成时所述处理可以被终止,但是还可以具有未包括在附图中的附加步骤。所述处理可以对应于方法、函数、规程、子例程、子程序等等。Before discussing the exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as a process or method depicted as a flowchart. Although the flowcharts describe the various steps as a sequential process, many of the steps can be implemented in parallel, concurrently or concurrently. In addition, the order of the steps can be rearranged. The process may be terminated when its steps are completed, but may also have additional steps not included in the figures. The processing may correspond to methods, functions, procedures, subroutines, subroutines, and the like.
实施例一Embodiment 1
图1为本发明实施例一提供的一种虚拟用户识别模块关键信息被篡改的恢复方法流程图,该方法可适用于当eSim关键信息被篡改需要及时恢复正确信息的情况,可以由虚拟用户识别模块关键信息被篡改的恢复系统来执行。该系统可通过硬件和/或软件的方式实现。该方法具体包括如下步骤:FIG. 1 is a flowchart of a method for recovering key information of a virtual subscriber identity module according to a first embodiment of the present invention. The method may be applicable to a situation in which eSim key information is tampered with timely recovery of correct information, and may be identified by a virtual user. Module critical information is tampered with the recovery system to perform. The system can be implemented in hardware and/or software. The method specifically includes the following steps:
步骤110、检测到eSim关键信息被篡改。Step 110: It is detected that the key information of the eSim is tampered with.
其中,所述eSim关键信息优选的可以包括用户身份信息、用户认证参数和运营商参数中的一项或多项,当然所述eSim还可以保存用户的电话簿或者短信数据等。进一步地,所述方法还可以包括:在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态,即eSim关键信息在初始化的过程中设置了 按照一定规则生成的标志位或者校验码来表征信息的正确状态,所述规则是保密的不对外公开的,如果所述eSim关键信息被修改了,导致所述标志位不再遵循所述规则了则认为是对所述eSim关键信息的恶意篡改,例如,在eSim关键信息初始化时,将本应该连续存储的信息以非连续方式存储,在信息之间加入特定的标志位,组成eSim关键信息的初始化信息,当需要了解所述信息状态的时候,通过读取所述初始化信息,并将所述标志位过滤出来与在初始化信息时加入的标志位进行比较,如果两者一致,则说明信息处在正确的状态上,没有被篡改,否则认为所述信息被篡改。因此可以通过判断所述标志位检测eSim关键信息是否被篡改。The eSim key information may preferably include one or more of user identity information, user authentication parameters, and operator parameters. Of course, the eSim may also save the user's phone book or SMS data. Further, the method may further include: setting a preset regular flag when the eSim is initialized, to monitor the state of the eSim key information, that is, the eSim key information is set during the initialization process. Determining the correct state of the information according to a flag or a check code generated by a certain rule, the rule being confidential and not publicly disclosed, if the eSim key information is modified, causing the flag bit to no longer follow the rule It is considered to be a malicious tampering of the eSim key information. For example, when the eSim key information is initialized, the information that should be continuously stored is stored in a non-continuous manner, and specific flag bits are added between the information to form eSim key information. Initialization information, when the state of the information needs to be known, by reading the initialization information, and filtering the flag bit to compare with a flag bit added when the information is initialized, if the two are consistent, the information is In the correct state, it has not been tampered with, otherwise the information is considered to have been tampered with. Therefore, it can be detected whether the eSim key information has been tampered by judging the flag bit.
步骤120、发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息。Step 120: Send a prompt for restoring using the secure backup information of the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized.
当检测到eSim关键信息被篡改,则向用户发出使用安全分区区域的安全备份信息进行还原的提示,所述提示方式可以是以弹窗的方式显示在终端屏幕上,或者通过语音提示的方式进行提示,当然还可以是其他的提示方式。When it is detected that the eSim key information is tampered with, the user is prompted to use the secure backup information of the secure partition area to perform the restoration, and the prompting manner may be displayed on the terminal screen by using a pop-up window, or by voice prompting. Tips, of course, can also be other tips.
步骤130、安全分区区域接收到预定的物理操作还原指令。Step 130: The secure partition area receives a predetermined physical operation restore instruction.
其中,所述安全分区区域仅能通过特定的物理操作还原指令进行控制,以保证所述安全分区区域内信息的安全性,优选的,所述物理操作还原指令可以是通过特定物理按键或物理按键组合发出的物理操作还原指令或者通过输入设定的还原密码发出的还原指令。所述特定的物理按键具体可以是电源键或音量键,所述物理按键组合具体可以是电源键和音量键的组合,如按下电源键和音量上键,使得在同一时间段内电源键和音量上键都处于按下状态,还可以是 设置在终端上的一个小圆孔,所述小圆孔内设置有动作部件,可以通过顶针触发所述小圆孔内的动作部件发出物理操作还原指令。The secure partition area can only be controlled by a specific physical operation restore command to ensure the security of the information in the secure partition area. Preferably, the physical operation restore command may be through a specific physical button or a physical button. A physical operation restore command issued by a combination or a restore command issued by inputting a set restore password. The specific physical button may specifically be a power button or a volume button, and the physical button combination may specifically be a combination of a power button and a volume button, such as pressing a power button and a volume up button, so that the power button and the power button are in the same time period. The volume up button is pressed, or it can be A small circular hole is disposed in the terminal, and the small circular hole is provided with an action component, and the action component in the small circular hole can be triggered by the thimble to issue a physical operation reduction command.
步骤140、根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。Step 140: Perform, according to the physical operation restore instruction, the eSim key information restoration by using the secure backup information.
本实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复方法,当检测到eSim关键信息被篡改,则向用户发出使用安全分区区域的安全备份信息进行还原的提示,其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;安全分区区域接收到预定的物理操作还原指令后,根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原,实现了让用户实时获知eSim的当前状态信息,并能通过安全分区区域的安全备份信息及时将eSim的关键信息恢复,从而保证了eSim关键信息的安全,确保用户的安全使用。The recovery method for the tampering of the key information of the virtual subscriber identity module provided by the embodiment, when detecting that the key information of the eSim is tampered with, prompting the user to restore the security backup information using the secure partition zone, wherein the secure partition zone The secure backup information is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction. It enables users to know the current status information of eSim in real time, and can recover the key information of eSim in time through the secure backup information of the secure partition area, thus ensuring the security of eSim key information and ensuring the safe use of users.
实施例二Embodiment 2
图2为本发明实施例二提供的一种虚拟用户识别模块关键信息被篡改的恢复方法流程示意图,在实施例一的基础上,本实施例增加了如下步骤:在eSim关键信息被修改之前,发出是否允许eSim关键信息被修改的提示,这样设置的好处是用户可以实时地获知eSim关键信息的当前状态,并可以根据自身情况选择同意修改或者拒绝修改,具体参见图2所示,该方法在实施例一的基础上增加的步骤具体如下:2 is a schematic flowchart of a method for recovering key information of a virtual subscriber identity module according to a second embodiment of the present invention. On the basis of the first embodiment, the following steps are added: before the key information of the eSim is modified, Sending a prompt to allow eSim key information to be modified. The advantage of this setting is that the user can know the current status of the key information of eSim in real time, and can choose to modify or reject the modification according to his own situation. For details, see FIG. 2, the method is The steps added on the basis of the first embodiment are as follows:
步骤210、在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示。 Step 210: Send a prompt to allow the eSim key information to be modified before the eSim key information is modified.
进一步地,所述方法还可以包括:在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态,即eSim关键信息在初始化的过程中设置了按照一定规则生成的标志位或者校验码来表征信息的正确状态,所述规则是保密的不对外公开的,如果所述eSim关键信息将要被修改,则所述标志位会发生相应的变化,因此可以通过判断所述标志位监测eSim关键信息是否将要被修改。Further, the method may further include: setting a preset regular flag bit during eSim initialization to monitor a state of the eSim key information, that is, the eSim key information is set in a process of initializing a flag or a rule generated according to a certain rule. Checking the code to characterize the correct state of the information. The rule is confidential and not publicly disclosed. If the eSim key information is to be modified, the flag bit will change accordingly, so the flag can be monitored by judging the flag. Whether the eSim key information will be modified.
所述提示方式可以是以弹窗的方式显示在终端屏幕上,或者通过语音提示的方式进行提示,当然还可以是其他的提示方式。The prompting manner may be displayed on the screen of the terminal by using a pop-up window, or may be prompted by a voice prompt, and may also be other prompting manners.
步骤220、若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。本实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复方法,在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。实现了让用户实时获知eSim关键信息的当前状态,并能根据用户的指示执行修改操作或者停止修改操作,从而保证了eSim关键信息的安全,确保用户的安全使用。Step 220: If the consent modification instruction is received, the eSim key information is modified; if the rejection modification instruction is received, the eSim key information is not modified. The method for recovering the key information of the virtual subscriber identity module is modified according to the embodiment, and the prompt for allowing the eSim key information to be modified is sent before the key information of the eSim is modified; if the consent modification command is received, the key information of the eSim is sent. The modification is made; if the rejection modification instruction is received, the eSim key information is not modified. It enables the user to know the current status of the key information of eSim in real time, and can perform the modification operation or stop the modification operation according to the user's instruction, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
实施例三Embodiment 3
图3为本发明实施例三提供的一种虚拟用户识别模块关键信息被篡改的恢复系统的结构框图,具体参见图3所示,该系统具体包括如下:FIG. 3 is a structural block diagram of a system for recovering key information of a virtual subscriber identity module according to a third embodiment of the present invention. For details, refer to FIG. 3, the system specifically includes the following:
检测模块310、第一提示模块320、接收模块330和还原模块340;The detecting module 310, the first prompting module 320, the receiving module 330 and the restoring module 340;
其中,检测模块310,用于检测出eSim关键信息被篡改;第一提示模块320,用于发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;接 收模块330,用于安全分区区域接收预定的物理操作还原指令;还原模块340,用于根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。The detecting module 310 is configured to detect that the eSim key information is tampered with; the first prompting module 320 is configured to issue a prompt for restoring the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is initialized by the eSim Key information of eSim backed up in the secure partition area; The receiving module 330 is configured to receive a predetermined physical operation restore command for the secure partition area, and the restore module 340 is configured to use the secure backup information to perform eSim key information restoration according to the physical operation restore command.
本发明实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复系统,当检测到eSim关键信息被篡改,则向用户发出使用安全分区区域的安全备份信息进行还原的提示,其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;安全分区区域接收到预定的物理操作还原指令后,根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原,实现了让用户实时获知eSim的当前状态信息,并能通过安全分区区域的安全备份信息及时将eSim的关键信息恢复,从而保证了eSim关键信息的安全,确保用户的安全使用。A recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment of the present invention, when detecting that the key information of the eSim has been tampered with, prompting the user to use the secure backup information of the secure partition area for restoration, wherein the security partition The secure backup information of the area is the eSim key information that is backed up in the secure partition area when the eSim is initialized; after receiving the predetermined physical operation restore command, the secure partition area uses the secure backup information to restore the eSim key information according to the physical operation restore instruction. It enables users to know the current status information of eSim in real time, and can recover the key information of eSim in time through the secure backup information of the secure partition area, thus ensuring the security of eSim key information and ensuring the safe use of users.
实施例四Embodiment 4
图4为本发明实施例四提供的一种虚拟用户识别模块关键信息被篡改的恢复系统的结构框图,在实施例三的基础上,本实施例提供的虚拟用户识别模块关键信息被篡改的恢复系统增加了第二提示模块,具体参见图4所示,该系统具体包括如下:4 is a structural block diagram of a system for recovering key information of a virtual subscriber identity module according to a fourth embodiment of the present invention. On the basis of the third embodiment, the key information of the virtual subscriber identity module provided by the embodiment is tamper-recovered. The second prompt module is added to the system. For details, refer to FIG. 4, the system specifically includes the following:
检测模块410、第一提示模块420、接收模块430、还原模块440和第二提示模块450;其中,第二提示模块450,用于在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;响应模块,用于若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。 The detection module 410, the first prompting module 420, the receiving module 430, the restoring module 440, and the second prompting module 450; wherein, the second prompting module 450 is configured to issue whether the eSim key information is allowed to be modified before the eSim key information is modified. The prompt module is configured to modify the key information of the eSim if the consent modification instruction is received; if the rejection modification instruction is received, the key information of the eSim is not modified.
示例性地,所述预定的物理操作还原指令可以包括:Illustratively, the predetermined physical operation restore instruction may include:
用户通过特定物理按键或物理按键组合发出的物理操作还原指令或者通过输入设定的还原密码发出的还原指令。A physical operation restore command issued by a user through a specific physical button or combination of physical keys or a restore command issued by inputting a set restore password.
优选的,所述关键信息可以包括:用户身份信息、用户认证参数和运营商参数中的一项或多项。Preferably, the key information may include one or more of user identity information, user authentication parameters, and operator parameters.
进一步地,所述系统还可以包括:设置模块,用于在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。Further, the system may further include: a setting module, configured to set a preset regular flag when the eSim is initialized, to monitor the status of the eSim key information.
本实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复系统,在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。实现了让用户实时获知eSim关键信息的当前状态,并能根据用户的指示执行修改操作或者停止修改操作,从而保证了eSim关键信息的安全,确保用户的安全使用。A recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment provides a prompt for allowing the eSim key information to be modified before the eSim key information is modified; if the consent modification instruction is received, the eSim key information is The modification is made; if the rejection modification instruction is received, the eSim key information is not modified. It enables the user to know the current status of the key information of eSim in real time, and can perform the modification operation or stop the modification operation according to the user's instruction, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
实施例五Embodiment 5
图5为本发明实施例五提供的另一种虚拟用户识别模块关键信息被篡改的恢复系统的结构框图,如图5所示,该系统7可以包括:至少一个处理器71,例如CPU,至少一个通信总线72以及存储器73;通信总线72用于实现这些组件之间的连接通信;存储器73可以是高速RAM存储器,也可以是非易失性存储器(non-volatile memory),例如至少一个磁盘存储器。存储器73中存储一组程序代码,且处理器71用于调用存储器73中存储的程序代码,用于执行以下操作:FIG. 5 is a structural block diagram of another system for recovering key information of a virtual subscriber identity module according to Embodiment 5 of the present invention. As shown in FIG. 5, the system 7 may include: at least one processor 71, such as a CPU, at least A communication bus 72 and a memory 73; the communication bus 72 is used to implement connection communication between these components; the memory 73 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory. A set of program codes is stored in the memory 73, and the processor 71 is configured to call the program code stored in the memory 73 for performing the following operations:
检测到eSim关键信息被篡改; It was detected that the key information of eSim was tampered with;
发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;Issue a prompt to restore the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
安全分区区域接收到预定的物理操作还原指令;The secure partition area receives a predetermined physical operation restore instruction;
根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。The eSim key information is restored using the secure backup information according to the physical operation restore instruction.
进一步地,所述处理器71还执行以下操作:Further, the processor 71 also performs the following operations:
在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;Prompt whether to allow eSim key information to be modified before the eSim key information is modified;
若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。If the consent modification instruction is received, the key information of eSim is modified; if the rejection modification instruction is received, the key information of eSim is not modified.
进一步地,所述预定的物理操作还原指令包括:Further, the predetermined physical operation restoration instruction includes:
通过特定物理按键或物理按键组合发出的物理操作还原指令。A physical operation restore command issued by a specific physical button or combination of physical keys.
进一步地,所述关键信息包括:用户身份信息、用户认证参数和运营商参数中的一项或多项。Further, the key information includes one or more of user identity information, user authentication parameters, and operator parameters.
进一步地,所述处理器71还执行以下操作:Further, the processor 71 also performs the following operations:
在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。The preset regular flag is set during eSim initialization to monitor the status of eSim's critical information.
本实施例提供的一种虚拟用户识别模块关键信息被篡改的恢复系统,在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。实现了让用户实时获知eSim关键信息的当前状态,并能根据用户的指示执行修改操作或者停止修改操作,从而保证了eSim关键信息的安全,确保用户的安全使用。A recovery system in which the key information of the virtual subscriber identity module is tampered with by the embodiment provides a prompt for allowing the eSim key information to be modified before the eSim key information is modified; if the consent modification instruction is received, the eSim key information is The modification is made; if the rejection modification instruction is received, the eSim key information is not modified. It enables the user to know the current status of the key information of eSim in real time, and can perform the modification operation or stop the modification operation according to the user's instruction, thereby ensuring the security of the key information of eSim and ensuring the safe use of the user.
上述产品可执行本发明任意实施例所提供的方法,具备执行方法相应的功能模块和有益效果。未在本实施例中详尽描述的技术细节,可参见本发明任意实施例所提供的方法。 The above product can perform the method provided by any embodiment of the present invention, and has the corresponding functional modules and beneficial effects of the execution method. For technical details not fully described in this embodiment, reference may be made to the method provided by any embodiment of the present invention.
本领域技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序存储在一个存储介质中,包括若干指令用以使得一个设备(可以是单片机,芯片等)或处理器(processor)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。Those skilled in the art can understand that all or part of the steps of implementing the above embodiments may be completed by a program instructing related hardware, and the program is stored in a storage medium, and includes a plurality of instructions for making a device (which may be a single chip microcomputer). , a chip, etc. or a processor performs all or part of the steps of the methods described in various embodiments of the present application. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .
注意,上述仅为本发明的较佳实施例及所运用技术原理。本领域技术人员会理解,本发明不限于这里所述的特定实施例,对本领域技术人员来说能够进行各种明显的变化、重新调整和替代而不会脱离本发明的保护范围。因此,虽然通过以上实施例对本发明进行了较为详细的说明,但是本发明不仅仅限于以上实施例,在不脱离本发明构思的情况下,还可以包括更多其他等效实施例,而本发明的范围由所附的权利要求范围决定。 Note that the above are only the preferred embodiments of the present invention and the technical principles applied thereto. Those skilled in the art will appreciate that the present invention is not limited to the specific embodiments described herein, and that various modifications, changes and substitutions may be made without departing from the scope of the invention. Therefore, the present invention has been described in detail by the above embodiments, but the present invention is not limited to the above embodiments, and other equivalent embodiments may be included without departing from the inventive concept. The scope is determined by the scope of the appended claims.

Claims (10)

  1. 一种虚拟用户识别模块eSim关键信息被篡改的恢复方法,其特征在于,包括:A method for recovering key information of a virtual subscriber identity module eSim is characterized in that it comprises:
    检测到eSim关键信息被篡改;It was detected that the key information of eSim was tampered with;
    发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份的eSim关键信息;Issue a prompt to restore the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is the key information of the eSim backed up in the secure partition area when the eSim is initialized;
    安全分区区域接收到预定的物理操作还原指令;The secure partition area receives a predetermined physical operation restore instruction;
    根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。The eSim key information is restored using the secure backup information according to the physical operation restore instruction.
  2. 根据权利要求1所述的方法,其特征在于,还包括:The method of claim 1 further comprising:
    在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;Prompt whether to allow eSim key information to be modified before the eSim key information is modified;
    若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。If the consent modification instruction is received, the key information of eSim is modified; if the rejection modification instruction is received, the key information of eSim is not modified.
  3. 根据权利要求1所述的方法,其特征在于,所述预定的物理操作还原指令包括:The method of claim 1 wherein said predetermined physical operation restore command comprises:
    通过特定物理按键或物理按键组合发出的物理操作还原指令。A physical operation restore command issued by a specific physical button or combination of physical keys.
  4. 根据权利要求1所述的方法,其特征在于,所述关键信息包括:用户身份信息、用户认证参数和运营商参数中的一项或多项。The method according to claim 1, wherein the key information comprises one or more of user identity information, user authentication parameters, and operator parameters.
  5. 根据权利要求1所述的方法,其特征在于,还包括:在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。The method according to claim 1, further comprising: setting a preset regular flag at the time of eSim initialization to monitor the status of the eSim key information.
  6. 一种虚拟用户识别模块eSim关键信息被篡改的恢复系统,其特征在于,包括:A recovery system in which the virtual user identification module eSim key information is tampered with, characterized in that it comprises:
    检测模块,用于检测出eSim关键信息被篡改;a detection module, configured to detect that the key information of the eSim has been tampered with;
    第一提示模块,用于发出使用安全分区区域的安全备份信息进行还原的提示;其中,安全分区区域的安全备份信息为eSim初始化时在安全分区区域备份 的eSim关键信息;The first prompt module is configured to issue a prompt for restoring the secure backup information using the secure partition area; wherein the secure backup information of the secure partition area is backed up in the secure partition area when the eSim is initialized Key information of eSim;
    接收模块,用于安全分区区域接收预定的物理操作还原指令;a receiving module, configured to receive a predetermined physical operation restoration instruction in the secure partition area;
    还原模块,用于根据所述物理操作还原指令使用所述安全备份信息进行eSim关键信息还原。And a restore module, configured to perform eSim key information restoration by using the secure backup information according to the physical operation restore instruction.
  7. 根据权利要求6所述的系统,其特征在于,还包括:The system of claim 6 further comprising:
    第二提示模块,用于在eSim关键信息被修改前,发出是否允许eSim关键信息被修改的提示;a second prompting module, configured to issue a prompt to allow the eSim key information to be modified before the eSim key information is modified;
    响应模块,用于若接收到同意修改指令,则对eSim关键信息进行修改;若接收到拒绝修改指令,则不对eSim关键信息进行修改。The response module is configured to modify the eSim key information if the consent modification instruction is received; if the rejection modification instruction is received, the eSim key information is not modified.
  8. 根据权利要求6所述的系统,其特征在于,所述预定的物理操作还原指令包括:The system of claim 6 wherein said predetermined physical operation restore command comprises:
    用户通过特定物理按键或物理按键组合发出的物理操作还原指令。The user restores the instruction by a physical operation issued by a specific physical button or combination of physical keys.
  9. 根据权利要求6所述的系统,其特征在于,所述关键信息包括:用户身份信息、用户认证参数和运营商参数中的一项或多项。The system of claim 6, wherein the key information comprises one or more of user identity information, user authentication parameters, and operator parameters.
  10. 根据权利要求6所述的系统,其特征在于,还包括:设置模块,用于在eSim初始化时设置预设规律的标志位,以监控eSim关键信息的状态。 The system according to claim 6, further comprising: a setting module, configured to set a preset regular flag bit during eSim initialization to monitor the status of the eSim key information.
PCT/CN2016/084079 2016-04-29 2016-05-31 Method and system for recovering tampered key information of virtual subscriber identity module WO2017185461A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610281020.X 2016-04-29
CN201610281020.XA CN105975363B (en) 2016-04-29 2016-04-29 A kind of restoration methods and system that virtual user identification module key message is tampered

Publications (1)

Publication Number Publication Date
WO2017185461A1 true WO2017185461A1 (en) 2017-11-02

Family

ID=56994912

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/084079 WO2017185461A1 (en) 2016-04-29 2016-05-31 Method and system for recovering tampered key information of virtual subscriber identity module

Country Status (2)

Country Link
CN (1) CN105975363B (en)
WO (1) WO2017185461A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115688071A (en) * 2022-12-29 2023-02-03 深圳市光速时代科技有限公司 Processing method and system for preventing smart watch information from being tampered

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110636493B (en) * 2019-10-28 2024-02-02 深圳传音控股股份有限公司 Information backup method, device and equipment of virtual SIM card and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1980426A (en) * 2005-11-30 2007-06-13 中兴通讯股份有限公司 Device for realizing information recovery for mobile terminal and method therefor
CN103823726A (en) * 2014-03-13 2014-05-28 中国联合网络通信集团有限公司 SIM (subscriber identity module) card data backup method and terminal
CN104540123A (en) * 2015-01-07 2015-04-22 福州北卡信息科技有限公司 Encryption backup and security deletion method and system for important data of mobile terminal
CN104883658A (en) * 2015-04-30 2015-09-02 努比亚技术有限公司 Virtual card information processing method and system
US20150289129A1 (en) * 2014-04-04 2015-10-08 Apple Inc. TAMPER PREVENTION FOR ELECTRONIC SUBSCRIBER IDENTITY MODULE (eSIM) TYPE PARAMETERS
CN105188049A (en) * 2015-09-30 2015-12-23 宇龙计算机通信科技(深圳)有限公司 Virtual SIM (Subscriber Identity module) card service authorization method, terminal, server and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8145677B2 (en) * 2007-03-27 2012-03-27 Faleh Jassem Al-Shameri Automated generation of metadata for mining image and text data
US10440034B2 (en) * 2012-02-07 2019-10-08 Apple Inc. Network assisted fraud detection apparatus and methods
CN103368926A (en) * 2012-04-10 2013-10-23 北京四维图新科技股份有限公司 Method for preventing file tampering and device for preventing file manipulation
CN105307161A (en) * 2015-09-30 2016-02-03 青岛海信移动通信技术股份有限公司 Repair method and apparatus of SIM card encrypted files

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1980426A (en) * 2005-11-30 2007-06-13 中兴通讯股份有限公司 Device for realizing information recovery for mobile terminal and method therefor
CN103823726A (en) * 2014-03-13 2014-05-28 中国联合网络通信集团有限公司 SIM (subscriber identity module) card data backup method and terminal
US20150289129A1 (en) * 2014-04-04 2015-10-08 Apple Inc. TAMPER PREVENTION FOR ELECTRONIC SUBSCRIBER IDENTITY MODULE (eSIM) TYPE PARAMETERS
CN104540123A (en) * 2015-01-07 2015-04-22 福州北卡信息科技有限公司 Encryption backup and security deletion method and system for important data of mobile terminal
CN104883658A (en) * 2015-04-30 2015-09-02 努比亚技术有限公司 Virtual card information processing method and system
CN105188049A (en) * 2015-09-30 2015-12-23 宇龙计算机通信科技(深圳)有限公司 Virtual SIM (Subscriber Identity module) card service authorization method, terminal, server and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115688071A (en) * 2022-12-29 2023-02-03 深圳市光速时代科技有限公司 Processing method and system for preventing smart watch information from being tampered
CN115688071B (en) * 2022-12-29 2023-03-17 深圳市光速时代科技有限公司 Processing method and system for preventing smart watch information from being tampered

Also Published As

Publication number Publication date
CN105975363B (en) 2019-03-01
CN105975363A (en) 2016-09-28

Similar Documents

Publication Publication Date Title
US10846425B2 (en) Data protection based on user input during device boot-up, user login, and device shut-down states
US10635809B2 (en) Authenticating application legitimacy
KR102307665B1 (en) identity authentication
EP3161720B1 (en) Data protection based on user and gesture recognition
JP4616308B2 (en) Method and apparatus for data protection of mobile devices
WO2017032008A1 (en) Method for starting application, and mobile terminal
CN108763917B (en) Data encryption and decryption method and device
KR101756692B1 (en) Terminal Device for Dynamic Secure Module and Driving Method Thereof
EP2835997B1 (en) Cell phone data encryption method and decryption method
CN103559435A (en) Method and device for controlling debugging ports of terminal equipment
CN110598384B (en) Information protection method, information protection device and mobile terminal
US20170169213A1 (en) Electronic device and method for running applications in different security environments
JP2015531134A (en) Hardware access protection
WO2016101559A1 (en) Secure data access method and device, and computer storage medium
US9210134B2 (en) Cryptographic processing method and system using a sensitive data item
WO2017185461A1 (en) Method and system for recovering tampered key information of virtual subscriber identity module
CN112987942B (en) Method, device and system for inputting information by keyboard, electronic equipment and storage medium
CN104732150B (en) A kind of mobile terminal-opening method and device
WO2015188447A1 (en) Communication terminal and security management method and device thereof, and computer readable storage medium
EP2985712B1 (en) Application encryption processing method, apparatus, and terminal
WO2016165537A1 (en) Method for controlling intelligent terminal and apparatus for controlling intelligent terminal
CN112966276A (en) Method, device and medium for safely starting computer
WO2015131585A1 (en) Method and device for ensuring sd card security
CN104134025A (en) Mobile terminal locking method and device based on SIM cards and mobile terminal
WO2018017019A1 (en) Personal security device and method

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16899971

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16899971

Country of ref document: EP

Kind code of ref document: A1